antifreeze.livejournal.com Open in urlscan Pro
81.19.74.1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://antifreeze.livejournal.com/
Submission: On December 21 via api (December 21st 2023, 1:56:49 am UTC) from US — Scanned from DE

Summary HTTP 370 Redirects Links 102 Behaviour Indicators

Summary

This website contacted 53 IPs in 7 countries across 41 domains to perform 370 HTTP transactions. The main IP is 81.19.74.1, located in Russian Federation and belongs to RAMBLER-TELECOM-AS, RU. The main domain is antifreeze.livejournal.com.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on January 30th 2023. Valid for: a year.

This is the only time antifreeze.livejournal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	81.19.74.1 81.19.74.1	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
44	2a13:1ec0::1037 2a13:1ec0::1037	201589 (EDGEAMLLC) (EDGEAMLLC)
6	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
26	81.19.87.48 81.19.87.48	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
12	91.192.149.12 91.192.149.12	42481 (BEGUN-AS) (BEGUN-AS)
8	162.19.58.156 162.19.58.156	16276 (OVH) (OVH)
1	81.19.74.0 81.19.74.0	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
4	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
5	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
13	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	65.9.95.111 65.9.95.111	16509 (AMAZON-02) (AMAZON-02)
15	81.19.89.18 81.19.89.18	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
3 9	2001:6d0:4001... 2001:6d0:4001::226	52016 (ADFACT) (ADFACT)
1 3	87.240.137.164 87.240.137.164	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
1	81.19.82.56 81.19.82.56	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
3 16	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	2a02:6b8::402 2a02:6b8::402	13238 (YANDEX) (YANDEX)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
6	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
32	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
7	2a02:6b8:a::a 2a02:6b8:a::a	13238 (YANDEX) (YANDEX)
12	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	81.19.73.31 81.19.73.31	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
4 9	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2006	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2016	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	81.19.87.29 81.19.87.29	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
1	2a02:6b8::28d 2a02:6b8::28d	13238 (YANDEX) (YANDEX)
2	81.19.87.28 81.19.87.28	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
1	91.192.148.30 91.192.148.30	42481 (BEGUN-AS) (BEGUN-AS)
58	81.19.87.41 81.19.87.41	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
9	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
5	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
3	2a02:6b8::184 2a02:6b8::184	13238 (YANDEX) (YANDEX)
2	2a02:6b8::36 2a02:6b8::36	13238 (YANDEX) (YANDEX)
4	91.192.148.14 91.192.148.14	42481 (BEGUN-AS) (BEGUN-AS)
2 2	31.172.81.160 31.172.81.160	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
6 9	91.192.149.52 91.192.149.52	42481 (BEGUN-AS) (BEGUN-AS)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	91.220.120.9 91.220.120.9	202173 (MAXIMATEL...) (MAXIMATELECOM)
1	81.222.128.213 81.222.128.213	20597 (ELTEL-AS) (ELTEL-AS)
2 2	84.252.144.107 84.252.144.107	35237 (SBERBANK) (SBERBANK)
2 3	185.15.175.131 185.15.175.131	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
3 3	88.198.16.238 88.198.16.238	24940 (HETZNER-AS) (HETZNER-AS)
2 2	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2 2	23.111.200.118 23.111.200.118	39134 (UNITEDNET) (UNITEDNET)
1	3.124.69.248 3.124.69.248	16509 (AMAZON-02) (AMAZON-02)
1 2	193.232.148.134 193.232.148.134	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	212.11.151.56 212.11.151.56	8901 (Moscow Ma...) (Moscow Mayors Office)
2 3	89.108.120.68 89.108.120.68	197695 (AS-REG) (AS-REG)
1 1	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
1	65.109.65.188 65.109.65.188	24940 (HETZNER-AS) (HETZNER-AS)
370	53

4 81.19.74.1 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: livejournal.com

antifreeze.livejournal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.livejournal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2a13:1ec0::1037 (Armenia)

ASN201589 (EDGEAMLLC, AM)

l-stat.livejournal.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
l-files.livejournal.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
l-userpic.livejournal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ic.pics.livejournal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
l.lj-toys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
l-api.livejournal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 81.19.87.48 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: apl.rambler-co.ru

vp.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.vp.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 91.192.149.12 (Russian Federation)

ASN42481 (BEGUN-AS, RU)
PTR: ssp.rambler.ru

ssp.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 162.19.58.156 (France)

ASN16276 (OVH, FR)
PTR: ns3096358.ip-162-19-58.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.19.74.0 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: livejournal.com

xc3.services.livejournal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.95.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-111.prg50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 81.19.89.18 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

st.top100.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kraken.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2001:6d0:4001::226 (Russian Federation) 3 redirects

ASN52016 (ADFACT, RU)

www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 87.240.137.164 (Russian Federation) 1 redirects

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv164-137-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.19.82.56 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: rcm.rambler.ru

rcmjs.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::402 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

static-mon.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8:a::a (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.19.73.31 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: potok.nat.ramtel.ru

sentry-saas.rambler-co.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.19.87.29 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: videoplatform.rambler.ru

vc.videos.livejournal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::28d (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

log.strm.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.19.87.28 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: videoplatform.rambler.ru

static.eaglecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.192.148.30 (Russian Federation)

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru

img02.ssp.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

58 81.19.87.41 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: download.rambler.eaglecdn.com

hlsvod.rambler.eaglecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8::90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::184 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::36 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

favicon.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 91.192.148.14 (Russian Federation)

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru

profile.ssp.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sandbox.ssp.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img02.ssp.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.172.81.160 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 91.192.149.52 (Russian Federation) 6 redirects

ASN42481 (BEGUN-AS, RU)
PTR: sync.rambler.ru

sync.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.220.120.9 (Russian Federation)

ASN202173 (MAXIMATELECOM, RU)

tms.dmp.wi-fi.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.222.128.213 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad13.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.252.144.107 (Russian Federation) 2 redirects

ASN35237 (SBERBANK, RU)

visor.sberbank.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.15.175.131 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.198.16.238 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-24.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.198 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.200.118 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)

lbs-ru1.ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.69.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-69-248.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.148.134 (Russian Federation) 1 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: hosting.adhigh.net

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.11.151.56 (Russian Federation)

ASN8901 (Moscow Mayors Office, RU)

stats.mos.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.108.120.68 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51803.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.109.65.188 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.188.65.109.65.clients.your-server.de

ssp.bidvol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
65	rambler.ru 6 redirects vp.rambler.ru — Cisco Umbrella Rank: 108904 ssp.rambler.ru — Cisco Umbrella Rank: 40185 rcmjs.rambler.ru — Cisco Umbrella Rank: 110087 kraken.rambler.ru — Cisco Umbrella Rank: 37769 api.vp.rambler.ru — Cisco Umbrella Rank: 161592 img02.ssp.rambler.ru — Cisco Umbrella Rank: 111478 profile.ssp.rambler.ru — Cisco Umbrella Rank: 49143 sandbox.ssp.rambler.ru — Cisco Umbrella Rank: 168065 sync.rambler.ru — Cisco Umbrella Rank: 45356	674 KB
60	eaglecdn.com static.eaglecdn.com — Cisco Umbrella Rank: 164011 hlsvod.rambler.eaglecdn.com — Cisco Umbrella Rank: 149121	19 MB
32	youtube.com www.youtube.com — Cisco Umbrella Rank: 71	4 MB
27	livejournal.net l-stat.livejournal.net — Cisco Umbrella Rank: 168548 l-files.livejournal.net — Cisco Umbrella Rank: 399741	2 MB
20	gstatic.com fonts.gstatic.com www.gstatic.com	227 KB
19	livejournal.com antifreeze.livejournal.com l-userpic.livejournal.com — Cisco Umbrella Rank: 172303 ic.pics.livejournal.com — Cisco Umbrella Rank: 176726 xc3.services.livejournal.com — Cisco Umbrella Rank: 139062 l-api.livejournal.com — Cisco Umbrella Rank: 205496 www.livejournal.com — Cisco Umbrella Rank: 139416 vc.videos.livejournal.com — Cisco Umbrella Rank: 561366	1 MB
18	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 93	148 KB
17	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 203 imasdk.googleapis.com — Cisco Umbrella Rank: 487	288 KB
16	doubleclick.net 6 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 75 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 static.doubleclick.net — Cisco Umbrella Rank: 248 ad.doubleclick.net — Cisco Umbrella Rank: 139	7 KB
16	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 4182 yandex.ru — Cisco Umbrella Rank: 2221 log.strm.yandex.ru — Cisco Umbrella Rank: 18995 an.yandex.ru — Cisco Umbrella Rank: 5624	283 KB
13	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 8902	6 KB
10	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	22 KB
9	yastatic.net yastatic.net — Cisco Umbrella Rank: 7053	249 KB
9	tns-counter.ru 3 redirects www.tns-counter.ru — Cisco Umbrella Rank: 14336	3 KB
8	ibb.co i.ibb.co — Cisco Umbrella Rank: 12045	548 KB
6	yandex.net static-mon.yandex.net — Cisco Umbrella Rank: 29029 avatars.mds.yandex.net — Cisco Umbrella Rank: 8323 favicon.yandex.net — Cisco Umbrella Rank: 11065	184 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	451 KB
5	mail.ru top-fwz1.mail.ru — Cisco Umbrella Rank: 10579	23 KB
4	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 226	13 KB
4	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 89	125 KB
4	lj-toys.com l.lj-toys.com — Cisco Umbrella Rank: 359182	13 KB
3	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 13957	1 KB
3	upravel.com 3 redirects sync.upravel.com — Cisco Umbrella Rank: 39531	2 KB
3	digitaltarget.ru 2 redirects dmg.digitaltarget.ru — Cisco Umbrella Rank: 23862	2 KB
3	vk.com 1 redirects vk.com — Cisco Umbrella Rank: 7251	22 KB
3	top100.ru st.top100.ru — Cisco Umbrella Rank: 47429	79 KB
2	adhigh.net 1 redirects px.adhigh.net — Cisco Umbrella Rank: 19855	756 B
2	betweendigital.com 2 redirects lbs-ru1.ads.betweendigital.com — Cisco Umbrella Rank: 94363	1 KB
2	sberbank.ru 2 redirects visor.sberbank.ru — Cisco Umbrella Rank: 126374	1 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 12816	672 B
2	bumlam.com 2 redirects sync.bumlam.com — Cisco Umbrella Rank: 3569	1 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 172	3 KB
1	bidvol.com ssp.bidvol.com — Cisco Umbrella Rank: 37557	442 B
1	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 12199	287 B
1	mos.ru stats.mos.ru — Cisco Umbrella Rank: 196463	395 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	146 B
1	adriver.ru ssp.adriver.ru — Cisco Umbrella Rank: 28099	201 B
1	wi-fi.ru tms.dmp.wi-fi.ru — Cisco Umbrella Rank: 108142	605 B
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102	51 KB
1	rambler-co.ru sentry-saas.rambler-co.ru — Cisco Umbrella Rank: 179942	247 B
0	1dmp.io Failed sync.1dmp.io Failed
370	41

	Domain	Requested by
58	hlsvod.rambler.eaglecdn.com	vp.rambler.ru
32	www.youtube.com	l.lj-toys.com www.youtube.com antifreeze.livejournal.com
25	l-stat.livejournal.net	antifreeze.livejournal.com l-stat.livejournal.net l.lj-toys.com
22	vp.rambler.ru	antifreeze.livejournal.com vp.rambler.ru
16	jnn-pa.googleapis.com	www.youtube.com
13	mc.yandex.com	2 redirects antifreeze.livejournal.com mc.yandex.ru vp.rambler.ru
13	fundingchoicesmessages.google.com	antifreeze.livejournal.com
12	fonts.gstatic.com	www.youtube.com
12	kraken.rambler.ru	st.top100.ru rcmjs.rambler.ru antifreeze.livejournal.com
12	ssp.rambler.ru	antifreeze.livejournal.com ssp.rambler.ru sandbox.ssp.rambler.ru
9	sync.rambler.ru	6 redirects
9	yastatic.net	yandex.ru
9	googleads.g.doubleclick.net	4 redirects www.youtube.com pagead2.googlesyndication.com
9	www.tns-counter.ru	3 redirects antifreeze.livejournal.com
9	l-userpic.livejournal.com	antifreeze.livejournal.com
8	www.gstatic.com	www.youtube.com www.gstatic.com
8	i.ibb.co	antifreeze.livejournal.com
7	yandex.ru	antifreeze.livejournal.com vp.rambler.ru ssp.rambler.ru yandex.ru yastatic.net
6	region1.google-analytics.com	www.googletagmanager.com
6	www.googletagmanager.com	antifreeze.livejournal.com www.googletagmanager.com www.google-analytics.com
5	an.yandex.ru	yandex.ru
5	top-fwz1.mail.ru	antifreeze.livejournal.com top-fwz1.mail.ru
4	yt3.ggpht.com	www.youtube.com
4	i.ytimg.com	www.youtube.com
4	www.google.com	www.youtube.com
4	static.doubleclick.net	www.youtube.com
4	api.vp.rambler.ru	vp.rambler.ru
4	l.lj-toys.com	antifreeze.livejournal.com
4	www.google-analytics.com	antifreeze.livejournal.com www.google-analytics.com
3	x01.aidata.io	2 redirects
3	sync.upravel.com	3 redirects
3	dmg.digitaltarget.ru	2 redirects
3	avatars.mds.yandex.net
3	mc.yandex.ru	1 redirects l-stat.livejournal.net vp.rambler.ru
3	vk.com	1 redirects antifreeze.livejournal.com
3	st.top100.ru	l-stat.livejournal.net st.top100.ru vp.rambler.ru
2	px.adhigh.net	1 redirects
2	lbs-ru1.ads.betweendigital.com	2 redirects
2	ad.doubleclick.net	2 redirects
2	visor.sberbank.ru	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	sync.bumlam.com	2 redirects
2	profile.ssp.rambler.ru	ssp.rambler.ru
2	favicon.yandex.net
2	img02.ssp.rambler.ru	ssp.rambler.ru
2	static.eaglecdn.com
2	www.livejournal.com	l-stat.livejournal.net
2	l-api.livejournal.com	l-stat.livejournal.net
2	sb.scorecardresearch.com	antifreeze.livejournal.com
2	ic.pics.livejournal.com	antifreeze.livejournal.com
2	l-files.livejournal.net	antifreeze.livejournal.com
2	antifreeze.livejournal.com	antifreeze.livejournal.com
1	ssp.bidvol.com
1	counter.yadro.ru	1 redirects
1	stats.mos.ru
1	x.bidswitch.net
1	adservice.google.com
1	ssp.adriver.ru
1	tms.dmp.wi-fi.ru
1	sandbox.ssp.rambler.ru	profile.ssp.rambler.ru
1	pagead2.googlesyndication.com
1	log.strm.yandex.ru	yandex.ru
1	vc.videos.livejournal.com	vp.rambler.ru
1	imasdk.googleapis.com	vp.rambler.ru
1	sentry-saas.rambler-co.ru	vp.rambler.ru
1	stats.g.doubleclick.net	www.google-analytics.com
1	static-mon.yandex.net	l-stat.livejournal.net
1	rcmjs.rambler.ru	antifreeze.livejournal.com
1	xc3.services.livejournal.com	antifreeze.livejournal.com
0	sync.1dmp.io Failed
370	70

This site contains links to these domains. Also see Links.

Domain
www.livejournal.com
vk.com
periskop.su
leolion-1.livejournal.com
ibb.co
tito.livejournal.com
ufsnp2015.livejournal.com
ru.wikipedia.org
t.me
daniel-grishin.livejournal.com
boosty.to
lexa1937.livejournal.com
shagingirey.livejournal.com
krajn.livejournal.com
voxpop-66.livejournal.com
dp-3lo.livejournal.com

Subject Issuer	Validity	Valid
*.livejournal.com GlobalSign GCC R3 DV TLS CA 2020	`2023-01-30` - `2024-03-02`	a year	crt.sh
*.livejournal.net GlobalSign GCC R3 DV TLS CA 2020	`2023-05-22` - `2024-06-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.rambler.ru GlobalSign GCC R3 DV TLS CA 2020	`2023-04-17` - `2024-05-18`	a year	crt.sh
ssp.rambler.ru R3	`2023-11-24` - `2024-02-22`	3 months	crt.sh
ibb.co R3	`2023-12-09` - `2024-03-08`	3 months	crt.sh
*.pics.livejournal.com GlobalSign GCC R3 DV TLS CA 2020	`2023-05-22` - `2024-06-22`	a year	crt.sh
*.services.livejournal.com GlobalSign GCC R3 DV TLS CA 2020	`2023-05-22` - `2024-06-22`	a year	crt.sh
*.mail.ru GlobalSign ECC OV SSL CA 2018	`2023-10-06` - `2024-11-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
*.lj-toys.com GlobalSign GCC R3 DV TLS CA 2020	`2023-04-07` - `2024-05-08`	a year	crt.sh
*.top100.ru GlobalSign GCC R3 DV TLS CA 2020	`2023-02-08` - `2024-03-11`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh
*.naydex.net GlobalSign RSA OV SSL CA 2018	`2023-12-01` - `2024-07-02`	7 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2023-03-16` - `2024-02-20`	a year	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2023-10-26` - `2024-04-24`	6 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.rambler-co.ru GlobalSign GCC R3 DV TLS CA 2020	`2023-05-22` - `2024-06-22`	a year	crt.sh
*.vp.rambler.ru GlobalSign GCC R3 DV TLS CA 2020	`2023-06-06` - `2024-07-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
vc.videos.livejournal.com GlobalSign GCC R3 DV TLS CA 2020	`2023-07-17` - `2024-08-17`	a year	crt.sh
log.strm.yandex.ru GlobalSign RSA OV SSL CA 2018	`2023-09-16` - `2024-02-13`	5 months	crt.sh
*.eaglecdn.com GlobalSign GCC R3 DV TLS CA 2020	`2023-09-30` - `2024-10-31`	a year	crt.sh
*.tns-counter.ru GlobalSign ECC OV SSL CA 2018	`2023-12-18` - `2025-01-18`	a year	crt.sh
img02.ssp.rambler.ru R3	`2023-11-25` - `2024-02-23`	3 months	crt.sh
*.rambler.eaglecdn.com GlobalSign GCC R3 DV TLS CA 2020	`2023-07-17` - `2024-08-17`	a year	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2023-12-13` - `2024-06-11`	6 months	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-09-24` - `2024-03-24`	6 months	crt.sh
*.avatars.yandex.net GlobalSign RSA OV SSL CA 2018	`2023-09-11` - `2024-04-12`	7 months	crt.sh
favicon.yandex.net GlobalSign ECC OV SSL CA 2018	`2023-10-19` - `2024-03-19`	5 months	crt.sh
profile.ssp.rambler.ru R3	`2023-11-25` - `2024-02-23`	3 months	crt.sh
*.ssp.rambler.ru GlobalSign GCC R3 DV TLS CA 2020	`2023-03-20` - `2024-04-20`	a year	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2023-03-07` - `2024-04-07`	a year	crt.sh
ssp.bidvol.com R3	`2023-11-09` - `2024-02-07`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://antifreeze.livejournal.com/
Frame ID: E838368EECE29275078FBF28FE2C65EC
Requests: 152 HTTP requests in this frame

Frame: https://l.lj-toys.com/?auth_token=sessionless%3A1703120400%3Aembedcontent%3A23096348%26836%26%26%26youtube%269n0Dm7EJkeI%3A21c79bdb552b7fa62eabddc48e2277bbfa87eab4&source=youtube&vid=9n0Dm7EJkeI&moduleid=836&preview=&journalid=23096348&noads=
Frame ID: 775E17F03797F8DCBBF095CA297D5120
Requests: 2 HTTP requests in this frame

Frame: https://l.lj-toys.com/?auth_token=sessionless%3A1703120400%3Aembedcontent%3A8864793%26767%26%26%26youtube%26Q9Fo2byNdGE%3A533d57c32e5e4e389cfd85f96360e53707c76a39&source=youtube&vid=Q9Fo2byNdGE&moduleid=767&preview=&journalid=8864793&noads=
Frame ID: 6E2FAEC0A08883E3D963DCBC60A58886
Requests: 2 HTTP requests in this frame

Frame: https://l.lj-toys.com/?auth_token=sessionless%3A1703120400%3Aembedcontent%3A23096348%26786%26%26%26youtube%26NV6gztsfq2g%3Ad18ad9b1f31fbca3a59bd5deb00634119651a4b7&source=youtube&vid=NV6gztsfq2g&moduleid=786&preview=&journalid=23096348&noads=
Frame ID: E14AD3E825CEA31F59E96EA6EEBDDF5B
Requests: 2 HTTP requests in this frame

Frame: https://l.lj-toys.com/?auth_token=sessionless%3A1703120400%3Aembedcontent%3A23096348%26784%26%26%26youtube%26JnofOY2tvgY%3Ab3e351f70197078cc2ed34e82bad6747ba005933&source=youtube&vid=JnofOY2tvgY&moduleid=784&preview=&journalid=23096348&noads=
Frame ID: 894E2B29A508F1A5261BC8761B02B7F0
Requests: 2 HTTP requests in this frame

Frame: https://l-stat.livejournal.net/??plain/crossStorageServ.html?&v=1702972823
Frame ID: 9C644260D24BC286F1F1E6032636EE31
Requests: 2 HTTP requests in this frame

Frame: https://vp.rambler.ru/player/1.125.0/player.html
Frame ID: 7CCB3FF622A86B8020F0E5331E48B602
Requests: 97 HTTP requests in this frame

Frame: https://www.youtube.com/embed/NV6gztsfq2g?wmode=opaque&si=ms9OIA4mEzfcvXNN&wmode=opaque
Frame ID: 74CF4B5EE8DAD0857A7CAF04442E651C
Requests: 21 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Q9Fo2byNdGE?wmode=opaque&si=b9vsbBBhaeAbgQy2&wmode=opaque
Frame ID: D829993B67F5D7A5539045725ED9DC4C
Requests: 21 HTTP requests in this frame

Frame: https://www.youtube.com/embed/JnofOY2tvgY?wmode=opaque&si=ORxbDsCV-BE-SgMe&wmode=opaque
Frame ID: EC45BDB83A4C0A9D2028DB7C56F6A14C
Requests: 21 HTTP requests in this frame

Frame: https://www.youtube.com/embed/9n0Dm7EJkeI?wmode=opaque&wmode=opaque
Frame ID: 3B20ADFD4E59063BE4DB32499B902F6C
Requests: 21 HTTP requests in this frame

Frame: https://l-stat.livejournal.net/??plain/storage.html?key=lj-likus&v=1702972823
Frame ID: 07FCB4F8F7A389AF778463EC69719083
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 87829AD50276A4268162F95E1FB419DD
Requests: 1 HTTP requests in this frame

Frame: https://profile.ssp.rambler.ru/sandbox?img=W73iozI7uy8a4dEFlQ0UVLlgdqFSHC*YviWGfztjxxN5jlJAoLm4*z1cio7owEewUEmUDZzLOVApSi-yy2dl1yxpRkbtgF4K36B8owGVx-MCAAAAuty8CgAAAAA&img=-U6TQK6bvwqUmiFdQ2GNwKs3LEW2LCqUIychC747U2FQUaJ3V21kxcMLbzMTEUPDReRSwbnvTEfR1VlNz0oyp2ahjYwP8ZPD4CWIzGo*woy60SV-j9z3l*YTNW60-i9kTrEwCAnh3v7gMNIeULtiRwIAAAC63LwKAAAAAA&img=CaHcYUUXenukhfStA68O9UEITBcx6cuvtzuxBNlgB3xsZtsFr8PiOxXDINtdEij3EhppUpl6yessULac9ayi33dZpI85JQeF9X0iqifWIC8RR-7upMDX0oU4hM5Xfb0iYb4GTxrSFkb0*m-ITuXhW-3iN*8DCLHbu*jztc0IuL25bfl-rWoiwP4HGZBNW5xit9g2UnviNzyHsMpDllC8yMeOUmTVqWrz9qoSZIeWIgEBTHiSSU6*-plMaBsvUE*GMa-8g7G2g6jO70SCQUgiG8MZvaDv3o7fgsGHbhPzKQcCAAAAuty8CgAAAAA&img=duIZJUjsUI1dxNfQx8RVJ3wJxUCFY9oyVev2gkZdBsrndDm1PNSYourBP63BYz8l1Zdxo65xEO5IOxFfLr3IQTNlUYdWfw5eCHEhdbYHxMd*Q15Mb6-AuuhGI4ScCH8QcPNhUKKFxlkaDTyjPgddQfvVBU2SvRxwRdB8hu5w8SsCAAAAuty8CgAAAAA&img=VfYw9oO9lUy9Wp6QBqnNnJgs0296z94BsGRywFEkDfUJP-fVS7zWJiL2fP15jHib73SHxBKaihY7*LHszuYifa3QXsu-KCMy57vCQ9M7E3sTQpVLb5U48j*QtpyafjFqxlN8PzBAI0xyXRO8aoom*YcCP7oDzfbJyi4wc5NiKRUCAAAAuty8CgAAAAA&img=DJRZsI8kLAI*6D-tz1WIPY-nVa-Q-mMb9i3*K1*2waktSe143tyrtLu48VC*hm9fXGldInv2kptoivFuvS8K-i5qjda58qIPNBCs096jfmsCAAAAuty8CgAAAAA&img=YpCDrWlMppDgmdgYjRYAKYI1oRZZO6rd*GZVHaxJOB4RmDlxUuiW2iXZwDOBlEQ7f8WJI4qf9TQCRhbuKFU*W6uIlDnFjPy*epqpGVTR8ld4MWmcwRNsQSE540ntrighibPjdgfGlJ6qU7rbQdJ568WfAtpdjOvotJfshn*c9XuFgskZUdy8lmdgsqKj7CcGRmoqtJJ-L0Mq8X50VCvSOyDZenvgEoLAdtGTD-jxSyUCAAAAuty8CgAAAAA&img=zyeTTDI-dptlFVtb8feGRWb28Ap56LRIUn700sd6ffY5woZf13RLzxtf350PmeMhgdKSPNriAnZCCX5y*jmor9JDtP0e6sEv4jDi1ehu790HpbJZNqtGipgP1AoLzmBw2ZhzUKpT9VnJYOVTJHMbgwIAAAC63LwKAAAAAA&img=WEsfaYtGKFQpNeKfDSlTS81e5EmMTv6rAkI7mj26HsOFyladQkVcBOMDgKcT4fo444qlqp3SFeqrdTpupJYCxen6DRDvt0SbeNYnIFTTHGI3a70h*D8mF0NXKpg5WYBBPlj3c79DafzP-DP9scoNMO55ZpYG5E1d-xfT9lYaXetdYv8JSDINmtqzoWIIG7vmHZMipusLbW2Ib7tnYUM37gIAAAC63LwKAAAAAA&img=Uyv8TdK-w3JMmVQP8gA-K8mXEKT1s2i9zXEfafn22Si3CyHp7B8l*xKQ-asvgiaBYuD7TNIvZL5Nv6Um6C4wGuaJNZsCUQEGLVZjWUy7qRDVUlpuAgpqWCprNcxfRabuW0pxPodq2XrigJtVeaKTvwCiaT7z8wyNlaRIiDO2DA1e3yvzKCLA8NXAVFJfQIGTAgAAALrcvAoAAAAA&script=*ollo05vechen7acUtDJLr1x1446gtTkuYN7Z3s8w8Y2MO7AFY*eukhfYJ2B4fQYRr-D2eIejEyFVtqEzQFgXTVWp7qW3vY3H2FmoYWOPBKkJdhclvHU5gTnYsVNdx2Y-Un6TIJEFGfqteDsmXXbzgIAAAC63LwKAAAAAA&img=8IQRGoytCHaY0u1dErCtk05kr8VYj1JuufhuEyH4CfO24LprbDlywJcPB1B7uT5jEUgm7lPZT2A5J4mC73DpHE7vz7lFdA7jLU6c4AycMMEiMMIFgcHJBxM4MbBRFB25AgAAALrcvAoAAAAA&img=DkbhzcZ6LCgInQctInGHfb-CW*TnQNQuFCWw-Bfa-UqxaikFBGXjli1Yg1m2Zeoa6Arj6DRRuUt-ohvFpZkcivjsr2KFnEpRnOK26OK5TQ5PiicIkBd4uIUX86fvNyX2VZp4xhMIwi3znSFaw5x0Ig9kh9RKMFM*Itk8RfAW6CYCAAAAuty8CgAAAAA&img=MVlsTOA2G0wW0GHTDArIwaLQKrHiINmpfVJmPekCUiLy0kLd855OCi-YVI4MhJYNSI5DcKqRzvKQ1JiK6-ziXek1FqL2-tUPPVhE6xzH*lP5wFZ8Evwnv3XtacDVbZqgvu-XhXrD7ppJnsdbMq04BgIAAAC63LwKAAAAAA&img=A3muT*kOOmK*CHUcZ64CDGbKKJwtBD7-k8D7sSGlE5ejOv-dxrdRpJI6qurBKdjg9lhv9EM8lLDGluDxKLittraHaQ5T9AOjJqy26YSzwKkaePohV0eucASL*wp9OirGmS*EoCIb44Kih-n8Ww0BhAIAAAC63LwKAAAAAA&img=B93LlTMk0ZzN8GCWds4BebsbQfXUAvdB1ElWq-zoKXxq-fTpsEYuZfwIc7yawsuxHLXTKGZW3vXx8e-WaPDr298a7quU2E*TrZWCKAYpvmgBc*F0ledmEl02RMB7NXuSeUtGqEZSWxDIEf8XJ6ETb7unFCHzLYnas4nRQfjv5zcCAAAAuty8CgAAAAA
Frame ID: A2BB0F4222AF384369F581EFD255F3FF
Requests: 23 HTTP requests in this frame

Frame: https://profile.ssp.rambler.ru/sandbox?img=NuDXEovhQPknK0MZ-BLOZy2vqsOd-uDgicOUGOKnNzHt7IoOcWwvAGQwu1Rzydcuyjoj8kg1Y5KbsVzZ9ApboEjRGmef-QCGrokPoZQNHKDdrIBI2Of6fJ-xdkdM2-JsqhRullVGnzviZEM0yGqFeAXQtLuaxCp6u7pZ4t3iJrBBkJ*fLuo4s6a94VML*YOYAgAAALrcvAoAAAAA&img=GkRg-cs4wheWD2rHR3nD2qyXr4PT3ErTZLToPbWGRAD5SWQSOXHzyDGrhcdB1kvlTNgGHhP1Zst8fyCWrgFH8jbIfd0WxVhSOiG8Bkto169p*7AbC7WgNlqFnKbi8ozNTmkgac9M0480dzGnJkDaZr2lVNspgoDFBA1uLm1adTxmpEofzvHlrtTBl*Dut2hXZOCUFEuhGCoMwIw6V6l58YkORqtIfsvdw8TA4cr4rNAMQrLjmlrINB*iiRROYgZxkrYi-G45OW-ZMrdfx-DQKltAPfWXCtxyFjCmiFqAlGECAAAAuty8CgAAAAA&img=k4VnMH8*-3mWNHvHfntBaJMymDTivz-4Nf0SkWPBOKiXQ1DjoZlDELvcgJkAUH*r1-4aqLNnJLLBHd*UwCTaPH0SEORe6KRncFHaohUO0h7OP-DiCazvu4AFTvSqg9vUUNmTTk4QQwxuEYWEORlL9AIAAAC63LwKAAAAAA&img=hwnkXREE-ODgV8DO0JOOxiPw6CCboI6hPQgm3ikncbJKnaZoVpGORbYtgNHHuTyQN1Tb-rrtK2NctJslGUkk-8zkl9e-Dth-T4fb2aU*qDSqIT3qLvidSqDLO2MZxLUs6I1qk5oECSoQxRylb6w*5gIAAAC63LwKAAAAAA&img=R6*RucH5l5YLkB-Rwo1POMomeuvu34iYBR8CDGBa3SdJNj57jvRm83FOLu8ylaJhgVV1XmBZEHryBbUtG2-9W0X0wN8cQyKzCC7vg-QP0fUCAAAAuty8CgAAAAA&img=Ib6EU1GYHeoT-QTIM4wVxug-4L126*4G47iRyHgJ0v-e09lYqDQrkIEn2gu9K23q5J4wdcv3H9yHRgTC-a9UWnTqsv*lxOaj41t-P9BZB79In6GLbs7WRYbG4surJ-y8AgAAALrcvAoAAAAA&img=52G7Tm24L-5by-haE3UwNeWQL87ERccx9pfzsI1UxKB*TRUFl1e6APqDiHAXKRc3B6MwSHqw1O2DD0wgd0d2CwcXXNwanVKYFjDqEbMMKDt*e-1w9fc8zkV4CJI7KShvt639yw3QUNxkEHTsJ-4e3Zr475ZLZiQFyX8nPMHMTwECAAAAuty8CgAAAAA&img=8viimFUA*yD7vO8CQJatCnd6H29rvf*IftVu1E0Cuh8-szLJi4Oe4ah4A0PDtcJWdzIR4hT*lVo5ehNiGhy-MCqmBcNAe8dpG7PLFSOwsafu1izPmWj0gff-GSlcdDKP0wSYY-r5WTTpNCImt1YYIdiWbHPYYV4nUH47w9TrOIyp08lFfRvDJULsyysGep9DMviWS2ND2hyf-*svWxA-egKhBmysEs6SvcJxXUArIdoCAAAAuty8CgAAAAA&img=1FsHIL0nm*FkT*hmMBZHDdV8tPiUEfV0tHHnkLxKjhrgeBzNDNRilLOiRtW*hd6MMgU*hQ9mycM-hctOAOsRKX7EjtjN11tQh55QqPQJuWeVjQm*yhlQ4XQQvAFuPLtw6ba5*3u2fJVmqMoQzcqSxRipF0TlWDOV-iDV96RY4akCAAAAuty8CgAAAAA&img=LqOrq05nNL-QwrVSIXN2xuSa1wEjgAnDMbNVMmuerXQUgCKXUkBstCTIIW9fkwRNS5bqe90GaMeVdwvpRjKKxTcnVik2sVTIRc2MwHQSpocCAAAAuty8CgAAAAA&img=wJY3n0MVCPt0UmmX5ZOvcFe4OwUtRE5ZUbxkETJAcYpMFgOhQ0LwFxwTNfpwVLxzVmlb6x6Bxdu6S8tiDZWEC9EPjykLCZ0rDzb9pWRCeRk0dY7D*zZyqBccHTTWgPSFCRuopxnX*1KNPEWsyr*xz3Z7UfGa6HLyTTDK21LAMTQCAAAAuty8CgAAAAA&img=h-7-HRicj2*cQwK8BH-V2akhz19sFLJAbS23190gSk0fyfe9MaG5mtvi6cVvvLy0G9NL9DR9davZqslWZDmQyPctU6gi*gsdBZMqty9tjcZlUdV2P-V31zuRsvVSsbJfGp2Zd97c*jRrRUUjrG52ogIAAAC63LwKAAAAAA&img=soW2p*g8x3w9hGHRwFmNBIbRx5ctENG*30xzNUNhrGijcrlRnXy*d2tI1KysTrCbqabmoVz2dfMK9ntLzAPDAk69CJildpQUiKoAK3gGstm0VnNwbMQdCmLXStL6*qR4WdxRBjiawFmi6HRPU20K3U*A6AuHEooHSh8lP-26ntOnZd3HsloBLSgPhmxWv0FWFplEXRp7rVp-L*HYtzPj8AIAAAC63LwKAAAAAA&img=z0-DiC0zMD52JP3k1K4KgYbVuR50dvkwM657K7-DiWoam3yUgLVdJBRC3yTkkYe2ICADF*Rt2ymZNeILPUMuydi0bF35xg5pTbDHHUbpZ9M8NmgY4vy4-Xpz3GdGPysE1aLOIm7bhb97Rxy35x7fVQ*UBqtilIGStqTk1XPhQFMCAAAAuty8CgAAAAA&img=DOwlbAfWgyk--yvW6D2sgsroA2Qlx70ncUmGaiUPoJ--rmWCFopPfprnZkp1qKUKSUigUAa3YKAPU1gegmkTVllM6g0ESQTc3Lnyg78aeZBQmYRhl533T9r6fIi2VDjD8rIdqeBqKgQMPZ56lmZERwIAAAC63LwKAAAAAA
Frame ID: A779B236D3C00839039AF6829785ED5C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Сербский артхаус — ЖЖ

Detected technologies

LiveJournal (Blogs) Expand

Overall confidence: 100%
Detected patterns

\.livejournal\.com

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

\bangular.{0,32}\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+recaptcha

Page Statistics

370
Requests

94 %
HTTPS

46 %
IPv6

41
Domains

70
Subdomains

53
IPs

7
Countries

29719 kB
Transfer

51614 kB
Size

68
Cookies

102 Outgoing links

These are links going to different origins than the main page.

URL: https://www.livejournal.com/
Title: LiveJournal

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/2020/
Title: Your 2021 in LJ

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/browse/
Title: Entdecken

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/syn
Title: RSS Reader

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/shop/
Title: Shop

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/support/
Title: Hilfe

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/login.bml

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/login.bml?returnto=https%3A%2F%2Fantifreeze.livejournal.com%2F&ret=1
Title: Anmelden

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/create
Title: Join free Join

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/manage/settings/?cat=display
Title: Deutsch (de)

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/lostinfo.bml
Title: Forgot password

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/identity/login.bml?type=google&auto_forwhat=user%24antifreeze%24%2F

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/identity/login.bml?type=facebook&auto_forwhat=user%24antifreeze%24%2F

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/identity/login.bml?type=vkontakte&auto_forwhat=user%24antifreeze%24%2F

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/identity/login.bml?type=twitter&auto_forwhat=user%24antifreeze%24%2F

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/identity/login.bml?type=mailru&auto_forwhat=user%24antifreeze%24%2F

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/identity/login.bml?type=rambler&auto_forwhat=user%24antifreeze%24%2F

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/identity/login.bml?type=openid&auto_forwhat=user%24antifreeze%24%2F

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/legal/tos-en.bml
Title: User agreement

Search URL Search Domain Scan URL

URL: https://vk.com/antiantidote
Title: Антиантидот

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1860851
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1860488
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1860133
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1859661
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1859489
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1859144
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1858919
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1858494
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1857915
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://periskop.su/

Search URL Search Domain Scan URL

URL: https://periskop.su/profile

Search URL Search Domain Scan URL

URL: https://periskop.su/2162819.html
Title: Ретро-поезд "Уральский Экспресс": состав, маршрут, стиль и образ

Search URL Search Domain Scan URL

URL: https://periskop.su/2162819.html#cutid1

Search URL Search Domain Scan URL

URL: https://periskop.su/2162819.html?view=comments#comments
Title: 37

Search URL Search Domain Scan URL

URL: https://periskop.su/2162819.html?mode=reply#add_comment
Title: Оставить комментарий

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1857522
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1857236
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1856897
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1856607
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1856466
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1856016
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://leolion-1.livejournal.com/

Search URL Search Domain Scan URL

URL: https://leolion-1.livejournal.com/profile

Search URL Search Domain Scan URL

URL: https://leolion-1.livejournal.com/2100568.html
Title: день международного единства

Search URL Search Domain Scan URL

URL: https://leolion-1.livejournal.com/2100568.html?view=comments#comments
Title: 136

Search URL Search Domain Scan URL

URL: https://leolion-1.livejournal.com/2100568.html?mode=reply#add_comment
Title: Оставить комментарий

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1855588
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1855437
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://ibb.co/JCjFTkk

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1855129
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1854809
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1854709
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1854326
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://tito.livejournal.com/

Search URL Search Domain Scan URL

URL: https://tito.livejournal.com/profile

Search URL Search Domain Scan URL

URL: https://tito.livejournal.com/1320774.html
Title: начну издалека: "эта шапочка мне идет?"

Search URL Search Domain Scan URL

URL: https://ufsnp2015.livejournal.com/profile

Search URL Search Domain Scan URL

URL: https://ufsnp2015.livejournal.com/
Title: ufsnp2015

Search URL Search Domain Scan URL

URL: https://ru.wikipedia.org/wiki/99_%D1%84%D1%80%D0%B0%D0%BD%D0%BA%D0%BE%D0%B2_(%D1%84%D0%B8%D0%BB%D1%8C%D0%BC)
Title: Октавы Паранго

Search URL Search Domain Scan URL

URL: https://tito.livejournal.com/1320774.html?view=comments#comments
Title: 9

Search URL Search Domain Scan URL

URL: https://tito.livejournal.com/1320774.html?mode=reply#add_comment
Title: Оставить комментарий

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1853908
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1853645
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1853290
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://t.me/orda_mordora/15432

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1853117
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1852851
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1852307
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1852036
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1851708
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1851641
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1851079
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1850820
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://daniel-grishin.livejournal.com/902842.html?view=comments&style=mine#comments
Title: прелестное

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1850115
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1850090
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://t.me/orda_mordora/15287
Title: сбор

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1849753
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1849364
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1849267
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1848895
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1848699
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1848355
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1848263
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://boosty.to/norin/posts/4f3a183f-b991-4a8a-ac1d-f7d15ba43fe3
Title: Вот тут.

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1847817
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1847090
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1846985
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1846671
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1846493
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=antifreeze&itemid=1846208
Title: Пожаловаться

Search URL Search Domain Scan URL

URL: https://lexa1937.livejournal.com/profile

Search URL Search Domain Scan URL

URL: https://lexa1937.livejournal.com/
Title: lexa1937

Search URL Search Domain Scan URL

URL: https://shagingirey.livejournal.com/profile

Search URL Search Domain Scan URL

URL: https://shagingirey.livejournal.com/
Title: shagingirey

Search URL Search Domain Scan URL

URL: https://krajn.livejournal.com/profile

Search URL Search Domain Scan URL

URL: https://krajn.livejournal.com/
Title: krajn

Search URL Search Domain Scan URL

URL: https://voxpop-66.livejournal.com/profile

Search URL Search Domain Scan URL

URL: https://voxpop-66.livejournal.com/
Title: voxpop_66

Search URL Search Domain Scan URL

URL: https://dp-3lo.livejournal.com/profile

Search URL Search Domain Scan URL

URL: https://dp-3lo.livejournal.com/
Title: dp_3lo

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/memories/add?journal=&itemid=
Title: Все настройки

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://www.tns-counter.ru/V13a***R%3E*sup_ru/ru/UTF-8/tmsec=lj_blogs-vis-nonad/ HTTP 302
https://www.tns-counter.ru/V13b***R%3E*sup_ru/ru/UTF-8/tmsec=lj_blogs-vis-nonad/

Request Chain 63

https://www.tns-counter.ru/V13a***R%3E*rambler_ad/ru/UTF-8/tmsec=rambler_cid1100104-posid2155079/601179711 HTTP 302
https://www.tns-counter.ru/V13b***R%3E*rambler_ad/ru/UTF-8/tmsec=rambler_cid1100104-posid2155079/601179711

Request Chain 64

https://www.tns-counter.ru/V13a***R%3E*rambler_ad/ru/UTF-8/tmsec=rambler_cid1100108-posid2155106/123566760 HTTP 302
https://www.tns-counter.ru/V13b***R%3E*rambler_ad/ru/UTF-8/tmsec=rambler_cid1100108-posid2155106/123566760

Request Chain 65

https://vk.com/js/api/openapi.js?168 HTTP 302
https://vk.com/dist/public/api/openapi.917ca96d9331f956d945e39706791fde.js?168

Request Chain 104

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10223.V2ZZqGhSKGssAIBSw8_l69jHVXZ3q_KaS8oXdpyg9k3rN7Ac8xXs8cZuj1taz1Nx.G7F0BEvtaIkAuUKpVnF2NWYnkRw%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10223.YStBt-9eA4j4g7pd1_nRhzw-kEexTZNL8ZG1qr8VtyBbKfUckxQl-PVmbkUhM2WB8TbFuacUEWYaMjzbrWWr0uOCRIl5gCxht5adBIhFZge1TvVH1IS7xljHHFPxJnJQHsCPxc1oiH8ZjS36k2PpoISGxHZrtyJi5LZUZnOgjdhe7m4eTUeQHZyndSb4brChiL8_zpMRedFcJpfqFkczjl8HK1fthRxHhniwyXdmoRU%2C.3agK-vQE5eiEzaI0M0-AkTbx8QY%2C

Request Chain 136

https://mc.yandex.com/watch/27737346?wmode=7&page-url=https%3A%2F%2Fantifreeze.livejournal.com%2F&charset=utf-8&site-info=%7B%22rating_switch%22%3A%220%22%2C%22pd_adult_content%22%3A%22no%22%2C%22pd_visited_journal_account_level%22%3A%22paid%22%2C%22pd_error_pages%22%3A%22undef%22%2C%22pd_page_title%22%3A%22%D0%A1%D0%B5%D1%80%D0%B1%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B0%D1%80%D1%82%D1%85%D0%B0%D1%83%D1%81%20%E2%80%94%20%D0%96%D0%96%22%2C%22pd_comments_style%22%3A%22s1%22%2C%22pd_visited_journal_log_in_service%22%3A%22livejournal%22%2C%22user%22%3A%7B%22authorized%22%3Afalse%2C%22split_test%22%3A%7B%22rec_sys_medius%22%3Afalse%7D%7D%2C%22pd_ad_eligible%22%3A%22yes%22%2C%22pd_style_layout%22%3A%22Air%22%2C%22pd_style_system%22%3A%22s2%22%2C%22adblock%22%3A%22not_blocked%22%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Afp%3A5744%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A0%3Als%3A25946412930%3Ahid%3A601292917%3Az%3A60%3Ai%3A20231221025642%3Aet%3A1703123802%3Ac%3A1%3Arn%3A104981529%3Arqn%3A1%3Au%3A1703123802457634768%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C139%2C4795%2C273%2C0%2C0%2C%2C584%2C182%2C%2C%2C%2C5943%3Aco%3A0%3Acpf%3A1%3Ans%3A1703123795512%3Agi%3AR0ExLjEuNTM0OTE0MDg2LjE3MDMxMjM4MDI%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703123802%3At%3A%D0%A1%D0%B5%D1%80%D0%B1%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B0%D1%80%D1%82%D1%85%D0%B0%D1%83%D1%81%20%E2%80%94%20%D0%96%D0%96&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
https://mc.yandex.com/watch/27737346/1?wmode=7&page-url=https%3A%2F%2Fantifreeze.livejournal.com%2F&charset=utf-8&site-info=%7B%22rating_switch%22%3A%220%22%2C%22pd_adult_content%22%3A%22no%22%2C%22pd_visited_journal_account_level%22%3A%22paid%22%2C%22pd_error_pages%22%3A%22undef%22%2C%22pd_page_title%22%3A%22%D0%A1%D0%B5%D1%80%D0%B1%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B0%D1%80%D1%82%D1%85%D0%B0%D1%83%D1%81%20%E2%80%94%20%D0%96%D0%96%22%2C%22pd_comments_style%22%3A%22s1%22%2C%22pd_visited_journal_log_in_service%22%3A%22livejournal%22%2C%22user%22%3A%7B%22authorized%22%3Afalse%2C%22split_test%22%3A%7B%22rec_sys_medius%22%3Afalse%7D%7D%2C%22pd_ad_eligible%22%3A%22yes%22%2C%22pd_style_layout%22%3A%22Air%22%2C%22pd_style_system%22%3A%22s2%22%2C%22adblock%22%3A%22not_blocked%22%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Afp%3A5744%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A0%3Als%3A25946412930%3Ahid%3A601292917%3Az%3A60%3Ai%3A20231221025642%3Aet%3A1703123802%3Ac%3A1%3Arn%3A104981529%3Arqn%3A1%3Au%3A1703123802457634768%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C139%2C4795%2C273%2C0%2C0%2C%2C584%2C182%2C%2C%2C%2C5943%3Aco%3A0%3Acpf%3A1%3Ans%3A1703123795512%3Agi%3AR0ExLjEuNTM0OTE0MDg2LjE3MDMxMjM4MDI%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703123802%3At%3A%D0%A1%D0%B5%D1%80%D0%B1%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B0%D1%80%D1%82%D1%85%D0%B0%D1%83%D1%81%20%E2%80%94%20%D0%96%D0%96&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Request Chain 137

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 148

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 180

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 182

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 298

https://sync.bumlam.com/?src=sb2&random=225562130 HTTP 302
https://sync.bumlam.com/?src=sb2&s_data=CAIQARjdto6sBloTCgZyYW5kb20SCTIyNTU2MjEzMKIBEDGbeRyfpBHuhuAAJZDAZHw* HTTP 302
https://sync.rambler.ru/set?partner_id=4b88de7e-1ef2-11ee-be56-0242ac120002&id=319b791c-9fa4-11ee-86e0-002590c0647c

Request Chain 300

https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fsync.rambler.ru%2Fset%3Fpartner_id%3Dab56d453-f95a-4cbc-97b3-1e30a8f95173%26id%3D%7BWEBO_CID%7D&usr=0000106a-0b0a-5b3a-eeb3-4d80dce9bbe4 HTTP 307
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fsync.rambler.ru%2Fset%3Fpartner_id%3Dab56d453-f95a-4cbc-97b3-1e30a8f95173%26id%3D%7BWEBO_CID%7D&usr=0000106a-0b0a-5b3a-eeb3-4d80dce9bbe4&bounce=1&random=1655412965 HTTP 302
https://sync.rambler.ru/set?partner_id=ab56d453-f95a-4cbc-97b3-1e30a8f95173&id=75bDyXGFsmJBPWkC3lGoce

Request Chain 301

https://sync.rambler.ru/emily?partner_id=maximatelecom&id=0000106a-0b0a-5b3a-eeb3-4d80dce9bbe4 HTTP 302
https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=ab914581-c2bd-45ef-9242-3128c73c48c5&g_adv=rambler&g_cp1=2D933F1CD4511545423D650D7391604C

Request Chain 303

https://visor.sberbank.ru/rambler.gif?770531510 HTTP 302
https://visor.sberbank.ru/rambler.gif?try=1 HTTP 302
https://sync.rambler.ru/set?partner_id=sberbank_reverse&id=SA1.75eddeb4-225f-49b7-8cbe-f76f0da91f59.1703123712

Request Chain 304

https://sync.rambler.ru/emily?partner_id=vi&id=abcdef&r=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F7009%2Fi%2Fi%3Fa%3D185%26e%3D%24UID%26i%3D%24RND2074639264 HTTP 302
https://dmg.digitaltarget.ru/1/7009/i/i?a=185&e=EDD264EE36297DC6188A12097DAA7698 HTTP 307
https://dmg.digitaltarget.ru/awg/custom/7009/i/i?call_source=awg&ts=1703123805398&a=185&e=EDD264EE36297DC6188A12097DAA7698 HTTP 307
https://sync.rambler.ru/set?partner_id=vi&id=UF1tDmRFgCKiifk7H-2h HTTP 302
https://dmg.digitaltarget.ru/1/7009/i/i?a=185&e=EDD264EE36297DC6188A12097DAA7698

Request Chain 305

https://sync.upravel.com/image?source=sber&id=0000106a-0b0a-5b3a-eeb3-4d80dce9bbe4 HTTP 302
https://sync.upravel.com/image?source=sber&id=0000106a-0b0a-5b3a-eeb3-4d80dce9bbe4&session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9wcm9maWxlLnNzcC5yYW1ibGVyLnJ1LyJdfX0 HTTP 302
https://sync.upravel.com/dc_swap/sync HTTP 302
https://ad.doubleclick.net/ddm/activity/src=10009553;type=invmedia;cat=uprav00;match_id=abd63a56-b3d5-4057-a244-d394ce1e592e;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=10009553;dc_pre=CKOss8u2n4MDFdRXkQUdGCwL1A;type=invmedia;cat=uprav00;match_id=abd63a56-b3d5-4057-a244-d394ce1e592e;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/p/src=10009553;dc_pre=CKOss8u2n4MDFdRXkQUdGCwL1A;type=invmedia;cat=uprav00;match_id=abd63a56-b3d5-4057-a244-d394ce1e592e;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1;~oref=https://profile.ssp.rambler.ru/

Request Chain 306

https://lbs-ru1.ads.betweendigital.com/match?bidder_id=43008&external_matching=1&forward=1&external_user_id=0000106a-0b0a-5b3a-eeb3-4d80dce9bbe4 HTTP 302
https://lbs-ru1.ads.betweendigital.com/match?bidder_id=43008&external_matching=1&forward=1&external_user_id=0000106a-0b0a-5b3a-eeb3-4d80dce9bbe4&crf=1&rts=3271856665127052048 HTTP 302
https://x.bidswitch.net/sync?ssp=between

Request Chain 307

https://sync.rambler.ru/emily?partner_id=6bf5a340-6c1f-4262-8f72-400b3d237f5d&ruid=0000106a-0b0a-5b3a-eeb3-4d80dce9bbe4 HTTP 302
https://top-fwz1.mail.ru/counter?id=3082612;pid=3D1883B09BD4AB417288A05666FFF2F9

Request Chain 308

https://px.adhigh.net/p/cm/rambler?u=0000106a-0b0a-5b3a-eeb3-4d80dce9bbe4 HTTP 302
https://px.adhigh.net/p/cm/rambler?u=0000106a-0b0a-5b3a-eeb3-4d80dce9bbe4&bounced=1

Request Chain 309

https://sync.rambler.ru/emily?partner_id=9122f432-a6c9-4f14-bc8a-daa781f3d204&rnd=1797563397 HTTP 302
https://stats.mos.ru/static.gif?ramblerid=2EDEC6AA88B5DA4D8ACF84E32025FA8F

Request Chain 310

https://sync.rambler.ru/emily?partner_id=aidata&rnd=0000106a-0b0a-5b3a-eeb3-4d80dce9bbe4 HTTP 302
https://x01.aidata.io/0.gif?pid=RAMBLER&id=C1F61431D9AB94EA93E517568F52CCAC HTTP 302
https://x01.aidata.io/0.gif?pid=RAMBLER&id=C1F61431D9AB94EA93E517568F52CCAC&bounce=1 HTTP 302
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP HTTP 302
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP

Request Chain 311

https://sync.rambler.ru/emily?partner_id=cldata&rnd=0000106a-0b0a-5b3a-eeb3-4d80dce9bbe4 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=6464e806-bc68-4a4f-8893-22ec34eb02f1&pid=957b2d53-9bf9-48fd-95ea-df093901ffcf&uid=5B9606213CE1C709A7978035725C50C9

370 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
antifreeze.livejournal.com/ 1 MB
308 KB 5086ms
4795ms Document
text/html 81.19.74.1
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://antifreeze.livejournal.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.74.1 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: livejournal.com
Software: nginx /
Resource Hash: 6d6164063eca4f69b65efac46f68007013a0a24dab50ee93a690a1295926348d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 0
Cache-Control: private, proxy-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 310907
Content-MD5: kBje11HsgCQfgzFN2jy/QQ
Content-Security-Policy-Report-Only: default-src 'self' *.livejournal.com *.livejournal.net *.google.com google.com *.rambler-co.ru rambler-co.ru *.rambler.ru rambler.ru *.tiktok.com tiktok.com *.youtube.com youtube.com; script-src 'self' *.livejournal.com *.livejournal.net *.adfox.ru ad.mail.ru api.giphy.com cdn.ampproject.org cdn.jsdelivr.net content.adriver.ru *.criteo.com *.criteo.net cstatic.weborama.fr data00.adlooxtracking.com data.24smi.net *.doubleclick.net *.dropbox.com dsp-rambler.ru *.exelator.com *.facebook.com vk.com *.facebook.net googleads.g.doubleclick.net *.google-analytics.com *.googleapis.com *.google.com google.com *.google.ru *.googlesyndication.com *.googletagmanager.com googletagmanager.com *.googletagservices.com *.gstatic.com *.instagram.com j.adlooxtracking.ru js.mamydirect.com jsn.24smi.net *.lj.ru mc.yandex.com mc.yandex.ru *.newrelic.com *.nr-data.net *.ok.ru openstat.net pingback.giphy.com *.pingdom.com *.pingdom.net *.pinterest.com *.plista.com *.rambler-co.ru rambler-co.ru *.rambler.ru rambler.ru rb.infox.sg r.mradx.net *.rnet.plus *.rubiconproject.com r.webturn.ru *.scorecardresearch.com sdk.canva.com *.services.livejournal.com smi2.ru ssl.p.jwpcdn.com static.smi2cdn.ru static.smi2.net static.weborama.fr static.xx.fbcdn.net stat.media telegram.org tiktokcdn-us.com *.tiktok.com tiktok.com tns-counter.ru *.top100.ru top-fwz1.mail.ru tpc.googlesyndication.com twemoji.maxcdn.com *.twimg.com *.twitter.com *.videos.livejournal.com *.vk.com wcm-ru.frontend.weborama.fr weborama.fr *.webturn.ru *.yahooapis.com *.yandex.ru yandex.ru yastatic.net ymetrica.com *.youtube.com youtube.com z.moatads.com 'unsafe-inline' 'unsafe-eval'; style-src http: https: data: 'unsafe-inline'; img-src http: https: data:; frame-src http: https:; font-src http: https: data:; connect-src 'self' *.livejournal.com *.livejournal.net ad.mail.ru cdn.ampproject.org cls.ad-tech.ru *.criteo.com csi.gstatic.com data00.adlooxtracking.com dsp-rambler.ru *.eaglecdn.com *.g.doubleclick.net googleads.g.doubleclick.net *.google-analytics.com *.googleapis.com *.google.com google.com *.googletagmanager.com googletagmanager.com graph.facebook.com gstatic.com *.lj.ru lj.stat.eagleplatform.com mc.yandex.by mc.yandex.com mc.yandex.md mc.yandex.ru *.pingdom.net *.rambler-co.ru rambler-co.ru *.rambler.ru rambler.ru rb.infox.sg *.rnet.plus *.services.livejournal.com *.ssp.rambler.ru ssp.rambler.ru static-mon.yandex.net static.xx.fbcdn.net stat.media stats.g.doubleclick.net smi2.net smi2.ru *.tiktok.com tiktok.com top-fwz1.mail.ru *.twitter.com *.webturn.ru webvisor.org wss://www.livejournal.com yandexmetrica.com yandexmetrica.com:29010 yandexmetrica.com:30103 *.yandex.ru yandex.ru yastatic.net ymetrica1.com ymetrica.com *.youtube.com youtube.com; report-uri https://www.livejournal.com/csp_reports; report-to livejournal; media-src http: https: data: storage.mds.yandex.net; frame-ancestors 'self'; worker-src 'self' blob:; object-src 'self' blob: youtube.com *.youtube.com; child-src 'self' blob:;
Content-Type: text/html; charset=utf-8
Date: Thu, 21 Dec 2023 01:56:40 GMT
ETag: GgZzkBje11HsgCQfgzFN2jy/QQ
Keep-Alive: timeout=50
P3P: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Referrer-Policy: no-referrer-when-downgrade
Reporting-Endpoints: livejournal="https://www.livejournal.com/csp_reports"
Server: nginx
Vary: Accept-Encoding,ETag
X-AWS-Id: 3dt-ws13
X-LJ-Flow-ID: ZYObU6DMcX0HnR1Si@K5vgAAABU
X-SplitTest: none
X-VWS-Id: kr-varn07.lj.rambler.tech
X-Varnish: 6379840

GET
H2 200 /
l-stat.livejournal.net/ 362 KB
55 KB 335ms
40ms Stylesheet
text/css 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://l-stat.livejournal.net/??schemius_v4/header_v5.css,schemius_v4/header-journal.css,medius/scheme/components.css,lj_base-journal.css,common-post.css,adv/native.css,widgets/threeposts.css,recaptcha.css,categories/category-panel.css,core/components/tag.css,core/components/basepopup.css,core/components/lightcontrols.css,core/components/alert.css,popup/popup-suggestion.css,popup/popup-trump.css,popup/popup-map-invite.css,popup/push-woosh-popup.css,widgets/reactions.css,notifications/list.css,widgets/polls.css,schemius_v4/asap-news.css,components/interest.css,components/cookies-banner.css,components/modal-repost.css,components/buttons.css,components/promo-video.css?v=1702972823
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 3a793ba3b6c7e17ead801000cddf5f00786dc4e1a73f61266bc41b55681b1d52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:40 GMT
content-encoding: gzip
access-control-allow-private-network: true
age: 0
x-cached-since: 2023-12-19T08:00:39+00:00
x-gateway: 3dt-front01.lj.rambler.tech
content-length: 55748
x-node: fr5-up-gc15
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Dec 2023 08:00:23 GMT
server: nginx
x-lj-flow-id: ZYFNp@rAS-D-WWQNpHS@1wAAAA8
etag: GgZzW/8xfKuydVCUuOgeit7oPbfA
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
x-aws-id: kr-ws18
access-control-allow-origin: *
x-varnish: 30440464
cache-control: public, max-age=4000000
x-vws-id: kr-varn04.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 /
l-stat.livejournal.net/ 9 KB
2 KB 358ms
63ms Stylesheet
text/css 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://l-stat.livejournal.net/??schemius_v4/header_v5-adaptive.css,schemius_v4/header-journal-adaptive.css?v=1702972823
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 7d7e954fb80e4179a35b4b1fb91d7426458f4c247ca9436b1eb0b707999168c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:40 GMT
content-encoding: gzip
access-control-allow-private-network: true
age: 0
x-cached-since: 2023-12-19T08:00:43+00:00
x-gateway: kr-front03.lj.rambler.tech
content-length: 2019
x-node: fr5-up-gc15
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Dec 2023 08:00:23 GMT
server: nginx
x-lj-flow-id: ZYFNo-@jOA4XMDkKOtLi5wAAAAs
etag: GgZzW/uSAEqdS05k0X0XlSr5kOKw
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
x-aws-id: 3dt-ws21
access-control-allow-origin: *
x-varnish: 14123053 12943538
cache-control: public, max-age=4000000
x-vws-id: kr-varn02.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 /
l-stat.livejournal.net/ 145 KB
30 KB 327ms
32ms Stylesheet
text/css 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://l-stat.livejournal.net/??lj_base.css,flatbutton.css,controlstrip-light-new.css,widgets/calendar.css,widgets/filter-settings.css,components/modal.css,components/form.css,widgets/rutos.css,widgets/likes.css,widgets/login_v2.css,journalpromo/journalpromo_v3.css,msgsystem.css?v=1702972823
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: bac39e173d6023c117eb4e6a8d2d06fe05d7e4b2d035eb3075010ea6519d541a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:40 GMT
content-encoding: gzip
access-control-allow-private-network: true
age: 0
x-cached-since: 2023-12-19T08:01:05+00:00
x-gateway: kr-front03.lj.rambler.tech
content-length: 29842
x-node: fr5-up-gc15
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Dec 2023 08:00:23 GMT
server: nginx
x-lj-flow-id: ZYFNtTrb8jfzOnnolRdqywAAABs
etag: GgZzW/YyOoibfyQIm/vvLEM+hdzg
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
x-aws-id: 3dt-ws02
access-control-allow-origin: *
x-varnish: 23775391 28535824
cache-control: public, max-age=4000000
x-vws-id: os-varn02.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 /
l-stat.livejournal.net/ 71 KB
15 KB 332ms
36ms Stylesheet
text/css 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://l-stat.livejournal.net/??ljuser/ljuser.css,lj-cut.css,entryunit_v4.css,air/layout.css,air/default_theme/theme.css,chameleon/widget-threeposts.css?v=1702972823
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 12034f03013910b24ea5e6b792b7acab81f5fd4326bca60b9842429300c23525

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:40 GMT
content-encoding: gzip
access-control-allow-private-network: true
age: 0
x-cached-since: 2023-12-19T08:00:43+00:00
x-gateway: 3dt-front02.lj.rambler.tech
content-length: 15297
x-node: fr5-up-gc15
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Dec 2023 08:00:23 GMT
server: nginx
x-lj-flow-id: ZYFNq0tIBqswOZrzu5z85QAAAA4
etag: GgZzW/EZPmcGADBoibLrQ5QiE6JQ
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
x-aws-id: kr-ws04
access-control-allow-origin: *
x-varnish: 96437260
cache-control: public, max-age=4000000
x-vws-id: kr-varn05.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 /
l-stat.livejournal.net/ 452 KB
338 KB 358ms
62ms Stylesheet
text/css 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://l-stat.livejournal.net/??svg/flaticon.css,svg/headerextra.css,proximanova-opentype.css?v=1702972823
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: c039b93bb6809c62a3c0b96290c065277098736b1d7fc9716ab8cc2b617b4b00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:40 GMT
content-encoding: gzip
access-control-allow-private-network: true
age: 0
x-cached-since: 2023-12-19T08:00:39+00:00
x-gateway: kr-front03.lj.rambler.tech
content-length: 346097
x-node: fr5-up-gc15
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Dec 2023 08:00:23 GMT
server: nginx
x-lj-flow-id: ZYFNpxVU9hDCZqvOfjfBLgAAAAs
etag: GgZzW/cE4uexkAkloo/ib9dR0xLQ
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
x-aws-id: 3dt-ws04
access-control-allow-origin: *
x-varnish: 7864626 12649320
cache-control: public, max-age=4000000
x-vws-id: os-varn01.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 275 KB
92 KB 180ms
62ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1V2YHKGDNK

Requested by

Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d3eb0fa40c106409328a16dad688a5f51a9af7e191a4a333f13bad5042ae44a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93859
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Dec 2023 01:56:41 GMT

GET
H2 200 sdk.js Show response
vp.rambler.ru/player/ 91 KB
28 KB 371ms
137ms Script
application/javascript 81.19.87.48
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vp.rambler.ru/player/sdk.js
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.87.48 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: apl.rambler-co.ru
Software: nginx /
Resource Hash: e347d0bdaeb521112beb0ce804546cac66f3487c3b78b0d69fa71aa120a85f05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-bytes-rcv: 0
date: Thu, 21 Dec 2023 01:56:41 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.2)
x-upstream-addr: 10.136.33.16:80
x-amz-request-id: ee52f230-0519-4b7b-aa2b-df43cbca4b0a
age: 668
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
x-upstream-responsetime: -1
x-varnish-hostname: 1b57bbd3bcf9b7a988d53aa4ba029c05
x-upstream-headertime: 1
content-length: 27761
x-upstream-connecttime: 0
last-modified: Thu, 14 Dec 2023 10:32:49 GMT
server: nginx
etag: "72ae26ce059638b3fb3ab74b6f3e7e0f"
vary: Accept, Origin
content-type: application/javascript
x-varnish: 971133599 973059320
cache-control: max-age=300, public, max-age=300
x-bytes-snd: 0
accept-ranges: bytes
x-time: 0

GET
H2 200 capirs_async.js Show response
ssp.rambler.ru/ 412 KB
116 KB 336ms
139ms Script
application/x-javascript 91.192.149.12
BEGUN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ssp.rambler.ru/capirs_async.js

Requested by

Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

91.192.149.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

ssp.rambler.ru

Software

nginx /

Resource Hash

87cc848024ed1ae502431b6a9d6fb300c698b13499f59261c8e2bf85d31e3a9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:40 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Mon, 11 Dec 2023 10:43:58 GMT
server: nginx
etag: W/"6576e7ee-67020"
content-type: application/x-javascript
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
cache-control: max-age=60
x-passed: 1bal1
expires: Thu, 21 Dec 2023 01:57:40 GMT

GET
H2 200 440
l-files.livejournal.net/userhead/ 3 KB
4 KB 144ms
31ms Image
image/png 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-files.livejournal.net/userhead/440?v=1318849772
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 9150050da4db30044477a46c419cdc83dd57fd9e3d8b090911d2d1f8574928a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:40 GMT
last-modified: Sat, 06 May 2017 04:15:58 GMT
server: nginx
age: 0
x-cached-since: 2023-12-18T20:27:00+00:00
x-varnish: 82975935
content-type: image/png
x-gateway: front01.lj.rambler.tech
cache-control: public, max-age=4000000
x-vws-id: kr-varn01.lj.rambler.tech
cache: HIT
accept-ranges: bytes
content-length: 3397
x-node: fr5-up-gc15

GET
H2 200 print-logo.png
l-stat.livejournal.net/img/schemius/ 2 KB
2 KB 35ms
30ms Image
image/png 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-stat.livejournal.net/img/schemius/print-logo.png?v=49361
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 96a72c16787d9e55cbe06f31bc91db028934a7ad24aad0e7ee7a7649a6b160ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
content-encoding: gzip
access-control-allow-private-network: true
age: 0
x-cached-since: 2023-12-18T20:10:55+00:00
x-gateway: kr-front03.lj.rambler.tech
content-length: 2249
x-node: fr5-up-gc15
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 01 Jan 1970 13:42:41 GMT
server: nginx
x-lj-flow-id: ZYCnT8k8J2iiWHi9qOPOSgAAAAY
etag: GgZzYGcFKOznFaw7EFLw6wHnuA
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
x-aws-id: kr-ws13
access-control-allow-origin: *
x-varnish: 31760730
cache-control: public, max-age=4000000
x-vws-id: kr-varn04.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 23096348
l-userpic.livejournal.com/130446846/ 26 KB
26 KB 234ms
36ms Image
image/png 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-userpic.livejournal.com/130446846/23096348
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 3715234ab5089eb44008fe9f4a8fbbef4cb7f4bba34c9479aa90858519981e74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
last-modified: Mon, 03 Oct 2022 08:14:27 GMT
server: nginx
age: 0
access-control-allow-methods: GET
x-varnish: 124811686
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=4000000
x-vws-id: os-varn02.lj.rambler.tech
cache: HIT
x-cached-since: 2023-12-18T20:57:13+00:00
accept-ranges: bytes
content-length: 26435
x-node: fr5-up-gc15

GET
H2 200 23096348
l-userpic.livejournal.com/119691694/ 9 KB
9 KB 260ms
63ms Image
image/jpeg 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-userpic.livejournal.com/119691694/23096348
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 76ebe04a9471cc38eae66c23a479564e75f085b3ab3c802cbea890ff32f9d3f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
last-modified: Wed, 11 May 2022 16:55:51 GMT
server: nginx
age: 0
access-control-allow-methods: GET
x-varnish: 16777881
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=4000000
x-vws-id: kr-varn01.lj.rambler.tech
cache: HIT
x-cached-since: 2023-12-18T15:16:14+00:00
accept-ranges: bytes
content-length: 8806
x-node: fr5-up-gc15

GET
H2 200 JIi-ATl-TRPC4.jpg
i.ibb.co/3mN2zrG/ 28 KB
28 KB 122ms
39ms Image
image/jpeg 162.19.58.156
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/3mN2zrG/JIi-ATl-TRPC4.jpg
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.156 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096358.ip-162-19-58.eu
Software: nginx /
Resource Hash: 3f9d572539e13042d60e4901942615e88505b251dbeb0f90b4990f9343be5210

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:40 GMT
last-modified: Fri, 24 Nov 2023 14:48:28 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 28715
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 9080476
l-userpic.livejournal.com/42604689/ 15 KB
15 KB 260ms
63ms Image
image/jpeg 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-userpic.livejournal.com/42604689/9080476
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 85a44e933b6519583d1d4d769648d7f523ea1866cebd533b87f3e4580693d2a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
last-modified: Sun, 28 Mar 2021 05:39:14 GMT
server: nginx
age: 0
access-control-allow-methods: GET
x-varnish: 163398173
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=4000000
x-vws-id: kr-varn09.lj.rambler.tech
cache: HIT
x-cached-since: 2023-12-19T09:33:53+00:00
accept-ranges: bytes
content-length: 15387
x-node: fr5-up-gc15

GET
H2 200 userinfo_v8.svg
l-stat.livejournal.net/img/ 1 KB
718 B 151ms
63ms Image
image/svg+xml 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-stat.livejournal.net/img/userinfo_v8.svg?v=17080&v=720
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 535f067852f7f5964da5b260304a60715398e18537479480fedfa7cc535949ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:40 GMT
content-encoding: gzip
access-control-allow-private-network: true
age: 0
x-cached-since: 2023-12-19T07:54:06+00:00
x-gateway: 3dt-front03.lj.rambler.tech
content-length: 523
x-node: fr5-up-gc15
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 01 Jan 1970 00:12:00 GMT
server: nginx
x-lj-flow-id: ZYFMHgOvOAkkswsGDXaWPAAAAAs
etag: GgZz3Lj/0Zs7IF/99OqziMt7VA
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
x-aws-id: kr-ws09
access-control-allow-origin: *
x-varnish: 31142422
cache-control: public, max-age=4000000
x-vws-id: kr-varn05.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 3043572_original.jpg
ic.pics.livejournal.com/periskop.su/9080476/3043572/ 232 KB
232 KB 532ms
61ms Image
image/jpeg 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.pics.livejournal.com/periskop.su/9080476/3043572/3043572_original.jpg
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: e3723ec70d0849f094d6ebbc71fa6355e2b64c265437b3add6e93a5bf77cd7d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-mog-pth: http://10.27.0.79:80/dev207/0/981/161/0981161571.fid
date: Thu, 21 Dec 2023 01:56:41 GMT
x-phn-id: kr-phwsn01
x-cached-since: 2023-12-14T13:16:45+00:00
content-length: 237433
x-node: fr5-up-gc15
last-modified: Mon, 13 Nov 2023 21:12:08 GMT
server: nginx
etag: "39f79-60a0f1f6fd0ec"
access-control-allow-methods: POST, GET, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
cache: HIT
accept-ranges: bytes
expires: Thu, 14 Dec 2023 10:37:27 GMT

GET
H2 200 image.jpg
i.ibb.co/Mf2fZpv/ 45 KB
45 KB 119ms
41ms Image
image/jpeg 162.19.58.156
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/Mf2fZpv/image.jpg
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.156 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096358.ip-162-19-58.eu
Software: nginx /
Resource Hash: 571852034274c2ff4179e21b797fbef2f2776944ab08bd2f56065df3fa91593c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:40 GMT
last-modified: Sat, 18 Nov 2023 13:57:16 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 45630
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 12430341
l-userpic.livejournal.com/129552571/ 25 KB
25 KB 229ms
31ms Image
image/png 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-userpic.livejournal.com/129552571/12430341
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 3df011a5a8c4f4fe92a77c64d7c3290f38e28379834f21106f875bf245a07fa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
last-modified: Mon, 07 Sep 2020 02:25:28 GMT
server: nginx
age: 0
access-control-allow-methods: GET
x-varnish: 25179342
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=4000000
x-vws-id: kr-varn06.lj.rambler.tech
cache: HIT
x-cached-since: 2023-12-18T20:41:22+00:00
accept-ranges: bytes
content-length: 25378
x-node: fr5-up-gc15

GET
H2 200 Zssu-I04-Ar-YU.jpg
i.ibb.co/rvHbN9f/ 57 KB
57 KB 286ms
207ms Image
image/jpeg 162.19.58.156
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/rvHbN9f/Zssu-I04-Ar-YU.jpg
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.156 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096358.ip-162-19-58.eu
Software: nginx /
Resource Hash: 1bfaddb95c4b34064e7e7a435f9a7e49682349869f7f66b73ff6c643f7a39fc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
last-modified: Sat, 04 Nov 2023 12:38:23 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 58068
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Whats-App-Image-2023-11-03-at-18-01-11.jpg
i.ibb.co/qxYF811/ 66 KB
66 KB 363ms
284ms Image
image/jpeg 162.19.58.156
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/qxYF811/Whats-App-Image-2023-11-03-at-18-01-11.jpg
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.156 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096358.ip-162-19-58.eu
Software: nginx /
Resource Hash: d409330f64bf4e2924b1a9dec92df34d841b3dd026100c81011643fa77563681

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
last-modified: Fri, 03 Nov 2023 13:03:08 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 67610
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 8864793
l-userpic.livejournal.com/130986367/ 30 KB
30 KB 259ms
62ms Image
image/png 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-userpic.livejournal.com/130986367/8864793
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: fd6440013decd7ea173eaa34789464a1505b58bb2b9037bb6574cdff7340b29f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
last-modified: Mon, 13 Nov 2023 09:16:10 GMT
server: nginx
age: 0
access-control-allow-methods: GET
x-varnish: 36902641
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=4000000
x-vws-id: kr-varn03.lj.rambler.tech
cache: HIT
x-cached-since: 2023-11-13T09:21:02+00:00
accept-ranges: bytes
content-length: 30415
x-node: fr5-up-gc15

GET
H2 200 1203
l-files.livejournal.net/userhead/ 406 B
569 B 35ms
31ms Image
image/png 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-files.livejournal.net/userhead/1203?v=1368446261
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: cc4f806b4f268920a593fcde5ae019038b7dc308ccb6f491a517d7be9bb5d5d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
last-modified: Wed, 11 May 2022 17:29:53 GMT
server: nginx
age: 0
x-cached-since: 2023-12-06T05:46:56+00:00
x-varnish: 104218894
content-type: image/png
x-gateway: kr-front02.lj.rambler.tech
cache-control: public, max-age=4000000
x-vws-id: os-varn02.lj.rambler.tech
cache: HIT
accept-ranges: bytes
content-length: 406
x-node: fr5-up-gc15

GET
H2 200 image.jpg
i.ibb.co/mJcKgXm/ 264 KB
264 KB 118ms
40ms Image
image/jpeg 162.19.58.156
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/mJcKgXm/image.jpg
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.156 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096358.ip-162-19-58.eu
Software: nginx /
Resource Hash: 589d926fb09946afab8bb917b9a402603deac43e2689cc2de049f1acdd5ee771

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:40 GMT
last-modified: Wed, 18 Oct 2023 11:56:34 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 270128
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Am-YO33-ROZTo.jpg
i.ibb.co/R4hKrqy/ 37 KB
37 KB 118ms
40ms Image
image/jpeg 162.19.58.156
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/R4hKrqy/Am-YO33-ROZTo.jpg
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.156 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096358.ip-162-19-58.eu
Software: nginx /
Resource Hash: eecd9d7a279ba94cde6b656b8681581f1c646175e21e3054d9976ce80c71cd0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:40 GMT
last-modified: Tue, 17 Oct 2023 15:07:05 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 37456
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 23096348
l-userpic.livejournal.com/127628351/ 25 KB
25 KB 238ms
41ms Image
image/png 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-userpic.livejournal.com/127628351/23096348
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: e5adeabd4de820275552e433c4127b434de021739b66c80ef2e1be7b341ce77b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
last-modified: Mon, 15 May 2017 10:45:43 GMT
server: nginx
age: 0
access-control-allow-methods: GET
x-varnish: 16841746
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=4000000
x-vws-id: os-varn01.lj.rambler.tech
cache: HIT
x-cached-since: 2023-12-17T12:44:00+00:00
accept-ranges: bytes
content-length: 25138
x-node: fr5-up-gc15

GET
H2 200 23096348
l-userpic.livejournal.com/116775443/ 6 KB
6 KB 57ms
57ms Image
image/jpeg 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-userpic.livejournal.com/116775443/23096348
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 02a00f433f65d24289c6e7dd7b70bea2a4cc3f67e131fde03c897a4032cd8ba7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
last-modified: Mon, 17 Oct 2016 12:20:22 GMT
server: nginx
age: 0
access-control-allow-methods: GET
x-varnish: 85383815
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=4000000
x-vws-id: os-varn01.lj.rambler.tech
cache: HIT
x-cached-since: 2023-12-18T14:55:51+00:00
accept-ranges: bytes
content-length: 5683
x-node: fr5-up-gc15

GET
H2 200 KLlju98-Xp-CE.jpg
i.ibb.co/3yW2rbp/ 28 KB
28 KB 284ms
206ms Image
image/jpeg 162.19.58.156
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/3yW2rbp/KLlju98-Xp-CE.jpg
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.156 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096358.ip-162-19-58.eu
Software: nginx /
Resource Hash: 1b0a547f7196ad80a878408319f3c0ab2a2fe95bad39dac4c7d1578bb6851b03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
last-modified: Fri, 15 Sep 2023 15:37:47 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 28827
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 4.jpg
i.ibb.co/HFpsx0K/ 22 KB
22 KB 284ms
207ms Image
image/jpeg 162.19.58.156
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/HFpsx0K/4.jpg
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.156 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096358.ip-162-19-58.eu
Software: nginx /
Resource Hash: d4da749d437be918018d2c675ffc94733a7000ce39af46f39fe398b594b6bac4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
last-modified: Thu, 14 Sep 2023 09:10:13 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 22203
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
l-stat.livejournal.net/js/ 1 MB
320 KB 40ms
40ms Script
application/x-javascript 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1702972823
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: fe735de4cda81179b66134bf4af189db58f1e31d9a1aaa5b69cad9487e9c3355

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:40 GMT
content-encoding: gzip
access-control-allow-private-network: true
age: 0
x-cached-since: 2023-12-19T08:00:40+00:00
x-gateway: 3dt-front03.lj.rambler.tech
content-length: 327435
x-node: fr5-up-gc15
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Dec 2023 08:00:23 GMT
server: nginx
x-lj-flow-id: ZYFNp0wuSdd32bPiAsWwFgAAAAc
etag: GgZzW/aSUl3/K1zpu8xIHreiUWyA
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
x-aws-id: kr-ws15
access-control-allow-origin: *
x-varnish: 81178205
cache-control: public, max-age=4000000
x-vws-id: kr-varn06.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 / Show response
l-stat.livejournal.net/js/ 2 MB
652 KB 38ms
37ms Script
application/x-javascript 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://l-stat.livejournal.net/js/??jquery/jquery.lj.calendar.js,jquery/jquery.mask.js,core/controlstrip.js,scheme/schemius/index.js,widgets/angular/login.js,jquery/jquery.lj.repostbutton.js,old/threeposts.js,deprecated/recommended-entries.js,s2/index.js,old/esn.js,jquery/jquery.lj.confirmbubble.js,jquery/jquery.lj.ljcut.js,old/fb-select-image.js,jquery/jquery.lj.inlineCalendar.js,jquery/jquery.calendarEvents.js,s2/theme/air.js,old/apps.js,apps/appcontainer.js,jquery/jquery.lj.journalPromoStrip.js?v=1702972823
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 2cfbb4e9cef1e4b6d08df192f5dc277bb2c8103c3327a66020139c63c381b59c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
content-encoding: gzip
access-control-allow-private-network: true
age: 0
x-cached-since: 2023-12-19T08:00:47+00:00
x-gateway: kr-front01.lj.rambler.tech
content-length: 667105
x-node: fr5-up-gc15
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Dec 2023 08:00:23 GMT
server: nginx
x-lj-flow-id: ZYFNrkdhEvExDSNYYO5MNwAAAAA
etag: GgZzW/a69R8d1YN//Or75oThCVtA
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
x-aws-id: kr-ws01
access-control-allow-origin: *
x-varnish: 20107471 35925408
cache-control: public, max-age=4000000
x-vws-id: kr-varn04.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 258ms
142ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113076623-1

Requested by

Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4770dd26bd6c9496f673a28394ec11fcef15795c679f1e74b2807d68a4cedb70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69006
x-xss-protection: 0
last-modified: Thu, 21 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Dec 2023 01:56:41 GMT

GET
H/1.1 200
OK /
xc3.services.livejournal.com/ljcounter/ 35 B
704 B 439ms
70ms Image
image/gif 81.19.74.0
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xc3.services.livejournal.com/ljcounter/?d=srv:3dt-ws13,r:0,j:23096348,p:23096348,uri:%22%2F%22,vig:0,m:0,extra:AWBsHAFgbBwAHGTzAWBsHAFgbBwAHGOIAWBsHAFgbBwAHGIlAWBsHAFgbBwAHGBNAWBsHAFgbBwAHF%2BhAWBsHAFgbBwAHF5IAWBsHAFgbBwAHF1nAWBsHAFgbBwAHFu%2BAWBsHAFgbBwAHFl7AIqOnACKjpwAIQCDAWBsHAFgbBwAHFfyAWBsHAFgbBwAHFbUAWBsHAFgbBwAHFWBAWBsHAFgbBwAHFRfAWBsHAFgbBwAHFPSAWBsHAFgbBwAHFIQAL2sBQC9rAUAIA1YAWBsHAFgbBwAHFBkAWBsHAFgbBwAHE%2FNAWBsHAFgbBwAHE6ZAWBsHAFgbBwAHE1ZAWBsHAFgbBwAHEz1AWBsHAFgbBwAHEt2AIdEGQCHRBkAFCdGAWBsHAFgbBwAHEnUAWBsHAFgbBwAHEjNAWBsHAFgbBwAHEdqAWBsHAFgbBwAHEa9AWBsHAFgbBwAHEWzAWBsHAFgbBwAHEOTAWBsHAFgbBwAHEKEAWBsHAFgbBwAHEE8AWBsHAFgbBwAHED5AWBsHAFgbBwAHD7HAWBsHAFgbBwAHD3EAWBsHAFgbBwAHDsDAWBsHAFgbBwAHDrqAWBsHAFgbBwAHDmZAWBsHAFgbBwAHDgUAWBsHAFgbBwAHDezAWBsHAFgbBwAHDY%2FAWBsHAFgbBwAHDV7AWBsHAFgbBwAHDQjAWBsHAFgbBwAHDPHAWBsHAFgbBwAHDIJAWBsHAFgbBwAHC8yAWBsHAFgbBwAHC7JAWBsHAFgbBwAHC2PAWBsHAFgbBwAHCzdAWBsHAFgbBwAHCvA

Requested by

Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

81.19.74.0 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),

Reverse DNS

livejournal.com

Software

nginx /

Resource Hash

3992b901546ef4e2685680badcd372d0834724caf9b1c95ea0f1e7c4ce6e5bc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 21 Dec 2023 01:56:41 GMT
Strict-Transport-Security: max-age=31536000;
Server: nginx
Access-Control-Allow-Methods: GET, OPTIONS, POST, PUT, DELETE, HEAD
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=50
Content-Length: 35
Access-Control-Allow-Headers: accept, x-custom-parameter, content-type, x-request-id, authorization, accept-language, accept-charset, pragma, user-agent

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 170ms
54ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 21 Dec 2023 01:22:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2056
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 21 Dec 2023 03:22:25 GMT

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 44 KB
19 KB 220ms
69ms Script
application/javascript 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

797d36c5083f2539d2db1a563ebfa9e7a0a81f33fbb5216a64b4ad0bb6b60fd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Tue, 12 Dec 2023 14:12:54 GMT
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
etag: W/"65786a66-af43"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *
expires: Thu, 21 Dec 2023 02:56:41 GMT

GET
H2 200 AGSKWxW4FWZuUtdQFTVPtyUM4nsYfj3wG8QdpDhzmDLVqXGEglR_b97iM8a5aTdO549-sZ58LY6aha4qN4XrLBOqmT8= Show response
fundingchoicesmessages.google.com/f/ 182 KB
61 KB 201ms
85ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW4FWZuUtdQFTVPtyUM4nsYfj3wG8QdpDhzmDLVqXGEglR_b97iM8a5aTdO549-sZ58LY6aha4qN4XrLBOqmT8=

Requested by

Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df1947033764c139910edc3f17037fc1b4e7f0729d7c4f1fb966e805f3403c2b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6qaMXFkwZLsjJsr8B3w3bA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-6qaMXFkwZLsjJsr8B3w3bA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 169 KB
61 KB 78ms
77ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KJBSQR

Requested by

Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f1d7f50ce0aa135c2ea75848e86b3bbd9062f9104f4aceb0287013bf94014f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62053
x-xss-protection: 0
last-modified: Thu, 21 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Dec 2023 01:56:41 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 144ms
42ms Script
application/javascript 65.9.95.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-111.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 05:41:39 GMT
content-encoding: gzip
via: 1.1 a1c66294cb416b399374a845b97656d2.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:13:41 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 72921
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: GMjnli33i7HA0kdCKidKt3fT9B_DNqfFO84p2QayMJqTMpDwARXsVQ==

GET
DATA 200
OK truncated
/ 46 KB
46 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 276937ed9b66990d16cc250dac88898099a2e783c5cdfb073965139d8ec9bc5d

Request headers

Referer
Origin: https://antifreeze.livejournal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
H2 200 / Show response
l.lj-toys.com/ Frame 775E 3 KB
3 KB 516ms
195ms Document
text/html 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://l.lj-toys.com/?auth_token=sessionless%3A1703120400%3Aembedcontent%3A23096348%26836%26%26%26youtube%269n0Dm7EJkeI%3A21c79bdb552b7fa62eabddc48e2277bbfa87eab4&source=youtube&vid=9n0Dm7EJkeI&moduleid=836&preview=&journalid=23096348&noads=
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 6e09dfca4338fcc922e6a0d3c1ba802844b87297215283935baa8ca028739d0a

Request headers

Referer: https://antifreeze.livejournal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache: MISS
cache-control: public, max-age=20000
content-encoding: gzip
content-language
content-security-policy-report-only: default-src 'self' *.livejournal.com *.livejournal.net *.google.com google.com *.rambler-co.ru rambler-co.ru *.rambler.ru rambler.ru *.tiktok.com tiktok.com *.youtube.com youtube.com; script-src 'self' *.livejournal.com *.livejournal.net *.adfox.ru ad.mail.ru api.giphy.com cdn.ampproject.org cdn.jsdelivr.net content.adriver.ru *.criteo.com *.criteo.net cstatic.weborama.fr data00.adlooxtracking.com data.24smi.net *.doubleclick.net *.dropbox.com dsp-rambler.ru *.exelator.com *.facebook.com vk.com *.facebook.net googleads.g.doubleclick.net *.google-analytics.com *.googleapis.com *.google.com google.com *.google.ru *.googlesyndication.com *.googletagmanager.com googletagmanager.com *.googletagservices.com *.gstatic.com *.instagram.com j.adlooxtracking.ru js.mamydirect.com jsn.24smi.net *.lj.ru mc.yandex.com mc.yandex.ru *.newrelic.com *.nr-data.net *.ok.ru openstat.net pingback.giphy.com *.pingdom.com *.pingdom.net *.pinterest.com *.plista.com *.rambler-co.ru rambler-co.ru *.rambler.ru rambler.ru rb.infox.sg r.mradx.net *.rnet.plus *.rubiconproject.com r.webturn.ru *.scorecardresearch.com sdk.canva.com *.services.livejournal.com smi2.ru ssl.p.jwpcdn.com static.smi2cdn.ru static.smi2.net static.weborama.fr static.xx.fbcdn.net stat.media telegram.org tiktokcdn-us.com *.tiktok.com tiktok.com tns-counter.ru *.top100.ru top-fwz1.mail.ru tpc.googlesyndication.com twemoji.maxcdn.com *.twimg.com *.twitter.com *.videos.livejournal.com *.vk.com wcm-ru.frontend.weborama.fr weborama.fr *.webturn.ru *.yahooapis.com *.yandex.ru yandex.ru yastatic.net ymetrica.com *.youtube.com youtube.com z.moatads.com 'unsafe-inline' 'unsafe-eval'; style-src http: https: data: 'unsafe-inline'; img-src http: https: data:; frame-src http: https:; font-src http: https: data:; connect-src 'self' *.livejournal.com *.livejournal.net ad.mail.ru cdn.ampproject.org cls.ad-tech.ru *.criteo.com csi.gstatic.com data00.adlooxtracking.com dsp-rambler.ru *.eaglecdn.com *.g.doubleclick.net googleads.g.doubleclick.net *.google-analytics.com *.googleapis.com *.google.com google.com *.googletagmanager.com googletagmanager.com graph.facebook.com gstatic.com *.lj.ru lj.stat.eagleplatform.com mc.yandex.by mc.yandex.com mc.yandex.md mc.yandex.ru *.pingdom.net *.rambler-co.ru rambler-co.ru *.rambler.ru rambler.ru rb.infox.sg *.rnet.plus *.services.livejournal.com *.ssp.rambler.ru ssp.rambler.ru static-mon.yandex.net static.xx.fbcdn.net stat.media stats.g.doubleclick.net smi2.net smi2.ru *.tiktok.com tiktok.com top-fwz1.mail.ru *.twitter.com *.webturn.ru webvisor.org wss://www.livejournal.com yandexmetrica.com yandexmetrica.com:29010 yandexmetrica.com:30103 *.yandex.ru yandex.ru yastatic.net ymetrica1.com ymetrica.com *.youtube.com youtube.com; report-uri https://www.livejournal.com/csp_reports; report-to livejournal; media-src http: https: data: storage.mds.yandex.net; worker-src 'self' blob:; object-src 'self' blob: youtube.com *.youtube.com; child-src 'self' blob:;
content-type: text/html; charset=utf-8
date: Thu, 21 Dec 2023 01:56:41 GMT
referrer-policy: no-referrer-when-downgrade
reporting-endpoints: livejournal="https://www.livejournal.com/csp_reports"
server: nginx
vary: Accept-Encoding
x-aws-id: kr-ws06
x-gateway: kr-front01.lj.rambler.tech
x-lj-flow-id: ZYObWetCDcJkKp5iEAPiwwAAAAY
x-node: fr5-up-gc15
x-varnish: 26202718
x-vws-id: os-varn02.lj.rambler.tech

GET
H2 200 / Show response
l.lj-toys.com/ Frame 6E2F 3 KB
3 KB 510ms
191ms Document
text/html 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://l.lj-toys.com/?auth_token=sessionless%3A1703120400%3Aembedcontent%3A8864793%26767%26%26%26youtube%26Q9Fo2byNdGE%3A533d57c32e5e4e389cfd85f96360e53707c76a39&source=youtube&vid=Q9Fo2byNdGE&moduleid=767&preview=&journalid=8864793&noads=
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: c8452dbff5118d3b7957ddff6ee8de97dcdeabb47320dc3642285d4cd76a27a8

Request headers

Referer: https://antifreeze.livejournal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache: MISS
cache-control: public, max-age=20000
content-encoding: gzip
content-language
content-security-policy-report-only: default-src 'self' *.livejournal.com *.livejournal.net *.google.com google.com *.rambler-co.ru rambler-co.ru *.rambler.ru rambler.ru *.tiktok.com tiktok.com *.youtube.com youtube.com; script-src 'self' *.livejournal.com *.livejournal.net *.adfox.ru ad.mail.ru api.giphy.com cdn.ampproject.org cdn.jsdelivr.net content.adriver.ru *.criteo.com *.criteo.net cstatic.weborama.fr data00.adlooxtracking.com data.24smi.net *.doubleclick.net *.dropbox.com dsp-rambler.ru *.exelator.com *.facebook.com vk.com *.facebook.net googleads.g.doubleclick.net *.google-analytics.com *.googleapis.com *.google.com google.com *.google.ru *.googlesyndication.com *.googletagmanager.com googletagmanager.com *.googletagservices.com *.gstatic.com *.instagram.com j.adlooxtracking.ru js.mamydirect.com jsn.24smi.net *.lj.ru mc.yandex.com mc.yandex.ru *.newrelic.com *.nr-data.net *.ok.ru openstat.net pingback.giphy.com *.pingdom.com *.pingdom.net *.pinterest.com *.plista.com *.rambler-co.ru rambler-co.ru *.rambler.ru rambler.ru rb.infox.sg r.mradx.net *.rnet.plus *.rubiconproject.com r.webturn.ru *.scorecardresearch.com sdk.canva.com *.services.livejournal.com smi2.ru ssl.p.jwpcdn.com static.smi2cdn.ru static.smi2.net static.weborama.fr static.xx.fbcdn.net stat.media telegram.org tiktokcdn-us.com *.tiktok.com tiktok.com tns-counter.ru *.top100.ru top-fwz1.mail.ru tpc.googlesyndication.com twemoji.maxcdn.com *.twimg.com *.twitter.com *.videos.livejournal.com *.vk.com wcm-ru.frontend.weborama.fr weborama.fr *.webturn.ru *.yahooapis.com *.yandex.ru yandex.ru yastatic.net ymetrica.com *.youtube.com youtube.com z.moatads.com 'unsafe-inline' 'unsafe-eval'; style-src http: https: data: 'unsafe-inline'; img-src http: https: data:; frame-src http: https:; font-src http: https: data:; connect-src 'self' *.livejournal.com *.livejournal.net ad.mail.ru cdn.ampproject.org cls.ad-tech.ru *.criteo.com csi.gstatic.com data00.adlooxtracking.com dsp-rambler.ru *.eaglecdn.com *.g.doubleclick.net googleads.g.doubleclick.net *.google-analytics.com *.googleapis.com *.google.com google.com *.googletagmanager.com googletagmanager.com graph.facebook.com gstatic.com *.lj.ru lj.stat.eagleplatform.com mc.yandex.by mc.yandex.com mc.yandex.md mc.yandex.ru *.pingdom.net *.rambler-co.ru rambler-co.ru *.rambler.ru rambler.ru rb.infox.sg *.rnet.plus *.services.livejournal.com *.ssp.rambler.ru ssp.rambler.ru static-mon.yandex.net static.xx.fbcdn.net stat.media stats.g.doubleclick.net smi2.net smi2.ru *.tiktok.com tiktok.com top-fwz1.mail.ru *.twitter.com *.webturn.ru webvisor.org wss://www.livejournal.com yandexmetrica.com yandexmetrica.com:29010 yandexmetrica.com:30103 *.yandex.ru yandex.ru yastatic.net ymetrica1.com ymetrica.com *.youtube.com youtube.com; report-uri https://www.livejournal.com/csp_reports; report-to livejournal; media-src http: https: data: storage.mds.yandex.net; worker-src 'self' blob:; object-src 'self' blob: youtube.com *.youtube.com; child-src 'self' blob:;
content-type: text/html; charset=utf-8
date: Thu, 21 Dec 2023 01:56:41 GMT
referrer-policy: no-referrer-when-downgrade
reporting-endpoints: livejournal="https://www.livejournal.com/csp_reports"
server: nginx
vary: Accept-Encoding
x-aws-id: 3dt-ws02
x-gateway: 3dt-front03.lj.rambler.tech
x-lj-flow-id: ZYObWSJVbhTiMv@SzyZ27wAAAAo
x-node: fr5-up-gc15
x-varnish: 5080740
x-vws-id: kr-varn01.lj.rambler.tech

GET
H2 200 / Show response
l.lj-toys.com/ Frame E14A 3 KB
3 KB 509ms
193ms Document
text/html 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://l.lj-toys.com/?auth_token=sessionless%3A1703120400%3Aembedcontent%3A23096348%26786%26%26%26youtube%26NV6gztsfq2g%3Ad18ad9b1f31fbca3a59bd5deb00634119651a4b7&source=youtube&vid=NV6gztsfq2g&moduleid=786&preview=&journalid=23096348&noads=
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 1c153960c8700866d1deb0201078fed83806efeecbcf31b92d3878958600b241

Request headers

Referer: https://antifreeze.livejournal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache: MISS
cache-control: public, max-age=20000
content-encoding: gzip
content-language
content-security-policy-report-only: default-src 'self' *.livejournal.com *.livejournal.net *.google.com google.com *.rambler-co.ru rambler-co.ru *.rambler.ru rambler.ru *.tiktok.com tiktok.com *.youtube.com youtube.com; script-src 'self' *.livejournal.com *.livejournal.net *.adfox.ru ad.mail.ru api.giphy.com cdn.ampproject.org cdn.jsdelivr.net content.adriver.ru *.criteo.com *.criteo.net cstatic.weborama.fr data00.adlooxtracking.com data.24smi.net *.doubleclick.net *.dropbox.com dsp-rambler.ru *.exelator.com *.facebook.com vk.com *.facebook.net googleads.g.doubleclick.net *.google-analytics.com *.googleapis.com *.google.com google.com *.google.ru *.googlesyndication.com *.googletagmanager.com googletagmanager.com *.googletagservices.com *.gstatic.com *.instagram.com j.adlooxtracking.ru js.mamydirect.com jsn.24smi.net *.lj.ru mc.yandex.com mc.yandex.ru *.newrelic.com *.nr-data.net *.ok.ru openstat.net pingback.giphy.com *.pingdom.com *.pingdom.net *.pinterest.com *.plista.com *.rambler-co.ru rambler-co.ru *.rambler.ru rambler.ru rb.infox.sg r.mradx.net *.rnet.plus *.rubiconproject.com r.webturn.ru *.scorecardresearch.com sdk.canva.com *.services.livejournal.com smi2.ru ssl.p.jwpcdn.com static.smi2cdn.ru static.smi2.net static.weborama.fr static.xx.fbcdn.net stat.media telegram.org tiktokcdn-us.com *.tiktok.com tiktok.com tns-counter.ru *.top100.ru top-fwz1.mail.ru tpc.googlesyndication.com twemoji.maxcdn.com *.twimg.com *.twitter.com *.videos.livejournal.com *.vk.com wcm-ru.frontend.weborama.fr weborama.fr *.webturn.ru *.yahooapis.com *.yandex.ru yandex.ru yastatic.net ymetrica.com *.youtube.com youtube.com z.moatads.com 'unsafe-inline' 'unsafe-eval'; style-src http: https: data: 'unsafe-inline'; img-src http: https: data:; frame-src http: https:; font-src http: https: data:; connect-src 'self' *.livejournal.com *.livejournal.net ad.mail.ru cdn.ampproject.org cls.ad-tech.ru *.criteo.com csi.gstatic.com data00.adlooxtracking.com dsp-rambler.ru *.eaglecdn.com *.g.doubleclick.net googleads.g.doubleclick.net *.google-analytics.com *.googleapis.com *.google.com google.com *.googletagmanager.com googletagmanager.com graph.facebook.com gstatic.com *.lj.ru lj.stat.eagleplatform.com mc.yandex.by mc.yandex.com mc.yandex.md mc.yandex.ru *.pingdom.net *.rambler-co.ru rambler-co.ru *.rambler.ru rambler.ru rb.infox.sg *.rnet.plus *.services.livejournal.com *.ssp.rambler.ru ssp.rambler.ru static-mon.yandex.net static.xx.fbcdn.net stat.media stats.g.doubleclick.net smi2.net smi2.ru *.tiktok.com tiktok.com top-fwz1.mail.ru *.twitter.com *.webturn.ru webvisor.org wss://www.livejournal.com yandexmetrica.com yandexmetrica.com:29010 yandexmetrica.com:30103 *.yandex.ru yandex.ru yastatic.net ymetrica1.com ymetrica.com *.youtube.com youtube.com; report-uri https://www.livejournal.com/csp_reports; report-to livejournal; media-src http: https: data: storage.mds.yandex.net; worker-src 'self' blob:; object-src 'self' blob: youtube.com *.youtube.com; child-src 'self' blob:;
content-type: text/html; charset=utf-8
date: Thu, 21 Dec 2023 01:56:41 GMT
referrer-policy: no-referrer-when-downgrade
reporting-endpoints: livejournal="https://www.livejournal.com/csp_reports"
server: nginx
vary: Accept-Encoding
x-aws-id: kr-ws07
x-gateway: 3dt-front03.lj.rambler.tech
x-lj-flow-id: ZYObWUmhQ1O6OOj1uCp20wAAAAA
x-node: fr5-up-gc15
x-varnish: 54506013
x-vws-id: os-varn01.lj.rambler.tech

GET
H2 200 / Show response
l.lj-toys.com/ Frame 894E 3 KB
3 KB 513ms
197ms Document
text/html 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://l.lj-toys.com/?auth_token=sessionless%3A1703120400%3Aembedcontent%3A23096348%26784%26%26%26youtube%26JnofOY2tvgY%3Ab3e351f70197078cc2ed34e82bad6747ba005933&source=youtube&vid=JnofOY2tvgY&moduleid=784&preview=&journalid=23096348&noads=
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: edb65cd3f4de5aba36a9f7bf899945ec9bd224c7fd9ab967ad5b3c6d31c23e1f

Request headers

Referer: https://antifreeze.livejournal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache: MISS
cache-control: public, max-age=20000
content-encoding: gzip
content-language
content-security-policy-report-only: default-src 'self' *.livejournal.com *.livejournal.net *.google.com google.com *.rambler-co.ru rambler-co.ru *.rambler.ru rambler.ru *.tiktok.com tiktok.com *.youtube.com youtube.com; script-src 'self' *.livejournal.com *.livejournal.net *.adfox.ru ad.mail.ru api.giphy.com cdn.ampproject.org cdn.jsdelivr.net content.adriver.ru *.criteo.com *.criteo.net cstatic.weborama.fr data00.adlooxtracking.com data.24smi.net *.doubleclick.net *.dropbox.com dsp-rambler.ru *.exelator.com *.facebook.com vk.com *.facebook.net googleads.g.doubleclick.net *.google-analytics.com *.googleapis.com *.google.com google.com *.google.ru *.googlesyndication.com *.googletagmanager.com googletagmanager.com *.googletagservices.com *.gstatic.com *.instagram.com j.adlooxtracking.ru js.mamydirect.com jsn.24smi.net *.lj.ru mc.yandex.com mc.yandex.ru *.newrelic.com *.nr-data.net *.ok.ru openstat.net pingback.giphy.com *.pingdom.com *.pingdom.net *.pinterest.com *.plista.com *.rambler-co.ru rambler-co.ru *.rambler.ru rambler.ru rb.infox.sg r.mradx.net *.rnet.plus *.rubiconproject.com r.webturn.ru *.scorecardresearch.com sdk.canva.com *.services.livejournal.com smi2.ru ssl.p.jwpcdn.com static.smi2cdn.ru static.smi2.net static.weborama.fr static.xx.fbcdn.net stat.media telegram.org tiktokcdn-us.com *.tiktok.com tiktok.com tns-counter.ru *.top100.ru top-fwz1.mail.ru tpc.googlesyndication.com twemoji.maxcdn.com *.twimg.com *.twitter.com *.videos.livejournal.com *.vk.com wcm-ru.frontend.weborama.fr weborama.fr *.webturn.ru *.yahooapis.com *.yandex.ru yandex.ru yastatic.net ymetrica.com *.youtube.com youtube.com z.moatads.com 'unsafe-inline' 'unsafe-eval'; style-src http: https: data: 'unsafe-inline'; img-src http: https: data:; frame-src http: https:; font-src http: https: data:; connect-src 'self' *.livejournal.com *.livejournal.net ad.mail.ru cdn.ampproject.org cls.ad-tech.ru *.criteo.com csi.gstatic.com data00.adlooxtracking.com dsp-rambler.ru *.eaglecdn.com *.g.doubleclick.net googleads.g.doubleclick.net *.google-analytics.com *.googleapis.com *.google.com google.com *.googletagmanager.com googletagmanager.com graph.facebook.com gstatic.com *.lj.ru lj.stat.eagleplatform.com mc.yandex.by mc.yandex.com mc.yandex.md mc.yandex.ru *.pingdom.net *.rambler-co.ru rambler-co.ru *.rambler.ru rambler.ru rb.infox.sg *.rnet.plus *.services.livejournal.com *.ssp.rambler.ru ssp.rambler.ru static-mon.yandex.net static.xx.fbcdn.net stat.media stats.g.doubleclick.net smi2.net smi2.ru *.tiktok.com tiktok.com top-fwz1.mail.ru *.twitter.com *.webturn.ru webvisor.org wss://www.livejournal.com yandexmetrica.com yandexmetrica.com:29010 yandexmetrica.com:30103 *.yandex.ru yandex.ru yastatic.net ymetrica1.com ymetrica.com *.youtube.com youtube.com; report-uri https://www.livejournal.com/csp_reports; report-to livejournal; media-src http: https: data: storage.mds.yandex.net; worker-src 'self' blob:; object-src 'self' blob: youtube.com *.youtube.com; child-src 'self' blob:;
content-type: text/html; charset=utf-8
date: Thu, 21 Dec 2023 01:56:41 GMT
referrer-policy: no-referrer-when-downgrade
reporting-endpoints: livejournal="https://www.livejournal.com/csp_reports"
server: nginx
vary: Accept-Encoding
x-aws-id: 3dt-ws11
x-gateway: kr-front01.lj.rambler.tech
x-lj-flow-id: ZYObWcp0quGWe7onB1YZFAAAAAk
x-node: fr5-up-gc15
x-varnish: 8775487
x-vws-id: kr-varn06.lj.rambler.tech

GET
H2 200 logo.svg
l-stat.livejournal.net/img/schemius/ 3 KB
2 KB 31ms
31ms Image
image/svg+xml 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-stat.livejournal.net/img/schemius/logo.svg?v=51065
Requested by: Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/??schemius_v4/header_v5.css,schemius_v4/header-journal.css,medius/scheme/components.css,lj_base-journal.css,common-post.css,adv/native.css,widgets/threeposts.css,recaptcha.css,categories/category-panel.css,core/components/tag.css,core/components/basepopup.css,core/components/lightcontrols.css,core/components/alert.css,popup/popup-suggestion.css,popup/popup-trump.css,popup/popup-map-invite.css,popup/push-woosh-popup.css,widgets/reactions.css,notifications/list.css,widgets/polls.css,schemius_v4/asap-news.css,components/interest.css,components/cookies-banner.css,components/modal-repost.css,components/buttons.css,components/promo-video.css?v=1702972823
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 18220bbba0e1f98301f2f248eff119179e41ac33bcc6544f8f5ec2165fdc88f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://l-stat.livejournal.net/??schemius_v4/header_v5.css,schemius_v4/header-journal.css,medius/scheme/components.css,lj_base-journal.css,common-post.css,adv/native.css,widgets/threeposts.css,recaptcha.css,categories/category-panel.css,core/components/tag.css,core/components/basepopup.css,core/components/lightcontrols.css,core/components/alert.css,popup/popup-suggestion.css,popup/popup-trump.css,popup/popup-map-invite.css,popup/push-woosh-popup.css,widgets/reactions.css,notifications/list.css,widgets/polls.css,schemius_v4/asap-news.css,components/interest.css,components/cookies-banner.css,components/modal-repost.css,components/buttons.css,components/promo-video.css?v=1702972823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
content-encoding: gzip
access-control-allow-private-network: true
age: 0
x-cached-since: 2023-12-18T20:10:56+00:00
x-gateway: kr-front03.lj.rambler.tech
content-length: 1362
x-node: fr5-up-gc15
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 01 Jan 1970 14:11:05 GMT
server: nginx
x-lj-flow-id: ZYCnUDBC8iI7BxI1srZ9MgAAAAw
etag: GgZz3z079X2cVU4y1yrKm4XODA
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
x-aws-id: 3dt-ws16
access-control-allow-origin: *
x-varnish: 18983382
cache-control: public, max-age=4000000
x-vws-id: os-varn02.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 s-icons.svg
l-stat.livejournal.net/img/schemius/ 15 KB
6 KB 32ms
32ms Image
image/svg+xml 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-stat.livejournal.net/img/schemius/s-icons.svg?v=40651
Requested by: Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/??schemius_v4/header_v5.css,schemius_v4/header-journal.css,medius/scheme/components.css,lj_base-journal.css,common-post.css,adv/native.css,widgets/threeposts.css,recaptcha.css,categories/category-panel.css,core/components/tag.css,core/components/basepopup.css,core/components/lightcontrols.css,core/components/alert.css,popup/popup-suggestion.css,popup/popup-trump.css,popup/popup-map-invite.css,popup/push-woosh-popup.css,widgets/reactions.css,notifications/list.css,widgets/polls.css,schemius_v4/asap-news.css,components/interest.css,components/cookies-banner.css,components/modal-repost.css,components/buttons.css,components/promo-video.css?v=1702972823
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: e3ec6f5f8a01ceaaafd7de19f41d88013fe2d4c02a88c94b04899a775a72d358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://l-stat.livejournal.net/??schemius_v4/header_v5.css,schemius_v4/header-journal.css,medius/scheme/components.css,lj_base-journal.css,common-post.css,adv/native.css,widgets/threeposts.css,recaptcha.css,categories/category-panel.css,core/components/tag.css,core/components/basepopup.css,core/components/lightcontrols.css,core/components/alert.css,popup/popup-suggestion.css,popup/popup-trump.css,popup/popup-map-invite.css,popup/push-woosh-popup.css,widgets/reactions.css,notifications/list.css,widgets/polls.css,schemius_v4/asap-news.css,components/interest.css,components/cookies-banner.css,components/modal-repost.css,components/buttons.css,components/promo-video.css?v=1702972823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
content-encoding: gzip
access-control-allow-private-network: true
age: 0
x-cached-since: 2023-12-18T20:10:58+00:00
x-gateway: 3dt-front02.lj.rambler.tech
content-length: 5613
x-node: fr5-up-gc15
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 01 Jan 1970 11:17:31 GMT
server: nginx
x-lj-flow-id: ZYCnUi9OtleALDarKrDmNAAAABk
etag: GgZzPs10q9OPQj9DZHt/ejloHw
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
x-aws-id: kr-ws11
access-control-allow-origin: *
x-varnish: 18782080
cache-control: public, max-age=4000000
x-vws-id: kr-varn03.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 userinfo_v3.svg
l-stat.livejournal.net/img/ 830 B
705 B 32ms
32ms Image
image/svg+xml 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-stat.livejournal.net/img/userinfo_v3.svg?v=41686
Requested by: Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/??schemius_v4/header_v5.css,schemius_v4/header-journal.css,medius/scheme/components.css,lj_base-journal.css,common-post.css,adv/native.css,widgets/threeposts.css,recaptcha.css,categories/category-panel.css,core/components/tag.css,core/components/basepopup.css,core/components/lightcontrols.css,core/components/alert.css,popup/popup-suggestion.css,popup/popup-trump.css,popup/popup-map-invite.css,popup/push-woosh-popup.css,widgets/reactions.css,notifications/list.css,widgets/polls.css,schemius_v4/asap-news.css,components/interest.css,components/cookies-banner.css,components/modal-repost.css,components/buttons.css,components/promo-video.css?v=1702972823
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 09416e85998ce2c89943da3aa3563633045a0135d33f8124818dda75075bfd73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://l-stat.livejournal.net/??schemius_v4/header_v5.css,schemius_v4/header-journal.css,medius/scheme/components.css,lj_base-journal.css,common-post.css,adv/native.css,widgets/threeposts.css,recaptcha.css,categories/category-panel.css,core/components/tag.css,core/components/basepopup.css,core/components/lightcontrols.css,core/components/alert.css,popup/popup-suggestion.css,popup/popup-trump.css,popup/popup-map-invite.css,popup/push-woosh-popup.css,widgets/reactions.css,notifications/list.css,widgets/polls.css,schemius_v4/asap-news.css,components/interest.css,components/cookies-banner.css,components/modal-repost.css,components/buttons.css,components/promo-video.css?v=1702972823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
content-encoding: gzip
access-control-allow-private-network: true
age: 0
x-cached-since: 2023-12-18T20:11:08+00:00
x-gateway: 3dt-front02.lj.rambler.tech
content-length: 510
x-node: fr5-up-gc15
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 01 Jan 1970 11:34:46 GMT
server: nginx
x-lj-flow-id: ZYCnXBCJtQt1a1bufiSUiAAAABA
etag: GgZznMnKtSXtEJ5/kYeh/07ByA
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
x-aws-id: 3dt-ws02
access-control-allow-origin: *
x-varnish: 20229830
cache-control: public, max-age=4000000
x-vws-id: kr-varn01.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 s-nav-sub.png
l-stat.livejournal.net/img/schemius/ 185 B
494 B 33ms
33ms Image
image/png 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-stat.livejournal.net/img/schemius/s-nav-sub.png?v=49993
Requested by: Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/??schemius_v4/header_v5.css,schemius_v4/header-journal.css,medius/scheme/components.css,lj_base-journal.css,common-post.css,adv/native.css,widgets/threeposts.css,recaptcha.css,categories/category-panel.css,core/components/tag.css,core/components/basepopup.css,core/components/lightcontrols.css,core/components/alert.css,popup/popup-suggestion.css,popup/popup-trump.css,popup/popup-map-invite.css,popup/push-woosh-popup.css,widgets/reactions.css,notifications/list.css,widgets/polls.css,schemius_v4/asap-news.css,components/interest.css,components/cookies-banner.css,components/modal-repost.css,components/buttons.css,components/promo-video.css?v=1702972823
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 7f5227e46407757193378bcaf07518e02bd8dc212583257f730708a2e7b08aac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://l-stat.livejournal.net/??schemius_v4/header_v5.css,schemius_v4/header-journal.css,medius/scheme/components.css,lj_base-journal.css,common-post.css,adv/native.css,widgets/threeposts.css,recaptcha.css,categories/category-panel.css,core/components/tag.css,core/components/basepopup.css,core/components/lightcontrols.css,core/components/alert.css,popup/popup-suggestion.css,popup/popup-trump.css,popup/popup-map-invite.css,popup/push-woosh-popup.css,widgets/reactions.css,notifications/list.css,widgets/polls.css,schemius_v4/asap-news.css,components/interest.css,components/cookies-banner.css,components/modal-repost.css,components/buttons.css,components/promo-video.css?v=1702972823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
content-encoding: gzip
access-control-allow-private-network: true
age: 0
x-cached-since: 2023-12-18T20:10:59+00:00
x-gateway: kr-front01.lj.rambler.tech
content-length: 201
x-node: fr5-up-gc15
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 01 Jan 1970 13:53:13 GMT
server: nginx
x-lj-flow-id: ZYCnUwE@0lZryxHfSRA97wAAABQ
etag: GgZzrGXt4xjQFTTp/O4mQ3nLag
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
x-aws-id: 3dt-ws20
access-control-allow-origin: *
x-varnish: 19764762
cache-control: public, max-age=4000000
x-vws-id: os-varn02.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 199083_original.png
ic.pics.livejournal.com/antifreeze/23096348/199083/ 595 KB
596 KB 151ms
31ms Image
image/png 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.pics.livejournal.com/antifreeze/23096348/199083/199083_original.png
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 87ca3531a2da7ba47ffc67331a5ab361a974151f9352c800bbac84efe86b0220

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-mog-pth: http://10.27.0.29:80/dev188/0/970/420/0970420306.fid
date: Thu, 21 Dec 2023 01:56:41 GMT
x-phn-id: 3dt-phwsn03
x-cached-since: 2023-12-18T15:16:12+00:00
content-length: 609418
x-node: fr5-up-gc15
last-modified: Wed, 22 Mar 2023 05:32:10 GMT
server: nginx
etag: "94c8a-5f7767b5515a8"
access-control-allow-methods: POST, GET, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
cache: HIT
accept-ranges: bytes
expires: Wed, 17 Jan 2024 15:16:12 GMT

GET
H/1.1 404
Not Found c5a15be93e425dcb8a26b06645ad4574_a_2144-40.png
antifreeze.livejournal.com/img/ 0
698 B 88ms
87ms Image
text/plain 81.19.74.1
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://antifreeze.livejournal.com/img/c5a15be93e425dcb8a26b06645ad4574_a_2144-40.png
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.74.1 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: livejournal.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-LJ-Concat-Error: Missed files img/c5a15be93e425dcb8a26b06645ad4574_a_2144-40.png
Date: Thu, 21 Dec 2023 01:56:41 GMT
Content-Encoding: gzip
Age: 0
Connection: keep-alive
Content-Length: 20
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 01 Jan 1970 00:00:00 GMT
Server: nginx
X-LJ-Flow-ID: ZYObWV@eBNHIO71D6LrQRQAAABQ
ETag: GgZz1B2M2Y8AsgTpgAmY7PhCfg
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=UTF-8
X-AWS-Id: kr-ws18
Access-Control-Allow-Origin: *
X-Varnish: 20090313
Cache-Control: public, max-age=4000000
X-VWS-Id: kr-varn07.lj.rambler.tech
Keep-Alive: timeout=50

GET
H2 200 sprite.svg
l-stat.livejournal.net/air/default_theme/img/ 52 KB
14 KB 31ms
31ms Image
image/svg+xml 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-stat.livejournal.net/air/default_theme/img/sprite.svg?v=40878
Requested by: Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/??ljuser/ljuser.css,lj-cut.css,entryunit_v4.css,air/layout.css,air/default_theme/theme.css,chameleon/widget-threeposts.css?v=1702972823
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 3af28db12b8826b24c46e089fd1c409ddd9a53eb6df7fe0daa0c10e1465f91fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://l-stat.livejournal.net/??ljuser/ljuser.css,lj-cut.css,entryunit_v4.css,air/layout.css,air/default_theme/theme.css,chameleon/widget-threeposts.css?v=1702972823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
content-encoding: gzip
access-control-allow-private-network: true
age: 0
x-cached-since: 2023-12-18T20:11:08+00:00
x-gateway: kr-front02.lj.rambler.tech
content-length: 14014
x-node: fr5-up-gc15
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 01 Jan 1970 11:21:18 GMT
server: nginx
x-lj-flow-id: ZYCnXJf9ZAXysVMFF1r1SAAAAAA
etag: GgZzxhWk9ZD7Ns/IrkjHfEA3nw
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
x-aws-id: 3dt-ws04
access-control-allow-origin: *
x-varnish: 22218162
cache-control: public, max-age=4000000
x-vws-id: kr-varn01.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 46 KB
46 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe81bedd25f0a618755cf7b065fd24a6e0004b3340965e999e9bcb91c8e830a3

Request headers

Referer
Origin: https://antifreeze.livejournal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
DATA 200
OK truncated
/ 46 KB
46 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: beb8691f6c3c6c90bbcb585e9ed4d8132cf3f37cf1a6888f83f4ca779ae6cead

Request headers

Referer
Origin: https://antifreeze.livejournal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
DATA 200
OK truncated
/ 46 KB
46 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8ade158d7787ab081f0bb441099ba27fcce48e907414ce491648658b641adcd

Request headers

Referer
Origin: https://antifreeze.livejournal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
DATA 200
OK truncated
/ 50 KB
50 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 158b03902c4ce47d7c1380a8765215bc4551711cfea797c9842752ec7a0f5263

Request headers

Referer
Origin: https://antifreeze.livejournal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
H2 200 userip Show response
ssp.rambler.ru/ 14 B
141 B 205ms
68ms XHR
text/plain 91.192.149.12
BEGUN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.rambler.ru/userip
Requested by: Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.192.149.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS: ssp.rambler.ru
Software: nginx /
Resource Hash: 14f0824aacf181d8c2256e56b2f02e869c2263610eee88275dc988179ddd1bcb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 21 Dec 2023 01:56:41 GMT
x-passed: 1bal1
server: nginx
content-length: 14
content-type: application/octet-stream, text/plain

GET
H2 200 77820003
l-userpic.livejournal.com/130834476/ 20 KB
20 KB 31ms
31ms Image
image/png 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-userpic.livejournal.com/130834476/77820003
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 54b5869592fdbb9b7b250d43babb2f6228bf3f98bda4063125e1b739d6486f03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
last-modified: Wed, 19 Jul 2023 14:55:21 GMT
server: nginx
age: 0
access-control-allow-methods: GET
x-varnish: 17962344
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=4000000
x-vws-id: os-varn02.lj.rambler.tech
cache: HIT
x-cached-since: 2023-12-05T18:16:29+00:00
accept-ranges: bytes
content-length: 20462
x-node: fr5-up-gc15

GET
H2 200 77197105
l-userpic.livejournal.com/130149054/ 12 KB
12 KB 34ms
34ms Image
image/jpeg 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-userpic.livejournal.com/130149054/77197105
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 5ef3c9504ce9e7f29853d410f120ad870b62ab48fde2f0cd79cc429e5922f87c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
last-modified: Wed, 04 May 2022 12:11:04 GMT
server: nginx
age: 0
access-control-allow-methods: GET
x-varnish: 80305879
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=4000000
x-vws-id: os-varn01.lj.rambler.tech
cache: HIT
x-cached-since: 2023-12-18T21:08:41+00:00
accept-ranges: bytes
content-length: 12009
x-node: fr5-up-gc15

GET
H2 200 top100.js Show response
st.top100.ru/top100/ 118 KB
38 KB 215ms
68ms Script
application/javascript 81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://st.top100.ru/top100/top100.js
Requested by: Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1702972823
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx /
Resource Hash: 5b1396003e2821c437960323ef4c4716ef2df0e2c6c4ed73272458db8304091d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
content-encoding: gzip
last-modified: Fri, 15 Dec 2023 13:58:32 GMT
server: nginx
x-amz-request-id: tx000000000000147ccb6ba-0065839b00-783970ff-default
etag: W/"6442501dd7791df09c2f40d696ea2a7a"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
x-rgw-object-type: Normal
cache-control: max-age=3600
expires: Thu, 21 Dec 2023 02:56:41 GMT

GET
H2 200 / Show response
l-stat.livejournal.net/js/ 19 KB
7 KB 31ms
31ms Script
application/x-javascript 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://l-stat.livejournal.net/js/??front-bundled/dist/videoUploader.js?v=1702972823
Requested by: Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1702972823
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 166c8bf32625cc164e4a3e0dca06700f7061d37e9e1932865eb2082ee32f4aaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
content-encoding: gzip
access-control-allow-private-network: true
age: 0
x-cached-since: 2023-12-19T08:00:41+00:00
x-gateway: 3dt-front01.lj.rambler.tech
content-length: 6613
x-node: fr5-up-gc15
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Dec 2023 08:00:23 GMT
server: nginx
x-lj-flow-id: ZYFNqOu94a8N4y3OxrEy2gAAABU
etag: GgZzW/f8zsU43lSEIIzJAPahAT1g
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
x-aws-id: 3dt-ws01
access-control-allow-origin: *
x-varnish: 4620853 7243746
cache-control: public, max-age=4000000
x-vws-id: kr-varn02.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 / Show response
l-stat.livejournal.net/js/ 24 KB
9 KB 31ms
31ms Script
application/x-javascript 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://l-stat.livejournal.net/js/??front-bundled/dist/sanitizeHtml.js?v=1702972823
Requested by: Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1702972823
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: a04f63f4989df5dae922fa318ba328cb3ff1f5d446cb2c33f533da0c25767222

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
content-encoding: gzip
access-control-allow-private-network: true
age: 0
x-cached-since: 2023-12-19T08:00:41+00:00
x-gateway: 3dt-front03.lj.rambler.tech
content-length: 9378
x-node: fr5-up-gc15
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Dec 2023 08:00:23 GMT
server: nginx
x-lj-flow-id: ZYFNqauKOjWbfMZFamKLawAAAAc
etag: GgZzW/QA4v+ILwGN/XlXtrOZR7bQ
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
x-aws-id: kr-ws10
access-control-allow-origin: *
x-varnish: 3412656
cache-control: public, max-age=4000000
x-vws-id: kr-varn03.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 / Show response
l-stat.livejournal.net/js/ 291 KB
55 KB 31ms
31ms Script
application/x-javascript 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://l-stat.livejournal.net/js/??front-bundled/dist/s2.js?v=1702972823
Requested by: Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1702972823
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 2cf6d44b98e56cb40602260452da43148ee15960d907c69610a21b32ee25a0a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
content-encoding: gzip
access-control-allow-private-network: true
age: 0
x-cached-since: 2023-12-19T08:00:41+00:00
x-gateway: 3dt-front01.lj.rambler.tech
content-length: 56513
x-node: fr5-up-gc15
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Dec 2023 08:00:23 GMT
server: nginx
x-lj-flow-id: ZYFNpiOtqnxYjSexowgtGwAAABo
etag: GgZzW/ckz/Z0DkmbpgXJzqZeDEJA
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
x-aws-id: 3dt-ws11
access-control-allow-origin: *
x-varnish: 10389987 13500530
cache-control: public, max-age=4000000
x-vws-id: kr-varn02.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
BLOB 200
OK 4a4d5b5d-b384-4650-86a5-a150aa5ff3e6
https://antifreeze.livejournal.com/ 1 MB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://antifreeze.livejournal.com/4a4d5b5d-b384-4650-86a5-a150aa5ff3e6
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5180628c01079691f3d21afc8086479b923f6127b860cad410a5c48c6bf4ad5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 1322663
Content-Type: application/javascript

GET
BLOB 200
OK fb5bb2cd-0c9b-42cb-8d79-a2596c9f5d1b
https://antifreeze.livejournal.com/ 1 MB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://antifreeze.livejournal.com/fb5bb2cd-0c9b-42cb-8d79-a2596c9f5d1b
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5180628c01079691f3d21afc8086479b923f6127b860cad410a5c48c6bf4ad5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 1322663
Content-Type: application/javascript

GET
H2

200

/
www.tns-counter.ru/V13b***R%3E*sup_ru/ru/UTF-8/tmsec=lj_blogs-vis-nonad/
Redirect Chain

https://www.tns-counter.ru/V13a***R%3E*sup_ru/ru/UTF-8/tmsec=lj_blogs-vis-nonad/
https://www.tns-counter.ru/V13b***R%3E*sup_ru/ru/UTF-8/tmsec=lj_blogs-vis-nonad/

43 B
296 B

68ms
68ms

Image
image/gif

2001:6d0:4001::226
ADFACT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b***R%3E*sup_ru/ru/UTF-8/tmsec=lj_blogs-vis-nonad/
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (ADFACT, RU),
Reverse DNS
Software: ms-counter-4.0.4/1.22.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:41 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-4.0.4/1.22.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:41 GMT
strict-transport-security: max-age=2678400
server: ms-counter-4.0.4/1.22.1
content-type: image/gif
location: https://www.tns-counter.ru/V13b***R%3E*sup_ru/ru/UTF-8/tmsec=lj_blogs-vis-nonad/
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

601179711
www.tns-counter.ru/V13b***R%3E*rambler_ad/ru/UTF-8/tmsec=rambler_cid1100104-posid2155079/
Redirect Chain

https://www.tns-counter.ru/V13a***R%3E*rambler_ad/ru/UTF-8/tmsec=rambler_cid1100104-posid2155079/601179711
https://www.tns-counter.ru/V13b***R%3E*rambler_ad/ru/UTF-8/tmsec=rambler_cid1100104-posid2155079/601179711

43 B
296 B

69ms
69ms

Image
image/gif

2001:6d0:4001::226
ADFACT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b***R%3E*rambler_ad/ru/UTF-8/tmsec=rambler_cid1100104-posid2155079/601179711
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (ADFACT, RU),
Reverse DNS
Software: ms-counter-4.0.4/1.22.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:41 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-4.0.4/1.22.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:41 GMT
strict-transport-security: max-age=2678400
server: ms-counter-4.0.4/1.22.1
content-type: image/gif
location: https://www.tns-counter.ru/V13b***R%3E*rambler_ad/ru/UTF-8/tmsec=rambler_cid1100104-posid2155079/601179711
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

123566760
www.tns-counter.ru/V13b***R%3E*rambler_ad/ru/UTF-8/tmsec=rambler_cid1100108-posid2155106/
Redirect Chain

https://www.tns-counter.ru/V13a***R%3E*rambler_ad/ru/UTF-8/tmsec=rambler_cid1100108-posid2155106/123566760
https://www.tns-counter.ru/V13b***R%3E*rambler_ad/ru/UTF-8/tmsec=rambler_cid1100108-posid2155106/123566760

43 B
296 B

67ms
67ms

Image
image/gif

2001:6d0:4001::226
ADFACT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b***R%3E*rambler_ad/ru/UTF-8/tmsec=rambler_cid1100108-posid2155106/123566760
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (ADFACT, RU),
Reverse DNS
Software: ms-counter-4.0.4/1.22.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:41 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-4.0.4/1.22.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:41 GMT
strict-transport-security: max-age=2678400
server: ms-counter-4.0.4/1.22.1
content-type: image/gif
location: https://www.tns-counter.ru/V13b***R%3E*rambler_ad/ru/UTF-8/tmsec=rambler_cid1100108-posid2155106/123566760
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

openapi.917ca96d9331f956d945e39706791fde.js Show response
vk.com/dist/public/api/
Redirect Chain

https://vk.com/js/api/openapi.js?168
https://vk.com/dist/public/api/openapi.917ca96d9331f956d945e39706791fde.js?168

56 KB
21 KB

121ms
120ms

Script
application/x-javascript

87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/dist/public/api/openapi.917ca96d9331f956d945e39706791fde.js?168
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Server: 87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS: srv164-137-240-87.vk.com
Software: kittenx /
Resource Hash: 8f5aeba25fd371707e9489cff88d4a714c2e0febc2531e29009f7ecbd2b97f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-trace-id: YMys2UXndWfL-Rp6aJTIWZFzIM0yKQ
date: Thu, 21 Dec 2023 01:56:41 GMT
content-encoding: gzip
x-frontend: front605104
last-modified: Mon, 23 Oct 2023 22:26:41 GMT
server: kittenx
etag: W/"6536f321-e147"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
expires: Mon, 25 Dec 2023 01:56:41 GMT

Redirect headers

x-trace-id: 7cxlCezvnszkKbiZjVawmFP1LffDmQ
date: Thu, 21 Dec 2023 01:56:41 GMT
content-encoding: gzip
x-frontend: front605104
strict-transport-security: max-age=15768000
server: kittenx
x-powered-by: KPHP/7.4.115401
content-type: text/html; charset=windows-1251
location: /dist/public/api/openapi.917ca96d9331f956d945e39706791fde.js?168
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 20

GET
H2 200 recommender.js Show response
rcmjs.rambler.ru/static/ 34 KB
12 KB 261ms
70ms Script
application/javascript 81.19.82.56
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rcmjs.rambler.ru/static/recommender.js
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.82.56 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: rcm.rambler.ru
Software: nginx /
Resource Hash: 3ef95393581ee21565ead2f4db5d935944d6b3292dc01bd2c9d05a7effdadfd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-bytes-rcv: 0
date: Thu, 21 Dec 2023 01:56:41 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.2)
x-upstream-addr: 10.136.33.16:80
x-amz-request-id: f2dd034c-9eea-4a65-afe5-340362e6e4e6
age: 635
x-upstream-responsetime: -1
x-varnish-hostname: 1b57bbd3bcf9b7a988d53aa4ba029c05
x-upstream-headertime: 0
content-length: 11480
x-upstream-connecttime: 1
last-modified: Tue, 19 Dec 2023 09:37:39 GMT
server: nginx
etag: "0d08cdb069be554e7b30d783d8452f91"
vary: Accept, Origin
content-type: application/javascript
x-varnish: 972993685 973572136
cache-control: max-age=3600, must-revalidate
x-bytes-snd: 0
accept-ranges: bytes
x-time: 0

GET
DATA 200
OK truncated
/ 449 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 803a84a09167c609289069441d4134db2a33a29cc61c3b69707961bb91ad2ccc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
l-stat.livejournal.net/ Frame 9C64 144 B
318 B 31ms
31ms Document
text/html 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://l-stat.livejournal.net/??plain/crossStorageServ.html?&v=1702972823
Requested by: Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/js/??jquery/jquery.lj.calendar.js,jquery/jquery.mask.js,core/controlstrip.js,scheme/schemius/index.js,widgets/angular/login.js,jquery/jquery.lj.repostbutton.js,old/threeposts.js,deprecated/recommended-entries.js,s2/index.js,old/esn.js,jquery/jquery.lj.confirmbubble.js,jquery/jquery.lj.ljcut.js,old/fb-select-image.js,jquery/jquery.lj.inlineCalendar.js,jquery/jquery.calendarEvents.js,s2/theme/air.js,old/apps.js,apps/appcontainer.js,jquery/jquery.lj.journalPromoStrip.js?v=1702972823
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: bf46d00f68b9c039d5f7bd123c40ec6abbb50e00be6eb36adcbfddce96675f59

Request headers

Referer: https://antifreeze.livejournal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-private-network: true
age: 0
cache: HIT
cache-control: public, max-age=4000000
content-encoding: gzip
content-length: 137
content-type: text/html; charset=UTF-8
date: Thu, 21 Dec 2023 01:56:41 GMT
etag: GgZzW/11FfzIvUKV9T3g17tS3Kmg
last-modified: Tue, 19 Dec 2023 08:00:23 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx
vary: Accept-Encoding
x-aws-id: 3dt-ws07
x-cached-since: 2023-12-19T08:00:41+00:00
x-gateway: 3dt-front03.lj.rambler.tech
x-lj-flow-id: ZYFNqHk-itGYWdnTqOCMIAAAABU
x-node: fr5-up-gc15
x-varnish: 11401935 11291314
x-vws-id: kr-varn03.lj.rambler.tech

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
70 KB 349ms
197ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1702972823

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

9b2c36195d8149926940ce2d9ed3b6c4e4390464224b8f4733cf096cc4494e74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 20 Dec 2023 13:02:26 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6582e5e2-1158c"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71052
expires: Thu, 21 Dec 2023 02:56:41 GMT

GET
H/1.1 200
OK main.js Show response
static-mon.yandex.net/static/ 95 KB
26 KB 238ms
76ms XHR
application/javascript 2a02:6b8::402
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://static-mon.yandex.net/static/main.js?pid=livejournal
Requested by: Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1702972823
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::402 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: 370d1cb851652caca3716e9747049e947d2eaefd263f7ae3fe5d75cd1213db16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 21 Dec 2023 01:56:41 GMT
Content-Encoding: br
Nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
X-Amz-Request-Id: fc2cc25f330188eb
Transfer-Encoding: chunked
X-Consumed-Content-Encoding: gzip
Last-Modified: Thu, 21 Dec 2023 01:56:20 GMT
Vary: Accept-Encoding, Origin
Report-To: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=MYT"}]}
Content-Type: application/javascript
Access-Control-Allow-Origin: https://antifreeze.livejournal.com
Access-Control-Expose-Headers: Content-Lenght
Cache-Control: max-age=600,private
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, noarchive, nofollow
Keep-Alive: timeout=65
Content-Lenght: 97123

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
167 B 62ms
61ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1977191518&t=pageview&_s=1&dl=https%3A%2F%2Fantifreeze.livejournal.com%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B5%D1%80%D0%B1%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B0%D1%80%D1%82%D1%85%D0%B0%D1%83%D1%81%20%E2%80%94%20%D0%96%D0%96&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAgEABAAAAACAAI~&jid=376700700&gjid=1586703484&cid=534914086.1703123802&tid=UA-24823174-1&_gid=1169374619.1703123802&_slc=1&cd1=0&z=513441307

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

99d8ecd4e18393a4437e46aa933e73e10bb2279656714d5fd73f53ce29aba0a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://antifreeze.livejournal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://antifreeze.livejournal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
354 B 117ms
44ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-24823174-1&cid=534914086.1703123802&jid=376700700&gjid=1586703484&_gid=1169374619.1703123802&_u=IGDAgEABAAAAAGAAI~&z=669269982

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://antifreeze.livejournal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 21 Dec 2023 01:56:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://antifreeze.livejournal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 54ms
54ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1977191518&t=event&ni=1&_s=2&dl=https%3A%2F%2Fantifreeze.livejournal.com%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B5%D1%80%D0%B1%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B0%D1%80%D1%82%D1%85%D0%B0%D1%83%D1%81%20%E2%80%94%20%D0%96%D0%96&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AdBlocker&ea=not_blocked&_u=IGDAgEABAAAAAGAAI~&jid=&gjid=&cid=534914086.1703123802&tid=UA-24823174-1&_gid=1169374619.1703123802&z=1365521879

Requested by

Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 12:21:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 48884
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
262 B 97ms
34ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1V2YHKGDNK&gtm=45je3bt0v9123713254&_p=1703123801074&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=534914086.1703123802&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1703123801&sct=1&seg=0&dl=https%3A%2F%2Fantifreeze.livejournal.com%2F&dt=%D0%A1%D0%B5%D1%80%D0%B1%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B0%D1%80%D1%82%D1%85%D0%B0%D1%83%D1%81%20%E2%80%94%20%D0%96%D0%96&en=page_view&_fv=1&_ss=1&_ee=1&tfd=6155
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1V2YHKGDNK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://antifreeze.livejournal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
67 KB 67ms
67ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113076623-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1V2YHKGDNK

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eac75f5d487227c23755db7619dc7fb253e724b6cffaebb8c1cd41e3a161d2fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68883
x-xss-protection: 0
last-modified: Thu, 21 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Dec 2023 01:56:41 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
79 KB 76ms
75ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L6DJ5ZXH43&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113076623-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

819d01206536a27a00c68fe4988356064cbb2104021ee156cb09fa90398908d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81257
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Dec 2023 01:56:41 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
68 B 62ms
61ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1977191518&t=pageview&_s=1&dl=https%3A%2F%2Fantifreeze.livejournal.com%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B5%D1%80%D0%B1%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B0%D1%80%D1%82%D1%85%D0%B0%D1%83%D1%81%20%E2%80%94%20%D0%96%D0%96&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUABAAAAAGAAI~&jid=915043288&gjid=1903957321&cid=534914086.1703123802&tid=UA-113076623-1&_gid=1169374619.1703123802&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1642328845

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://antifreeze.livejournal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://antifreeze.livejournal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
l-api.livejournal.com/__api/ 92 B
229 B 191ms
92ms Script
application/javascript 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://l-api.livejournal.com/__api/?callback=jQuery4730901sitemessage__get_message&request=%7B%22jsonrpc%22%3A%222.0%22%2C%22method%22%3A%22sitemessage.get_message%22%2C%22params%22%3A%7B%22locale%22%3A%22de_DE%22%2C%22country%22%3A%22SE%22%7D%2C%22id%22%3A473090%7D
Requested by: Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1702972823
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 77356174980c88a9746dd93ec99cc8d2ddf50a9e4a4cfd76bc97e0bd5cb504fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
age: 0
x-gateway: kr-front02.lj.rambler.tech
content-length: 92
x-node: fr5-up-gc15
referrer-policy: no-referrer-when-downgrade
server: nginx
x-lj-flow-id: ZYObWc3h5MPYKtvDgH8BcgAAAAM
content-type: application/javascript; charset=utf-8
x-aws-id: kr-ws20
x-varnish: 55400924
x-vws-id: os-varn01.lj.rambler.tech
cache-control: max-age=600, must-revalidate
cache: MISS
accept-ranges: bytes
expires: Thu, 21 Dec 2023 02:56:41 GMT

GET
H2 200 / Show response
l-stat.livejournal.net/js/ Frame 6E2F 75 KB
26 KB 32ms
31ms Script
application/x-javascript 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://l-stat.livejournal.net/js/??embed/wrapIndex.js?v=1702972823
Requested by: Host: l.lj-toys.com
URL: https://l.lj-toys.com/?auth_token=sessionless%3A1703120400%3Aembedcontent%3A8864793%26767%26%26%26youtube%26Q9Fo2byNdGE%3A533d57c32e5e4e389cfd85f96360e53707c76a39&source=youtube&vid=Q9Fo2byNdGE&moduleid=767&preview=&journalid=8864793&noads=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 444763ba14aa0becb1dc5a4cc23f75128aa3daac95cf71d63b21d16b0e79df59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://l.lj-toys.com/?auth_token=sessionless%3A1703120400%3Aembedcontent%3A8864793%26767%26%26%26youtube%26Q9Fo2byNdGE%3A533d57c32e5e4e389cfd85f96360e53707c76a39&source=youtube&vid=Q9Fo2byNdGE&moduleid=767&preview=&journalid=8864793&noads=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
content-encoding: gzip
access-control-allow-private-network: true
age: 0
x-cached-since: 2023-12-19T08:00:35+00:00
x-gateway: kr-front02.lj.rambler.tech
content-length: 25901
x-node: fr5-up-gc15
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Dec 2023 08:00:23 GMT
server: nginx
x-lj-flow-id: ZYFNo0k1d63z-9Fgxmc@twAAABI
etag: GgZzW/wy9Vgql1Zuo7KLmMM9OEgw
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
x-aws-id: 3dt-ws19
access-control-allow-origin: *
x-varnish: 82678713
cache-control: public, max-age=4000000
x-vws-id: kr-varn06.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 / Show response
l-stat.livejournal.net/js/ Frame E14A 75 KB
25 KB 32ms
32ms Script
application/x-javascript 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://l-stat.livejournal.net/js/??embed/wrapIndex.js?v=1702972823
Requested by: Host: l.lj-toys.com
URL: https://l.lj-toys.com/?auth_token=sessionless%3A1703120400%3Aembedcontent%3A23096348%26786%26%26%26youtube%26NV6gztsfq2g%3Ad18ad9b1f31fbca3a59bd5deb00634119651a4b7&source=youtube&vid=NV6gztsfq2g&moduleid=786&preview=&journalid=23096348&noads=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 444763ba14aa0becb1dc5a4cc23f75128aa3daac95cf71d63b21d16b0e79df59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://l.lj-toys.com/?auth_token=sessionless%3A1703120400%3Aembedcontent%3A23096348%26786%26%26%26youtube%26NV6gztsfq2g%3Ad18ad9b1f31fbca3a59bd5deb00634119651a4b7&source=youtube&vid=NV6gztsfq2g&moduleid=786&preview=&journalid=23096348&noads=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
content-encoding: gzip
access-control-allow-private-network: true
age: 0
x-cached-since: 2023-12-19T08:00:35+00:00
x-gateway: kr-front02.lj.rambler.tech
content-length: 25901
x-node: fr5-up-gc15
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Dec 2023 08:00:23 GMT
server: nginx
x-lj-flow-id: ZYFNo0k1d63z-9Fgxmc@twAAABI
etag: GgZzW/wy9Vgql1Zuo7KLmMM9OEgw
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
x-aws-id: 3dt-ws19
access-control-allow-origin: *
x-varnish: 82678713
cache-control: public, max-age=4000000
x-vws-id: kr-varn06.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 / Show response
l-stat.livejournal.net/js/ Frame 775E 75 KB
25 KB 33ms
32ms Script
application/x-javascript 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://l-stat.livejournal.net/js/??embed/wrapIndex.js?v=1702972823
Requested by: Host: l.lj-toys.com
URL: https://l.lj-toys.com/?auth_token=sessionless%3A1703120400%3Aembedcontent%3A23096348%26836%26%26%26youtube%269n0Dm7EJkeI%3A21c79bdb552b7fa62eabddc48e2277bbfa87eab4&source=youtube&vid=9n0Dm7EJkeI&moduleid=836&preview=&journalid=23096348&noads=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 444763ba14aa0becb1dc5a4cc23f75128aa3daac95cf71d63b21d16b0e79df59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://l.lj-toys.com/?auth_token=sessionless%3A1703120400%3Aembedcontent%3A23096348%26836%26%26%26youtube%269n0Dm7EJkeI%3A21c79bdb552b7fa62eabddc48e2277bbfa87eab4&source=youtube&vid=9n0Dm7EJkeI&moduleid=836&preview=&journalid=23096348&noads=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
content-encoding: gzip
access-control-allow-private-network: true
age: 0
x-cached-since: 2023-12-19T08:00:35+00:00
x-gateway: kr-front02.lj.rambler.tech
content-length: 25901
x-node: fr5-up-gc15
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Dec 2023 08:00:23 GMT
server: nginx
x-lj-flow-id: ZYFNo0k1d63z-9Fgxmc@twAAABI
etag: GgZzW/wy9Vgql1Zuo7KLmMM9OEgw
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
x-aws-id: 3dt-ws19
access-control-allow-origin: *
x-varnish: 82678713
cache-control: public, max-age=4000000
x-vws-id: kr-varn06.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 / Show response
l-stat.livejournal.net/js/ Frame 894E 75 KB
25 KB 31ms
31ms Script
application/x-javascript 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://l-stat.livejournal.net/js/??embed/wrapIndex.js?v=1702972823
Requested by: Host: l.lj-toys.com
URL: https://l.lj-toys.com/?auth_token=sessionless%3A1703120400%3Aembedcontent%3A23096348%26784%26%26%26youtube%26JnofOY2tvgY%3Ab3e351f70197078cc2ed34e82bad6747ba005933&source=youtube&vid=JnofOY2tvgY&moduleid=784&preview=&journalid=23096348&noads=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 444763ba14aa0becb1dc5a4cc23f75128aa3daac95cf71d63b21d16b0e79df59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://l.lj-toys.com/?auth_token=sessionless%3A1703120400%3Aembedcontent%3A23096348%26784%26%26%26youtube%26JnofOY2tvgY%3Ab3e351f70197078cc2ed34e82bad6747ba005933&source=youtube&vid=JnofOY2tvgY&moduleid=784&preview=&journalid=23096348&noads=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
content-encoding: gzip
access-control-allow-private-network: true
age: 0
x-cached-since: 2023-12-19T08:00:35+00:00
x-gateway: kr-front02.lj.rambler.tech
content-length: 25901
x-node: fr5-up-gc15
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Dec 2023 08:00:23 GMT
server: nginx
x-lj-flow-id: ZYFNo0k1d63z-9Fgxmc@twAAABI
etag: GgZzW/wy9Vgql1Zuo7KLmMM9OEgw
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
x-aws-id: 3dt-ws19
access-control-allow-origin: *
x-varnish: 82678713
cache-control: public, max-age=4000000
x-vws-id: kr-varn06.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 / Show response
l-api.livejournal.com/__api/ 143 B
402 B 105ms
31ms Script
application/javascript 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://l-api.livejournal.com/__api/?callback=jQuery56770802medius__asap&request=%7B%22jsonrpc%22%3A%222.0%22%2C%22method%22%3A%22medius.asap%22%2C%22params%22%3A%7B%7D%2C%22id%22%3A5677080%7D
Requested by: Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1702972823
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: c321c1d49a653b7b2d87a712da06fca0f6fe8fb17d7970f9ad5a93ae7dafb458

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
age: 0
x-cached-since: 2023-12-21T01:55:04+00:00
x-gateway: 3dt-front03.lj.rambler.tech
content-length: 143
x-node: fr5-up-gc15
referrer-policy: no-referrer-when-downgrade
server: nginx
x-lj-flow-id: ZYOa@J4L-0EwQ@rHcOeidQAAABc
content-type: application/javascript; charset=utf-8
x-aws-id: 3dt-ws13
x-varnish: 53140562
x-vws-id: os-varn01.lj.rambler.tech
cache-control: max-age=600, must-revalidate
cache: HIT
accept-ranges: bytes
expires: Thu, 21 Dec 2023 02:00:04 GMT

GET
H2 200 / Show response
l-stat.livejournal.net/js/ Frame 9C64 1 KB
853 B 41ms
41ms Script
application/x-javascript 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://l-stat.livejournal.net/js/??crossStorageServ.js
Requested by: Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/??plain/crossStorageServ.html?&v=1702972823
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 7061b16241a2e2594d0b5af066337d4cd10666a12d17973f6976b7a9ba258a20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://l-stat.livejournal.net/??plain/crossStorageServ.html?&v=1702972823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
content-encoding: gzip
access-control-allow-private-network: true
age: 0
x-cached-since: 2023-12-18T20:10:54+00:00
x-gateway: kr-front02.lj.rambler.tech
content-length: 615
x-node: fr5-up-gc15
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: nginx
x-lj-flow-id: ZYCnTp3741muwSsT4z7WkgAAAAQ
etag: GgZzW/nUozhmdK7kzH1AAK94pRSA
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
x-aws-id: 3dt-ws09
access-control-allow-origin: *
x-varnish: 13067272
cache-control: public, max-age=4000000
x-vws-id: kr-varn03.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
84 KB 73ms
73ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-25HRJD8PTK&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c2f5f2f1a2ad0637eae613f9dc5a82f59b72d70e2d632f4a27c5701e85450032

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86321
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Dec 2023 01:56:41 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 56ms
56ms Image
text/plain 65.9.95.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=10463284&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1703123801811&ns_c=UTF-8&c7=https%3A%2F%2Fantifreeze.livejournal.com%2F&c8=%D0%A1%D0%B5%D1%80%D0%B1%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B0%D1%80%D1%82%D1%85%D0%B0%D1%83%D1%81%20%E2%80%94%20%D0%96%D0%96&c9=
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-111.prg50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
via: 1.1 a1c66294cb416b399374a845b97656d2.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: eJlYo1JT_2MCqQvTgqFbteNLlwYdCUUeWqErfGlEBZNv5U2GMsJC1A==
x-cache: Miss from cloudfront

POST
H3 204 AGSKWxX3p39Aj9yAIA3_CkTmxGpj38N-zhBY9Q86g0twM6-ZsmJhYE0YYDV84f8pDg9udr-9gi2e6wg42BmNPUtzjnB1SAaov3eVsJnOVzOHg7Rr7lO68SIHDs_JTg1P9gnuOb7F-rh0mA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 177ms
67ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX3p39Aj9yAIA3_CkTmxGpj38N-zhBY9Q86g0twM6-ZsmJhYE0YYDV84f8pDg9udr-9gi2e6wg42BmNPUtzjnB1SAaov3eVsJnOVzOHg7Rr7lO68SIHDs_JTg1P9gnuOb7F-rh0mA==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMwHoQ20fbHqWwNC8d65sakOgGWhJg/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Y5M6QeevvenKqzcB9EVFDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://antifreeze.livejournal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Y5M6QeevvenKqzcB9EVFDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://antifreeze.livejournal.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxXqIxtIchjXPBJ1yQfQfTkjgiasO_LscVuG85UNNL9enBZ47Sy5NzaBbU74H0aKuxYWW4XvD14rPFfBEd8MhNahi_0Vj9CRjIALE0HOkMumG86PjkX5pGMM8qf0O0ZuV4fTXO6kHA== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 90ms
90ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXqIxtIchjXPBJ1yQfQfTkjgiasO_LscVuG85UNNL9enBZ47Sy5NzaBbU74H0aKuxYWW4XvD14rPFfBEd8MhNahi_0Vj9CRjIALE0HOkMumG86PjkX5pGMM8qf0O0ZuV4fTXO6kHA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzMTIzODAxLDg0NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9hbnRpZnJlZXplLmxpdmVqb3VybmFsLmNvbS8iLG51bGwsW1s4LCJVdkZCUVIzNFM1VSJdLFs5LCJkZSJdLFsxNiwiWzEsMSwxXSJdLFs3LCIxOSJdLFsxMSwiW10iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3ff03dadc4fed7f78697a840bd74c5851c37f6c353d3df86f351b981aa6c9ea

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-k3IJPASjeQCBPDtLCiQwcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-k3IJPASjeQCBPDtLCiQwcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK / Show response
www.livejournal.com/__api/ 56 KB
12 KB 284ms
136ms XHR
application/json 81.19.74.1
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.livejournal.com/__api/
Requested by: Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1702972823
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.74.1 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: livejournal.com
Software: nginx /
Resource Hash: d609e06904494ad13a8163146b79690999ee354249c1bf621c0ecf7c11acddfe

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://antifreeze.livejournal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 21 Dec 2023 01:56:42 GMT
Content-Encoding: gzip
Age: 0
Connection: keep-alive
Content-Length: 11333
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
X-LJ-Flow-ID: ZYObWmq@MYtJkK3sRegtXQAAABE
ETag: GgZz
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST
Content-Type: application/json; charset=utf-8
X-AWS-Id: 3dt-ws25
Access-Control-Allow-Origin: https://antifreeze.livejournal.com
X-Varnish: 21243074
X-VWS-Id: kr-varn05.lj.rambler.tech
Access-Control-Allow-Credentials: true
X-SplitTest: none
Accept-Ranges: bytes
Keep-Alive: timeout=50
Access-Control-Allow-Headers: Content-Type

GET
H2 200 dyn-goal-config.js Show response
top-fwz1.mail.ru/js/ 2 KB
2 KB 69ms
69ms Script
application/javascript 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/dyn-goal-config.js?ids=3402139

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

489b36c66d89d768b386541c192b3e8e00f5f562236f2e89834fe8269a6e2797

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=600, private
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *
expires: Thu, 21 Dec 2023 02:06:41 GMT

GET
H2 200 counter
top-fwz1.mail.ru/ 43 B
961 B 70ms
70ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?_=0.11466305443867642;id=3402139;u=https%3A//antifreeze.livejournal.com/;st=1703123801455;title=%D0%A1%D0%B5%D1%80%D0%B1%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B0%D1%80%D1%82%D1%85%D0%B0%D1%83%D1%81%20%E2%80%94%20%D0%96%D0%96;s=1600*1200;vp=1600*1200;touch=0;hds=1;sid=4ac151079f9e593d;ver=60.3.0;tz=-60%2FEurope%2FBerlin;ct=6336/6338/6339/;gl=u;ni=10//4g/0/0/;lvid=1703123801850%3A1703123801856%3A1%3Af3726b1118acb491d3ca86bc2148f089;opts=dl%2Cjst-gtag-ga;visible=true;js=13

Requested by

Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 userip Show response
kraken.rambler.ru/ 14 B
476 B 219ms
69ms XHR
text/plain 81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kraken.rambler.ru/userip
Requested by: Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx /
Resource Hash: 14f0824aacf181d8c2256e56b2f02e869c2263610eee88275dc988179ddd1bcb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:42 GMT
server: nginx
x-srv: 2kraken-prod0001.ad.rambler.tech
content-type: application/octet-stream, text/plain
access-control-allow-origin: https://antifreeze.livejournal.com
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: no-store,no-cache,must-revalidate
content-length: 14

GET
H2 200 usability.js Show response
st.top100.ru/top100/3.15.1/ 14 KB
4 KB 69ms
69ms Script
application/javascript 81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://st.top100.ru/top100/3.15.1/usability.js
Requested by: Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx /
Resource Hash: 459f57f8684b82b40fa355c994b814070aca457eca4c0f57de23b3e4ae561d3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:41 GMT
content-encoding: gzip
last-modified: Fri, 15 Dec 2023 13:58:32 GMT
server: nginx
x-amz-request-id: tx000000000000147ccb6b5-0065839b00-783970ff-default
etag: W/"cc308e833416ed1d082bcacee73fdd9e"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
x-rgw-object-type: Normal
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 player.html Show response
vp.rambler.ru/player/1.125.0/ Frame 7CCB 930 KB
271 KB 69ms
69ms Document
text/html 81.19.87.48
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vp.rambler.ru/player/1.125.0/player.html
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/sdk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.87.48 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: apl.rambler-co.ru
Software: nginx /
Resource Hash: 1e1e80ad9f74989f6d5e2ecdd5494e91a77e9d55b72f6af37cb4c402c735ff9c

Request headers

Referer: https://antifreeze.livejournal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache-control: max-age=1209600, public max-age=1209600
content-encoding: br
content-type: text/html
date: Thu, 21 Dec 2023 01:56:41 GMT
etag: "4ed5bb52c78f96292df36996e43845af"
last-modified: Thu, 14 Dec 2023 10:32:47 GMT
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: nginx
vary: Accept, Origin
via: 1.1 varnish (Varnish/6.2)
x-amz-request-id: 9f62e412-b95e-46ed-ba45-0f29b7c37fa6
x-bytes-rcv: 0
x-bytes-snd: 0
x-time: 0
x-upstream-addr: 10.144.28.52:80
x-upstream-connecttime: 1
x-upstream-headertime: 115
x-upstream-responsetime: -116
x-varnish: 564552296
x-varnish-hostname: 4b58bbd3fcf9b1b988d53ba4ba029c00

GET
H2 200 NV6gztsfq2g Show response
www.youtube.com/embed/ Frame 74CF 92 KB
41 KB 226ms
103ms Document
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/NV6gztsfq2g?wmode=opaque&si=ms9OIA4mEzfcvXNN&wmode=opaque

Requested by

Host: l.lj-toys.com
URL: https://l.lj-toys.com/?auth_token=sessionless%3A1703120400%3Aembedcontent%3A23096348%26786%26%26%26youtube%26NV6gztsfq2g%3Ad18ad9b1f31fbca3a59bd5deb00634119651a4b7&source=youtube&vid=NV6gztsfq2g&moduleid=786&preview=&journalid=23096348&noads=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7ed1c710ea71d0870b1a5ea774247d1564f5812172ac579d9741db870118ce01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://l.lj-toys.com/?auth_token=sessionless%3A1703120400%3Aembedcontent%3A23096348%26786%26%26%26youtube%26NV6gztsfq2g%3Ad18ad9b1f31fbca3a59bd5deb00634119651a4b7&source=youtube&vid=NV6gztsfq2g&moduleid=786&preview=&journalid=23096348&noads=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 01:56:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Q9Fo2byNdGE Show response
www.youtube.com/embed/ Frame D829 93 KB
40 KB 341ms
219ms Document
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Q9Fo2byNdGE?wmode=opaque&si=b9vsbBBhaeAbgQy2&wmode=opaque

Requested by

Host: l.lj-toys.com
URL: https://l.lj-toys.com/?auth_token=sessionless%3A1703120400%3Aembedcontent%3A8864793%26767%26%26%26youtube%26Q9Fo2byNdGE%3A533d57c32e5e4e389cfd85f96360e53707c76a39&source=youtube&vid=Q9Fo2byNdGE&moduleid=767&preview=&journalid=8864793&noads=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b3b50d9a51eff7c3f2dfe47d344c0454e82b42ae4020cbf2a3d921e8523fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://l.lj-toys.com/?auth_token=sessionless%3A1703120400%3Aembedcontent%3A8864793%26767%26%26%26youtube%26Q9Fo2byNdGE%3A533d57c32e5e4e389cfd85f96360e53707c76a39&source=youtube&vid=Q9Fo2byNdGE&moduleid=767&preview=&journalid=8864793&noads=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 01:56:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 JnofOY2tvgY Show response
www.youtube.com/embed/ Frame EC45 92 KB
40 KB 368ms
246ms Document
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/JnofOY2tvgY?wmode=opaque&si=ORxbDsCV-BE-SgMe&wmode=opaque

Requested by

Host: l.lj-toys.com
URL: https://l.lj-toys.com/?auth_token=sessionless%3A1703120400%3Aembedcontent%3A23096348%26784%26%26%26youtube%26JnofOY2tvgY%3Ab3e351f70197078cc2ed34e82bad6747ba005933&source=youtube&vid=JnofOY2tvgY&moduleid=784&preview=&journalid=23096348&noads=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

23b8eff28ea03e5718046946e1250518858a7ece4a28ba989fe1e2b1e0fc852c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://l.lj-toys.com/?auth_token=sessionless%3A1703120400%3Aembedcontent%3A23096348%26784%26%26%26youtube%26JnofOY2tvgY%3Ab3e351f70197078cc2ed34e82bad6747ba005933&source=youtube&vid=JnofOY2tvgY&moduleid=784&preview=&journalid=23096348&noads=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 01:56:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 9n0Dm7EJkeI Show response
www.youtube.com/embed/ Frame 3B20 94 KB
41 KB 296ms
174ms Document
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/9n0Dm7EJkeI?wmode=opaque&wmode=opaque

Requested by

Host: l.lj-toys.com
URL: https://l.lj-toys.com/?auth_token=sessionless%3A1703120400%3Aembedcontent%3A23096348%26836%26%26%26youtube%269n0Dm7EJkeI%3A21c79bdb552b7fa62eabddc48e2277bbfa87eab4&source=youtube&vid=9n0Dm7EJkeI&moduleid=836&preview=&journalid=23096348&noads=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6e39d72db63d4c66cfb0960b226efb1ad8d6d7d5914e330713badbc81c65d7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://l.lj-toys.com/?auth_token=sessionless%3A1703120400%3Aembedcontent%3A23096348%26836%26%26%26youtube%269n0Dm7EJkeI%3A21c79bdb552b7fa62eabddc48e2277bbfa87eab4&source=youtube&vid=9n0Dm7EJkeI&moduleid=836&preview=&journalid=23096348&noads=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 01:56:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 35ms
34ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-L6DJ5ZXH43&gtm=45je3bt0v9114342211&_p=1703123801074&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=534914086.1703123802&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1703123801&sct=1&seg=0&dl=https%3A%2F%2Fantifreeze.livejournal.com%2F&dt=%D0%A1%D0%B5%D1%80%D0%B1%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B0%D1%80%D1%82%D1%85%D0%B0%D1%83%D1%81%20%E2%80%94%20%D0%96%D0%96&en=page_view&_fv=1&_ss=1&tfd=6426
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L6DJ5ZXH43&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://antifreeze.livejournal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rtrg
vk.com/ 49 B
398 B 69ms
68ms Image
image/gif 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/rtrg?p=VK-RTRG-491315-al132&metatag_url=https%3A%2F%2Fantifreeze.livejournal.com%2F&metatag_title=%D0%A1%D0%B5%D1%80%D0%B1%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B0%D1%80%D1%82%D1%85%D0%B0%D1%83%D1%81

Requested by

Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv164-137-240-87.vk.com

Software

kittenx / KPHP/7.4.115401

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-trace-id: rMmdwdBHzOTAcOsqHeRvOU97SFiVhQ
date: Thu, 21 Dec 2023 01:56:41 GMT
content-encoding: gzip
x-frontend: front605104
strict-transport-security: max-age=15768000
server: kittenx
x-powered-by: KPHP/7.4.115401
content-type: image/gif
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 65

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 34ms
34ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-25HRJD8PTK&gtm=45je3bt0v9137939604&_p=1703123801074&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=534914086.1703123802&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fantifreeze.livejournal.com%2F&dt=%D0%A1%D0%B5%D1%80%D0%B1%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B0%D1%80%D1%82%D1%85%D0%B0%D1%83%D1%81%20%E2%80%94%20%D0%96%D0%96&sid=1703123801&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_1=0&tfd=6462
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-25HRJD8PTK&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://antifreeze.livejournal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H2 200 context.js Show response
yandex.ru/ads/system/ 0
1 KB 240ms
82ms XHR
text/javascript 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1703123802183491-4159485124976727407-balancer-l7leveler-kubr-yp-vla-159-BAL-2335
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 21 Dec 2023 02:56:42 GMT

GET
H2 200 / Show response
kraken.rambler.ru/cnt/v2/ 43 B
723 B 212ms
74ms Fetch
image/gif 81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kraken.rambler.ru/cnt/v2/?event_name=pageview&event_type=rec&counter_type=web&project_id=7696632&version=1.9.7395%2Bgdec31bc74&session_id=iWjshKRTc_v_79KHSWxTd&adtech_uid=59e38c1b-a82a-4c76-a1e6-6d39663c1751&adtech_uid_scope=livejournal.com&request_id=1703123802.028-119147328&event_id=QiLtVJ3HM6J3tlNx9yPJP&session_event_number=1&random=57095445208&url=https%3A%2F%2Fantifreeze.livejournal.com%2F&meta=%7B%22xuid%22%3A%22f127c914d222fe5f165839b4e9aab4cc19c252e40a7ac5443%22%2C%22xuidRcmId%22%3A%22RCM-2564%22%2C%22itemRcmId%22%3A%22RCM-2564%22%2C%22referrer%22%3A%22%22%2C%22itemId%22%3A%2223096348-1860851%22%7D
Requested by: Host: rcmjs.rambler.ru
URL: https://rcmjs.rambler.ru/static/recommender.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:42 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-srv: 2kraken-prod0001.ad.rambler.tech
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif, image/gif
access-control-allow-origin: https://antifreeze.livejournal.com
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10223.V2ZZqGhSKGssAIBSw8_l69jHVXZ3q_KaS8oXdpyg9k3rN7Ac8xXs8cZuj1taz1Nx.G7F0BEvtaIkAuUKpVnF2NWYnkRw%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10223.YStBt-9eA4j4g7pd1_nRhzw-kEexTZNL8ZG1qr8VtyBbKfUckxQl-PVmbkUhM2WB8TbFuacUEWYaMjzbrWWr0uOCRIl5gCxht5adBIhFZge1TvVH1IS7xljHHFPxJnJQHsCPxc1oiH...

43 B
669 B

84ms
84ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10223.YStBt-9eA4j4g7pd1_nRhzw-kEexTZNL8ZG1qr8VtyBbKfUckxQl-PVmbkUhM2WB8TbFuacUEWYaMjzbrWWr0uOCRIl5gCxht5adBIhFZge1TvVH1IS7xljHHFPxJnJQHsCPxc1oiH8ZjS36k2PpoISGxHZrtyJi5LZUZnOgjdhe7m4eTUeQHZyndSb4brChiL8_zpMRedFcJpfqFkczjl8HK1fthRxHhniwyXdmoRU%2C.3agK-vQE5eiEzaI0M0-AkTbx8QY%2C

Requested by

Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:42 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10223.YStBt-9eA4j4g7pd1_nRhzw-kEexTZNL8ZG1qr8VtyBbKfUckxQl-PVmbkUhM2WB8TbFuacUEWYaMjzbrWWr0uOCRIl5gCxht5adBIhFZge1TvVH1IS7xljHHFPxJnJQHsCPxc1oiH8ZjS36k2PpoISGxHZrtyJi5LZUZnOgjdhe7m4eTUeQHZyndSb4brChiL8_zpMRedFcJpfqFkczjl8HK1fthRxHhniwyXdmoRU%2C.3agK-vQE5eiEzaI0M0-AkTbx8QY%2C
date: Thu, 21 Dec 2023 01:56:42 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
497 B 91ms
90ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:42 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 20 Dec 2023 13:02:26 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6582e5e2-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 21 Dec 2023 02:56:42 GMT

GET
H2 200 /
kraken.rambler.ru/cnt/v2/ 43 B
675 B 166ms
81ms Image
image/gif 81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=1111412&session_id=723920327_1703123801888&session_number=1&session_event_number=1&version=3.15.1&counter_type=web&experiment=%5B%5B%22exp_ws%22%2C%22no%22%5D%5D&top100_id=t1.1111412.1015191254.1703123801887&adtech_uid=59e38c1b-a82a-4c76-a1e6-6d39663c1751&adtech_uid_scope=livejournal.com&publisher_uid=URNKAWWDm1gLTDxx6qI7AgB%3D&publisher_uid_scope=.livejournal.com&fingerprint=pA8AAENKs1eyjnBqAQiJUQA%3D&fingerprint_ip=pA8AAENKs1eE2YgrAekrYQA%3D&user_cv=uid&url=https%3A%2F%2Fantifreeze.livejournal.com%2F&request_id=1703123801.886-1831830247&event_id=743138020973172&meta=%7B%22title%22%3A%22%D0%A1%D0%B5%D1%80%D0%B1%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B0%D1%80%D1%82%D1%85%D0%B0%D1%83%D1%81%20%E2%80%94%20%D0%96%D0%96%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221600x1200%22%2C%22browser_size%22%3A%221600x1200%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Win32%22%2C%22timezone%22%3A%22-60%22%7D&rn=2062134910
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:42 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
x-srv: 2kraken-prod0001.ad.rambler.tech
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif, image/gif
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 / Show response
l-stat.livejournal.net/ Frame 07FC 139 B
359 B 32ms
31ms Document
text/html 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://l-stat.livejournal.net/??plain/storage.html?key=lj-likus&v=1702972823
Requested by: Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/js/??jquery/jquery.lj.calendar.js,jquery/jquery.mask.js,core/controlstrip.js,scheme/schemius/index.js,widgets/angular/login.js,jquery/jquery.lj.repostbutton.js,old/threeposts.js,deprecated/recommended-entries.js,s2/index.js,old/esn.js,jquery/jquery.lj.confirmbubble.js,jquery/jquery.lj.ljcut.js,old/fb-select-image.js,jquery/jquery.lj.inlineCalendar.js,jquery/jquery.calendarEvents.js,s2/theme/air.js,old/apps.js,apps/appcontainer.js,jquery/jquery.lj.journalPromoStrip.js?v=1702972823
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 10242f3b5a51bb1d438493c30e2c7b99657351e7a792e2214d5cacf4ec37ab3b

Request headers

Referer: https://antifreeze.livejournal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-private-network: true
age: 0
cache: HIT
cache-control: public, max-age=4000000
content-encoding: gzip
content-length: 133
content-type: text/html; charset=UTF-8
date: Thu, 21 Dec 2023 01:56:42 GMT
etag: GgZzW/nIKZD7ae7AY4bWKwVC20yA
last-modified: Tue, 19 Dec 2023 08:00:23 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx
vary: Accept-Encoding
x-aws-id: kr-ws16
x-cached-since: 2023-12-19T08:00:43+00:00
x-gateway: 3dt-front03.lj.rambler.tech
x-lj-flow-id: ZYFNp9Wthl7wj0ZxEA1TRgAAABU
x-node: fr5-up-gc15
x-varnish: 11291324 11262467
x-vws-id: kr-varn03.lj.rambler.tech

GET
H2 200 www-player.css
www.youtube.com/s/player/da154528/ Frame 74CF 358 KB
47 KB 151ms
150ms Stylesheet
text/css 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NV6gztsfq2g?wmode=opaque&si=ms9OIA4mEzfcvXNN&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af17d4cff542b33c97ee3a95f82a21d8993c87fd3472dff534fa855828a3b615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/NV6gztsfq2g?wmode=opaque&si=ms9OIA4mEzfcvXNN&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:46:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7811
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47436
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 19 Dec 2024 23:46:31 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 74CF 15 KB
16 KB 175ms
54ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NV6gztsfq2g?wmode=opaque&si=ms9OIA4mEzfcvXNN&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:31:50 GMT
x-content-type-options: nosniff
age: 246292
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 05:31:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 74CF 15 KB
15 KB 189ms
67ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NV6gztsfq2g?wmode=opaque&si=ms9OIA4mEzfcvXNN&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 09:09:14 GMT
x-content-type-options: nosniff
age: 146848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 09:09:14 GMT

GET
H2 200 / Show response
l-stat.livejournal.net/js/ Frame 07FC 986 B
765 B 31ms
30ms Script
application/x-javascript 2a13:1ec0::1037
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://l-stat.livejournal.net/js/??storage.js?v=3
Requested by: Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/??plain/storage.html?key=lj-likus&v=1702972823
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: b11001892dcb3e0ebe1f6c98391d4e9df1c7e7ad25b5670258e692351f73e655

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://l-stat.livejournal.net/??plain/storage.html?key=lj-likus&v=1702972823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:42 GMT
content-encoding: gzip
access-control-allow-private-network: true
age: 0
x-cached-since: 2023-12-18T20:11:00+00:00
x-gateway: 3dt-front01.lj.rambler.tech
content-length: 564
x-node: fr5-up-gc15
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 01 Jan 1970 00:00:03 GMT
server: nginx
x-lj-flow-id: ZYCnVEHdx55Ke77flcYPEAAAAAE
etag: GgZzW/CLtaVsPN3iqFJECde5FVtA
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
x-aws-id: 3dt-ws22
access-control-allow-origin: *
x-varnish: 20387830
cache-control: public, max-age=4000000
x-vws-id: kr-varn01.lj.rambler.tech
cache: HIT
accept-ranges: bytes

POST
H2 200 / Show response
sentry-saas.rambler-co.ru/api/18/envelope/ Frame 7CCB 2 B
247 B 222ms
70ms Fetch
application/json 81.19.73.31
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sentry-saas.rambler-co.ru/api/18/envelope/?sentry_key=558bae3cf10b7200a2fe24e5b94d3768&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.53.0
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.73.31 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: potok.nat.ramtel.ru
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://vp.rambler.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 21 Dec 2023 01:56:42 GMT
server: nginx
vary: origin, access-control-request-method, access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 200 embed.js Show response
www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/ Frame 74CF 52 KB
16 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NV6gztsfq2g?wmode=opaque&si=ms9OIA4mEzfcvXNN&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abbda51c88a9a22c60f30b677f8925355382798bfcabb143d3938400c484d0f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/NV6gztsfq2g?wmode=opaque&si=ms9OIA4mEzfcvXNN&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 08:24:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 235917
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16336
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 17 Dec 2024 08:24:45 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/da154528/www-embed-player.vflset/ Frame 74CF 322 KB
97 KB 81ms
81ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NV6gztsfq2g?wmode=opaque&si=ms9OIA4mEzfcvXNN&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d854531f9c3833536d6971b4fd7617dafe1a2c6fd0bbed9469122e73ff3b13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/NV6gztsfq2g?wmode=opaque&si=ms9OIA4mEzfcvXNN&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 21:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15048
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98735
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 19 Dec 2024 21:45:54 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/ Frame 74CF 2 MB
768 KB 108ms
108ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NV6gztsfq2g?wmode=opaque&si=ms9OIA4mEzfcvXNN&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e43938512568a6819be40d8c79292dc4b5d9ac9888f23a9f5ba931f98ce81aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/NV6gztsfq2g?wmode=opaque&si=ms9OIA4mEzfcvXNN&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 08:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 235917
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 786305
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 17 Dec 2024 08:24:45 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/da154528/ Frame 3B20 358 KB
46 KB 196ms
196ms Stylesheet
text/css 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9n0Dm7EJkeI?wmode=opaque&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af17d4cff542b33c97ee3a95f82a21d8993c87fd3472dff534fa855828a3b615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9n0Dm7EJkeI?wmode=opaque&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:46:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7811
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47436
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 19 Dec 2024 23:46:31 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3B20 15 KB
15 KB 144ms
114ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9n0Dm7EJkeI?wmode=opaque&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:31:50 GMT
x-content-type-options: nosniff
age: 246292
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 05:31:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3B20 15 KB
15 KB 181ms
151ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9n0Dm7EJkeI?wmode=opaque&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 09:09:14 GMT
x-content-type-options: nosniff
age: 146848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 09:09:14 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/ Frame 3B20 52 KB
16 KB 195ms
195ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9n0Dm7EJkeI?wmode=opaque&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abbda51c88a9a22c60f30b677f8925355382798bfcabb143d3938400c484d0f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9n0Dm7EJkeI?wmode=opaque&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 08:24:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 235917
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16336
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 17 Dec 2024 08:24:45 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/da154528/www-embed-player.vflset/ Frame 3B20 322 KB
97 KB 198ms
197ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9n0Dm7EJkeI?wmode=opaque&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d854531f9c3833536d6971b4fd7617dafe1a2c6fd0bbed9469122e73ff3b13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9n0Dm7EJkeI?wmode=opaque&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 21:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15048
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98735
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 19 Dec 2024 21:45:54 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/ Frame 3B20 2 MB
768 KB 198ms
198ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9n0Dm7EJkeI?wmode=opaque&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e43938512568a6819be40d8c79292dc4b5d9ac9888f23a9f5ba931f98ce81aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9n0Dm7EJkeI?wmode=opaque&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 08:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 235917
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 786305
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 17 Dec 2024 08:24:45 GMT

POST
H/1.1 200
OK / Show response
www.livejournal.com/__api/ 120 KB
13 KB 765ms
696ms XHR
application/json 81.19.74.1
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.livejournal.com/__api/
Requested by: Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1702972823
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.74.1 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: livejournal.com
Software: nginx /
Resource Hash: a11dff2724f0b51aa5b088f475e89d0dba9de577ffc069f1b283ed23fdc04250

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://antifreeze.livejournal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 21 Dec 2023 01:56:42 GMT
Content-Encoding: gzip
Age: 0
Connection: keep-alive
Content-Length: 12976
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
X-LJ-Flow-ID: ZYObWtVUufHTg@ReLAva6gAAABE
ETag: GgZz
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST
Content-Type: application/json; charset=utf-8
X-AWS-Id: kr-ws08
Access-Control-Allow-Origin: https://antifreeze.livejournal.com
X-Varnish: 21468950
X-VWS-Id: kr-varn03.lj.rambler.tech
Access-Control-Allow-Credentials: true
X-SplitTest: none
Accept-Ranges: bytes
Keep-Alive: timeout=50
Access-Control-Allow-Headers: Content-Type

GET
H2 200 getPlayerData Show response
api.vp.rambler.ru/api/v3/records/ Frame 7CCB 4 KB
2 KB 270ms
118ms Fetch
application/json 81.19.87.48
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.vp.rambler.ru/api/v3/records/getPlayerData?params=%7B%22referrer%22%3A%22https%3A%2F%2Fantifreeze.livejournal.com%2F%22%2C%22id%22%3A2244147%2C%22adTemplateId%22%3A9268%2C%22playerTemplateId%22%3A12134%2C%22checkReferrerCount%22%3Atrue%7D
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.87.48 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: apl.rambler-co.ru
Software: nginx /
Resource Hash: fdd8c1cf2078d3ff31ac39bd72a7b6e4b8cafc2b44c43c1d4f284308326339da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:42 GMT
content-encoding: br
server: nginx
x-backend: 10.149.32.104:8080
x-build-info: 0.86.6(4b37769f0e9ad446a402b6163f5e96e8ab3ac9c2)
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json
x-response-id: z1TngJKGf0bQ
access-control-allow-origin: https://vp.rambler.ru
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-credentials: true
x-request-id: 1d1e89b3c1c10951c85d69250763cb9d

GET
H3 200 www-player.css
www.youtube.com/s/player/da154528/ Frame D829 358 KB
46 KB 55ms
55ms Stylesheet
text/css 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Q9Fo2byNdGE?wmode=opaque&si=b9vsbBBhaeAbgQy2&wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af17d4cff542b33c97ee3a95f82a21d8993c87fd3472dff534fa855828a3b615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Q9Fo2byNdGE?wmode=opaque&si=b9vsbBBhaeAbgQy2&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:46:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7811
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47436
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 19 Dec 2024 23:46:31 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D829 15 KB
15 KB 182ms
167ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Q9Fo2byNdGE?wmode=opaque&si=b9vsbBBhaeAbgQy2&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:31:50 GMT
x-content-type-options: nosniff
age: 246292
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 05:31:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D829 15 KB
15 KB 146ms
131ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Q9Fo2byNdGE?wmode=opaque&si=b9vsbBBhaeAbgQy2&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 09:09:14 GMT
x-content-type-options: nosniff
age: 146848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 09:09:14 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/ Frame D829 52 KB
16 KB 144ms
143ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Q9Fo2byNdGE?wmode=opaque&si=b9vsbBBhaeAbgQy2&wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abbda51c88a9a22c60f30b677f8925355382798bfcabb143d3938400c484d0f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Q9Fo2byNdGE?wmode=opaque&si=b9vsbBBhaeAbgQy2&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 08:24:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 235917
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16336
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 17 Dec 2024 08:24:45 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/da154528/www-embed-player.vflset/ Frame D829 322 KB
96 KB 152ms
151ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Q9Fo2byNdGE?wmode=opaque&si=b9vsbBBhaeAbgQy2&wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d854531f9c3833536d6971b4fd7617dafe1a2c6fd0bbed9469122e73ff3b13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Q9Fo2byNdGE?wmode=opaque&si=b9vsbBBhaeAbgQy2&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 21:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15048
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98735
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 19 Dec 2024 21:45:54 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/ Frame D829 2 MB
768 KB 159ms
158ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Q9Fo2byNdGE?wmode=opaque&si=b9vsbBBhaeAbgQy2&wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e43938512568a6819be40d8c79292dc4b5d9ac9888f23a9f5ba931f98ce81aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Q9Fo2byNdGE?wmode=opaque&si=b9vsbBBhaeAbgQy2&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 08:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 235917
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 786305
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 17 Dec 2024 08:24:45 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/da154528/ Frame EC45 358 KB
46 KB 56ms
56ms Stylesheet
text/css 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/JnofOY2tvgY?wmode=opaque&si=ORxbDsCV-BE-SgMe&wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af17d4cff542b33c97ee3a95f82a21d8993c87fd3472dff534fa855828a3b615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/JnofOY2tvgY?wmode=opaque&si=ORxbDsCV-BE-SgMe&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:46:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7811
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47436
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 19 Dec 2024 23:46:31 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EC45 15 KB
15 KB 174ms
174ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/JnofOY2tvgY?wmode=opaque&si=ORxbDsCV-BE-SgMe&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:31:50 GMT
x-content-type-options: nosniff
age: 246292
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 05:31:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EC45 15 KB
15 KB 185ms
185ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/JnofOY2tvgY?wmode=opaque&si=ORxbDsCV-BE-SgMe&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 09:09:14 GMT
x-content-type-options: nosniff
age: 146848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 09:09:14 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/ Frame EC45 52 KB
16 KB 147ms
147ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/JnofOY2tvgY?wmode=opaque&si=ORxbDsCV-BE-SgMe&wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abbda51c88a9a22c60f30b677f8925355382798bfcabb143d3938400c484d0f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/JnofOY2tvgY?wmode=opaque&si=ORxbDsCV-BE-SgMe&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 08:24:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 235917
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16336
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 17 Dec 2024 08:24:45 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/da154528/www-embed-player.vflset/ Frame EC45 322 KB
96 KB 155ms
155ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/JnofOY2tvgY?wmode=opaque&si=ORxbDsCV-BE-SgMe&wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d854531f9c3833536d6971b4fd7617dafe1a2c6fd0bbed9469122e73ff3b13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/JnofOY2tvgY?wmode=opaque&si=ORxbDsCV-BE-SgMe&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 21:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15048
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98735
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 19 Dec 2024 21:45:54 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/ Frame EC45 2 MB
768 KB 172ms
171ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/JnofOY2tvgY?wmode=opaque&si=ORxbDsCV-BE-SgMe&wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e43938512568a6819be40d8c79292dc4b5d9ac9888f23a9f5ba931f98ce81aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/JnofOY2tvgY?wmode=opaque&si=ORxbDsCV-BE-SgMe&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 08:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 235917
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 786305
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 17 Dec 2024 08:24:45 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/27737346/
Redirect Chain

https://mc.yandex.com/watch/27737346?wmode=7&page-url=https%3A%2F%2Fantifreeze.livejournal.com%2F&charset=utf-8&site-info=%7B%22rating_switch%22%3A%220%22%2C%22pd_adult_content%22%3A%22no%22%2C%22p...
https://mc.yandex.com/watch/27737346/1?wmode=7&page-url=https%3A%2F%2Fantifreeze.livejournal.com%2F&charset=utf-8&site-info=%7B%22rating_switch%22%3A%220%22%2C%22pd_adult_content%22%3A%22no%22%2C%2...

455 B
547 B

77ms
77ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/27737346/1?wmode=7&page-url=https%3A%2F%2Fantifreeze.livejournal.com%2F&charset=utf-8&site-info=%7B%22rating_switch%22%3A%220%22%2C%22pd_adult_content%22%3A%22no%22%2C%22pd_visited_journal_account_level%22%3A%22paid%22%2C%22pd_error_pages%22%3A%22undef%22%2C%22pd_page_title%22%3A%22%D0%A1%D0%B5%D1%80%D0%B1%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B0%D1%80%D1%82%D1%85%D0%B0%D1%83%D1%81%20%E2%80%94%20%D0%96%D0%96%22%2C%22pd_comments_style%22%3A%22s1%22%2C%22pd_visited_journal_log_in_service%22%3A%22livejournal%22%2C%22user%22%3A%7B%22authorized%22%3Afalse%2C%22split_test%22%3A%7B%22rec_sys_medius%22%3Afalse%7D%7D%2C%22pd_ad_eligible%22%3A%22yes%22%2C%22pd_style_layout%22%3A%22Air%22%2C%22pd_style_system%22%3A%22s2%22%2C%22adblock%22%3A%22not_blocked%22%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Afp%3A5744%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A0%3Als%3A25946412930%3Ahid%3A601292917%3Az%3A60%3Ai%3A20231221025642%3Aet%3A1703123802%3Ac%3A1%3Arn%3A104981529%3Arqn%3A1%3Au%3A1703123802457634768%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C139%2C4795%2C273%2C0%2C0%2C%2C584%2C182%2C%2C%2C%2C5943%3Aco%3A0%3Acpf%3A1%3Ans%3A1703123795512%3Agi%3AR0ExLjEuNTM0OTE0MDg2LjE3MDMxMjM4MDI%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703123802%3At%3A%D0%A1%D0%B5%D1%80%D0%B1%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B0%D1%80%D1%82%D1%85%D0%B0%D1%83%D1%81%20%E2%80%94%20%D0%96%D0%96&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Requested by

Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

52b26dc3cd036f1aa241848fb4d7bad85358b5a1ca728a8df11505ebda833159

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:42 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 21-Dec-2023 01:56:42 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://antifreeze.livejournal.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 455
x-xss-protection: 1; mode=block
expires: Thu, 21-Dec-2023 01:56:42 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:42 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 21-Dec-2023 01:56:42 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/27737346/1?wmode=7&page-url=https%3A%2F%2Fantifreeze.livejournal.com%2F&charset=utf-8&site-info=%7B%22rating_switch%22%3A%220%22%2C%22pd_adult_content%22%3A%22no%22%2C%22pd_visited_journal_account_level%22%3A%22paid%22%2C%22pd_error_pages%22%3A%22undef%22%2C%22pd_page_title%22%3A%22%D0%A1%D0%B5%D1%80%D0%B1%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B0%D1%80%D1%82%D1%85%D0%B0%D1%83%D1%81%20%E2%80%94%20%D0%96%D0%96%22%2C%22pd_comments_style%22%3A%22s1%22%2C%22pd_visited_journal_log_in_service%22%3A%22livejournal%22%2C%22user%22%3A%7B%22authorized%22%3Afalse%2C%22split_test%22%3A%7B%22rec_sys_medius%22%3Afalse%7D%7D%2C%22pd_ad_eligible%22%3A%22yes%22%2C%22pd_style_layout%22%3A%22Air%22%2C%22pd_style_system%22%3A%22s2%22%2C%22adblock%22%3A%22not_blocked%22%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Afp%3A5744%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A0%3Als%3A25946412930%3Ahid%3A601292917%3Az%3A60%3Ai%3A20231221025642%3Aet%3A1703123802%3Ac%3A1%3Arn%3A104981529%3Arqn%3A1%3Au%3A1703123802457634768%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C139%2C4795%2C273%2C0%2C0%2C%2C584%2C182%2C%2C%2C%2C5943%3Aco%3A0%3Acpf%3A1%3Ans%3A1703123795512%3Agi%3AR0ExLjEuNTM0OTE0MDg2LjE3MDMxMjM4MDI%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703123802%3At%3A%D0%A1%D0%B5%D1%80%D0%B1%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B0%D1%80%D1%82%D1%85%D0%B0%D1%83%D1%81%20%E2%80%94%20%D0%96%D0%96&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin: https://antifreeze.livejournal.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 21-Dec-2023 01:56:42 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 74CF
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
189 B

65ms
64ms

XHR
application/json

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NV6gztsfq2g?wmode=opaque&si=ms9OIA4mEzfcvXNN&wmode=opaque

Protocol

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d10b5eaf69017bcfd2cb70f36ae93b7ce1b59ef8793851b0f1c5d10a1cad64b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 21 Dec 2023 01:56:42 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 74CF 29 B
494 B 184ms
54ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:54:20 GMT
x-content-type-options: nosniff
age: 142
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Dec 2023 02:09:20 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 177ms
61ms Preflight
text/html 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 21 Dec 2023 01:56:42 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 74CF 87 KB
40 KB 133ms
133ms XHR
application/json+protobuf 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6382c8594d1d999817dd484910b3129537e6dc93fc3075d69e60f5e8a920d6f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 21 Dec 2023 01:56:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41203
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/ Frame 74CF 116 KB
33 KB 130ms
129ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e50b3437118e3987bcf15bbe18094b785119f764d2af29be181b531de3b1bb08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/NV6gztsfq2g?wmode=opaque&si=ms9OIA4mEzfcvXNN&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 08:24:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 235916
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33735
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 17 Dec 2024 08:24:46 GMT

GET
H2 200 q3ybFvLVurjIRsyeRT4FtV2O7nz4ZH1nHhTn1-npVcU.js Show response
www.google.com/js/th/ Frame 74CF 51 KB
20 KB 180ms
55ms Script
text/javascript 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/q3ybFvLVurjIRsyeRT4FtV2O7nz4ZH1nHhTn1-npVcU.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab7c9b16f2d5bab8c846cc9e453e05b55d8eee7cf8647d671e14e7d7e9e955c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 16:58:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 377890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19841
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 15 Dec 2024 16:58:32 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/NV6gztsfq2g/ Frame 74CF 30 KB
30 KB 279ms
160ms Image
image/webp 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/NV6gztsfq2g/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NV6gztsfq2g?wmode=opaque&si=ms9OIA4mEzfcvXNN&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2ac904bf48a7e3eab72d83762b92c5798df5ee8e6f8600266912cd5cd99d676

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:42 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31022
x-xss-protection: 0
server: sffe
etag: "1601397440"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 21 Dec 2023 03:56:42 GMT

GET
DATA 200
OK truncated
/ Frame 74CF 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 82ZTTOTURrw3fKGcPC09fUQnSHqqNyKcRSSkDmONvzazmkiGbvRZHbuvi9T1v-iXv8o-ZDyQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 74CF 3 KB
3 KB 177ms
60ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/82ZTTOTURrw3fKGcPC09fUQnSHqqNyKcRSSkDmONvzazmkiGbvRZHbuvi9T1v-iXv8o-ZDyQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NV6gztsfq2g?wmode=opaque&si=ms9OIA4mEzfcvXNN&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3507f701473053dc51abaeaeb2bfd84650fb206a9bc7bcfb9945fec7c26075b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:03:35 GMT
x-content-type-options: nosniff
age: 10387
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3085
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 21 Dec 2023 23:03:35 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 74CF 10 KB
10 KB 55ms
54ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NV6gztsfq2g?wmode=opaque&si=ms9OIA4mEzfcvXNN&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:42:50 GMT
x-content-type-options: nosniff
age: 173632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9832
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 01:42:50 GMT

POST
H2 200 1
mc.yandex.com/watch/27737346/ 43 B
86 B 75ms
75ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/27737346/1?page-url=https%3A%2F%2Fantifreeze.livejournal.com%2F&charset=utf-8&uah=chm%0A%3F0&hittoken=1703123802_7313f050f124cb52a81322f14087394d92f4c1cc7dbbc6622600a404348299dd&browser-info=pa%3A1%3Aar%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A1%3Als%3A25946412930%3Ahid%3A601292917%3Az%3A60%3Ai%3A20231221025642%3Aet%3A1703123803%3Ac%3A1%3Arn%3A708472816%3Arqn%3A2%3Au%3A1703123802457634768%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1703123795512%3Agi%3AR0ExLjEuNTM0OTE0MDg2LjE3MDMxMjM4MDI%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703123803&t=gdpr(14)mc(p-1-up-1)clc(0-0-0)rqnt(2)lt(24400)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22__ymu%22%3A%7B%22vd_cyrillic_status%22%3A%22nocyr%22%2C%22vd_viewing_scheme%22%3A%22schemius%22%2C%22vd_login_status%22%3A%22no%22%2C%22vd_view_in_my_style%22%3A%22undef%22%2C%22vd_view_own_journal%22%3A%22undef%22%2C%22vd_account_level%22%3A%22%22%2C%22vd_log_in_service%22%3A%22undef%22%7D%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:42 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 21-Dec-2023 01:56:42 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://antifreeze.livejournal.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 21-Dec-2023 01:56:42 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 3B20
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

65ms
64ms

XHR
application/json

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9n0Dm7EJkeI?wmode=opaque&wmode=opaque

Protocol

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a03f6860af4498f80463337d825416c7ab6e7a10a50a779412ccc4369c3fc12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 21 Dec 2023 01:56:42 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 3B20 29 B
89 B 86ms
55ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:54:20 GMT
x-content-type-options: nosniff
age: 142
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Dec 2023 02:09:20 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 97ms
62ms Preflight
text/html 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 21 Dec 2023 01:56:42 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 3B20 87 KB
40 KB 70ms
70ms XHR
application/json+protobuf 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e17481a560308a792b9263e5ae7dfdbc33c1f77d3425999e5436185a750c65a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 21 Dec 2023 01:56:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40950
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/ Frame 3B20 116 KB
33 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e50b3437118e3987bcf15bbe18094b785119f764d2af29be181b531de3b1bb08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9n0Dm7EJkeI?wmode=opaque&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 08:24:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 235916
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33735
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 17 Dec 2024 08:24:46 GMT

GET
H2 200 q3ybFvLVurjIRsyeRT4FtV2O7nz4ZH1nHhTn1-npVcU.js Show response
www.google.com/js/th/ Frame 3B20 51 KB
19 KB 119ms
74ms Script
text/javascript 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/q3ybFvLVurjIRsyeRT4FtV2O7nz4ZH1nHhTn1-npVcU.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab7c9b16f2d5bab8c846cc9e453e05b55d8eee7cf8647d671e14e7d7e9e955c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 16:58:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 377890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19841
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 15 Dec 2024 16:58:32 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/9n0Dm7EJkeI/ Frame 3B20 61 KB
61 KB 106ms
66ms Image
image/webp 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/9n0Dm7EJkeI/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9n0Dm7EJkeI?wmode=opaque&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85f69dbc0aa0241b7dd7684c59f8a912227848ab580c3eab3b7c142e42009f16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:38:32 GMT
x-content-type-options: nosniff
age: 1090
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62498
x-xss-protection: 0
server: sffe
etag: "1701256935"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 21 Dec 2023 03:38:32 GMT

GET
DATA 200
OK truncated
/ Frame 3B20 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 iC4gJFyi2UXpwNn5RfVm1mIwX9wtY752uAbdd8u7kuu2lNTL8d3BCLo3I1teJuUgJbsbJca0=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 3B20 2 KB
3 KB 96ms
59ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/iC4gJFyi2UXpwNn5RfVm1mIwX9wtY752uAbdd8u7kuu2lNTL8d3BCLo3I1teJuUgJbsbJca0=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9n0Dm7EJkeI?wmode=opaque&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d5aa980c0b1afdd801657b157eb4b4e6f5fb079055e7dd345a072e403610092b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 00:38:26 GMT
x-content-type-options: nosniff
age: 4696
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2495
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 22 Dec 2023 00:38:26 GMT

GET
H2 200 6191-41fb5da9bbfebe4a7873.js Show response
vp.rambler.ru/player/1.125.0/ Frame 7CCB 8 KB
3 KB 73ms
67ms Script
application/javascript 81.19.87.48
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vp.rambler.ru/player/1.125.0/6191-41fb5da9bbfebe4a7873.js
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.87.48 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: apl.rambler-co.ru
Software: nginx /
Resource Hash: 8ac2849597f0f4c4f7e2187da0758e4c2b821e983532d143317de0420c05c652

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/player/1.125.0/player.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-bytes-rcv: 0
date: Thu, 21 Dec 2023 01:56:42 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.2)
x-upstream-addr: 10.128.18.23:80
x-amz-request-id: 1afee4f1-27f5-445e-b603-1f97b45a7a8f
age: 0
x-upstream-responsetime: -39
x-varnish-hostname: 4aaf1f22a2f4990af6501c825af6cdc7
x-upstream-headertime: 34
content-length: 3068
x-upstream-connecttime: 0
last-modified: Thu, 14 Dec 2023 10:32:44 GMT
server: nginx
etag: "572f3af859763864db663a68aa85c54b"
vary: Accept, Origin
content-type: application/javascript
x-varnish: 339424220
cache-control: max-age=1209600, public, max-age=1209600
x-bytes-snd: 0
accept-ranges: bytes
x-time: -5

GET
H2 200 3043-0e24e2d247429b877e58.js Show response
vp.rambler.ru/player/1.125.0/ Frame 7CCB 13 KB
5 KB 74ms
68ms Script
application/javascript 81.19.87.48
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vp.rambler.ru/player/1.125.0/3043-0e24e2d247429b877e58.js
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.87.48 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: apl.rambler-co.ru
Software: nginx /
Resource Hash: 3485f2589fdff8acc46c74ca71c64e24b8ef6804f4d24d9412266aa309ae94e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/player/1.125.0/player.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-bytes-rcv: 0
date: Thu, 21 Dec 2023 01:56:42 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.2)
x-upstream-addr: 10.144.19.44:80
x-amz-request-id: ca629c35-ee4b-4de9-8df3-f34411f3eb72
age: 0
x-upstream-responsetime: -20
x-varnish-hostname: fa57bbd3fcf9b7a988d53ba4ba029c03
x-upstream-headertime: 14
content-length: 4793
x-upstream-connecttime: 0
last-modified: Thu, 14 Dec 2023 10:32:42 GMT
server: nginx
etag: "9e3271c09f2d202ef89aeb82201b7f85"
vary: Accept, Origin
content-type: application/javascript
x-varnish: 240055250
cache-control: max-age=1209600, public, max-age=1209600
x-bytes-snd: 0
accept-ranges: bytes
x-time: -6

GET
H2 200 9758-4afd5a96239a2fb4c035.js Show response
vp.rambler.ru/player/1.125.0/ Frame 7CCB 5 KB
3 KB 74ms
68ms Script
application/javascript 81.19.87.48
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vp.rambler.ru/player/1.125.0/9758-4afd5a96239a2fb4c035.js
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.87.48 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: apl.rambler-co.ru
Software: nginx /
Resource Hash: ee0b849f050f13103a95190598e5af183a779f1e1b514742098192dca3ae3248

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/player/1.125.0/player.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-bytes-rcv: 0
date: Thu, 21 Dec 2023 01:56:42 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.2)
x-upstream-addr: 10.144.19.44:80
x-amz-request-id: fa0491c6-b4f2-446f-a7ae-b0a36cede7ee
age: 0
x-upstream-responsetime: -5
x-varnish-hostname: fa57bbd3fcf9b7a988d53ba4ba029c03
x-upstream-headertime: 4
content-length: 2307
x-upstream-connecttime: 1
last-modified: Thu, 14 Dec 2023 10:32:46 GMT
server: nginx
etag: "1b83ef263d208df3bb538547f2b8b94c"
vary: Accept, Origin
content-type: application/javascript
x-varnish: 503499834
cache-control: max-age=1209600, public, max-age=1209600
x-bytes-snd: 0
accept-ranges: bytes
x-time: 0

GET
H2 200 7032-ea78cd4bbcb6e97022c0.js Show response
vp.rambler.ru/player/1.125.0/ Frame 7CCB 13 KB
5 KB 75ms
69ms Script
application/javascript 81.19.87.48
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vp.rambler.ru/player/1.125.0/7032-ea78cd4bbcb6e97022c0.js
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.87.48 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: apl.rambler-co.ru
Software: nginx /
Resource Hash: eb04faaca4ff67e87e85d577661aa7344d77cb3568da4ef91f53996c34f491ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/player/1.125.0/player.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-bytes-rcv: 0
date: Thu, 21 Dec 2023 01:56:42 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.2)
x-upstream-addr: 10.128.34.14:80
x-amz-request-id: c91888ca-fe35-494f-88de-e14e8f047b4e
age: 0
x-upstream-responsetime: -29
x-varnish-hostname: tb57bbd3fcf9b7a988d53ba4ba029c04
x-upstream-headertime: 19
content-length: 4750
x-upstream-connecttime: 0
last-modified: Thu, 14 Dec 2023 10:32:44 GMT
server: nginx
etag: "defc3dbee8e0c82a730fb2336de9c97a"
vary: Accept, Origin
content-type: application/javascript
x-varnish: 581239524
cache-control: max-age=1209600, public, max-age=1209600
x-bytes-snd: 0
accept-ranges: bytes
x-time: -10

GET
H2 200 9400-bac2fac71346d06d9f33.js Show response
vp.rambler.ru/player/1.125.0/ Frame 7CCB 26 KB
8 KB 77ms
71ms Script
application/javascript 81.19.87.48
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vp.rambler.ru/player/1.125.0/9400-bac2fac71346d06d9f33.js
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.87.48 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: apl.rambler-co.ru
Software: nginx /
Resource Hash: 04c6787165bc9b6eea4fdd9dbb14ce5665de34683975724e2307015709649318

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/player/1.125.0/player.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-bytes-rcv: 0
date: Thu, 21 Dec 2023 01:56:42 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.2)
x-upstream-addr: 10.144.28.52:80
x-amz-request-id: 43340101-d14d-4e87-9148-631430a485ba
age: 0
x-upstream-responsetime: -6
x-varnish-hostname: 4b58bbd3fcf9b1b988d53ba4ba029c00
x-upstream-headertime: 5
x-upstream-connecttime: 1
last-modified: Thu, 14 Dec 2023 10:32:46 GMT
server: nginx
etag: "c62f717b38be06ae7713c465632efe8b"
vary: Accept, Origin
content-type: application/javascript
x-varnish: 539275449
cache-control: max-age=1209600, public, max-age=1209600
x-bytes-snd: 0
x-time: 0

GET
H2 200 4886-a68be3422a3c6ca34246.js Show response
vp.rambler.ru/player/1.125.0/ Frame 7CCB 3 KB
2 KB 79ms
73ms Script
application/javascript 81.19.87.48
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vp.rambler.ru/player/1.125.0/4886-a68be3422a3c6ca34246.js
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.87.48 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: apl.rambler-co.ru
Software: nginx /
Resource Hash: 326d069f1cb7602aaa5e796b8bc79db8acbca3683e85a8c6812f2b4bee81f3da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/player/1.125.0/player.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-bytes-rcv: 0
date: Thu, 21 Dec 2023 01:56:42 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.2)
x-upstream-addr: 10.136.33.16:80
x-amz-request-id: c7e0987f-5bc8-4ddf-86e4-47e51ee3b30b
age: 1
x-upstream-responsetime: -1
x-varnish-hostname: 1b57bbd3bcf9b7a988d53aa4ba029c05
x-upstream-headertime: 1
content-length: 1296
x-upstream-connecttime: 0
last-modified: Thu, 14 Dec 2023 10:32:43 GMT
server: nginx
etag: "89e155371b6abc0c87ca793dc0f76080"
vary: Accept, Origin
content-type: application/javascript
x-varnish: 663615098 663549477
cache-control: max-age=1209600, public, max-age=1209600
x-bytes-snd: 0
accept-ranges: bytes
x-time: 0

GET
H2 200 2351-cff5855ab5e5ccec4f32.js Show response
vp.rambler.ru/player/1.125.0/ Frame 7CCB 2 KB
1 KB 80ms
74ms Script
application/javascript 81.19.87.48
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vp.rambler.ru/player/1.125.0/2351-cff5855ab5e5ccec4f32.js
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.87.48 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: apl.rambler-co.ru
Software: nginx /
Resource Hash: 21b13af13449b3e70c78033dc39f50a11b266b31545d711530255c068331d5e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/player/1.125.0/player.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-bytes-rcv: 0
date: Thu, 21 Dec 2023 01:56:42 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.2)
x-upstream-addr: 10.128.18.23:80
x-amz-request-id: ff6ca29a-c71d-4bba-b406-70438dba8061
age: 0
x-upstream-responsetime: -11
x-varnish-hostname: 4aaf1f22a2f4990af6501c825af6cdc7
x-upstream-headertime: 3
content-length: 881
x-upstream-connecttime: 1
last-modified: Thu, 14 Dec 2023 10:32:42 GMT
server: nginx
etag: "9b69a177d479d4afe542b9726632f92a"
vary: Accept, Origin
content-type: application/javascript
x-varnish: 75330490
cache-control: max-age=1209600, public, max-age=1209600
x-bytes-snd: 0
accept-ranges: bytes
x-time: -7

GET
H2 200 4730-fec15babb06c0d9cd08a.js Show response
vp.rambler.ru/player/1.125.0/ Frame 7CCB 4 KB
2 KB 81ms
76ms Script
application/javascript 81.19.87.48
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vp.rambler.ru/player/1.125.0/4730-fec15babb06c0d9cd08a.js
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.87.48 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: apl.rambler-co.ru
Software: nginx /
Resource Hash: 08d4cb950cc8303cbdfa5c25d17902c40c80f50422c1167ed805ea178be440c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/player/1.125.0/player.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-bytes-rcv: 0
date: Thu, 21 Dec 2023 01:56:42 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.2)
x-upstream-addr: 10.136.24.44:80
x-amz-request-id: 673c995c-bfea-45bf-9069-7f77d8a3f192
age: 1
x-upstream-responsetime: -1
x-varnish-hostname: fb048d08da58cc88b746725af521d114
x-upstream-headertime: 1
content-length: 1739
x-upstream-connecttime: 0
last-modified: Thu, 14 Dec 2023 10:32:43 GMT
server: nginx
etag: "dbbcd62bb26660ef75147ef9c8b57234"
vary: Accept, Origin
content-type: application/javascript
x-varnish: 622453080 623420884
cache-control: max-age=1209600, public, max-age=1209600
x-bytes-snd: 0
accept-ranges: bytes
x-time: 0

GET
H2 200 2074-c9beddf3aae330bf9c4d.js Show response
vp.rambler.ru/player/1.125.0/ Frame 7CCB 6 KB
3 KB 80ms
75ms Script
application/javascript 81.19.87.48
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vp.rambler.ru/player/1.125.0/2074-c9beddf3aae330bf9c4d.js
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.87.48 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: apl.rambler-co.ru
Software: nginx /
Resource Hash: 571a514661f0a60c5b869e16f6053ff64b30a18d27015f1178cf6a6cc020de62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/player/1.125.0/player.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-bytes-rcv: 0
date: Thu, 21 Dec 2023 01:56:42 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.2)
x-upstream-addr: 10.136.33.16:80
x-amz-request-id: 2b13b4c7-6890-4c97-922d-b298990df387
age: 0
x-upstream-responsetime: -14
x-varnish-hostname: 1b57bbd3bcf9b7a988d53aa4ba029c05
x-upstream-headertime: 14
content-length: 2503
x-upstream-connecttime: 0
last-modified: Thu, 14 Dec 2023 10:32:42 GMT
server: nginx
etag: "5528899f2f5eeda256cbd61d44a6a1c5"
vary: Accept, Origin
content-type: application/javascript
x-varnish: 663123456
cache-control: max-age=1209600, public, max-age=1209600
x-bytes-snd: 0
accept-ranges: bytes
x-time: 0

GET
H2 200 8986-4635cc4e670f93787357.js Show response
vp.rambler.ru/player/1.125.0/ Frame 7CCB 3 KB
2 KB 77ms
72ms Script
application/javascript 81.19.87.48
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vp.rambler.ru/player/1.125.0/8986-4635cc4e670f93787357.js
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.87.48 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: apl.rambler-co.ru
Software: nginx /
Resource Hash: e969316594807453c070eca662afc992bd3e413696bd4e17aef043fa54afe1d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/player/1.125.0/player.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-bytes-rcv: 0
date: Thu, 21 Dec 2023 01:56:42 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.2)
x-upstream-addr: 10.128.34.14:80
x-amz-request-id: 681f10dc-cdcc-45ed-be85-efde22a91122
age: 0
x-upstream-responsetime: -11
x-varnish-hostname: tb57bbd3fcf9b7a988d53ba4ba029c04
x-upstream-headertime: 4
content-length: 1471
x-upstream-connecttime: 1
last-modified: Thu, 14 Dec 2023 10:32:45 GMT
server: nginx
etag: "e00088777d4b7f0143d9d7aa04bcca4b"
vary: Accept, Origin
content-type: application/javascript
x-varnish: 579394690
cache-control: max-age=1209600, public, max-age=1209600
x-bytes-snd: 0
accept-ranges: bytes
x-time: -6

GET
H2 200 9603-522a7d79409fa15e0322.js Show response
vp.rambler.ru/player/1.125.0/ Frame 7CCB 955 B
993 B 139ms
133ms Script
application/javascript 81.19.87.48
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vp.rambler.ru/player/1.125.0/9603-522a7d79409fa15e0322.js
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.87.48 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: apl.rambler-co.ru
Software: nginx /
Resource Hash: 1a8b126e5c3aeb9114ce0402d2f09794d6efd5d818458d8304e48c162d649610

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/player/1.125.0/player.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-bytes-rcv: 0
date: Thu, 21 Dec 2023 01:56:42 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.2)
x-upstream-addr: 10.136.33.16:80
x-amz-request-id: c8e4b5cd-5fd1-4e38-96c4-44d620e7637b
age: 0
x-upstream-responsetime: -4
x-varnish-hostname: 1b57bbd3bcf9b7a988d53aa4ba029c05
x-upstream-headertime: 3
content-length: 507
x-upstream-connecttime: 1
last-modified: Thu, 14 Dec 2023 10:32:46 GMT
server: nginx
etag: "beff2cc040d19f3423f5674e85c151fb"
vary: Accept, Origin
content-type: application/javascript
x-varnish: 928552768
cache-control: max-age=1209600, public, max-age=1209600
x-bytes-snd: 0
accept-ranges: bytes
x-time: 0

GET
H2 200 7983-b064ed6f2205a2be05c0.js Show response
vp.rambler.ru/player/1.125.0/ Frame 7CCB 30 KB
10 KB 140ms
135ms Script
application/javascript 81.19.87.48
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vp.rambler.ru/player/1.125.0/7983-b064ed6f2205a2be05c0.js
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.87.48 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: apl.rambler-co.ru
Software: nginx /
Resource Hash: 51162743cd61ea3a29f49ccf624d9ac18ea2bd366f35131171c79388341c2c70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/player/1.125.0/player.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-bytes-rcv: 0
date: Thu, 21 Dec 2023 01:56:42 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.2)
x-upstream-addr: 10.144.28.52:80
x-amz-request-id: 4a95542f-fbd5-4ad1-acfc-1a73d3bc10ac
age: 5
x-upstream-responsetime: -2
x-varnish-hostname: 4b58bbd3fcf9b1b988d53ba4ba029c00
x-upstream-headertime: 1
content-length: 9853
x-upstream-connecttime: 1
last-modified: Thu, 14 Dec 2023 10:32:44 GMT
server: nginx
etag: "9afc2d920a1214b093063ef1f7b0b4a4"
vary: Accept, Origin
content-type: application/javascript
x-varnish: 276928073 277153095
cache-control: max-age=1209600, public, max-age=1209600
x-bytes-snd: 0
accept-ranges: bytes
x-time: 0

GET
H2 200 9825-08774e95fdcf2a8c80bf.js Show response
vp.rambler.ru/player/1.125.0/ Frame 7CCB 5 KB
3 KB 139ms
134ms Script
application/javascript 81.19.87.48
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vp.rambler.ru/player/1.125.0/9825-08774e95fdcf2a8c80bf.js
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.87.48 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: apl.rambler-co.ru
Software: nginx /
Resource Hash: 43293ef38ee86d376e1c869a21a62eda81dd929c5ae78a1ee220ffe57885f48c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/player/1.125.0/player.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-bytes-rcv: 0
date: Thu, 21 Dec 2023 01:56:42 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.2)
x-upstream-addr: 10.136.33.16:80
x-amz-request-id: c5a16e29-9ff4-4490-970e-5e33a4c275ec
age: 0
x-upstream-responsetime: -25
x-varnish-hostname: 1b57bbd3bcf9b7a988d53aa4ba029c05
x-upstream-headertime: 18
content-length: 2301
x-upstream-connecttime: 0
last-modified: Thu, 14 Dec 2023 10:32:46 GMT
server: nginx
etag: "b4867afb15c469c2691c819a6b55ffc0"
vary: Accept, Origin
content-type: application/javascript
x-varnish: 665683543
cache-control: max-age=1209600, public, max-age=1209600
x-bytes-snd: 0
accept-ranges: bytes
x-time: -7

GET
H2 200 8427-2f12e77ef3e1424d43f6.js Show response
vp.rambler.ru/player/1.125.0/ Frame 7CCB 3 KB
2 KB 141ms
137ms Script
application/javascript 81.19.87.48
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vp.rambler.ru/player/1.125.0/8427-2f12e77ef3e1424d43f6.js
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.87.48 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: apl.rambler-co.ru
Software: nginx /
Resource Hash: 4b50c6ce7ee5d00cef881412b3ac370d85274b5ec5c57b6f417f509f83844d83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/player/1.125.0/player.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-bytes-rcv: 0
date: Thu, 21 Dec 2023 01:56:42 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.2)
x-upstream-addr: 10.136.33.16:80
x-amz-request-id: 6b34e719-bbb3-43aa-a900-f2f5f1823813
age: 0
x-upstream-responsetime: -13
x-varnish-hostname: 1b57bbd3bcf9b7a988d53aa4ba029c05
x-upstream-headertime: 11
content-length: 1322
x-upstream-connecttime: 0
last-modified: Thu, 14 Dec 2023 10:32:45 GMT
server: nginx
etag: "8a70eec7dcb89e0b1faa4e25098fe33a"
vary: Accept, Origin
content-type: application/javascript
x-varnish: 664841112
cache-control: max-age=1209600, public, max-age=1209600
x-bytes-snd: 0
accept-ranges: bytes
x-time: -2

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 7CCB 367 KB
126 KB 207ms
61ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dac9ce6b163b009d3fae39abc37e728afa2476e5dd0b5e5ac9480a9969fbbe6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128925
x-xss-protection: 0
expires: Thu, 21 Dec 2023 01:56:42 GMT

GET
H2 200 9068-6ca716634303e754a2e2.js Show response
vp.rambler.ru/player/1.125.0/ Frame 7CCB 2 KB
1 KB 140ms
136ms Script
application/javascript 81.19.87.48
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vp.rambler.ru/player/1.125.0/9068-6ca716634303e754a2e2.js
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.87.48 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: apl.rambler-co.ru
Software: nginx /
Resource Hash: 9419ea5be8b74cfb80f220de82c215c409668260662da6a5cd130299027512c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/player/1.125.0/player.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-bytes-rcv: 0
date: Thu, 21 Dec 2023 01:56:42 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.2)
x-upstream-addr: 10.128.34.14:80
x-amz-request-id: b5c86de3-558f-4dba-8abb-66ceb9a6312a
age: 0
x-upstream-responsetime: -6
x-varnish-hostname: tb57bbd3fcf9b7a988d53ba4ba029c04
x-upstream-headertime: 0
content-length: 860
x-upstream-connecttime: 0
last-modified: Thu, 14 Dec 2023 10:32:45 GMT
server: nginx
etag: "47eec746820d693e1391e760f3210291"
vary: Accept, Origin
content-type: application/javascript
x-varnish: 844072661 842873285
cache-control: max-age=1209600, public, max-age=1209600
x-bytes-snd: 0
accept-ranges: bytes
x-time: -6

GET
H2 200 adsdk.js Show response
yandex.ru/ads/system/ Frame 7CCB 83 KB
28 KB 235ms
82ms Script
text/javascript 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/adsdk.js

Requested by

Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

7a0fa7bd6181cdeac66437e7d2a1e0c0287c8031f2ee1dec15251c429178fea1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1703123802850767-12943489111064785277-balancer-l7leveler-kubr-yp-vla-154-BAL-663
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 21 Dec 2023 02:56:42 GMT

GET
H2 200 3901-b362ab63b9ad8a45f4bf.js Show response
vp.rambler.ru/player/1.125.0/ Frame 7CCB 35 KB
9 KB 141ms
137ms Script
application/javascript 81.19.87.48
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vp.rambler.ru/player/1.125.0/3901-b362ab63b9ad8a45f4bf.js
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.87.48 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: apl.rambler-co.ru
Software: nginx /
Resource Hash: 7625320ee58f3bef4a51e3b360a5e39ccc37154777b2f32e7af5b238288695ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/player/1.125.0/player.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-bytes-rcv: 0
date: Thu, 21 Dec 2023 01:56:42 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.2)
x-upstream-addr: 10.128.18.23:80
x-amz-request-id: d73de409-a3ed-4ef9-ae6b-0321beb1d0fa
age: 0
x-upstream-responsetime: -2
x-varnish-hostname: 4aaf1f22a2f4990af6501c825af6cdc7
x-upstream-headertime: 1
content-length: 8691
x-upstream-connecttime: 1
last-modified: Thu, 14 Dec 2023 10:32:43 GMT
server: nginx
etag: "21ff146b86e3ef5703fc817c9c5b539c"
vary: Accept, Origin
content-type: application/javascript
x-varnish: 338975090 338228965
cache-control: max-age=1209600, public, max-age=1209600
x-bytes-snd: 0
accept-ranges: bytes
x-time: 0

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3B20 10 KB
10 KB 56ms
52ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9n0Dm7EJkeI?wmode=opaque&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:42:50 GMT
x-content-type-options: nosniff
age: 173632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9832
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 01:42:50 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 74CF 4 KB
2 KB 178ms
62ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 01:56:42 GMT

GET
H2 200 px.gif
ssp.rambler.ru/ 43 B
257 B 69ms
68ms Image
image/gif 91.192.149.12
BEGUN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssp.rambler.ru/px.gif?ch=1&rn=9.653872784012817

Requested by

Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

91.192.149.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

ssp.rambler.ru

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:42 GMT
strict-transport-security: max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
content-type: image/gif
x-passed: 1bal1
content-length: 43

GET
H2 200 px.gif
ssp.rambler.ru/ 43 B
257 B 69ms
69ms Image
image/gif 91.192.149.12
BEGUN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssp.rambler.ru/px.gif?ch=2&rn=9.653872784012817

Requested by

Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

91.192.149.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

ssp.rambler.ru

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:42 GMT
strict-transport-security: max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
content-type: image/gif
x-passed: 1bal1
content-length: 43

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 3B20 4 KB
2 KB 178ms
70ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 01:56:42 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame D829
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

64ms
63ms

XHR
application/json

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Q9Fo2byNdGE?wmode=opaque&si=b9vsbBBhaeAbgQy2&wmode=opaque

Protocol

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7aeb35717293888406e3e040166249d61c1d4aea34543938f18fdabd11154cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 21 Dec 2023 01:56:42 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame D829 29 B
89 B 56ms
55ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:54:20 GMT
x-content-type-options: nosniff
age: 142
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Dec 2023 02:09:20 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame EC45
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

61ms
61ms

XHR
application/json

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/JnofOY2tvgY?wmode=opaque&si=ORxbDsCV-BE-SgMe&wmode=opaque

Protocol

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c12fd08cd9b4cb041d564eb8e32b4c7dde5343775001a06833b33c2df175446f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 21 Dec 2023 01:56:42 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame EC45 29 B
89 B 54ms
54ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:54:20 GMT
x-content-type-options: nosniff
age: 142
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Dec 2023 02:09:20 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 126ms
126ms Preflight
text/html 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 21 Dec 2023 01:56:42 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame D829 87 KB
40 KB 97ms
96ms XHR
application/json+protobuf 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

905f0f6528e29c533ea6b1122ecd474aac10dfca473a0c5b491216d6abb84d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 21 Dec 2023 01:56:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41145
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/ Frame D829 116 KB
33 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e50b3437118e3987bcf15bbe18094b785119f764d2af29be181b531de3b1bb08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Q9Fo2byNdGE?wmode=opaque&si=b9vsbBBhaeAbgQy2&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 08:24:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 235916
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33735
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 17 Dec 2024 08:24:46 GMT

GET
H2 200 q3ybFvLVurjIRsyeRT4FtV2O7nz4ZH1nHhTn1-npVcU.js Show response
www.google.com/js/th/ Frame D829 51 KB
19 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/q3ybFvLVurjIRsyeRT4FtV2O7nz4ZH1nHhTn1-npVcU.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab7c9b16f2d5bab8c846cc9e453e05b55d8eee7cf8647d671e14e7d7e9e955c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 16:58:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 377890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19841
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 15 Dec 2024 16:58:32 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/Q9Fo2byNdGE/ Frame D829 9 KB
9 KB 104ms
104ms Image
image/jpeg 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/Q9Fo2byNdGE/hqdefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Q9Fo2byNdGE?wmode=opaque&si=b9vsbBBhaeAbgQy2&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83f349a8823b7e3e7e578ff192f94ebdd525b76c8c8c0617e673d556762faec6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:42 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9413
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 21 Dec 2023 03:56:42 GMT

GET
DATA 200
OK truncated
/ Frame D829 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 -oRIl_XPfC06edHfh6mIvrWuMc5rRhk2jCG9lHbxemq4BeqVVVN3ig1zBveDS_XkJkkdsWUbVQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame D829 4 KB
4 KB 55ms
54ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/-oRIl_XPfC06edHfh6mIvrWuMc5rRhk2jCG9lHbxemq4BeqVVVN3ig1zBveDS_XkJkkdsWUbVQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Q9Fo2byNdGE?wmode=opaque&si=b9vsbBBhaeAbgQy2&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f4387f020b926ae7da80d4cbd030b5d0a89196861379185a520c0b91befe249d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 22:12:50 GMT
x-content-type-options: nosniff
age: 13432
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3745
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 21 Dec 2023 22:12:50 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D829 10 KB
10 KB 54ms
54ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Q9Fo2byNdGE?wmode=opaque&si=b9vsbBBhaeAbgQy2&wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:42:50 GMT
x-content-type-options: nosniff
age: 173632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9832
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 01:42:50 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 83ms
82ms Preflight
text/html 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 21 Dec 2023 01:56:42 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame EC45 87 KB
40 KB 73ms
72ms XHR
application/json+protobuf 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

49e4a3219317eb4dd77a3e6ed75c92cc06ce5c19b0212d78e8f025a14600377b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 21 Dec 2023 01:56:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40928
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/ Frame EC45 116 KB
33 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e50b3437118e3987bcf15bbe18094b785119f764d2af29be181b531de3b1bb08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/JnofOY2tvgY?wmode=opaque&si=ORxbDsCV-BE-SgMe&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 08:24:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 235916
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33735
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 17 Dec 2024 08:24:46 GMT

GET
H2 200 q3ybFvLVurjIRsyeRT4FtV2O7nz4ZH1nHhTn1-npVcU.js Show response
www.google.com/js/th/ Frame EC45 51 KB
19 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/q3ybFvLVurjIRsyeRT4FtV2O7nz4ZH1nHhTn1-npVcU.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab7c9b16f2d5bab8c846cc9e453e05b55d8eee7cf8647d671e14e7d7e9e955c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 16:58:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 377890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19841
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 15 Dec 2024 16:58:32 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/JnofOY2tvgY/ Frame EC45 24 KB
24 KB 119ms
119ms Image
image/webp 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/JnofOY2tvgY/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/JnofOY2tvgY?wmode=opaque&si=ORxbDsCV-BE-SgMe&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d7cee86d143f6ed4357a38a339b7f034a406a7e20d3ac49af1b06f25f87781b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:42 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24620
x-xss-protection: 0
server: sffe
etag: "1550705625"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 21 Dec 2023 03:56:42 GMT

GET
DATA 200
OK truncated
/ Frame EC45 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 74P0-9xe_8Y8f4zGTS6Zgdl4kRvavDsfuX6QMuEqbgzXSQoB4wDCW8Br6bUW6GKYJ3IsoYc8=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame EC45 4 KB
4 KB 55ms
54ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/74P0-9xe_8Y8f4zGTS6Zgdl4kRvavDsfuX6QMuEqbgzXSQoB4wDCW8Br6bUW6GKYJ3IsoYc8=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/JnofOY2tvgY?wmode=opaque&si=ORxbDsCV-BE-SgMe&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

54497c3b880dea921dd273760eb8dd01d5e2f70cca7ac32d80715565942a2f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 22:12:49 GMT
x-content-type-options: nosniff
age: 13433
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3804
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 21 Dec 2023 22:12:49 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 62ms
62ms Preflight
text/html 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 21 Dec 2023 01:56:42 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 3B20 90 B
134 B 101ms
101ms XHR
application/json+protobuf 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f7b751320696388bb6ca8a2b40840a7a8774df565ccac55a4bf38c409977c538

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 21 Dec 2023 01:56:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H3 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EC45 10 KB
10 KB 54ms
54ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/JnofOY2tvgY?wmode=opaque&si=ORxbDsCV-BE-SgMe&wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:42:50 GMT
x-content-type-options: nosniff
age: 173632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9832
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 01:42:50 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 87ms
87ms Preflight
text/html 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 21 Dec 2023 01:56:42 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 74CF 90 B
134 B 66ms
65ms XHR
application/json+protobuf 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8e178fe89a58bad46636baa1c7effd52807b565072379703ba31a7756b341bb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 21 Dec 2023 01:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 1782-a8eca3b6ed041d86035a.js Show response
vp.rambler.ru/player/1.125.0/ Frame 7CCB 16 KB
7 KB 69ms
69ms Script
application/javascript 81.19.87.48
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vp.rambler.ru/player/1.125.0/1782-a8eca3b6ed041d86035a.js
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.87.48 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: apl.rambler-co.ru
Software: nginx /
Resource Hash: 1efced8fca1c49c2334f0a92917d99f59ec6de81180943417bca5ba8fc6e163e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/player/1.125.0/player.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-bytes-rcv: 0
date: Thu, 21 Dec 2023 01:56:43 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.2)
x-upstream-addr: 10.136.24.44:80
x-amz-request-id: 31d73b2d-7149-42c7-9229-d68fe47b0e72
age: 0
x-upstream-responsetime: -6
x-varnish-hostname: fb048d08da58cc88b746725af521d114
x-upstream-headertime: 6
content-length: 6336
x-upstream-connecttime: 0
last-modified: Thu, 14 Dec 2023 10:32:41 GMT
server: nginx
etag: "5e38ccda4e16ba6fbf5a952b3374d220"
vary: Accept, Origin
content-type: application/javascript
x-varnish: 886651531
cache-control: max-age=1209600, public, max-age=1209600
x-bytes-snd: 0
accept-ranges: bytes
x-time: 0

GET
H2 200 5753-66c9efd4002b0f2063d9.js Show response
vp.rambler.ru/player/1.125.0/ Frame 7CCB 24 KB
7 KB 69ms
68ms Script
application/javascript 81.19.87.48
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vp.rambler.ru/player/1.125.0/5753-66c9efd4002b0f2063d9.js
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.87.48 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: apl.rambler-co.ru
Software: nginx /
Resource Hash: 5d8c5b06839122c71898e33ac3c5deadf53e1dfadede7b969a178a18d812c828

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/player/1.125.0/player.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-bytes-rcv: 0
date: Thu, 21 Dec 2023 01:56:43 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.2)
x-upstream-addr: 10.128.18.23:80
x-amz-request-id: 34a8636e-4956-4618-9c9b-be02aab6c983
age: 2
x-upstream-responsetime: -2
x-varnish-hostname: 4aaf1f22a2f4990af6501c825af6cdc7
x-upstream-headertime: 1
content-length: 6909
x-upstream-connecttime: 1
last-modified: Thu, 14 Dec 2023 10:32:43 GMT
server: nginx
etag: "54780b286898132b4599ad140076adfe"
vary: Accept, Origin
content-type: application/javascript
x-varnish: 72032259 74893687
cache-control: max-age=1209600, public, max-age=1209600
x-bytes-snd: 0
accept-ranges: bytes
x-time: 0

GET
H2 200 subtitles Show response
vc.videos.livejournal.com/api/records/2244147/ Frame 7CCB 7 KB
1 KB 358ms
114ms Fetch
text/plain 81.19.87.29
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vc.videos.livejournal.com/api/records/2244147/subtitles?language=sprite

Requested by

Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

81.19.87.29 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),

Reverse DNS

videoplatform.rambler.ru

Software

nginx /

Resource Hash

20573f81eb385e09fa914fcf18f91093fd242f20215d923e1be04b27db9a4ca6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:43 GMT
content-encoding: br
x-content-type-options: nosniff
x-cache: MISS
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
x-xss-protection: 1; mode=block
x-request-id: 789d79e99ab465dd8fa767c78dc2b881
pragma: no-cache
x-runtime: 0.040968
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS, HEAD
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-upstream: 172.17.0.2:3000
access-control-expose-headers: ETag,X-Language
access-control-max-age: 86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-headers: *,x-requested-with,Content-Type,If-Modified-Since,If-None-Match,X-Csrf-Token,If-Match
x-version-app: 2.209.0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 8022-17296b7ee0376eab4c3e.js Show response
vp.rambler.ru/player/1.125.0/ Frame 7CCB 109 KB
22 KB 69ms
69ms Script
application/javascript 81.19.87.48
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vp.rambler.ru/player/1.125.0/8022-17296b7ee0376eab4c3e.js
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.87.48 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: apl.rambler-co.ru
Software: nginx /
Resource Hash: 4cff9e46811d860fc420585ec85721b4c1147cc7fba2bd68ea469f59637ed408

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/player/1.125.0/player.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-bytes-rcv: 0
date: Thu, 21 Dec 2023 01:56:43 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.2)
x-upstream-addr: 10.128.34.14:80
x-amz-request-id: 4522aa34-d4b0-49cd-9fd2-a1de95b37aeb
age: 0
x-upstream-responsetime: -7
x-varnish-hostname: tb57bbd3fcf9b7a988d53ba4ba029c04
x-upstream-headertime: 0
content-length: 21774
x-upstream-connecttime: 1
last-modified: Thu, 14 Dec 2023 10:32:45 GMT
server: nginx
etag: "f7e5c976885079155f7dc41030a4b413"
vary: Accept, Origin
content-type: application/javascript
x-varnish: 580106845 579010205
cache-control: max-age=1209600, public, max-age=1209600
x-bytes-snd: 0
accept-ranges: bytes
x-time: -6

GET
H2 200 9618-bea27e4c3a258b64ee57.js Show response
vp.rambler.ru/player/1.125.0/ Frame 7CCB 3 KB
2 KB 69ms
69ms Script
application/javascript 81.19.87.48
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vp.rambler.ru/player/1.125.0/9618-bea27e4c3a258b64ee57.js
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.87.48 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: apl.rambler-co.ru
Software: nginx /
Resource Hash: b9a019ce7026011a4bd6adce6243df46d65733b9fb2fb88c6c5ccab551b9e0a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/player/1.125.0/player.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-bytes-rcv: 0
date: Thu, 21 Dec 2023 01:56:43 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.2)
x-upstream-addr: 10.144.28.52:80
x-amz-request-id: bd969508-375d-4869-9921-0c3b42ac5b02
age: 0
x-upstream-responsetime: -20
x-varnish-hostname: 4b58bbd3fcf9b1b988d53ba4ba029c00
x-upstream-headertime: 15
content-length: 1359
x-upstream-connecttime: 0
last-modified: Thu, 14 Dec 2023 10:32:46 GMT
server: nginx
etag: "93622f3f57ba33868a9e8b8e922f13e6"
vary: Accept, Origin
content-type: application/javascript
x-varnish: 276798040
cache-control: max-age=1209600, public, max-age=1209600
x-bytes-snd: 0
accept-ranges: bytes
x-time: -5

GET
H3 204 generate_204
www.youtube.com/ Frame 74CF 0
10 B 54ms
54ms Image
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?w18yhg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/NV6gztsfq2g?wmode=opaque&si=ms9OIA4mEzfcvXNN&wmode=opaque
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/NV6gztsfq2g?wmode=opaque&si=ms9OIA4mEzfcvXNN&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame 74CF 50 KB
15 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:02:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 21 Dec 2023 10:02:13 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame 3B20 50 KB
14 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:02:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 21 Dec 2023 10:02:13 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame D829 4 KB
2 KB 79ms
79ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 01:56:43 GMT

POST
H2 200 log
log.strm.yandex.ru/ Frame 7CCB 0
208 B 224ms
74ms Ping
text/plain 2a02:6b8::28d
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://log.strm.yandex.ru/log?VAS=930751&event=CreateLoader
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/adsdk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::28d Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vp.rambler.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://vp.rambler.ru
date: Thu, 21 Dec 2023 01:56:43 GMT
access-control-expose-headers: Date
access-control-allow-credentials: true
timing-allow-origin: https://vp.rambler.ru
content-length: 0
x-request-id: 1703123803225022-6405848157813595966

GET
H3 204 generate_204
www.youtube.com/ Frame 3B20 0
10 B 54ms
54ms Image
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?KUG-qg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/9n0Dm7EJkeI?wmode=opaque&wmode=opaque
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9n0Dm7EJkeI?wmode=opaque&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 62ms
62ms Preflight
text/html 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 21 Dec 2023 01:56:43 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame EC45 90 B
134 B 66ms
66ms XHR
application/json+protobuf 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

68c9261f5b0bbf0439afdba30a498abd2222058eca2c323d758cf341879fbebf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 21 Dec 2023 01:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H3 204 generate_204
www.youtube.com/ Frame D829 0
10 B 54ms
54ms Image
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?baozzA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/Q9Fo2byNdGE?wmode=opaque&si=b9vsbBBhaeAbgQy2&wmode=opaque
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Q9Fo2byNdGE?wmode=opaque&si=b9vsbBBhaeAbgQy2&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 62ms
62ms Preflight
text/html 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 21 Dec 2023 01:56:43 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame D829 90 B
134 B 65ms
65ms XHR
application/json+protobuf 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

81bbb7a582c039e2af99f571e47035df3365a8ba471f8b4022363748ee8d8f28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 21 Dec 2023 01:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame EC45 4 KB
2 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 01:56:43 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 106ms
106ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=5.865000895339217

Requested by

Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2RuLBsCiHLyG2b31TwbVBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:43 GMT
content-security-policy: script-src 'report-sample' 'nonce-2RuLBsCiHLyG2b31TwbVBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 69ms
69ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=6.635530189360464

Requested by

Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xOmj-QkArbITngt5Ltf6jg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:43 GMT
content-security-policy: script-src 'report-sample' 'nonce-xOmj-QkArbITngt5Ltf6jg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame EC45 0
10 B 54ms
54ms Image
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?SgnRLg
Requested by: Host: antifreeze.livejournal.com
URL: https://antifreeze.livejournal.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/JnofOY2tvgY?wmode=opaque&si=ORxbDsCV-BE-SgMe&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 context.jsp Show response
ssp.rambler.ru/ 10 KB
11 KB 95ms
95ms XHR
application/javascript 91.192.149.12
BEGUN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ssp.rambler.ru/context.jsp?wl=rambler&json=1&pad_id=536695695&first=1&block_id=536708283&screenw=1600&screenh=1200&winw=1600&winh=1200&rq=0&rq_type=0&rq_sess=9061141DD849A85BD874B526225111D5&fpruid=pA8AAENKs1eE2YgrAekrYQA%3D&adtech_uid=59e38c1b-a82a-4c76-a1e6-6d39663c1751&adtech_uid_scope=livejournal.com&publisher_uid=URNKAWWDm1gLTDxx6qI7AgB%3D&publisher_uid_scope=.livejournal.com&browser_family=Chrome&browser_version=120.0.6099.109&os_family=Windows&os_version=10&device_type=1&jparams=%7B%22puid49%22%3A%22%22%2C%22puid3%22%3A%22%22%2C%22puid4%22%3A%22NO%22%2C%22puid21%22%3A%22NO%22%2C%22puid10%22%3A%22NO%22%2C%22puid14%22%3A%22NO%22%2C%22puid1%22%3A%22%22%2C%22puid34%22%3A%22%22%2C%22puid6%22%3A%22LIVEJOURNAL_JOURNAL%22%2C%22puid15%22%3A%22%22%2C%22pct%22%3A%22c%22%2C%22puid16%22%3A%22%22%2C%22puid18%22%3A%22%22%2C%22puid7%22%3A%22%22%2C%22p1%22%3A%22blnun%22%2C%22criteo%22%3A%22crljn728%3D1%22%2C%22puid62%22%3A%220%22%2C%22puid9%22%3A%22antifreeze%22%2C%22puid59%22%3A%22%22%2C%22puid2%22%3A%22%22%2C%22p2%22%3A%22y%22%2C%22puid8%22%3A%22%22%2C%22puid42%22%3A%2210%22%2C%22pli%22%3A%22a%22%2C%22plp%22%3A%22a%22%2C%22pop%22%3A%22a%22%7D&top=103&left=0&secure=1&vcapirs=38_48_0&fpParams=%7B%22f%22%3A%7B%22p%22%3A3646554937%2C%22c%22%3Anull%2C%22i%22%3A3182925622%2C%22v%22%3A%22Intel%20Inc.%22%2C%22r%22%3A%22Intel%20Iris%20OpenGL%20Engine%22%2C%22w%22%3A2615004439%7D%2C%22s%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22a%22%3A1600%2C%22b%22%3A1200%2C%22p%22%3A1%2C%22c%22%3A24%7D%2C%22o%22%3A%7B%22t%22%3A-60%2C%22u%22%3A%22en-US%22%7D%7D&device_memory=8&hardware_concurrency=4&cookies_enabled=true&webdriver=false&java_enabled=false&history_length=2&adsblock=false&battery_info=%7B%22charging%22%3Atrue%2C%22charging_time%22%3A0%2C%22discharging_time%22%3Anull%2C%22level%22%3A1%7D&media_devices=%5B%5D&timezone=%7B%22offset%22%3A1%2C%22name%22%3A%22Europe%2FBerlin%22%7D&callback=Begun_Autocontext_saveFeed1&url=https%3A%2F%2Fantifreeze.livejournal.com%2F

Requested by

Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

91.192.149.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

ssp.rambler.ru

Software

nginx /

Resource Hash

e03548e5238f8d96d3a69f21f8d29e5a19bfad5dbb34529980edf5dbd27ae0f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:43 GMT
strict-transport-security: max-age=0
x-user-regionid: 1831
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR NID DEVa PSAa PSDa OUR BUS", policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
content-length: 10279
x-begun-graphcount: 1
pragma: no-cache
last-modified: Thu, 21 Dec 2023 01:56:43 GMT
server: nginx
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://antifreeze.livejournal.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
x-passed: 1bal1
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame D829 50 KB
14 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:02:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 21 Dec 2023 10:02:13 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame EC45 50 KB
14 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:02:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 21 Dec 2023 10:02:13 GMT

POST
H3 204 AGSKWxX3p39Aj9yAIA3_CkTmxGpj38N-zhBY9Q86g0twM6-ZsmJhYE0YYDV84f8pDg9udr-9gi2e6wg42BmNPUtzjnB1SAaov3eVsJnOVzOHg7Rr7lO68SIHDs_JTg1P9gnuOb7F-rh0mA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 67ms
67ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX3p39Aj9yAIA3_CkTmxGpj38N-zhBY9Q86g0twM6-ZsmJhYE0YYDV84f8pDg9udr-9gi2e6wg42BmNPUtzjnB1SAaov3eVsJnOVzOHg7Rr7lO68SIHDs_JTg1P9gnuOb7F-rh0mA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WHqPzKWS1tyiIF8dL6crTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://antifreeze.livejournal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Dec 2023 01:56:43 GMT
content-security-policy: script-src 'report-sample' 'nonce-WHqPzKWS1tyiIF8dL6crTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://antifreeze.livejournal.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tracker
top-fwz1.mail.ru/ 43 B
873 B 69ms
69ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/tracker?_=0.20661045754191498;id=3402139;u=https%3A//antifreeze.livejournal.com/;st=1703123801455;title=%D0%A1%D0%B5%D1%80%D0%B1%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B0%D1%80%D1%82%D1%85%D0%B0%D1%83%D1%81%20%E2%80%94%20%D0%96%D0%96;s=1600*1200;vp=1600*1200;touch=0;hds=1;sid=4ac151079f9e593d;ver=60.3.0;tz=-60%2FEurope%2FBerlin;nt=0/0/1703123795512/////0/151/151/151/290/219/290/5086/5359/5089/5943/5943/6125/7823/7824/7824;ct=6336/6338/6339/6345;gl=u;ni=10//4g/0/0/;lvid=1703123801850%3A1703123803337%3A2%3Af3726b1118acb491d3ca86bc2148f089;opts=dl%2Cjst-gtag-ga-ym-vk;visible=true;js=13;e=RT/load;et=1703123803336

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:43 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ Frame 7CCB 202 KB
70 KB 126ms
126ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

9b2c36195d8149926940ce2d9ed3b6c4e4390464224b8f4733cf096cc4494e74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 20 Dec 2023 13:02:26 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6582e5e2-1158c"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71052
expires: Thu, 21 Dec 2023 02:56:43 GMT

GET
H2 200 LiujAIS9vMmwa.jpg
static.eaglecdn.com/lj/20230911/ Frame 7CCB 14 KB
14 KB 509ms
357ms Image
image/jpeg 81.19.87.28
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.eaglecdn.com/lj/20230911/LiujAIS9vMmwa.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.87.28 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: videoplatform.rambler.ru
Software: nginx /
Resource Hash: 57d45fce5261d436e77c41e3bfc0ecfe76137f0a334662806b2a545e01ee37bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:43 GMT
last-modified: Mon, 11 Sep 2023 15:11:18 GMT
server: nginx
etag: "64ff2e16-37cf"
content-type: image/jpeg
x-upstream: 10.16.28.11:80
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
accept-ranges: bytes
x-balancer: 2node0301.lb.rambler.tech
content-length: 14287
x-upstream-status: 200

GET
H2 200 UtHfYCIOWh5xQ.jpg
static.eaglecdn.com/lj/20230911/ Frame 7CCB 344 KB
344 KB 287ms
136ms Image
image/jpeg 81.19.87.28
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.eaglecdn.com/lj/20230911/UtHfYCIOWh5xQ.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.87.28 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: videoplatform.rambler.ru
Software: nginx /
Resource Hash: 647193078dc68f6a0219b969bce3eb051dad6c018ecf85f18b49c2ea729fcde6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:43 GMT
last-modified: Mon, 11 Sep 2023 15:11:18 GMT
server: nginx
etag: "64ff2e16-55e0d"
content-type: image/jpeg
x-upstream: 10.41.28.11:80
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
accept-ranges: bytes
x-balancer: 2node0300.lb.rambler.tech
content-length: 351757
x-upstream-status: 200

GET
H2 200 1
www.tns-counter.ru/V13a****sup_ru/ru/CP1251/tmsec=lj_playerload/ Frame 7CCB 43 B
414 B 67ms
67ms Image
image/gif 2001:6d0:4001::226
ADFACT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tns-counter.ru/V13a****sup_ru/ru/CP1251/tmsec=lj_playerload/1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:6d0:4001::226 , Russian Federation, ASN52016 (ADFACT, RU),

Reverse DNS

Software

ms-counter-4.0.4/1.22.1 /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:43 GMT
strict-transport-security: max-age=2678400
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-4.0.4/1.22.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 /
www.tns-counter.ru/V13a****rambler_ad/ru/UTF-8/tmsec=rambler_cid1100103-posid2155078/ Frame 7CCB 43 B
414 B 68ms
68ms Image
image/gif 2001:6d0:4001::226
ADFACT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tns-counter.ru/V13a****rambler_ad/ru/UTF-8/tmsec=rambler_cid1100103-posid2155078/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:6d0:4001::226 , Russian Federation, ASN52016 (ADFACT, RU),

Reverse DNS

Software

ms-counter-4.0.4/1.22.1 /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:43 GMT
strict-transport-security: max-age=2678400
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-4.0.4/1.22.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 /
www.tns-counter.ru/V13a****rambler_ad/ru/UTF-8/tmsec=rambler_cid1100106-posid2155090/ Frame 7CCB 43 B
414 B 69ms
69ms Image
image/gif 2001:6d0:4001::226
ADFACT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tns-counter.ru/V13a****rambler_ad/ru/UTF-8/tmsec=rambler_cid1100106-posid2155090/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:6d0:4001::226 , Russian Federation, ASN52016 (ADFACT, RU),

Reverse DNS

Software

ms-counter-4.0.4/1.22.1 /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:43 GMT
strict-transport-security: max-age=2678400
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-4.0.4/1.22.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 file.jsp Show response
img02.ssp.rambler.ru/ 602 B
1 KB 367ms
180ms XHR
application/x-shared-scripts 91.192.148.30
BEGUN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img02.ssp.rambler.ru/file.jsp?url=GJ2O1yBgC5zz4JwFKHmVnMWOahlcHXIWWahCn2hbSJPFR8tvA6T3eDDp9RhqEdkUcf8KxiYMcHX9o*7fQy2Xx5U9t6fhdi97FA4hkmTT0Zp4Df2Nv94O*Nq0fzjokaiN7n97OAQQmiCWyfBau37fY9Apc50eRePVQYLd663oBt5C119eXNSGqgQGp*o1eSahBiytj9V1z4WI*XYnIsv4IItSj1Hb6pkG5aYlm32aj8t2J5DPpvBM5ky*xGVIxu6qL0uPpuw3HzdthDbIYlebWm1ODB1WMzFMNmGWayam1gpEWB*LZay2mXjhj4-BaE57E3jDj0U*bPpIuFKPOjpt3Z3MAdYL78sXVKHv5U1MH2EWBYMKYPTE0-i8Bqzv2*ukWuzNruZWJ44NIoLC605yUIOxVFGT5yWmuZBf88uAhLM0-TxW85AgGnX*OnrD*ynMSheFGw2vg36VwC3yKglkGqqxLjwObQR5qfyVTlNdax5PgIC42gDvXDgxVHP-XtC4ecHXgDrRHWG6ROoRVVSZcyj*qKK2AM262bYXVHmwqPjDYNC0xm3eauoR4kfjd64baoUgTNnyIS7xUvMchwriB9VUPUV3frx-Enqk1Fe9xg9DDzKVp3UCTPgfHbFMv41YhJo8x1JVvRAb2DX3ppsiUD3MlyaXX4Km99w-tWemAz9qjmSPiygXxaWyld7KXxhiPE8o0XWx8nWDSvDQKjjLl6tjatOImRJNzqSkjiPltjJNTlLimOhulfLHVk1vXlp1e839D3Ra64kTYKzon99CaZZFMEoGRapKQGBRNdkNU5NRbi-13gU8Gm5hzWktEoLuR6-fe7xl5jU-oDem0guor9pY5fxeqdRCekfnPsm3QMWUBezBhUpAcwxrBPfcm0HwEZFoRxOvz3nb6aV6g*p9AO31Cw5uPUwIyiVB9L1vLytehF4j0LABxVwjTN*H5YFpSGq*GqPd8IOFwd-DH-t7qhbq-Tg6KlWguhHXPdigyR2a*7Idl90o47MmkYKhTLRcSME5SH1UPoGHez2CCdX3CiDRUJTRLA6BzARMMP0zM0XrYHugwYFtrdEgYDg4h55D0T3d1yrG2l2A7pvFT0dgeRyV-NODdzy*6KG3zMUJJkGOpwC5S0v0LqBLZemuuXRGfC7MYA6Stc9QSIaW*RsPTZYGg*mjXwSMLbcUsHeXhAVTmxUzj2Qfz7SujUvOxjUM1SyrzjGIsjztGMeXOBb-KKmmhmqBRllnc1wWpDeG1rWhCWq0KefDOwcqqH-SAY-v*KycuZ**Qo8EZLJ4*ygxA6YZ9QU43aWzhV-EZm7q4GTg4OW9u4G4UsNxpXazomYzGmHjoB5QFFAIGYMHZN3Rg*jYOFEQ6ibQngCCCfQ7ELQDauTR62XqnfkF4XFmcJWeC22UEuMwt-dt-zq3lwdVuYPsEAxIc8aQD*PKrrFnWyp1pu151O1qCtMl154uUxqPXAOTHTC9a11Hta07Dhbebivh4RBxEHFObVGvQWwYiM1jQNKoPgSBp5YIqlbUk2bgqS*Wh3TJJUiiCjbAjn6QaR19UUQ9-DhRu3SaTZffb4kho-DpfcJP*dlKOUa3SruxOFoX85FVGB9Brcz7-ve5F0*15ZlqiHY-*zSNln73s8os3qBUI-CnIX-Z6RNJQOghK0a57B6QFlL8qGwUvgLdAXzcy5-J*G*9tz1jJNAzixvjWt2cmrlNIg-lSep264hjHSfxMLLfXwB9ipsWbu7JbkrvYgIaATC25-xBE*qp5tnQS6bXmiF2jTh*gtSkReyAvRhtEo61BAPNhahgNJp1WRa*CUcT9cxv8Cf6L41OEeu5y02A0lldv4sodA7Vnx*zy32Rog33vC4DeKmZxionw9brlYzWRN0tyb9dSexp8f0CAAAAuty8CgAAAAA&eurl%5B%5D=*g6fQfLYDQwYCQlrGXmxK-fVijNc1UR7W4r8feR1KDtAj66126tMFAXEODRJz5c-ATictxgH2tHFA14knCADnGIBz12ZfujEE6A*VclsHHsCAAAAuty8CgAAAAA&seq=0

Requested by

Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

91.192.148.30 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

zvezda.ssp.rambler.ru

Software

nginx /

Resource Hash

22e5e72d347b23a6dcbe89257b12c631f62523da44b9ea0af2085b8ceb2e044e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:43 GMT
x-envoy-decorator-operation: filed3.srvc-ads-platform.svc.cluster.local:80/*
strict-transport-security: max-age=0
server: nginx
x-begun-impressionid: 6583d-9b5bb-36e0b
x-sca-elb: int
content-type: application/x-shared-scripts
access-control-allow-origin: https://antifreeze.livejournal.com
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
x-passed: 2bal2
timing-allow-origin: *
content-length: 602

GET
H2 200 top100.js Show response
st.top100.ru/top100/ 118 KB
38 KB 140ms
140ms Script
application/javascript 81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://st.top100.ru/top100/top100.js
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/sdk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx /
Resource Hash: 5b1396003e2821c437960323ef4c4716ef2df0e2c6c4ed73272458db8304091d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:43 GMT
content-encoding: gzip
last-modified: Fri, 15 Dec 2023 13:58:32 GMT
server: nginx
x-amz-request-id: tx000000000000147ccb6ba-0065839b00-783970ff-default
etag: W/"6442501dd7791df09c2f40d696ea2a7a"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
x-rgw-object-type: Normal
cache-control: max-age=3600
expires: Thu, 21 Dec 2023 02:56:43 GMT

GET
H2 200 playlist.m3u8 Show response
api.vp.rambler.ru/api/records/ Frame 7CCB 460 B
943 B 114ms
114ms XHR
application/vnd.apple.mpegurl 81.19.87.48
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.vp.rambler.ru/api/records/playlist.m3u8?uuid=record::e19d67d9-2693-4727-a427-7e3445d080bc
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.87.48 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: apl.rambler-co.ru
Software: nginx /
Resource Hash: 7f8f4d3f777dedf0a74cc1f7fa44a00ad8474ce2ea6d6819b1f613409e538fb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:43 GMT
server: nginx
x-backend: 10.149.32.104:8080
x-build-info: 0.86.6(4b37769f0e9ad446a402b6163f5e96e8ab3ac9c2)
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/vnd.apple.mpegurl
x-response-id: c8lYLKLtgKcq
access-control-allow-origin: https://vp.rambler.ru
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-credentials: true
content-length: 460
x-request-id: 981e78c7339a2cc1d0920fd47bf7cc51

GET
H2 200 /
api.vp.rambler.ru/events/ Frame 7CCB 0
0 70ms
70ms Fetch
application/octet-stream 81.19.87.48
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.vp.rambler.ru/events/?data=%5B%7B%22type%22%3A%22measureEvent%22%2C%22accountCode%22%3A%22lj%22%2C%22objectType%22%3A%22record%22%2C%22objectId%22%3A%222244147%22%2C%22resolution%22%3A%22unknown%22%2C%22embedUrl%22%3A%22https%3A%2F%2Fantifreeze.livejournal.com%2F%22%2C%22eventType%22%3A%22playerRender%22%2C%22rnd%22%3A4202767858028274%2C%22split%22%3A%22%22%2C%22sourceName%22%3A%22api.vp.rambler.ru%22%2C%22measure%22%3A1500%7D%5D
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.87.48 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: apl.rambler-co.ru
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: application/octet-stream
date: Thu, 21 Dec 2023 01:56:43 GMT
server: nginx
content-length: 0
x-request-id: 02847bbb878451aba5420fe5b2f812a3
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"

GET
H2 200 /
api.vp.rambler.ru/events/ Frame 7CCB 0
0 69ms
69ms Fetch
application/octet-stream 81.19.87.48
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.vp.rambler.ru/events/?data=%5B%7B%22accountCode%22%3A%22lj%22%2C%22recordId%22%3A2244147%2C%22type%22%3A%22percentView-1%22%2C%22embedUrl%22%3A%22https%3A%2F%2Fantifreeze.livejournal.com%2F%22%2C%22userCookie%22%3A%221703123803.383-1033365366%22%7D%5D
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.87.48 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: apl.rambler-co.ru
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: application/octet-stream
date: Thu, 21 Dec 2023 01:56:43 GMT
server: nginx
content-length: 0
x-request-id: a5764b78be743401bb269d03ace37235
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"

GET
H2 200 index.m3u8 Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/BJZ6drJ77Gtle.mp4/ Frame 7CCB 56 KB
5 KB 253ms
100ms XHR
application/vnd.apple.mpegurl 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/BJZ6drJ77Gtle.mp4/index.m3u8
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: d28d4b93cddc332ded20d1b9a24823332afcfaf7050d55cfbb312c0ae803f6b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:43 GMT
content-encoding: gzip
x-r-cache: MISS
server: nginx
etag: W/"-1-e1eb"
vary: Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
x-upstream: 10.144.12.25:80
cache-control: max-age=43200
x-balancer: 1node0100.lb.rambler.tech
x-upstream-status: 200
x-request-id: 6232311c8b9c4137ecd44a3e6a6a58e8
expires: Thu, 21 Dec 2023 13:56:43 GMT

GET
H2 200 /
kraken.rambler.ru/cnt/v2/ 43 B
575 B 80ms
80ms Image
image/gif 81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=7356279&session_id=1063649748_1703123803525&session_number=1&session_event_number=1&version=3.15.1&counter_type=web&experiment=%5B%5B%22exp_ws%22%2C%22no%22%5D%5D&top100_id=t1.1111412.1015191254.1703123801887&adtech_uid=59e38c1b-a82a-4c76-a1e6-6d39663c1751&adtech_uid_scope=livejournal.com&fingerprint=pA8AAENKs1eyjnBqAQiJUQA%3D&fingerprint_ip=pA8AAENKs1eE2YgrAekrYQA%3D&url=https%3A%2F%2Fantifreeze.livejournal.com%2F&request_id=1703123803.524-1895882684&adv_request_id=9061141DD849A85BD874B526225111D5&event_id=158038035262910&split=%5B%22env_browser%22%5D&meta=%7B%22title%22%3A%22%D0%A1%D0%B5%D1%80%D0%B1%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B0%D1%80%D1%82%D1%85%D0%B0%D1%83%D1%81%20%E2%80%94%20%D0%96%D0%96%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221600x1200%22%2C%22browser_size%22%3A%221600x1200%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Win32%22%2C%22timezone%22%3A%22-60%22%2C%22battery%22%3A%22100%22%7D&rn=1849838074
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:43 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
x-srv: 2kraken-prod0001.ad.rambler.tech
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif, image/gif
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 /
kraken.rambler.ru/cnt/v2/ 43 B
575 B 77ms
77ms Image
image/gif 81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=7643964&session_id=1531928425_1703123803527&session_number=1&session_event_number=1&version=3.15.1&counter_type=web&experiment=%5B%5B%22exp_ws%22%2C%22no%22%5D%5D&top100_id=t1.1111412.1015191254.1703123801887&adtech_uid=59e38c1b-a82a-4c76-a1e6-6d39663c1751&adtech_uid_scope=livejournal.com&fingerprint=pA8AAENKs1eyjnBqAQiJUQA%3D&fingerprint_ip=pA8AAENKs1eE2YgrAekrYQA%3D&url=https%3A%2F%2Fantifreeze.livejournal.com%2F&request_id=1703123803.527-768153265&adv_request_id=9061141DD849A85BD874B526225111D5&event_id=309438035282751&split=%5B%22env_browser%22%5D&meta=%7B%22title%22%3A%22%D0%A1%D0%B5%D1%80%D0%B1%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B0%D1%80%D1%82%D1%85%D0%B0%D1%83%D1%81%20%E2%80%94%20%D0%96%D0%96%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221600x1200%22%2C%22browser_size%22%3A%221600x1200%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Win32%22%2C%22timezone%22%3A%22-60%22%2C%22battery%22%3A%22100%22%7D&rn=1925802099
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:43 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
x-srv: 2kraken-prod0001.ad.rambler.tech
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif, image/gif
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame 7CCB 43 B
220 B 85ms
85ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:43 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 20 Dec 2023 13:02:26 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6582e5e2-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 21 Dec 2023 02:56:43 GMT

GET
H2 200 27737346 Show response
mc.yandex.com/watch/ Frame 7CCB 455 B
553 B 79ms
78ms Fetch
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/27737346?wmode=7&page-url=https%3A%2F%2Fvp.rambler.ru%2Fplayer%2F1.125.0%2Fplayer.html%23adTemplateId%3D9268%26id%3D2244147%26playerTemplateId%3D12134%26referrer%3Dhttps%253A%252F%252Fantifreeze.livejournal.com%252F%26aspectRatio%3D1.7777777777777777%26initialId%3D2244147%26debug%3Dfalse%26lazy%3Dfalse%26lazyOffset%3D300%26widgetId%3Dlqejxryj.u4n_1&page-ref=https%3A%2F%2Fantifreeze.livejournal.com%2F&nohit=1&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A0%3Als%3A1514289653427%3Ahid%3A26369980%3Az%3A60%3Ai%3A20231221025643%3Aet%3A1703123804%3Ac%3A1%3Arn%3A593170698%3Au%3A1703123804689242517%3Aw%3A800x450%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1703123801893%3Arqnl%3A1%3Ast%3A1703123804%3At%3ARamblerPlayer&t=gdpr(14)mc(g-1)clc(0-0-0)aw(1)rcm(1)ti(1)

Requested by

Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

2e16624a29cf6ca0d4ebf6fba61b904ddf4da1980d9623eb9ade8e1f18c94ca9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:43 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 21-Dec-2023 01:56:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vp.rambler.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 455
x-xss-protection: 1; mode=block
expires: Thu, 21-Dec-2023 01:56:43 GMT

GET
H2 200 /
kraken.rambler.ru/cnt/v2/ 43 B
575 B 80ms
79ms Image
image/gif 81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/v2/?event_type=cv&event_name=cv&project_id=7356279&session_id=1063649748_1703123803525&session_number=1&session_event_number=3&version=3.15.1&counter_type=web&experiment=%5B%5B%22exp_ws%22%2C%22no%22%5D%5D&top100_id=t1.1111412.1015191254.1703123801887&adtech_uid=59e38c1b-a82a-4c76-a1e6-6d39663c1751&adtech_uid_scope=livejournal.com&fingerprint=pA8AAENKs1eyjnBqAQiJUQA%3D&fingerprint_ip=pA8AAENKs1eE2YgrAekrYQA%3D&url=https%3A%2F%2Fantifreeze.livejournal.com&request_id=1703123803.524-1895882684&adv_request_id=9061141DD849A85BD874B526225111D5&event_id=203738035309554&split=%5B%22env_browser%22%5D&meta=%7B%22playerRender%22%3A%22lj%3A%3Aantifreeze.livejournal.com%22%7D&rn=115514455
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:43 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-srv: 2kraken-prod0001.ad.rambler.tech
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif, image/gif
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 1
mc.yandex.com/watch/27737346/ Frame 7CCB 43 B
74 B 76ms
76ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/27737346/1?page-url=goal%3A%2F%2Fvp.rambler.ru%2Fplayer_load&page-ref=https%3A%2F%2Fvp.rambler.ru%2Fplayer%2F1.125.0%2Fplayer.html%23adTemplateId%3D9268%26id%3D2244147%26playerTemplateId%3D12134%26referrer%3Dhttps%253A%252F%252Fantifreeze.livejournal.com%252F%26aspectRatio%3D1.7777777777777777%26initialId%3D2244147%26debug%3Dfalse%26lazy%3Dfalse%26lazyOffset%3D300%26widgetId%3Dlqejxryj.u4n_1&charset=utf-8&uah=chm%0A%3F0&hittoken=1703123803_530740e35aa8631f45164c41b5ea8753acdfb58103317c69bfab52311434658f&browser-info=ar%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A1%3Als%3A1514289653427%3Ahid%3A26369980%3Aphid%3A601292917%3Az%3A60%3Ai%3A20231221025643%3Aet%3A1703123804%3Ac%3A1%3Arn%3A999916829%3Arqn%3A1%3Au%3A1703123804689242517%3Aw%3A800x450%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C69%2C209%2C0%2C0%2C%2C88%2C0%2C367%2C367%2C0%2C367%3Aco%3A0%3Acpf%3A1%3Ans%3A1703123801893%3Arqnl%3A1%3Ast%3A1703123804%3At%3ARamblerPlayer&t=gdpr(14%2C14)mc(g-1)clc(0-0-0)rqnt(1)lt(6200)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22video%22%3A%7B%222244147%22%3A%7B%22%D0%9C%D1%83%D0%B6%D1%81%D0%BA%D0%B0%D1%8F%20%D0%A0%D0%B0%D0%B1%D0%BE%D1%82%D0%B0%22%3A%22https%3A%2F%2Fantifreeze.livejournal.com%2F%22%7D%7D%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:43 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 21-Dec-2023 01:56:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://vp.rambler.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 21-Dec-2023 01:56:43 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 343 KB
96 KB 81ms
81ms Script
text/javascript 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

1c8789b4e70340223b9f2e96e43d53479002ae394b5e49a43106fae926521b48

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1703123803782787-3945277429388395009-balancer-l7leveler-kubr-yp-vla-154-BAL-2205
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 21 Dec 2023 02:56:43 GMT

GET
H2 200 seg-1-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/BJZ6drJ77Gtle.mp4/ Frame 7CCB 523 KB
524 KB 143ms
143ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/BJZ6drJ77Gtle.mp4/seg-1-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: a83616230be174f08654a3a4f157967145b172a47b6025537be19dba2c2f1184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:43 GMT
x-r-cache: MISS
server: nginx
etag: "-1-82cf8"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.144.12.25:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0100.lb.rambler.tech
content-length: 535800
x-upstream-status: 200
x-request-id: 6969da0ed2d46d11f7d8920d7343702c
expires: Thu, 21 Dec 2023 13:56:43 GMT

GET
H2 200 /
kraken.rambler.ru/cnt/v2/ 43 B
575 B 83ms
82ms Image
image/gif 81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/v2/?event_type=cv&event_name=cv&project_id=7356279&session_id=1063649748_1703123803525&session_number=1&session_event_number=4&version=3.15.1&counter_type=web&experiment=%5B%5B%22exp_ws%22%2C%22no%22%5D%5D&top100_id=t1.1111412.1015191254.1703123801887&adtech_uid=59e38c1b-a82a-4c76-a1e6-6d39663c1751&adtech_uid_scope=livejournal.com&fingerprint=pA8AAENKs1eyjnBqAQiJUQA%3D&fingerprint_ip=pA8AAENKs1eE2YgrAekrYQA%3D&url=https%3A%2F%2Fantifreeze.livejournal.com&request_id=1703123803.524-1895882684&adv_request_id=9061141DD849A85BD874B526225111D5&event_id=840838035313410&split=%5B%22env_browser%22%5D&meta=%7B%22pv-1%22%3A%22lj%3A%3Aantifreeze.livejournal.com%22%7D&rn=677115169
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:43 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-srv: 2kraken-prod0001.ad.rambler.tech
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif, image/gif
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 /
kraken.rambler.ru/cnt/v2/ 43 B
575 B 79ms
79ms Image
image/gif 81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/v2/?event_type=cv&event_name=cv&project_id=7356279&session_id=1063649748_1703123803525&session_number=1&session_event_number=2&version=3.15.1&counter_type=web&experiment=%5B%5B%22exp_ws%22%2C%22no%22%5D%5D&top100_id=t1.1111412.1015191254.1703123801887&adtech_uid=59e38c1b-a82a-4c76-a1e6-6d39663c1751&adtech_uid_scope=livejournal.com&fingerprint=pA8AAENKs1eyjnBqAQiJUQA%3D&fingerprint_ip=pA8AAENKs1eE2YgrAekrYQA%3D&url=https%3A%2F%2Fantifreeze.livejournal.com&request_id=1703123803.524-1895882684&adv_request_id=9061141DD849A85BD874B526225111D5&event_id=810738035294472&split=%5B%22env_browser%22%5D&meta=%7B%22initialAutoPlay%3A%3Aoff%22%3A%22lj%3A%3Aantifreeze.livejournal.com%22%7D&rn=2049224569
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:43 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-srv: 2kraken-prod0001.ad.rambler.tech
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif, image/gif
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 getbanner.php Show response
fundingchoicesmessages.google.com/f/AGSKWxUQqPNzRp7BQDInH5iyC103A6zYowdKRnBo0g1PNfejLdgd52mF2c2QJDsdPdMX3gjvTTOqIuHbY8WJhwwEd4y9aGx3H-Km2lfFwrL0fy1pizVPdWTu3GMeYGGxz9PNrSvLN7QZaIenzyuOIaOyOqMDqfJ8p... 54 B
109 B 72ms
71ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUQqPNzRp7BQDInH5iyC103A6zYowdKRnBo0g1PNfejLdgd52mF2c2QJDsdPdMX3gjvTTOqIuHbY8WJhwwEd4y9aGx3H-Km2lfFwrL0fy1pizVPdWTu3GMeYGGxz9PNrSvLN7QZaIenzyuOIaOyOqMDqfJ8pZh1F3AElVZyESaziOI1gptWSkWb0Sa8/__adsjs./getbanner.php?/ads/3002._grid_ad?/ad336.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UvFBQR34S5U.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwWfbcbLtnPlY16R7U9M_hg5D_tIw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

da75d72084f47803b533d292d7ebb2642665b0f96253957b156ee922ee65919e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3pPW1cg6pDF4__v93TcPmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:43 GMT
content-security-policy: script-src 'report-sample' 'nonce-3pPW1cg6pDF4__v93TcPmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 222ms
106ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a0ee4bbbc60aa4f390bb844c6e543f38133ec52a8d503c517e2c57f62507895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51297
x-xss-protection: 0
server: cafe
etag: 12299010749787241011
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 01:56:44 GMT

POST
H3 204 AGSKWxX3p39Aj9yAIA3_CkTmxGpj38N-zhBY9Q86g0twM6-ZsmJhYE0YYDV84f8pDg9udr-9gi2e6wg42BmNPUtzjnB1SAaov3eVsJnOVzOHg7Rr7lO68SIHDs_JTg1P9gnuOb7F-rh0mA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 66ms
66ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX3p39Aj9yAIA3_CkTmxGpj38N-zhBY9Q86g0twM6-ZsmJhYE0YYDV84f8pDg9udr-9gi2e6wg42BmNPUtzjnB1SAaov3eVsJnOVzOHg7Rr7lO68SIHDs_JTg1P9gnuOb7F-rh0mA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-g-b_Tghvwhvz09IKotnwJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://antifreeze.livejournal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Dec 2023 01:56:43 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-g-b_Tghvwhvz09IKotnwJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://antifreeze.livejournal.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxX3p39Aj9yAIA3_CkTmxGpj38N-zhBY9Q86g0twM6-ZsmJhYE0YYDV84f8pDg9udr-9gi2e6wg42BmNPUtzjnB1SAaov3eVsJnOVzOHg7Rr7lO68SIHDs_JTg1P9gnuOb7F-rh0mA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 71ms
71ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX3p39Aj9yAIA3_CkTmxGpj38N-zhBY9Q86g0twM6-ZsmJhYE0YYDV84f8pDg9udr-9gi2e6wg42BmNPUtzjnB1SAaov3eVsJnOVzOHg7Rr7lO68SIHDs_JTg1P9gnuOb7F-rh0mA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8rDhCO65U0XYhKBqKXhVJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://antifreeze.livejournal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Dec 2023 01:56:43 GMT
content-security-policy: script-src 'report-sample' 'nonce-8rDhCO65U0XYhKBqKXhVJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://antifreeze.livejournal.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 f8f99bb5f47e392ea0b8.js Show response
yastatic.net/partner-code-bundles/932051/ 14 KB
5 KB 394ms
254ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/932051/f8f99bb5f47e392ea0b8.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

ebaef59c26e222ee15fdbd8a559dff85cd7134eb5345ceea0b59ff2ad77e1e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://antifreeze.livejournal.com/
Origin: https://antifreeze.livejournal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:44 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4776
last-modified: Tue, 19 Dec 2023 19:12:56 GMT
server: nginx/1.17.9
etag: "52b800c68f13ebc16226603482fa7b2d"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 20 Dec 2053 08:31:29 GMT

GET
H2 200 0ea06b565967e72b93ee.js Show response
yastatic.net/partner-code-bundles/932051/ 24 KB
8 KB 309ms
169ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/932051/0ea06b565967e72b93ee.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e1a3f812f0e882ecd370d53d16f01194e2bf1060d5f4292a479930b363bf4e2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://antifreeze.livejournal.com/
Origin: https://antifreeze.livejournal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:44 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 7953
last-modified: Tue, 19 Dec 2023 19:12:54 GMT
server: nginx/1.17.9
etag: "5c07a4925786bc455d959ada078d18e0"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 20 Dec 2053 08:31:29 GMT

GET
H2 200 39e8e153bd0e6a01f53e.js Show response
yastatic.net/partner-code-bundles/932051/ 118 KB
25 KB 377ms
237ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/932051/39e8e153bd0e6a01f53e.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

91f8f5c1c769187b263544a7d2d87067ca6b7dc9b7c7ff5e8adabed1771d5abe

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://antifreeze.livejournal.com/
Origin: https://antifreeze.livejournal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:44 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 24611
last-modified: Tue, 19 Dec 2023 19:12:54 GMT
server: nginx/1.17.9
etag: "05cc17893707292d37657bd375d5ad21"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 20 Dec 2053 08:31:29 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 325ms
186ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://antifreeze.livejournal.com/
Origin: https://antifreeze.livejournal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:44 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 20 Dec 2053 08:30:51 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 272ms
134ms Font
font/woff2 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://antifreeze.livejournal.com/
Origin: https://antifreeze.livejournal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:44 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: 65516b194e8afbff
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Dec 2024 07:44:03 GMT

GET
H2 200 b8abdb24cb6e1492b3f8.js Show response
yastatic.net/partner-code-bundles/932051/ 59 KB
15 KB 316ms
213ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/932051/b8abdb24cb6e1492b3f8.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

42a54925a8b91072ebd5f9749c9a07f2ca5cb23725cddfca1d5906e3552123e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://antifreeze.livejournal.com/
Origin: https://antifreeze.livejournal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:44 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 14834
last-modified: Tue, 19 Dec 2023 19:12:55 GMT
server: nginx/1.17.9
etag: "798a6d672f3b4d08dae3811fcc9bce68"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 20 Dec 2053 08:31:29 GMT

GET
H2 200 8be6e4795ecd3e4a3636.js Show response
yastatic.net/partner-code-bundles/932051/ 592 KB
114 KB 193ms
193ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/932051/8be6e4795ecd3e4a3636.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

a7b4b3e5262d4b260ceaaed0761200629b101c53404ffef296ebc00d82ca1c32

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://antifreeze.livejournal.com/
Origin: https://antifreeze.livejournal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:44 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 115600
last-modified: Tue, 19 Dec 2023 19:12:55 GMT
server: nginx/1.17.9
etag: "56b7f68aa1ee29209c517295426b3194"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 20 Dec 2053 08:31:29 GMT

GET
H2 200 563767 Show response
yandex.ru/ads/meta/ 52 KB
16 KB 210ms
210ms XHR
application/json 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/563767?target-ref=https%3A%2F%2Fantifreeze.livejournal.com%2F&pcode-test-ids=913081%2C0%2C91%3B918121%2C0%2C41%3B909920%2C0%2C36%3B912471%2C0%2C84%3B930751%2C0%2C82%3B920184%2C0%2C46%3B928075%2C0%2C12%3B886463%2C0%2C23%3B927155%2C0%2C98%3B917807%2C0%2C6%3B919094%2C0%2C4%3B919403%2C0%2C33%3B925987%2C0%2C78%3B917804%2C0%2C54%3B892905%2C0%2C32%3B920060%2C0%2C27%3B910947%2C0%2C58%3B924942%2C0%2C91%3B926248%2C0%2C4%3B910553%2C0%2C31%3B926241%2C0%2C12%3B925138%2C0%2C2%3B932032%2C0%2C71&pcode-flags-map=eJy1Wdty2zgS%2FRc9x1neL3mDSFDCircBQTtKKoVSbCXRji9TjjMzm1T%2BfbsBUBIpD1TJzPrBFmniEOjL6dOtb7NL0slu2VxJksuSzGkpi4ZLVss5qWvKZ6%2Fefpv9vrn9sp29mgne09mL2dP28xO7geso8v0gnn1%2F9%2BIA0%2FIm7zPRyaaWLek7akWI3TTwNULOOjIvqcyavhaS05xxmgnYCWlbO4bnBIG33wW8UlZ9KRhvyhLQaoEfKJdXRGRLmkvBKiqbouiosOP6nhMfTsep4Gs8VU3FVcNXknLe2O0Th1EQp3sEeHu2AiOvm17IrmzgF3tD5RwOnBPOaGcHixM3cBUYngAxWk7VIQ%2FHvWQ5baT5%2FwjOdeBnhJf6aeycwZv3RQGmo1Ur1rJkFZuC%2FjDiZUtY%2Fs%2FvsOjh88%2Bi1hir%2F%2FBO%2FwLzb%2Fnnecz%2FnwV%2B1vsY7AtO5rKk9UIsR4sgWZPjZYmTOHGwX0ZrRQKCE0iVS9b1pNS8gqxEXwvKa7iTd3ZKSFwvcn4CVN3oSEFlwUllpy71Dk0PnCPPdPAEEBa8UCCZtgQhALtTqKTPWSMzTolgl2dSPQkczw332x%2BcJBogoU4QLpCGCsbhRdmyr1eyIKwcIYZjjyeBF3sHQCIE%2BrT7EUTfBghnBdbNSkaBuku6AGuyumjk1ZIpRq8vKbxCBz%2Fa58zpQydJjni3ziEIyRxNQHJEYh3c6HmJm76i8%2BacNWMnOLDwgsIZ%2B040lbysSLu37iUp%2B7HHo0neJFHoR4dCQzOAyATRQVORsrRvI06CIDhdrVbKKyaWUkAs%2FgjG4LuqF1DXwBinJSkcLU8914nU8g6sKk3JzTFcxbqlWPbb5opyWhQsA2dm6xHY9s%2FfxnCj1CV5PmRaSxZQYlvBICt0ImCoKXOXrF7Zz5imqalzQzmvqZInQ%2FKg6237Sl0HNIFCaLMmp38TowNeAOqou5KgmcFvLanhZABnR0iixNsjKFrAjawJxPNrSWrrYs%2BN3AOZgpvRrBD7Hbx4tDD10iQMRmt9J06jkQHnvWQZJouKsqYBgrcTaOq7iR%2BOdJnRY1nHbRsPUxdiVC1UdUSrSNnXrGBgPFYDIRYko3aMxDPCC70G0QiBvpRls2CZbV0Ee46C0abh8BxisRZGfGGR7CAGaC27SQ05AUtdk2oZJmhTD0RUwBEkUwUC9kRyag2DKE7SSLMPeqIAnVfn5VoXGEy4qby1r5%2BvlGjUNUUTKmBATM4bO0oamGKFKCWFVACEyromSoJIJ%2BKR2RYcRFFOu5Vo7PtOosD1j%2B2nyAlKAoAc4dUggyE0C7boQfNDpKL2zyikqNWssesEcThUXx0moue1cQ%2BUIvC2WPKmXyytkR677lAdSvJmrTwqFW0cL%2Fs2%2B7B9uv5UbR4%2F7u5nr9zQeTG7e3i%2Fu91215vb3f3H2Svv%2Bwg1hBjWyV8hRf%2FS056C1mjlvEQVUrJxFXw7u9vsbl8%2BfoG9%2FXdzf7P9Ez7%2Fa3e3%2Bbj9PLr1cXOn7tx83d7rxze%2F754e9Me7l0cXN%2Fc7cxeR9whw43Hz9fbh6yfz76%2BP%2Bu%2BXx83L%2B%2B0fn08e%2BM%2Fm4W6nlr57%2Foi1ptSK8gX%2BzhmRgiw6q%2F98zzPBpdKCgu%2BBmjNVMuwLQ98xtAqVPKcFAZ7RFafuqzm10lMcur4Rqao5Ve0l1irod2mmMxIEIgPuOAMTO%2BGe20leITstFOWwvCDPuNf3vWv3vR9c3KQf3l8EsRdfJKG%2Fubj2QTi%2FT13vw2Y7tm8ShqkpAaM8P84e0fTZUudQ2XTqHFoScPpvYOszOQQpGmihtYbqBE7MtCPmZQMhCnkO%2Bk3QZw7DL9iFF8CmneDCBcjja29y7U%2BuA3VNLrwQGpPYg%2FXHp06cNHJ18SoYVMmctCq2dKfcL6x6xA2DMDhKOpR6rMLIQC%2FpKLUChG6QaoCiA4820BCw1%2FYVvm9YziQBhDC2F0iuRKlqnECAroO8qHs7VJAaxbEkPFfCRaN0EOWCZEvrakioKNrXzEUrJIQIa8W5Rea8qjDjERpshUwwqOqmhkFnimUCQjDynwFq%2BzkwMWSnsO%2F%2BsP4wBqowsbS4Hr%2F9bZoi%2BcTeixTMHzh%2B9CLyU6gHfjgKpQSIIh2BmtYEpdDfw%2FW11YzcxehCPZ2B3%2BzaNgljE92cVg2GC1DH3Ep4SRJ5pnQX3VB5B%2BkuIUFlRVC3Q5jbxbrrJOkZOlHNVYa9cKNIBSU9Z4slfILjlbQQujsmQNVnXhZ5ronGnqPNMQ3t54Q1ib%2FnVJNOC01zmECkm07spqLZccLQOXbM0Hk2LYBwMQfFRCTohWLCZ4PjAW1w%2FYiVUseLUn0erSNxh5xCUQdRP1%2BrS2bvBpzYNTJDPaxYCVZyzBQzLF1g8RjZ6K0fwTonHe8F5LEzxAOnVxB0VPdv9o7CcxxN9kaTs1q9EqsgKU3SgsWbOWhmsBqQAGyOLqwtIKCGZvZq5PG%2B11G9BnIRzhqwdbLj%2BF54mCfsx88AhxMaK%2FnA2iBMxuSh5J%2BSlUig057pBCD0TeShMQaQYTCATJE3WV9hGzEYZW8mOzCOMmzavYAiw881klAp3XOZi%2Fj7QY5SMKxkYr9NK77vhImZCqACyhskFPsKF3hsmCMQejl62Izc3XEz7DuJe9oM6%2FTGUY6isGzVLZtmnOTXT7eTttr1nkGqsVTiAFSA65CtgClVATznfCcdyi5GXsHKfdVShNPZJ48FKbtx5%2Bx6gbENybt8NQ0R7M5Dd2J%2FvKNXFM1ryTpFvtOaOzWE57im0x6%2BeKkanXUtZ%2FYOO%2FWg4IZnQspw6NEdPdExD1cTu062B2UrmJR0wxCGN7VhkZR1qnf2wwJBh%2FtMaslaZaMKGg5QWu8JNpHtj9ubsW%2FixDl8o4NISwgVFAasXhnWUMPaXPQ1tYchBE5wXMmb0sx84WDgiuGYUzdsH3d32%2Funi91kZ9CfHyioW0HgNiswef4G7d4L4B1KKruJwjSJ%2F9JEZ%2B0yHpxcsRwCCeJfsNreySWplw690LLpwQrqmwhlTE3Gw8hNDXCO4wlSlC3qwxhDLMaqYnN7Kx8ed2CuzdPu4V5e3%2B6uf928v93KP3ZPnx6%2BPMkPX%2BCR3zbXv37%2B9PA0yQ4nco53dRrO5vWjScp0CyeJs4edJI5yG4rAOXSxZygHKvrwtekYxOxxmA2fqS2pqbzjiFkTDfp80JygRJ5pAYdOer%2FuRBkclZV9GaSvs7KHTqXi5IwAckGc6QhXI3tsL4FLlszO9rg%2F91hfLHtyRZkRcufKpp8cpsCnROw5vjcmYnXn%2B7vv%2FwPi5RYK&pcode-active-testids=919403%2C0%2C33&pcode-icookie=BVPQU1wzqjDp08KmSIoaqasCfvMyCqclKtVCfWspkTchwJmIbqGx8j4Bhpr7xWkVyip%2BwMOS5x%2Fb22wwxUXnQU7FNVg%3D&duid=MTcwMzEyMzgwMjQ1NzYzNDc2OA%3D%3D&imp-id=11&enable-flat-highlight=1&charset=utf-8&comboblock-unencoded-vast=1&test-tag=115998476730370&ad-session-id=1243751703123804011&target-id=99763293&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fantifreeze.livejournal.com&top-ancestor-undetermined=0&pcode-version=932051&pcodever=932051&flash-ver=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A103%2C%22sspInfo%22%3A%7B%22deviceSizeSsp%22%3A%7B%7D%7D%2C%22ad_no%22%3A0%2C%22safeArea%22%3A%7B%22top%22%3A0%2C%22bottom%22%3A0%2C%22left%22%3A0%2C%22right%22%3A0%7D%2C%22req_no%22%3A0%7D&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjJ9ChLjpJAkKQZCQH0frPRniROjZftRffIkr_Pkr1PnT8h-bZdk8br12-oogk0Thbbu0BV1UdJ1WaZ08uTP85-bLqmTtgH0K6An0CaIxnjDQze2bDnWfcPL7jAKRKCwRUXuSWIlFXmaSZVUXuLFqdIGwXaYxDYcptDGtrk27NJ2mcRMIibBA0LIFJYAJAa9tEGzQaOiHQpUktTLyiiTpBAW0tSXBYnYS8KoKGVh5KWRB2Fhw7VZNq7t2lhMQhs2fckUlDbb5jIR2Y6NZ7MO3CltnAfUZcIvIWEKIS5olVS086s8lJKUsjjzfQgLsjzOSNIgz5KgJMs98lSSHpA8l6aUmSj2FMv7rIiTlDQPUtmjUHok4jQHvzxecRh4RwdxIktz0kTqkZdxSEGRSvNQ5D1J8WHwwHLSARVnFGnj7agvx735n6sz-6EsyeI8Sj3SMEDi5-IgpEzidBklaSTKk2jIKOSh54WSZfcyCj-XxaFIumAiPw3EiSwPEgryweovD0gaiseikGZeqtgFzL-JNG2vip7Q8gWpn4Dz-43jPJH82f5y5UkehVGa5xK1pxmw5LkfWQfHhuXsFhMkokE9lchTaaGkkiaI2xhvdHnv92IaMg0aW-n3Jyzg-f_uhaRRThaKgiiLa3ZxGvjh86qzRqGMpMK8HpLJdxvMfS_z_ifDcybdJHrONAsoE3A1lB-r8Liyxjm8f0CE5Hl8cRbpmWewFXihBGKCOAXSnE9Fe4S_H7IH8BFVUkUZYhP3Bzc83z5TKIZVFNcvPm--1WwCy38PEkkY6XkjxGngJfJ_8zGPEz3miZdKamA_l0xa73eYatA8J8_83BfJdTyUSSTNJWFw-5cG4Vd-5ns_lWp9BsIKxW1NldOA5T0ZhKG3zPIgJPXvaiA_9fKoz8LihMGN1c0w-LFPHop1by9noQTvAQWO3-v36IvTS9paHpH4MicM_WMRgRSCJKasd0srilsH0v5_mt7LM9klCt_Yjj-sUNfBGB872VJ37peljPwSTpp_BE_TiEGZDSUdSK4lQxkGEl1BdzoKxbGpVKuRdp1QMaSVROIL50Em_ixbWMtbwOSiT2MRw8sVCrl3pSYNZ-395ufTJ-4yyZP_-dOpBonnuHta8h7kHvidb_2MYfdZ1fEZNolgeoAw2IWDQ6EEeiRJY2kawaLGrTf9hCISiWFd0eqU1f6R55Rx5vUxV-CPu0Q8Gc-QOyrsxKHv3dERRaEsgRT-uZTfi6UxeWB4bJX9qiVkEQWMV3FLRjA27kMLJk4Cairy_K_BflQJiTSFuNTl783i04pq9ZOC6wWZGaLI_I26XhDGvvduXMm4JpekQnExpP_z53yBKrPIS2784HzWlPcFDIvaqYvxeK-K7vvf98tv-vrQif1vlYa6_C0ml9DK727ABZ84gsxLfiFWW8N6uQrFOnS34yyJtqX1EcwYCDSk9Hx55zy868wtkr8fvbNJKT1V0qY7WjLOCx2xv1RWeY-dp49oG7ZQrXEtcp8rjQ1QP63OrlAEqST0PgV4JOuaMkBB36OfTz6SU6ReaQEdvLOYNCPxJb-KHraX5H-SyVNrGaS57N3F4y6UgH_UMnkSJx7J33ecVhrCIPNA3xEme94yP6MaNilNBRT9VtNzkuV-nKJCkuRoyxR8Egh8wJbxJeOe1mogeS6PRb9k8ETyswjlae1Fof9Z3nsK1Vg6yJXe9Yj0DflbuyEI6al8FBoWWO1WLfcb8H7zz0fiheKvAyCcl6WJOTr_tBWBcaAxmZ-tlXqA5m-6ir03g9aLyOVZdMlfT_sswUyuJRxRvNcbitMDnvjhx8d0-At1BM9_jjZVVVUex4OcX1JmsZ8W5ktGiuCeBl8xtPReMEPAaiJQ48h2KawfmVkY8SbL49ob1LObyeSarRtWNVc7XkNs9fGMMFomWYi4Meqag6ym_vbk-gUTn0z-FpKKqsNUJtxQY_x325LBaDiWzn2oNGCmLjsKR-Wuw-ri11NsunNfs_81I7qO2wpGp9fWOSEaouQUQSgSF5r-MTJ8MXzsg2EHXY_zamNP6VkogfaeUCNOTqOn0Lq8643rnh7uApY6x28yGl3GVj3QC8PvhaAnIx3fR3H_Mgc0ivZawMip-1qAg4LPSk-HuTRuh3j6S87hVCi6OholHURoUTwq3tOTqtFbFVqhBMrXd5L6T0tqWBJGONDQoUYC01hY6w2MyNNKY4zqTqv6JctJzYqugFnNe_YDmRZErFUU6lS3ZJ1aq6cFr_Fez-8q_HuM_9PF_T7bAbs25o9SaHMry3fpgf69RGjjMPGZAi0j3G8QFhPsxxuLia9lAvOJETwjX8sM0pc50ZW6lhnkb2yiaeLHhKtOHZR_Cc4zut-s7O9BR4OQzX7MuUd9AeE9pkRaqgA_rieAd5ju8RpEwVgijs1SUUpjFJ3V1O81u5V7_HR1zBXtLBaTZxpiy9MIYBx1jRQthLPAS96GbPRWzyKKEq-0gOarYqjBjIod_yNHSJb4enSuAyt_7qT1uYX5ZNLi5OsSDSqK1XmUB7hJWu9HGtiOOMmXE025c8b-2XzPfyqmRkuNRjVD6EicH_1boodpSvfMI0qNjIbaSqXHqel6Q9yqcT_2i0to1Bl7Crbqtiyu2L72nKtY2ymmFcnRqPSmHul36s_MUA1bNbVV0BQMmbx3WwolpBdGr_x-O-zf0odUonvQ5pQ5GtTl7wOBjWWzPicQbeFx_hPXhv3JgGtjlzbm1RET4Z1ePjPL5j-_Y3OYAvpne5CL6pgX_bYAL5YT0dnYdOWTwLlJ8Z-RoFy87nf24HP4dkQeY7eH6ev_R4x17E_x8_1jDPpl-gtM_xl3EWMiurR_eHy05dxuHsT9gHvnPwdr-Ddf8y_Pmrz8xflA8SEuj53f2RcT9v6Gde_YLGTl5yvn_wHr_9kP-YblOvezsxvnDSHO421hyDqWQ5TgVvToIvikyO-orufOupzDhP_HgTCgn0UFfRvWNe5u9rC6UdIfuqy--h08YX57mCHjXBJ5vP_ER97wAOucacwr0R-D9up_fjIc97mv5287rMHlmucJfvNsFPiR0zcUOevQs5e4cHv8GoKjTnp3gvvo15Mj2tb7BsadpbGOlQmYB_CWDTAbh76i2Cc2Y2t9_5SIzuemP5y7n01nAz-Ne3SI6LU39SbZy51fsWN0lAV3w96-yXYHh9366DEW1tTnMpv3zzhXp8K9_aiY1Pq8WBtedmKujduqGNHN1Hb_JFD3w8MS56g-N1zzDMwLGtvw7L9s8e77Rzig_0c7DuuOfBLAm6DmHtwraO5hzSQ6nARPFp--d-Mm_OtkrM3n5xlxtoy7j_5b2qa9Dt5ocC9hz_AA3Xuv5fiyr91dl7uX4xDcQtmGwb-hwlXve2fzMW_PxxxGYbn_Yh3oocEk7gWw7vTuzgaIueW-T1avR5d-ykJwPT8VsxO4bsWbCXw7EPaUf9lUcK3L2iyC3eu-ge9GboqDoumHO4fkHjpTIDjGy0b_s43LJFw0Pkees_KnYz_3HXrcRvy3r7f9zJzYk2Rr575TOhveUv-1TSYDa0dL9FND8c0P7-gJF0_epeXricv8d8H0iFPmKI_e_ngf9dxz_14VEOxsXKSlDdAZD85dgzks16vPDPxxOI8G4b4oKLepiY_ejRc12gv2FeW1YDmbD1kT21lljhptTwrYm_gdpEgZuh51dDwP2-jNVBEwo_BloiB4Xr-swI0-tukVq9DuZiWGbHm-8Pgv8MSwxPO0Q0VlPjOiN_qyykcZa3ndc0DeaLvnUznDzeG11KBP6RP2j0HYvIUxi2ONK0wZhp6aKzzsKg5el7ppF4qhilf_TEy28OlXTlkLMDNG9GShKPJGhSxPImlywm4a5OpyYC326i-Nb4saJfSSsEG0PPTLA_gTzjmXVteUdjdcwNYiXq9ApUGauLlswI1NZHaChmUGv9Ju_816JCSWiLgwWMIzovt1zHUo1EpHjn5mOkTIqFGgt5luA-LNFHjAbIP9e2NdWNwJDB80J9j115rHhDXufA867AvI3Rt4L_WjHnGvavY4C-yNMG6rW8x1Gd5WoF_ui9jdpSnWAifeIsR6J-mRLhaq45A4PLiWm96_ciov4hyJhv99xj2vaSKSs3GG3xFxxrvu7hPGlfH4E68ffApnPMuT3WDorEfjnm-0T7rrq5_DCb-ciPfg-M3MPk-bqEec8y4AZAWf28y_uW6I6dycv45oKF904Y2jue6k4a111dYE3bjzTw4kvw_rF1zeuyFaSxV_vLRdu7t__MfFrneRMjjpiy6cbodyxjN3ewGOn-yOhXdHY66Zfn7XzddybW76E1DXH-5uTHMeu303TrQ7w2eP_-COx7dW6nktbjnDOEN0Y9oYuYZH1iV8pAX0Y266a81y-iqaTboeLb3lG61Ld31_b06j8Lt-9Ez63RB_er75o2v0bME3K7Xs53U9KN2xXDOzRuPZXLcd7T6Tr8dGvM7AGoL0ZbdAnbWNudPosI_1xkj3SNbT2E8PUEHdO83NsYrqkTBZnKnGLZlmljYLbUt06wVzzMLaN1r7eRX8M9E18-Bs57hl3vI9b10H4Vj1W3VPkbNnHAu_TWgqX60sL-WPhT5Jmv9b5q5OfmaP2Wcy497lthvHDB4TeR2QcRywVifCHWy3_FXa_CcKirGvtlzu6F7W25Fn4LjmPATdtoHTO9GZKXQL1Gm9ZuyH-_Vz3DcPf7wUhotnW9bLeCfNALuKvs7ebi43X346_gt7Rhc2dcBM5MxNMJrV_oTXuhGONYE9HbBNcy8LO1Ksnm9ZU5w7rP1eOM04mt79EWcV-beCu7rXyPx_IRvB7ecMz1ke_i6C0-aP3bv9MsxkNVwbwBt2L89Yz_I1uyXYbON0jrtrs-m0MHuafrquVtSvZr5qvlYAXdNPB9nAZmRg86agy9FVmsJcmLWncW1cKMaqhk6zmhotZLPaMqthFh45sAEJHebhq0PLv2ESXjsUaz6iRD_zkQYZNSpoYj5aWswe4Jo0DKrbjas4Gaf7CwGvq21WFfTRx7FUdiunP6l8A_4OfFeh5WhQjdOwqqLTdXHoDc7GBzU8yzW-PMxbN5k3Yvr1&uniformat=true&callback=Ya%5B9369313597740%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

655e80b62e10069c8dd62e43aae829f0047fc7ceffcaece8bfcb24011cda91cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://antifreeze.livejournal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 21 Dec 2023 01:56:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr: true
x-yandex-req-id: 1703123804059548-15151038680852835437-balancer-l7leveler-kubr-yp-vla-154-BAL-4268
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 21 Dec 2023 01:56:44 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
uniformat: true
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json
access-control-allow-origin: https://antifreeze.livejournal.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 21 Dec 2023 01:56:44 GMT

POST
H2 200 1
mc.yandex.com/watch/27737346/ 43 B
146 B 83ms
83ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/27737346/1?page-url=https%3A%2F%2Fantifreeze.livejournal.com%2F&charset=utf-8&uah=chm%0A%3F0&hittoken=1703123802_7313f050f124cb52a81322f14087394d92f4c1cc7dbbc6622600a404348299dd&browser-info=pa%3A1%3Aar%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A1%3Als%3A25946412930%3Ahid%3A601292917%3Az%3A60%3Ai%3A20231221025644%3Aet%3A1703123804%3Ac%3A1%3Arn%3A721652672%3Arqn%3A3%3Au%3A1703123802457634768%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C7823%2C7824%2C0%2C%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1703123795512%3Agi%3AR0ExLjEuNTM0OTE0MDg2LjE3MDMxMjM4MDI%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703123804&t=gdpr(14)mc(p-1-up-1)clc(0-0-0)rqnt(3)lt(24400)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22adSessionID%22%3A%221243751703123804011%22%7D%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:44 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 21-Dec-2023 01:56:44 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://antifreeze.livejournal.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 21-Dec-2023 01:56:44 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 8782 9 KB
4 KB 55ms
55ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://antifreeze.livejournal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 9471
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 23:18:53 GMT
etag: 5585625838579639069
expires: Wed, 03 Jan 2024 23:18:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 AGSKWxX3p39Aj9yAIA3_CkTmxGpj38N-zhBY9Q86g0twM6-ZsmJhYE0YYDV84f8pDg9udr-9gi2e6wg42BmNPUtzjnB1SAaov3eVsJnOVzOHg7Rr7lO68SIHDs_JTg1P9gnuOb7F-rh0mA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 67ms
67ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX3p39Aj9yAIA3_CkTmxGpj38N-zhBY9Q86g0twM6-ZsmJhYE0YYDV84f8pDg9udr-9gi2e6wg42BmNPUtzjnB1SAaov3eVsJnOVzOHg7Rr7lO68SIHDs_JTg1P9gnuOb7F-rh0mA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-BcZmPbkNJja8oIafwKBkQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://antifreeze.livejournal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Dec 2023 01:56:44 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-BcZmPbkNJja8oIafwKBkQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://antifreeze.livejournal.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxX3p39Aj9yAIA3_CkTmxGpj38N-zhBY9Q86g0twM6-ZsmJhYE0YYDV84f8pDg9udr-9gi2e6wg42BmNPUtzjnB1SAaov3eVsJnOVzOHg7Rr7lO68SIHDs_JTg1P9gnuOb7F-rh0mA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 103ms
103ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX3p39Aj9yAIA3_CkTmxGpj38N-zhBY9Q86g0twM6-ZsmJhYE0YYDV84f8pDg9udr-9gi2e6wg42BmNPUtzjnB1SAaov3eVsJnOVzOHg7Rr7lO68SIHDs_JTg1P9gnuOb7F-rh0mA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-myiWTsagpSePBdpaU9t9kA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://antifreeze.livejournal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Dec 2023 01:56:44 GMT
content-security-policy: script-src 'report-sample' 'nonce-myiWTsagpSePBdpaU9t9kA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://antifreeze.livejournal.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXLiRZ6dLougOr0STxt1waIf3SzHwiihuzHwvTWrjiHL8t7c9M0qmuxFPUkItIwNdADcYtCovPCcOCRpIFUroVGBgCjFCkjjRYzg6tXbQC-W-gXtertL15daZ3MSJG_ibpyZAQGXg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 88ms
88ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXLiRZ6dLougOr0STxt1waIf3SzHwiihuzHwvTWrjiHL8t7c9M0qmuxFPUkItIwNdADcYtCovPCcOCRpIFUroVGBgCjFCkjjRYzg6tXbQC-W-gXtertL15daZ3MSJG_ibpyZAQGXg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzMTIzODA0LDIzMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vYW50aWZyZWV6ZS5saXZlam91cm5hbC5jb20vIixudWxsLFtbOCwiVXZGQlFSMzRTNVUiXSxbOSwiZGUiXSxbMTYsIlsxLDEsMV0iXSxbNywiMTkiXSxbMTEsIltdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5d2d95dbee1b4b982387e83bc0b11d5bdca11e304e1ee5de2ec33f6ed4dcd470

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Eja9rXQ-SuIOpf9rDv7XxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:44 GMT
content-security-policy: script-src 'report-sample' 'nonce-Eja9rXQ-SuIOpf9rDv7XxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.m3u8 Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 56 KB
5 KB 163ms
163ms XHR
application/vnd.apple.mpegurl 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/index.m3u8
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: d28d4b93cddc332ded20d1b9a24823332afcfaf7050d55cfbb312c0ae803f6b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:44 GMT
content-encoding: gzip
x-r-cache: MISS
server: nginx
etag: W/"-1-e1eb"
vary: Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
x-balancer: 1node0101.lb.rambler.tech
x-upstream-status: 200
x-request-id: 18845b43ae66df84593e2a05d00e914e
expires: Thu, 21 Dec 2023 13:56:44 GMT

POST
H3 204 AGSKWxW7MbBBplfY6dB5mB8U7dou8DjOpe499Ebb7Q7vLjKW2mI2XT2f0P8dp0dAuBB2o90-D4XGpdGLUfObeyQx_hlZRJJICDXhWe5m5h19EmVAVmfxAl8z20S5NDO5fNSLLssAuNw_Fw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 72ms
72ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW7MbBBplfY6dB5mB8U7dou8DjOpe499Ebb7Q7vLjKW2mI2XT2f0P8dp0dAuBB2o90-D4XGpdGLUfObeyQx_hlZRJJICDXhWe5m5h19EmVAVmfxAl8z20S5NDO5fNSLLssAuNw_Fw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-xxezCfdlUkixMs_UoMljqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://antifreeze.livejournal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Dec 2023 01:56:44 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-xxezCfdlUkixMs_UoMljqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://antifreeze.livejournal.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 seg-2-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 362 KB
362 KB 188ms
188ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-2-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: 2623f8ead1021eef68257ebfd1e5e2a54083683cb0eed2cddc5c9bee1fa9fb2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:44 GMT
x-r-cache: MISS
server: nginx
etag: "-1-5a6b8"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0102.lb.rambler.tech
content-length: 370360
x-upstream-status: 200
x-request-id: 87f4c3065878402150ec2543f27d7e3d
expires: Thu, 21 Dec 2023 13:56:44 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 221ms
73ms Preflight 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://antifreeze.livejournal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://antifreeze.livejournal.com
access-control-max-age: 1728000
content-encoding: gzip
date: Thu, 21 Dec 2023 01:56:44 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
403 B 214ms
72ms XHR
text/plain 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://antifreeze.livejournal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 21 Dec 2023 01:56:44 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://antifreeze.livejournal.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 21 Dec 2023 01:56:44 GMT

GET
H2 200 760cd1a1604c1bbd8e7a.js Show response
yastatic.net/partner-code-bundles/932051/ 9 KB
4 KB 66ms
66ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/932051/760cd1a1604c1bbd8e7a.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

f74b8bf2f6c9a9252aee254bef6d7b908b145820835ee38c8423f1ab8c59b891

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://antifreeze.livejournal.com/
Origin: https://antifreeze.livejournal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:44 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 3031
last-modified: Tue, 19 Dec 2023 19:12:55 GMT
server: nginx/1.17.9
etag: "6c9a38389e0adf71dbf15205aa70aac5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 20 Dec 2053 08:31:39 GMT

GET
H2 200 6f95baa4b95417edd267.js Show response
yastatic.net/partner-code-bundles/932051/ 200 KB
43 KB 70ms
70ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/932051/6f95baa4b95417edd267.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

cc1a1fb0f86b2271ea00fda9c4f10ce62c361065fcd40f951de8031c8da361e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://antifreeze.livejournal.com/
Origin: https://antifreeze.livejournal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:44 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 43556
last-modified: Tue, 19 Dec 2023 19:12:55 GMT
server: nginx/1.17.9
etag: "242b58e96e894cff27e5af07623e32c4"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 20 Dec 2053 08:31:44 GMT

GET
H2 200 563767 Show response
mc.yandex.com/watch/ 408 B
444 B 83ms
83ms Fetch
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/563767?wmode=7&page-url=https%3A%2F%2Fantifreeze.livejournal.com%2F&nohit=1&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A2%3Adp%3A1%3Als%3A1205697792322%3Ahid%3A601292917%3Az%3A60%3Ai%3A20231221025644%3Aet%3A1703123804%3Ac%3A1%3Arn%3A1054777305%3Au%3A1703123802457634768%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1703123795512%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703123804%3At%3A%D0%A1%D0%B5%D1%80%D0%B1%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B0%D1%80%D1%82%D1%85%D0%B0%D1%83%D1%81%20%E2%80%94%20%D0%96%D0%96&t=mc(p-2-up-1)clc(0-0-0)lt(29500)aw(1)rcm(1)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

35d812090ac340a8bbd515ff32a7e2149c568239cc49dda26574b586a503725c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 21-Dec-2023 01:56:44 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://antifreeze.livejournal.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 408
x-xss-protection: 1; mode=block
expires: Thu, 21-Dec-2023 01:56:44 GMT

GET
H2 200 wx150
avatars.mds.yandex.net/get-direct/5246835/mDWMUgD3tRnX9bgp41XDzA/ 4 KB
5 KB 235ms
83ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5246835/mDWMUgD3tRnX9bgp41XDzA/wx150
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6d45866a3bb44bf80566f663574ad521f8df9fb46746a788c1311298d52ba329

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:44 GMT
last-modified: Wed, 13 Dec 2023 12:29:54 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
content-length: 4444
x-request-id: cb1a9d3035f8712c

GET
H2 200 1KYJi6Vq0LW200000000U9nJZ5nUk3zKwBMGuP9d1XySTWPbMiRCRavb009Fc4Xejzg9-bZpMHmCgOn0ySmbpsuy0ucNSWDvjLU1H2lZHY3P2P850YQ6cOmr9o3iXOmtQY2ibOpN3I2ilOmt3l4p70Nppp8o0qMkCeAqtcLaa65W-CiuYuc1OIuJI6Gfqm9M1eQrJ... Show response
yandex.ru/an/rtbcount/ 43 B
404 B 74ms
74ms XHR
image/gif 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1KYJi6Vq0LW200000000U9nJZ5nUk3zKwBMGuP9d1XySTWPbMiRCRavb009Fc4Xejzg9-bZpMHmCgOn0ySmbpsuy0ucNSWDvjLU1H2lZHY3P2P850YQ6cOmr9o3iXOmtQY2ibOpN3I2ilOmt3l4p70Nppp8o0qMkCeAqtcLaa65W-CiuYuc1OIuJI6Gfqm9M1eQrJB-0xBDC_u7W5PF0uKwRsYNF61XCfqPc_kPXO_ZBn09o0ZDG9KClioAGdCeCqZoNcGbaBP1K05kxaJdRldhgr8rEWYUPORw-2bPv5qp-P7PmueSucgLddpBOCojO5cnWsi7o7mOO3o2nBx1SUFz__QP3Qo-AtsI1UEs3_KEMyrA9KLivRzg_PG5vS04hvqdMxBMyOEaBh0qADrbXbdzb1HdJmTR0Ce7jvhbZls-VEl9LQ0RRbSF12zX-NjetzTNw3VCzLxB1p3l0vd62ZVaH6wzNhfDLddTKS75GSfxvIpQOpJ_Xh8di2titV9nrxgtzB7OsIsCZ0rF31UoCAzWPDx0tD3I8x63dES4k_e1zvVuddzildhahzOETPm77dmdCApXk_6JSm74zSGS7uoqEZ81-oi70q63VomdorbHEa8yNS3Omh-1SphY1K-m49-C5JgONd8mVE1b_S38208TepuG0?pcode-active-testids=919403%2C0%2C33

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1703123804587470-13156333380636684791-balancer-l7leveler-kubr-yp-vla-154-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 21 Dec 2023 01:56:44 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: image/gif
access-control-allow-origin: https://antifreeze.livejournal.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 21 Dec 2023 01:56:44 GMT

GET
H2 200 wx1080
avatars.mds.yandex.net/get-direct/5246835/mDWMUgD3tRnX9bgp41XDzA/ 74 KB
75 KB 229ms
83ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5246835/mDWMUgD3tRnX9bgp41XDzA/wx1080
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 8f931f043c195a04729e15d2e482e00a28e02a2fd997c36792640a6fa78f89e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:44 GMT
last-modified: Wed, 13 Dec 2023 12:29:54 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
content-length: 76166
x-request-id: 8644a264cfd5f003

GET
H/1.1 200
Ok fitness-cccp.ru
favicon.yandex.net/favicon/ 1 KB
1 KB 231ms
78ms Image
image/png 2a02:6b8::36
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/fitness-cccp.ru?size=32&stub=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

c209375834da44f19df1087169dbf99c4ad0534653273b26c2b9681e9ddc0477

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

POST
H2 200 blockstat_post
ssp.rambler.ru/ 0
79 B 69ms
69ms Ping
text/plain 91.192.149.12
BEGUN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.rambler.ru/blockstat_post?stream=ssp_blockstat_m
Requested by: Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.192.149.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS: ssp.rambler.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://antifreeze.livejournal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 21 Dec 2023 01:56:44 GMT
x-passed: 1bal1
server: nginx
content-length: 0

POST
H2 200 1
mc.yandex.com/watch/563767/ 43 B
74 B 83ms
83ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/563767/1?page-url=https%3A%2F%2Fantifreeze.livejournal.com%2F&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&hittoken=1703123804_bd4ece2f23704acaafc97ea5d9a80de67c37f81448b5f3e22daa02c0188d572d&browser-info=pa%3A1%3Aar%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Afp%3A5744%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A2%3Adp%3A1%3Als%3A1205697792322%3Ahid%3A601292917%3Az%3A60%3Ai%3A20231221025644%3Aet%3A1703123805%3Ac%3A1%3Arn%3A425006100%3Arqn%3A1%3Au%3A1703123802457634768%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C139%2C4795%2C273%2C0%2C0%2C%2C584%2C182%2C7823%2C7824%2C0%2C5943%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1703123795512%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703123805&t=mc(p-3-up-1-h-1)clc(0-0-0)rqnt(1)lt(29500)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22adSessionID%22%3A%221243751703123804011%22%7D%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:44 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 21-Dec-2023 01:56:44 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://antifreeze.livejournal.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 21-Dec-2023 01:56:44 GMT

GET
H2 200 563767
mc.yandex.com/watch/ 43 B
0 79ms
79ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/563767?page-url=https%3A%2F%2Fantifreeze.livejournal.com%2F&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&hittoken=1703123804_bd4ece2f23704acaafc97ea5d9a80de67c37f81448b5f3e22daa02c0188d572d&browser-info=pv%3A1%3Aar%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A2%3Adp%3A1%3Als%3A1205697792322%3Ahid%3A601292917%3Az%3A60%3Ai%3A20231221025644%3Aet%3A1703123805%3Ac%3A1%3Arn%3A314695614%3Arqn%3A2%3Au%3A1703123802457634768%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1703123795512%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703123805%3At%3A%D0%A1%D0%B5%D1%80%D0%B1%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B0%D1%80%D1%82%D1%85%D0%B0%D1%83%D1%81%20%E2%80%94%20%D0%96%D0%96&t=mc(p-3-up-1-h-1)clc(0-0-0)rqnt(2)lt(29500)aw(1)rcm(1)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:44 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 21-Dec-2023 01:56:44 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://antifreeze.livejournal.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 21-Dec-2023 01:56:44 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 74CF 28 B
54 B 68ms
66ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
X-Goog-Request-Time: 1703123804578
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/NV6gztsfq2g?wmode=opaque&si=ms9OIA4mEzfcvXNN&wmode=opaque
X-YouTube-Client-Version: 1.20231217.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: Cgt0REIyMENTLUUwdyjato6sBjIKCgJERRIEEgAgMg%3D%3D
X-YouTube-Ad-Signals: dt=1703123802370&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 21 Dec 2023 01:56:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Thu, 21 Dec 2023 01:56:44 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 89ms
74ms Preflight 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://antifreeze.livejournal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://antifreeze.livejournal.com
access-control-max-age: 1728000
content-encoding: gzip
date: Thu, 21 Dec 2023 01:56:44 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 214ms
72ms XHR
text/plain 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://antifreeze.livejournal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 21 Dec 2023 01:56:44 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://antifreeze.livejournal.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 21 Dec 2023 01:56:44 GMT

GET
H2 200 seg-3-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 335 KB
336 KB 74ms
73ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-3-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: 53a562787502cb48cbd1be12f85f01ed3bc8206d134bae4eda9ec9be1007c7b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:44 GMT
x-r-cache: MISS
server: nginx
etag: "-1-53cf8"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0101.lb.rambler.tech
content-length: 343288
x-upstream-status: 200
x-request-id: dc385a17708a9bdd26acca445c01a84e
expires: Thu, 21 Dec 2023 13:56:44 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 3B20 28 B
54 B 69ms
67ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
X-Goog-Request-Time: 1703123804656
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/9n0Dm7EJkeI?wmode=opaque&wmode=opaque
X-YouTube-Client-Version: 1.20231217.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtIZFo2YVBNXzg2OCjato6sBjIKCgJERRIEEgAgZw%3D%3D
X-YouTube-Ad-Signals: dt=1703123802498&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 21 Dec 2023 01:56:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Thu, 21 Dec 2023 01:56:44 GMT

GET
H2 200 seg-4-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 368 KB
368 KB 76ms
76ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-4-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: cfbdbff420cd30ce99a7a49d8381d4c0a4f7cd606f4c3aa8da822d67fd057bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:44 GMT
x-r-cache: MISS
server: nginx
etag: "-1-5be38"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0103.lb.rambler.tech
content-length: 376376
x-upstream-status: 200
x-request-id: 080c2f59f7382261fa6f5b31715e9d1f
expires: Thu, 21 Dec 2023 13:56:44 GMT

GET
H2 200 sandbox Show response
profile.ssp.rambler.ru/ Frame A2BB 2 KB
1 KB 213ms
70ms Document
text/html 91.192.148.14
BEGUN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.ssp.rambler.ru/sandbox?img=W73iozI7uy8a4dEFlQ0UVLlgdqFSHC*YviWGfztjxxN5jlJAoLm4*z1cio7owEewUEmUDZzLOVApSi-yy2dl1yxpRkbtgF4K36B8owGVx-MCAAAAuty8CgAAAAA&img=-U6TQK6bvwqUmiFdQ2GNwKs3LEW2LCqUIychC747U2FQUaJ3V21kxcMLbzMTEUPDReRSwbnvTEfR1VlNz0oyp2ahjYwP8ZPD4CWIzGo*woy60SV-j9z3l*YTNW60-i9kTrEwCAnh3v7gMNIeULtiRwIAAAC63LwKAAAAAA&img=CaHcYUUXenukhfStA68O9UEITBcx6cuvtzuxBNlgB3xsZtsFr8PiOxXDINtdEij3EhppUpl6yessULac9ayi33dZpI85JQeF9X0iqifWIC8RR-7upMDX0oU4hM5Xfb0iYb4GTxrSFkb0*m-ITuXhW-3iN*8DCLHbu*jztc0IuL25bfl-rWoiwP4HGZBNW5xit9g2UnviNzyHsMpDllC8yMeOUmTVqWrz9qoSZIeWIgEBTHiSSU6*-plMaBsvUE*GMa-8g7G2g6jO70SCQUgiG8MZvaDv3o7fgsGHbhPzKQcCAAAAuty8CgAAAAA&img=duIZJUjsUI1dxNfQx8RVJ3wJxUCFY9oyVev2gkZdBsrndDm1PNSYourBP63BYz8l1Zdxo65xEO5IOxFfLr3IQTNlUYdWfw5eCHEhdbYHxMd*Q15Mb6-AuuhGI4ScCH8QcPNhUKKFxlkaDTyjPgddQfvVBU2SvRxwRdB8hu5w8SsCAAAAuty8CgAAAAA&img=VfYw9oO9lUy9Wp6QBqnNnJgs0296z94BsGRywFEkDfUJP-fVS7zWJiL2fP15jHib73SHxBKaihY7*LHszuYifa3QXsu-KCMy57vCQ9M7E3sTQpVLb5U48j*QtpyafjFqxlN8PzBAI0xyXRO8aoom*YcCP7oDzfbJyi4wc5NiKRUCAAAAuty8CgAAAAA&img=DJRZsI8kLAI*6D-tz1WIPY-nVa-Q-mMb9i3*K1*2waktSe143tyrtLu48VC*hm9fXGldInv2kptoivFuvS8K-i5qjda58qIPNBCs096jfmsCAAAAuty8CgAAAAA&img=YpCDrWlMppDgmdgYjRYAKYI1oRZZO6rd*GZVHaxJOB4RmDlxUuiW2iXZwDOBlEQ7f8WJI4qf9TQCRhbuKFU*W6uIlDnFjPy*epqpGVTR8ld4MWmcwRNsQSE540ntrighibPjdgfGlJ6qU7rbQdJ568WfAtpdjOvotJfshn*c9XuFgskZUdy8lmdgsqKj7CcGRmoqtJJ-L0Mq8X50VCvSOyDZenvgEoLAdtGTD-jxSyUCAAAAuty8CgAAAAA&img=zyeTTDI-dptlFVtb8feGRWb28Ap56LRIUn700sd6ffY5woZf13RLzxtf350PmeMhgdKSPNriAnZCCX5y*jmor9JDtP0e6sEv4jDi1ehu790HpbJZNqtGipgP1AoLzmBw2ZhzUKpT9VnJYOVTJHMbgwIAAAC63LwKAAAAAA&img=WEsfaYtGKFQpNeKfDSlTS81e5EmMTv6rAkI7mj26HsOFyladQkVcBOMDgKcT4fo444qlqp3SFeqrdTpupJYCxen6DRDvt0SbeNYnIFTTHGI3a70h*D8mF0NXKpg5WYBBPlj3c79DafzP-DP9scoNMO55ZpYG5E1d-xfT9lYaXetdYv8JSDINmtqzoWIIG7vmHZMipusLbW2Ib7tnYUM37gIAAAC63LwKAAAAAA&img=Uyv8TdK-w3JMmVQP8gA-K8mXEKT1s2i9zXEfafn22Si3CyHp7B8l*xKQ-asvgiaBYuD7TNIvZL5Nv6Um6C4wGuaJNZsCUQEGLVZjWUy7qRDVUlpuAgpqWCprNcxfRabuW0pxPodq2XrigJtVeaKTvwCiaT7z8wyNlaRIiDO2DA1e3yvzKCLA8NXAVFJfQIGTAgAAALrcvAoAAAAA&script=*ollo05vechen7acUtDJLr1x1446gtTkuYN7Z3s8w8Y2MO7AFY*eukhfYJ2B4fQYRr-D2eIejEyFVtqEzQFgXTVWp7qW3vY3H2FmoYWOPBKkJdhclvHU5gTnYsVNdx2Y-Un6TIJEFGfqteDsmXXbzgIAAAC63LwKAAAAAA&img=8IQRGoytCHaY0u1dErCtk05kr8VYj1JuufhuEyH4CfO24LprbDlywJcPB1B7uT5jEUgm7lPZT2A5J4mC73DpHE7vz7lFdA7jLU6c4AycMMEiMMIFgcHJBxM4MbBRFB25AgAAALrcvAoAAAAA&img=DkbhzcZ6LCgInQctInGHfb-CW*TnQNQuFCWw-Bfa-UqxaikFBGXjli1Yg1m2Zeoa6Arj6DRRuUt-ohvFpZkcivjsr2KFnEpRnOK26OK5TQ5PiicIkBd4uIUX86fvNyX2VZp4xhMIwi3znSFaw5x0Ig9kh9RKMFM*Itk8RfAW6CYCAAAAuty8CgAAAAA&img=MVlsTOA2G0wW0GHTDArIwaLQKrHiINmpfVJmPekCUiLy0kLd855OCi-YVI4MhJYNSI5DcKqRzvKQ1JiK6-ziXek1FqL2-tUPPVhE6xzH*lP5wFZ8Evwnv3XtacDVbZqgvu-XhXrD7ppJnsdbMq04BgIAAAC63LwKAAAAAA&img=A3muT*kOOmK*CHUcZ64CDGbKKJwtBD7-k8D7sSGlE5ejOv-dxrdRpJI6qurBKdjg9lhv9EM8lLDGluDxKLittraHaQ5T9AOjJqy26YSzwKkaePohV0eucASL*wp9OirGmS*EoCIb44Kih-n8Ww0BhAIAAAC63LwKAAAAAA&img=B93LlTMk0ZzN8GCWds4BebsbQfXUAvdB1ElWq-zoKXxq-fTpsEYuZfwIc7yawsuxHLXTKGZW3vXx8e-WaPDr298a7quU2E*TrZWCKAYpvmgBc*F0ledmEl02RMB7NXuSeUtGqEZSWxDIEf8XJ6ETb7unFCHzLYnas4nRQfjv5zcCAAAAuty8CgAAAAA

Requested by

Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

91.192.148.14 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

zvezda.ssp.rambler.ru

Software

nginx /

Resource Hash

1d59c60f3badbe620acd95a3be2e1c2d62c557a0e38d1cc4752ecfd494019462

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://antifreeze.livejournal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Thu, 21 Dec 2023 01:56:44 GMT
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
server: nginx
strict-transport-security: max-age=0
x-passed: 2bal1

GET
H/1.1 200
Ok fitness-cccp.ru
favicon.yandex.net/favicon/ 1 KB
1 KB 78ms
78ms Image
image/png 2a02:6b8::36
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/fitness-cccp.ru?size=32&stub=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

c209375834da44f19df1087169dbf99c4ad0534653273b26c2b9681e9ddc0477

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame D829 28 B
54 B 68ms
66ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
X-Goog-Request-Time: 1703123804797
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Q9Fo2byNdGE?wmode=opaque&si=b9vsbBBhaeAbgQy2&wmode=opaque
X-YouTube-Client-Version: 1.20231217.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: Cgs1NmNEQXhDRHM2Yyjato6sBjIKCgJERRIEEgAgDg%3D%3D
X-YouTube-Ad-Signals: dt=1703123802598&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 21 Dec 2023 01:56:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Thu, 21 Dec 2023 01:56:44 GMT

GET
H2 200 seg-5-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 323 KB
324 KB 74ms
74ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-5-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: e4fb105c58edca9d12ee830f14365d6cd0723109ba37b81a0c98cb0686479d89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:44 GMT
x-r-cache: MISS
server: nginx
etag: "-1-50df8"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0100.lb.rambler.tech
content-length: 331256
x-upstream-status: 200
x-request-id: 5230ff31fe4140f55b3ceae6241267b9
expires: Thu, 21 Dec 2023 13:56:44 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame EC45 28 B
54 B 76ms
67ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
X-Goog-Request-Time: 1703123804842
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/JnofOY2tvgY?wmode=opaque&si=ORxbDsCV-BE-SgMe&wmode=opaque
X-YouTube-Client-Version: 1.20231217.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtMYlVJYjNTNjFXcyjato6sBjIKCgJERRIEEgAgOg%3D%3D
X-YouTube-Ad-Signals: dt=1703123802591&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 21 Dec 2023 01:56:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Thu, 21 Dec 2023 01:56:44 GMT

GET
H2 200 seg-6-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 318 KB
318 KB 76ms
75ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-6-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: 282ab6cb1232fab1c6cd65b944358c04b07d62bea233c5aa67952db7cbd4ab5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:44 GMT
x-r-cache: MISS
server: nginx
etag: "-1-4f678"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0103.lb.rambler.tech
content-length: 325240
x-upstream-status: 200
x-request-id: 6e35502aeac54a4eda2ffcae6340b0ff
expires: Thu, 21 Dec 2023 13:56:44 GMT

GET
H2 200 seg-7-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 365 KB
365 KB 74ms
74ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-7-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: 7dd7ce3f7a4f16c9c5c0b74620797d7a0d891862540ab5b709ab8b8468247ba6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:45 GMT
x-r-cache: MISS
server: nginx
etag: "-1-5b278"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0103.lb.rambler.tech
content-length: 373368
x-upstream-status: 200
x-request-id: 4bad7653a8e4169e5f73a3ccb8f5148f
expires: Thu, 21 Dec 2023 13:56:44 GMT

GET
H2 200 wx1080
avatars.mds.yandex.net/get-direct/5246835/mDWMUgD3tRnX9bgp41XDzA/ 74 KB
75 KB 80ms
80ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5246835/mDWMUgD3tRnX9bgp41XDzA/wx1080
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 8f931f043c195a04729e15d2e482e00a28e02a2fd997c36792640a6fa78f89e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:45 GMT
last-modified: Wed, 13 Dec 2023 12:29:54 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
content-length: 76166
x-request-id: 8644a264cfd5f003

GET
H2 200 index.js Show response
sandbox.ssp.rambler.ru/pixels/ Frame A2BB 2 KB
1 KB 330ms
180ms Script
application/x-javascript 91.192.148.14
BEGUN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox.ssp.rambler.ru/pixels/index.js?pad_id=441920592&block_id=441920596&rnd=423676914

Requested by

Host: profile.ssp.rambler.ru
URL: https://profile.ssp.rambler.ru/sandbox?img=W73iozI7uy8a4dEFlQ0UVLlgdqFSHC*YviWGfztjxxN5jlJAoLm4*z1cio7owEewUEmUDZzLOVApSi-yy2dl1yxpRkbtgF4K36B8owGVx-MCAAAAuty8CgAAAAA&img=-U6TQK6bvwqUmiFdQ2GNwKs3LEW2LCqUIychC747U2FQUaJ3V21kxcMLbzMTEUPDReRSwbnvTEfR1VlNz0oyp2ahjYwP8ZPD4CWIzGo*woy60SV-j9z3l*YTNW60-i9kTrEwCAnh3v7gMNIeULtiRwIAAAC63LwKAAAAAA&img=CaHcYUUXenukhfStA68O9UEITBcx6cuvtzuxBNlgB3xsZtsFr8PiOxXDINtdEij3EhppUpl6yessULac9ayi33dZpI85JQeF9X0iqifWIC8RR-7upMDX0oU4hM5Xfb0iYb4GTxrSFkb0*m-ITuXhW-3iN*8DCLHbu*jztc0IuL25bfl-rWoiwP4HGZBNW5xit9g2UnviNzyHsMpDllC8yMeOUmTVqWrz9qoSZIeWIgEBTHiSSU6*-plMaBsvUE*GMa-8g7G2g6jO70SCQUgiG8MZvaDv3o7fgsGHbhPzKQcCAAAAuty8CgAAAAA&img=duIZJUjsUI1dxNfQx8RVJ3wJxUCFY9oyVev2gkZdBsrndDm1PNSYourBP63BYz8l1Zdxo65xEO5IOxFfLr3IQTNlUYdWfw5eCHEhdbYHxMd*Q15Mb6-AuuhGI4ScCH8QcPNhUKKFxlkaDTyjPgddQfvVBU2SvRxwRdB8hu5w8SsCAAAAuty8CgAAAAA&img=VfYw9oO9lUy9Wp6QBqnNnJgs0296z94BsGRywFEkDfUJP-fVS7zWJiL2fP15jHib73SHxBKaihY7*LHszuYifa3QXsu-KCMy57vCQ9M7E3sTQpVLb5U48j*QtpyafjFqxlN8PzBAI0xyXRO8aoom*YcCP7oDzfbJyi4wc5NiKRUCAAAAuty8CgAAAAA&img=DJRZsI8kLAI*6D-tz1WIPY-nVa-Q-mMb9i3*K1*2waktSe143tyrtLu48VC*hm9fXGldInv2kptoivFuvS8K-i5qjda58qIPNBCs096jfmsCAAAAuty8CgAAAAA&img=YpCDrWlMppDgmdgYjRYAKYI1oRZZO6rd*GZVHaxJOB4RmDlxUuiW2iXZwDOBlEQ7f8WJI4qf9TQCRhbuKFU*W6uIlDnFjPy*epqpGVTR8ld4MWmcwRNsQSE540ntrighibPjdgfGlJ6qU7rbQdJ568WfAtpdjOvotJfshn*c9XuFgskZUdy8lmdgsqKj7CcGRmoqtJJ-L0Mq8X50VCvSOyDZenvgEoLAdtGTD-jxSyUCAAAAuty8CgAAAAA&img=zyeTTDI-dptlFVtb8feGRWb28Ap56LRIUn700sd6ffY5woZf13RLzxtf350PmeMhgdKSPNriAnZCCX5y*jmor9JDtP0e6sEv4jDi1ehu790HpbJZNqtGipgP1AoLzmBw2ZhzUKpT9VnJYOVTJHMbgwIAAAC63LwKAAAAAA&img=WEsfaYtGKFQpNeKfDSlTS81e5EmMTv6rAkI7mj26HsOFyladQkVcBOMDgKcT4fo444qlqp3SFeqrdTpupJYCxen6DRDvt0SbeNYnIFTTHGI3a70h*D8mF0NXKpg5WYBBPlj3c79DafzP-DP9scoNMO55ZpYG5E1d-xfT9lYaXetdYv8JSDINmtqzoWIIG7vmHZMipusLbW2Ib7tnYUM37gIAAAC63LwKAAAAAA&img=Uyv8TdK-w3JMmVQP8gA-K8mXEKT1s2i9zXEfafn22Si3CyHp7B8l*xKQ-asvgiaBYuD7TNIvZL5Nv6Um6C4wGuaJNZsCUQEGLVZjWUy7qRDVUlpuAgpqWCprNcxfRabuW0pxPodq2XrigJtVeaKTvwCiaT7z8wyNlaRIiDO2DA1e3yvzKCLA8NXAVFJfQIGTAgAAALrcvAoAAAAA&script=*ollo05vechen7acUtDJLr1x1446gtTkuYN7Z3s8w8Y2MO7AFY*eukhfYJ2B4fQYRr-D2eIejEyFVtqEzQFgXTVWp7qW3vY3H2FmoYWOPBKkJdhclvHU5gTnYsVNdx2Y-Un6TIJEFGfqteDsmXXbzgIAAAC63LwKAAAAAA&img=8IQRGoytCHaY0u1dErCtk05kr8VYj1JuufhuEyH4CfO24LprbDlywJcPB1B7uT5jEUgm7lPZT2A5J4mC73DpHE7vz7lFdA7jLU6c4AycMMEiMMIFgcHJBxM4MbBRFB25AgAAALrcvAoAAAAA&img=DkbhzcZ6LCgInQctInGHfb-CW*TnQNQuFCWw-Bfa-UqxaikFBGXjli1Yg1m2Zeoa6Arj6DRRuUt-ohvFpZkcivjsr2KFnEpRnOK26OK5TQ5PiicIkBd4uIUX86fvNyX2VZp4xhMIwi3znSFaw5x0Ig9kh9RKMFM*Itk8RfAW6CYCAAAAuty8CgAAAAA&img=MVlsTOA2G0wW0GHTDArIwaLQKrHiINmpfVJmPekCUiLy0kLd855OCi-YVI4MhJYNSI5DcKqRzvKQ1JiK6-ziXek1FqL2-tUPPVhE6xzH*lP5wFZ8Evwnv3XtacDVbZqgvu-XhXrD7ppJnsdbMq04BgIAAAC63LwKAAAAAA&img=A3muT*kOOmK*CHUcZ64CDGbKKJwtBD7-k8D7sSGlE5ejOv-dxrdRpJI6qurBKdjg9lhv9EM8lLDGluDxKLittraHaQ5T9AOjJqy26YSzwKkaePohV0eucASL*wp9OirGmS*EoCIb44Kih-n8Ww0BhAIAAAC63LwKAAAAAA&img=B93LlTMk0ZzN8GCWds4BebsbQfXUAvdB1ElWq-zoKXxq-fTpsEYuZfwIc7yawsuxHLXTKGZW3vXx8e-WaPDr298a7quU2E*TrZWCKAYpvmgBc*F0ledmEl02RMB7NXuSeUtGqEZSWxDIEf8XJ6ETb7unFCHzLYnas4nRQfjv5zcCAAAAuty8CgAAAAA

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

91.192.148.14 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

zvezda.ssp.rambler.ru

Software

nginx /

Resource Hash

b88490dd2c6162773ee24841e5769529fe5ffc050dd7fc569eefb937c095e2f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:45 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Tue, 19 Dec 2023 12:47:50 GMT
server: nginx
etag: W/"658190f6-78e"
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
content-type: application/x-javascript
x-passed: 2bal1

GET
H2

200

set
sync.rambler.ru/ Frame A2BB
Redirect Chain

https://sync.bumlam.com/?src=sb2&random=225562130
https://sync.bumlam.com/?src=sb2&s_data=CAIQARjdto6sBloTCgZyYW5kb20SCTIyNTU2MjEzMKIBEDGbeRyfpBHuhuAAJZDAZHw*
https://sync.rambler.ru/set?partner_id=4b88de7e-1ef2-11ee-be56-0242ac120002&id=319b791c-9fa4-11ee-86e0-002590c0647c

43 B
224 B

174ms
137ms

Image
image/gif

91.192.149.52
BEGUN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.rambler.ru/set?partner_id=4b88de7e-1ef2-11ee-be56-0242ac120002&id=319b791c-9fa4-11ee-86e0-002590c0647c

Protocol

Server

91.192.149.52 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

sync.rambler.ru

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:45 GMT
strict-transport-security: max-age=0
x-passed: 1bal2
server: nginx
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"

Redirect headers

Date: Thu, 21 Dec 2023 01:56:45 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://sync.rambler.ru/set?partner_id=4b88de7e-1ef2-11ee-be56-0242ac120002&id=319b791c-9fa4-11ee-86e0-002590c0647c
Access-Control-Allow-Origin: https://profile.ssp.rambler.ru
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 200 /
an.yandex.ru/mapuid/ramblerssp/ Frame A2BB 43 B
364 B 74ms
71ms Image
image/gif 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/ramblerssp/?0000106a-0b0a-5b3a-eeb3-4d80dce9bbe4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 21 Dec 2023 01:56:45 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 21 Dec 2023 01:56:45 GMT

GET
H2

200

set
sync.rambler.ru/ Frame A2BB
Redirect Chain

https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fsync.rambler.ru%2Fset%3Fpartner_id%3Dab56d453-f95a-4cbc-97b3-1e30a8f95173%26id%3D%7BWEBO_CID%7D&usr=0000106a-0b0a-5b3a-eeb3-4d80dce9bbe4
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fsync.rambler.ru%2Fset%3Fpartner_id%3Dab56d453-f95a-4cbc-97b3-1e30a8f95173%26id%3D%7BWEBO_CID%7D&usr=0000106a-0b0a-5b3a-eeb3-4d80dce9bbe4&b...
https://sync.rambler.ru/set?partner_id=ab56d453-f95a-4cbc-97b3-1e30a8f95173&id=75bDyXGFsmJBPWkC3lGoce

43 B
224 B

114ms
69ms

Image
image/gif

91.192.149.52
BEGUN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.rambler.ru/set?partner_id=ab56d453-f95a-4cbc-97b3-1e30a8f95173&id=75bDyXGFsmJBPWkC3lGoce

Protocol

Server

91.192.149.52 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

sync.rambler.ru

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:45 GMT
strict-transport-security: max-age=0
x-passed: 1bal2
server: nginx
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"

Redirect headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:44 GMT
via: 1.1 google
last-modified: Thu, 21 Dec 2023 01:56:45 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://sync.rambler.ru/set?partner_id=ab56d453-f95a-4cbc-97b3-1e30a8f95173&id=75bDyXGFsmJBPWkC3lGoce
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

/
tms.dmp.wi-fi.ru/ Frame A2BB
Redirect Chain

https://sync.rambler.ru/emily?partner_id=maximatelecom&id=0000106a-0b0a-5b3a-eeb3-4d80dce9bbe4
https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=ab914581-c2bd-45ef-9242-3128c73c48c5&g_adv=rambler&g_cp1=2D933F1CD4511545423D650D7391604C

35 B
605 B

242ms
88ms

Image
image/gif

91.220.120.9
MAXIMATELECOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=ab914581-c2bd-45ef-9242-3128c73c48c5&g_adv=rambler&g_cp1=2D933F1CD4511545423D650D7391604C
Protocol: H2
Server: 91.220.120.9 , Russian Federation, ASN202173 (MAXIMATELECOM, RU),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:45 GMT
server: nginx
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-None-Match,Last-Modified,If-Modified-Since,Keep-Alive,Origin,User-Agent,Vary,X-Mx-ReqToken,X-Requested-With
content-length: 35
expires: 0

Redirect headers

location: https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=ab914581-c2bd-45ef-9242-3128c73c48c5&g_adv=rambler&g_cp1=2D933F1CD4511545423D650D7391604C
date: Thu, 21 Dec 2023 01:56:45 GMT
strict-transport-security: max-age=0
x-passed: 1bal2
server: nginx
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame A2BB 42 B
201 B 349ms
86ms Image
image/gif 81.222.128.213
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=5&external_id=0000106a-0b0a-5b3a-eeb3-4d80dce9bbe4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.213 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad13.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 21 Dec 2023 01:56:45 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

set
sync.rambler.ru/ Frame A2BB
Redirect Chain

https://visor.sberbank.ru/rambler.gif?770531510
https://visor.sberbank.ru/rambler.gif?try=1
https://sync.rambler.ru/set?partner_id=sberbank_reverse&id=SA1.75eddeb4-225f-49b7-8cbe-f76f0da91f59.1703123712

43 B
224 B

136ms
136ms

Image
image/gif

91.192.149.52
BEGUN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.rambler.ru/set?partner_id=sberbank_reverse&id=SA1.75eddeb4-225f-49b7-8cbe-f76f0da91f59.1703123712

Protocol

Server

91.192.149.52 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

sync.rambler.ru

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:45 GMT
strict-transport-security: max-age=0
x-passed: 1bal2
server: nginx
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"

Redirect headers

Pragma: no-cache
Date: Thu, 21 Dec 2023 01:56:45 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
Server: SOWA
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options: DENY
Location: https://sync.rambler.ru/set?partner_id=sberbank_reverse&id=SA1.75eddeb4-225f-49b7-8cbe-f76f0da91f59.1703123712
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/1/7009/i/ Frame A2BB
Redirect Chain

https://sync.rambler.ru/emily?partner_id=vi&id=abcdef&r=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F7009%2Fi%2Fi%3Fa%3D185%26e%3D%24UID%26i%3D%24RND2074639264
https://dmg.digitaltarget.ru/1/7009/i/i?a=185&e=EDD264EE36297DC6188A12097DAA7698
https://dmg.digitaltarget.ru/awg/custom/7009/i/i?call_source=awg&ts=1703123805398&a=185&e=EDD264EE36297DC6188A12097DAA7698
https://sync.rambler.ru/set?partner_id=vi&id=UF1tDmRFgCKiifk7H-2h
https://dmg.digitaltarget.ru/1/7009/i/i?a=185&e=EDD264EE36297DC6188A12097DAA7698

49 B
555 B

70ms
69ms

Image
image/gif

185.15.175.131
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/1/7009/i/i?a=185&e=EDD264EE36297DC6188A12097DAA7698

Protocol

HTTP/1.1

Server

185.15.175.131 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 21 Dec 2023 01:56:45 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 49
X-XSS-Protection: 1; mode=block

Redirect headers

location: https://dmg.digitaltarget.ru/1/7009/i/i?a=185&e=EDD264EE36297DC6188A12097DAA7698
date: Thu, 21 Dec 2023 01:56:45 GMT
strict-transport-security: max-age=0
x-passed: 1bal2
server: nginx
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"

GET
H2

200

/
adservice.google.com/ddm/fls/p/src=10009553;dc_pre=CKOss8u2n4MDFdRXkQUdGCwL1A;type=invmedia;cat=uprav00;match_id=abd63a56-b3d5-4057-a244-d394ce1e592e;dc_lat=;dc_rdid=;tag_for_child_directed_treatme... Frame A2BB
Redirect Chain

https://sync.upravel.com/image?source=sber&id=0000106a-0b0a-5b3a-eeb3-4d80dce9bbe4
https://sync.upravel.com/image?source=sber&id=0000106a-0b0a-5b3a-eeb3-4d80dce9bbe4&session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9wcm9maWxlLnNzcC5yYW1ibGVyLnJ1LyJdfX0
https://sync.upravel.com/dc_swap/sync
https://ad.doubleclick.net/ddm/activity/src=10009553;type=invmedia;cat=uprav00;match_id=abd63a56-b3d5-4057-a244-d394ce1e592e;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr...
https://ad.doubleclick.net/ddm/activity/src=10009553;dc_pre=CKOss8u2n4MDFdRXkQUdGCwL1A;type=invmedia;cat=uprav00;match_id=abd63a56-b3d5-4057-a244-d394ce1e592e;dc_lat=;dc_rdid=;tag_for_child_directe...
https://adservice.google.com/ddm/fls/p/src=10009553;dc_pre=CKOss8u2n4MDFdRXkQUdGCwL1A;type=invmedia;cat=uprav00;match_id=abd63a56-b3d5-4057-a244-d394ce1e592e;dc_lat=;dc_rdid=;tag_for_child_directed...

42 B
401 B

213ms
95ms

Image
image/gif

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/p/src=10009553;dc_pre=CKOss8u2n4MDFdRXkQUdGCwL1A;type=invmedia;cat=uprav00;match_id=abd63a56-b3d5-4057-a244-d394ce1e592e;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1;~oref=https://profile.ssp.rambler.ru/

Protocol

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:45 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/p/src=10009553;dc_pre=CKOss8u2n4MDFdRXkQUdGCwL1A;type=invmedia;cat=uprav00;match_id=abd63a56-b3d5-4057-a244-d394ce1e592e;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1;~oref=https://profile.ssp.rambler.ru/
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
x.bidswitch.net/ Frame A2BB
Redirect Chain

https://lbs-ru1.ads.betweendigital.com/match?bidder_id=43008&external_matching=1&forward=1&external_user_id=0000106a-0b0a-5b3a-eeb3-4d80dce9bbe4
https://lbs-ru1.ads.betweendigital.com/match?bidder_id=43008&external_matching=1&forward=1&external_user_id=0000106a-0b0a-5b3a-eeb3-4d80dce9bbe4&crf=1&rts=3271856665127052048
https://x.bidswitch.net/sync?ssp=between

43 B
146 B

122ms
29ms

Image
image/gif

3.124.69.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=between
Protocol: H2
Server: 3.124.69.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-69-248.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/sync?ssp=between
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

counter
top-fwz1.mail.ru/ Frame A2BB
Redirect Chain

https://sync.rambler.ru/emily?partner_id=6bf5a340-6c1f-4262-8f72-400b3d237f5d&ruid=0000106a-0b0a-5b3a-eeb3-4d80dce9bbe4
https://top-fwz1.mail.ru/counter?id=3082612;pid=3D1883B09BD4AB417288A05666FFF2F9

43 B
876 B

69ms
69ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?id=3082612;pid=3D1883B09BD4AB417288A05666FFF2F9

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:45 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

location: https://top-fwz1.mail.ru/counter?id=3082612;pid=3D1883B09BD4AB417288A05666FFF2F9
date: Thu, 21 Dec 2023 01:56:45 GMT
strict-transport-security: max-age=0
x-passed: 1bal2
server: nginx
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"

GET
H2

200

rambler
px.adhigh.net/p/cm/ Frame A2BB
Redirect Chain

https://px.adhigh.net/p/cm/rambler?u=0000106a-0b0a-5b3a-eeb3-4d80dce9bbe4
https://px.adhigh.net/p/cm/rambler?u=0000106a-0b0a-5b3a-eeb3-4d80dce9bbe4&bounced=1

49 B
326 B

70ms
70ms

Image
image/gif

193.232.148.134
UMA-TECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.adhigh.net/p/cm/rambler?u=0000106a-0b0a-5b3a-eeb3-4d80dce9bbe4&bounced=1
Protocol: H2
Server: 193.232.148.134 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS: hosting.adhigh.net
Software: nginx /
Resource Hash: d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:45 GMT
server: nginx
x-backend-id: f27-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:45 GMT
server: nginx
x-backend-id: f27-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
location: https://px.adhigh.net/p/cm/rambler?u=0000106a-0b0a-5b3a-eeb3-4d80dce9bbe4&bounced=1
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

static.gif
stats.mos.ru/ Frame A2BB
Redirect Chain

https://sync.rambler.ru/emily?partner_id=9122f432-a6c9-4f14-bc8a-daa781f3d204&rnd=1797563397
https://stats.mos.ru/static.gif?ramblerid=2EDEC6AA88B5DA4D8ACF84E32025FA8F

43 B
395 B

222ms
70ms

Image
image/gif

212.11.151.56
Moscow Mayors Office

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.mos.ru/static.gif?ramblerid=2EDEC6AA88B5DA4D8ACF84E32025FA8F
Protocol: H2
Server: 212.11.151.56 , Russian Federation, ASN8901 (Moscow Mayors Office, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-credentials: true
access-control-allow-headers: ExtensionReferer, x-requested-with, x-requested-by, x-caller-id, Content-Type, region-id
content-length: 43

Redirect headers

location: https://stats.mos.ru/static.gif?ramblerid=2EDEC6AA88B5DA4D8ACF84E32025FA8F
date: Thu, 21 Dec 2023 01:56:45 GMT
strict-transport-security: max-age=0
x-passed: 1bal2
server: nginx
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"

GET
H2

204

0.gif
x01.aidata.io/ Frame A2BB
Redirect Chain

https://sync.rambler.ru/emily?partner_id=aidata&rnd=0000106a-0b0a-5b3a-eeb3-4d80dce9bbe4
https://x01.aidata.io/0.gif?pid=RAMBLER&id=C1F61431D9AB94EA93E517568F52CCAC
https://x01.aidata.io/0.gif?pid=RAMBLER&id=C1F61431D9AB94EA93E517568F52CCAC&bounce=1
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP

0
432 B

70ms
70ms

Image
text/plain

89.108.120.68
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Protocol: H2
Server: 89.108.120.68 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51803.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:45 GMT
last-modified: Thu, 21 Dec 2023 01:56:44 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Thu, 21 Dec 2023 01:56:44 GMT

Redirect headers

Location: https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Date: Thu, 21 Dec 2023 01:56:45 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 324
Content-Type: text/html; charset=iso-8859-1

GET

pixel.gif
sync.1dmp.io/ Frame A2BB
Redirect Chain

https://sync.rambler.ru/emily?partner_id=cldata&rnd=0000106a-0b0a-5b3a-eeb3-4d80dce9bbe4
https://sync.1dmp.io/pixel.gif?cid=6464e806-bc68-4a4f-8893-22ec34eb02f1&pid=957b2d53-9bf9-48fd-95ea-df093901ffcf&uid=5B9606213CE1C709A7978035725C50C9

0
0

GET
H2 200 usersync
ssp.bidvol.com/ Frame A2BB 0
442 B 189ms
68ms Image
text/plain 65.109.65.188
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.bidvol.com/usersync?dspcsid=204&redirect=1&id=0000106a-0b0a-5b3a-eeb3-4d80dce9bbe4
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 65.109.65.188 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.188.65.109.65.clients.your-server.de
Software: nginx/1.22.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:45 GMT
server: nginx/1.22.0
surrogate-control: no-store
vary: Origin
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
x-request-id: 1f915d1c-5b96-42bd-bbc1-c442a133424b
expires: 0

GET
H2 200 seg-8-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 350 KB
351 KB 75ms
74ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-8-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: 8f6f50a212527a1efa874696854384ffbff0a9df6aacb4eb25b5a81eeb40dee1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:45 GMT
x-r-cache: MISS
server: nginx
etag: "-1-577b8"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0100.lb.rambler.tech
content-length: 358328
x-upstream-status: 200
x-request-id: 98c0c6972893cdc652aa0f41c3226a95
expires: Thu, 21 Dec 2023 13:56:45 GMT

GET
H2 200 seg-9-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 321 KB
321 KB 73ms
73ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-9-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: 0d5171d060bad88b97a426e8bf980d143d9158be2fe5978c4857d199c19f29db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:45 GMT
x-r-cache: MISS
server: nginx
etag: "-1-50238"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0103.lb.rambler.tech
content-length: 328248
x-upstream-status: 200
x-request-id: 9b96ad486ef44b89fcb38a56f19ce54a
expires: Thu, 21 Dec 2023 13:56:45 GMT

GET
H2 200 seg-10-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 353 KB
354 KB 74ms
74ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-10-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: c8d2e94ee99c6562aac3b808672a547db16a174db8f06c95e3339203ccd2c32a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:45 GMT
x-r-cache: MISS
server: nginx
etag: "-1-58378"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0100.lb.rambler.tech
content-length: 361336
x-upstream-status: 200
x-request-id: a222b5396937154099954abc50a97d6f
expires: Thu, 21 Dec 2023 13:56:45 GMT

GET
H2 200 seg-11-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 332 KB
333 KB 73ms
73ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-11-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: 6e1076e8e806a9a875a89a05ecf6eff909f295eb50c0f84cfcb97c07b10a5b60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:45 GMT
x-r-cache: MISS
server: nginx
etag: "-1-53138"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0102.lb.rambler.tech
content-length: 340280
x-upstream-status: 200
x-request-id: 8129471a45ead30f066c3b42838e1207
expires: Thu, 21 Dec 2023 13:56:45 GMT

GET
H2 200 capirs_async.js Show response
ssp.rambler.ru/ Frame A2BB 412 KB
116 KB 140ms
140ms Script
application/x-javascript 91.192.149.12
BEGUN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ssp.rambler.ru/capirs_async.js

Requested by

Host: sandbox.ssp.rambler.ru
URL: https://sandbox.ssp.rambler.ru/pixels/index.js?pad_id=441920592&block_id=441920596&rnd=423676914

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

91.192.149.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

ssp.rambler.ru

Software

nginx /

Resource Hash

b43eee07689e71cec756a74d42329bd47228c11384d7465133d4f64c83a2fe7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:45 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Mon, 11 Dec 2023 10:43:58 GMT
server: nginx
etag: W/"6576e7ee-67020"
content-type: application/x-javascript
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
cache-control: max-age=60
x-passed: 1bal1
expires: Thu, 21 Dec 2023 01:57:45 GMT

GET
H2 200 seg-12-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 265 KB
265 KB 74ms
73ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-12-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: f9779e7df52fcf7cdc5f1c107c0be832e61c7d3fd34c1ef593fbedc0a2474c4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:45 GMT
x-r-cache: MISS
server: nginx
etag: "-1-422f8"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0103.lb.rambler.tech
content-length: 271096
x-upstream-status: 200
x-request-id: f39b6deb01a88cea9d59007caa04f29e
expires: Thu, 21 Dec 2023 13:56:45 GMT

GET
H2 200 seg-13-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 391 KB
392 KB 74ms
73ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-13-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: 25ee40716dfc039234a0a0107b39712fba15b80c4a5704d26b17b1a108208694

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:45 GMT
x-r-cache: MISS
server: nginx
etag: "-1-61c38"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0100.lb.rambler.tech
content-length: 400440
x-upstream-status: 200
x-request-id: 2605c4b605da90b9a2ca71638e268128
expires: Thu, 21 Dec 2023 13:56:45 GMT

GET
H2 200 seg-14-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 329 KB
330 KB 74ms
74ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-14-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: 2424fab189cc30846148fd0880f30f7eefca10a595d55f49773c9b51fa722542

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:45 GMT
x-r-cache: MISS
server: nginx
etag: "-1-52578"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0103.lb.rambler.tech
content-length: 337272
x-upstream-status: 200
x-request-id: 34f632164acb52963e25ce971df37320
expires: Thu, 21 Dec 2023 13:56:45 GMT

GET
H2 204 file.jsp
img02.ssp.rambler.ru/ 0
343 B 71ms
70ms Image
text/plain 91.192.148.14
BEGUN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img02.ssp.rambler.ru/file.jsp?url=z-GopI4CGZ6Yp2I2hZVb6Ya4wYMl41go*dIfOz8Fs*So7i0-2XRSHM7SXk68BuvKhTvIgEn6c8AZT-9IqyXEExmUyHE6mNDGuKdYv1a2BNweBHdHE-XKCtIrxqVwliZQU-nIFMMAHiDkmzbl6nAfdKBv752cGpCMuLOlIl0AaPyRH14IEG5QDZOYdzmmMjUAVLwIrcv1FDOpvE5I9-clxmFFhjSPnZX4DKJJHmcxkdKjGdkZTOwU0Uf3fOL1g0jatytNfejJJ3ElQdT7IFjfzp6OQZSpaMYkyUXA3SFlDWK321QPVk0q6Fxxyjdqy51vzCCwAcb8eLncR7vGhZVO1A8Ea-ZCLNWh9VwNtUzI1cn9-uTSfGFDNQumKnte*pWs-G4LJz3r84ilElM5u-q7ly*MD3MOjEzoVbEE0W2XTzWRV5-flcFdmoxgM*fBiS6pM*zx2bQpPXqtJ7saULRJxBTIxiOkZIAobPUBqzpq15MqAiCE0k8p3zPATsIrWZECIW1U0VImOTIbAcyS6qk6poA2BIKpMMlemy0eWvKglyebejZxk1VYFtecp5PtxG55B1B9EYLcVRcGzF2VkeZ0y9X7ouqkTSrvPPny-BEL9mRSEfasIzUyRtmnL1gaOXeZrP9JSNDlSFmtJ2dSVoGThjRHtcGGnQXQezWHkQRqjTA4iEHxL*ZmqU2LKZyVFqQ7MiOdMUO29*eyIoDxZuFtUn00NBK7X9hlkkiVJAwWVwUtpb2eTITiVk60tDDp60Ezm2rFqYUUrk9ic7KUp1B62jAd*aKYjxBn8ea8ZH7yms973x9dbyfQAKzZPU3003mxvaramq52zWPn6rRk9G-Q1b3dGDD2AuHlCjrwDSbp780r-h9e0L7U-Wy9EvPCmI2TLaQ4qubSlkvvGHLnp1mmp*olOoI9mWfILstNTpq*NL3ZheLubUYv-IS9So8Gn8Gn7FKMmtZ-W5vRYpIyMLEEX6*zjxJ5Kj4TGz0b6U0cV16DMQlFhLuyDaCsfgiyxNCdEqhLi5MvxnlpmgmoQcn5o6eAgsrfqc*xQ0tnXQIIYwyZ1n4ysptiQnIBUAhVaF*o7dpHF4z03I8jLR6entkEz7Yknxtifopg9UmZ9oDRMRUkQxxmcRiuIURqykJMS8kLmHmnLeNYP9oIQBNlIC42aticPzWt46EJsOy7O9l8WSyicH6EB940G9fhLLRTa3k0zak5-J09eavK8AGLMJkf6uO1pprfGovbrTlL1pUryUwMbKPm9ALuI6zQUqK3rF33At0ZPa-2jm-rXA7AHdRBmnAGCXdPbip6FqsGwbSC38WTMc39Fd9qKvknE4QO*Pl1XUqBNll-0*My9-SNQt3umSdDNWeZkHAAuOzURBRA87kqPC1T8yvykEsmAWMs29xZ3E-yrkTVYvJPUVGAXubGEx-sWG8j9*mYkDOXAb0PJOUYHzgDUUc9EtqDSu-J1pIlEYrn0K7JxUYjKDN8gsQSJp7YfN2rGSrDOLAPF5f*GU3Hw-7RJWxZZkR5JJsWSencel-4dlACdL1BoDiFIT92-9xZB9lQ2vG353-rILTMD6wyFsoHnkZ57PErHq37XzFRAgAAALrcvAoAAAAA&eurl%5B%5D=2*TAyF8yXg-hiCKKILN*8i0vsVRoYfLPdRsz*41bsOdQA0nSLkeKdAja0DuWg5Lnqnf7fj6f7D4*YEhoxUkI6eKRucmKkycAUbmMYazaJ7YCAAAAuty8CgAAAAA&seq=0&capirs_nocache=1703123805567

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

91.192.148.14 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

zvezda.ssp.rambler.ru

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:45 GMT
x-envoy-decorator-operation: filed3.srvc-ads-platform.svc.cluster.local:80/*
strict-transport-security: max-age=0
server: nginx
x-begun-impressionid: 6583d-9b5bb-36e0b
x-sca-elb: int
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
cache-control: no-store, no-cache, must-revalidate
x-envoy-upstream-service-time: 0
x-passed: 2bal1

GET
H2 200 userip Show response
ssp.rambler.ru/ Frame A2BB 14 B
140 B 68ms
68ms XHR
text/plain 91.192.149.12
BEGUN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.rambler.ru/userip
Requested by: Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.192.149.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS: ssp.rambler.ru
Software: nginx /
Resource Hash: 14f0824aacf181d8c2256e56b2f02e869c2263610eee88275dc988179ddd1bcb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 21 Dec 2023 01:56:45 GMT
x-passed: 1bal1
server: nginx
content-length: 14
content-type: application/octet-stream, text/plain

GET
H2 200 seg-15-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 321 KB
321 KB 74ms
74ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-15-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: 7fb1b807bede7741e5a3159a5125d6ece967803d08864eb8d95ebdd5b28b017c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:45 GMT
x-r-cache: MISS
server: nginx
etag: "-1-50238"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0100.lb.rambler.tech
content-length: 328248
x-upstream-status: 200
x-request-id: 41a906297af07506813372c4c6e7f329
expires: Thu, 21 Dec 2023 13:56:45 GMT

GET
H2 200 px.gif
ssp.rambler.ru/ Frame A2BB 43 B
257 B 69ms
68ms Image
image/gif 91.192.149.12
BEGUN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssp.rambler.ru/px.gif?ch=1&rn=6.274123059611745

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

91.192.149.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

ssp.rambler.ru

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:45 GMT
strict-transport-security: max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
content-type: image/gif
x-passed: 1bal1
content-length: 43

GET
H2 200 px.gif
ssp.rambler.ru/ Frame A2BB 43 B
257 B 69ms
69ms Image
image/gif 91.192.149.12
BEGUN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssp.rambler.ru/px.gif?ch=2&rn=6.274123059611745

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

91.192.149.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

ssp.rambler.ru

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:45 GMT
strict-transport-security: max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
content-type: image/gif
x-passed: 1bal1
content-length: 43

GET
H2 200 seg-16-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 323 KB
324 KB 77ms
76ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-16-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: e083301e3628526066ef9f47b7c030dcefe7d3770b3a5778db0145009beb2dc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:45 GMT
x-r-cache: MISS
server: nginx
etag: "-1-50df8"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0103.lb.rambler.tech
content-length: 331256
x-upstream-status: 200
x-request-id: 953642772959223bfc1bcfba8f9cc2e4
expires: Thu, 21 Dec 2023 13:56:45 GMT

GET
H2 200 seg-17-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 376 KB
377 KB 74ms
74ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-17-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: dee0154b4136f817ac146bcfa33dc76367154a20ae016a42f4409c8380d1b8b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:45 GMT
x-r-cache: MISS
server: nginx
etag: "-1-5e178"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0102.lb.rambler.tech
content-length: 385400
x-upstream-status: 200
x-request-id: de048207f5cdf2b60bdcaacf9e5a13a7
expires: Thu, 21 Dec 2023 13:56:45 GMT

GET
H2 200 seg-18-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 368 KB
368 KB 75ms
75ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-18-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: 13ef64cf22c03f048ddc99c226aca0fb661342a509cd20ec427b4ea64feb7526

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:45 GMT
x-r-cache: MISS
server: nginx
etag: "-1-5be38"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0103.lb.rambler.tech
content-length: 376376
x-upstream-status: 200
x-request-id: 42351626a51d4c7f3c4f369b3de8f545
expires: Thu, 21 Dec 2023 13:56:45 GMT

GET
H2 200 seg-19-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 303 KB
304 KB 76ms
76ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-19-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: f68c99b6008bfeb2dcb5d62528374bec62c0ffb696f058afb4ec009e254aab56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:46 GMT
x-r-cache: MISS
server: nginx
etag: "-1-4bbb8"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0102.lb.rambler.tech
content-length: 310200
x-upstream-status: 200
x-request-id: e9e947d050baedc81b6cd3a53c700b93
expires: Thu, 21 Dec 2023 13:56:46 GMT

GET
H2 200 seg-20-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 288 KB
289 KB 75ms
75ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-20-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: 30bb9e5f42bad415ab9949896a47370c98d2af34f76bb78b4fe561fd9b0e422e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:46 GMT
x-r-cache: MISS
server: nginx
etag: "-1-480f8"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0101.lb.rambler.tech
content-length: 295160
x-upstream-status: 200
x-request-id: b763640ef141c8786e62f908578b8fc4
expires: Thu, 21 Dec 2023 13:56:46 GMT

GET
H2 200 seg-21-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 362 KB
362 KB 74ms
74ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-21-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: 384f81d2d0d027cdc119bc70f2ef646e3d04eadefa60a2a8d92e79d09c58541f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:46 GMT
x-r-cache: MISS
server: nginx
etag: "-1-5a6b8"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0100.lb.rambler.tech
content-length: 370360
x-upstream-status: 200
x-request-id: 7c7c19a116c7905ce2008cf64fbc4b83
expires: Thu, 21 Dec 2023 13:56:46 GMT

GET
H2 200 context.jsp Show response
ssp.rambler.ru/ Frame A2BB 4 KB
4 KB 95ms
95ms XHR
application/javascript 91.192.149.12
BEGUN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ssp.rambler.ru/context.jsp?wl=rambler&json=1&frm_level=1&frm_top=top_not_accessible&pad_id=441920592&first=1&block_id=441920596&screenw=1600&screenh=1200&winw=0&winh=0&rq=0&rq_type=0&rq_sess=2256E7E3620D29015002281C0BB7ACD8&fpruid=pA8AAENKs1eE2YgrAekrYQA%3D&browser_family=Chrome&browser_version=120.0.6099.109&os_family=Windows&os_version=10&device_type=1&jparams=%7B%22puid42%22%3A%229.7%22%2C%22pli%22%3A%22a%22%2C%22plp%22%3A%22a%22%2C%22pop%22%3A%22a%22%7D&top=8&left=8&secure=1&vcapirs=38_48_0&fpParams=%7B%22f%22%3A%7B%22p%22%3A3646554937%2C%22c%22%3Anull%2C%22i%22%3A1989511072%2C%22v%22%3A%22Intel%20Inc.%22%2C%22r%22%3A%22Intel%20Iris%20OpenGL%20Engine%22%2C%22w%22%3A2615004439%7D%2C%22s%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22a%22%3A1600%2C%22b%22%3A1200%2C%22p%22%3A1%2C%22c%22%3A24%7D%2C%22o%22%3A%7B%22t%22%3A-60%2C%22u%22%3A%22en-US%22%7D%7D&device_memory=8&hardware_concurrency=4&cookies_enabled=true&webdriver=false&java_enabled=false&history_length=2&adsblock=false&battery_info=%7B%22charging%22%3Atrue%2C%22charging_time%22%3A0%2C%22discharging_time%22%3Anull%2C%22level%22%3A1%7D&media_devices=%5B%5D&timezone=%7B%22offset%22%3A1%2C%22name%22%3A%22Europe%2FBerlin%22%7D&callback=Begun_Autocontext_saveFeed1&ref=https%3A%2F%2Fantifreeze.livejournal.com%2F&url=https%3A%2F%2Fprofile.ssp.rambler.ru%2Fsandbox%3Fimg%3DW73iozI7uy8a4dEFlQ0UVLlgdqFSHC*YviWGfztjxxN5jlJAoLm4*z1cio7owEewUEmUDZzLOVApSi-yy2dl1yxpRkbtgF4K36B8owGVx-MCAAAAuty8CgAAAAA%26img%3D-U6TQK6bvwqUmiFdQ2GNwKs3LEW2LCqUIychC747U2FQUaJ3V21kxcMLbzMTEUPDReRSwbnvTEfR1VlNz0oyp2ahjYwP8ZPD4CWIzGo*woy60SV-j9z3l*YTNW60-i9kTrEwCAnh3v7gMNIeULtiRwIAAAC63LwKAAAAAA%26img%3DCaHcYUUXenukhfStA68O9UEITBcx6cuvtzuxBNlgB3xsZtsFr8PiOxXDINtdEij3EhppUpl6yessULac9ayi33dZpI85JQeF9X0iqifWIC8RR-7upMDX0oU4hM5Xfb0iYb4GTxrSFkb0*m-ITuXhW-3iN*8DCLHbu*jztc0IuL25bfl-rWoiwP4HGZBNW5xit9g2UnviNzyHsMpDllC8yMeOUmTVqWrz9qoSZIeWIgEBTHiSSU6*-plMaBsvUE*GMa-8g7G2g6jO70SCQUgiG8MZvaDv3o7fgsGHbhPzKQcCAAAAuty8CgAAAAA%26img%3DduIZJUjsUI1dxNfQx8RVJ3wJxUCFY9oyVev2gkZdBsrndDm1PNSYourBP63BYz8l1Zdxo65xEO5IOxFfLr3IQTNlUYdWfw5eCHEhdbYHxMd*Q15Mb6-AuuhGI4ScCH8QcPNhUKKFxlkaDTyjPgddQfvVBU2SvRxwRdB8hu5w8SsCAAAAuty8CgAAAAA%26img%3DVfYw9oO9lUy9Wp6QBqnNnJgs0296z94BsGRywFEkDfUJP-fVS7zWJiL2fP15jHib73SHxBKaihY7*LHszuYifa3QXsu-KCMy57vCQ9M7E3sTQpVLb5U48j*QtpyafjFqxlN8PzBAI0xyXRO8aoom*YcCP7oDzfbJyi4wc5NiKRUCAAAAuty8CgAAAAA%26img%3DDJRZsI8kLAI*6D-tz1WIPY-nVa-Q-mMb9i3*K1*2waktSe143tyrtLu48VC*hm9fXGldInv2kptoivFuvS8K-i5qjda58qIPNBCs096jfmsCAAAAuty8CgAAAAA%26img%3DYpCDrWlMppDgmdgYjRYAKYI1oRZZO6rd*GZVHaxJOB4RmDlxUuiW2iXZwDOBlEQ7f8WJI4qf9TQCRhbuKFU*W6uIlDnFjPy*epqpGVTR8ld4MWmcwRNsQSE540ntrighibPjdgfGlJ6qU7rbQdJ568WfAtpdjOvotJfshn*c9XuFgskZUdy8lmdgsqKj7CcGRmoqtJJ-L0Mq8X50VCvSOyDZenvgEoLAdtGTD-jxSyUCAAAAuty8CgAAAAA%26img%3DzyeTTDI-dptlFVtb8feGRWb28Ap56LRIUn700sd6ffY5woZf13RLzxtf350PmeMhgdKSPNriAnZCCX5y*jmor9JDtP0e6sEv4jDi1ehu790HpbJZNqtGipgP1AoLzmBw2ZhzUKpT9VnJYOVTJHMbgwIAAAC63LwKAAAAAA%26img%3DWEsfaYtGKFQpNeKfDSlTS81e5EmMTv6rAkI7mj26HsOFyladQkVcBOMDgKcT4fo444qlqp3SFeqrdTpupJYCxen6DRDvt0SbeNYnIFTTHGI3a70h*D8mF0NXKpg5WYBBPlj3c79DafzP-DP9scoNMO55ZpYG5E1d-xfT9lYaXetdYv8JSDINmtqzoWIIG7vmHZMipusLbW2Ib7tnYUM37gIAAAC63LwKAAAAAA%26img%3DUyv8TdK-w3JMmVQP8gA-K8mXEKT1s2i9zXEfafn22Si3CyHp7B8l*xKQ-asvgiaBYuD7TNIvZL5Nv6Um6C4wGuaJNZsCUQEGLVZjWUy7qRDVUlpuAgpqWCprNcxfRabuW0pxPodq2XrigJtVeaKTvwCiaT7z8wyNlaRIiDO2DA1e3yvzKCLA8NXAVFJfQIGTAgAAALrcvAoAAAAA%26script%3D*ollo05vechen7acUtDJLr1x1446gtTkuYN7Z3s8w8Y2MO7AFY*eukhfYJ2B4fQYRr-D2eIejEyFVtqEzQFgXTVWp7qW3vY3H2FmoYWOPBKkJdhclvHU5gTnYsVNdx2Y-Un6TIJEFGfqteDsmXXbzgIAAAC63LwKAAAAAA%26img%3D8IQRGoytCHaY0u1dErCtk05kr8VYj1JuufhuEyH4CfO24LprbDlywJcPB1B7uT5jEUgm7lPZT2A5J4mC73DpHE7vz7lFdA7jLU6c4AycMMEiMMIFgcHJBxM4MbBRFB25AgAAALrcvAoAAAAA%26img%3DDkbhzcZ6LCgInQctInGHfb-CW*TnQNQuFCWw-Bfa-UqxaikFBGXjli1Yg1m2Zeoa6Arj6DRRuUt-ohvFpZkcivjsr2KFnEpRnOK26OK5TQ5PiicIkBd4uIUX86fvNyX2VZp4xhMIwi3znSFaw5x0Ig9kh9RKMFM*Itk8RfAW6CYCAAAAuty8CgAAAAA%26img%3DMVlsTOA2G0wW0GHTDArIwaLQKrHiINmpfVJmPekCUiLy0kLd855OCi-YVI4MhJYNSI5DcKqRzvKQ1JiK6-ziXek1FqL2-tUPPVhE6xzH*lP5wFZ8Evwnv3XtacDVbZqgvu-XhXrD7ppJnsdbMq04BgIAAAC63LwKAAAAAA%26img%3DA3muT*kOOmK*CHUcZ64CDGbKKJwtBD7-k8D7sSGlE5ejOv-dxrdRpJI6qurBKdjg9lhv9EM8lLDGluDxKLittraHaQ5T9AOjJqy26YSzwKkaePohV0eucASL*wp9OirGmS*EoCIb44Kih-n8Ww0BhAIAAAC63LwKAAAAAA%26img%3DB93LlTMk0ZzN8GCWds4BebsbQfXUAvdB1ElWq-zoKXxq-fTpsEYuZfwIc7yawsuxHLXTKGZW3vXx8e-WaPDr298a7quU2E*TrZWCKAYpvmgBc*F0ledmEl02RMB7NXuSeUtGqEZSWxDIEf8XJ6ETb7unFCHzLYnas4nRQfjv5zcCAAAAuty8CgAAAAA

Requested by

Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

91.192.149.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

ssp.rambler.ru

Software

nginx /

Resource Hash

6007c0f13eb31ba75fff4a748fc0ff5cc024ebe868a2b78a5f8155f3b1a27d24

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:46 GMT
strict-transport-security: max-age=0
x-user-regionid: 1831
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR NID DEVa PSAa PSDa OUR BUS", policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
content-length: 3640
x-begun-graphcount: 0
pragma: no-cache
last-modified: Thu, 21 Dec 2023 01:56:46 GMT
server: nginx
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://profile.ssp.rambler.ru
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
x-passed: 1bal1
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 seg-22-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 315 KB
315 KB 74ms
73ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-22-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: f38313d4ab69fc2196d95236f15e799bae5dad65bbd6e1237fd951110ec19f40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:46 GMT
x-r-cache: MISS
server: nginx
etag: "-1-4eab8"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0100.lb.rambler.tech
content-length: 322232
x-upstream-status: 200
x-request-id: 322d31f7aa7a6e3e4e7793ef18726bc5
expires: Thu, 21 Dec 2023 13:56:46 GMT

POST
H2 200 blockstat_post
ssp.rambler.ru/ Frame A2BB 0
79 B 69ms
69ms Ping
text/plain 91.192.149.12
BEGUN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.rambler.ru/blockstat_post?stream=ssp_blockstat_m
Requested by: Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.192.149.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS: ssp.rambler.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://profile.ssp.rambler.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 21 Dec 2023 01:56:46 GMT
x-passed: 1bal1
server: nginx
content-length: 0

GET
H2 200 seg-23-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 368 KB
368 KB 74ms
74ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-23-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: 5b01c4ae173b39ae96bd51d92217b45b724ae6a1d3a78de3307348472b5ab46b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:46 GMT
x-r-cache: MISS
server: nginx
etag: "-1-5be38"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0102.lb.rambler.tech
content-length: 376376
x-upstream-status: 200
x-request-id: f22f69a1f4c38f73ff95114eddf61a03
expires: Thu, 21 Dec 2023 13:56:46 GMT

GET
H2 200 seg-24-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 332 KB
333 KB 73ms
73ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-24-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: 425aeda39236f95c85bd65ee3e66337d8edad0080545a0861f7c00a65cd7d015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:46 GMT
x-r-cache: MISS
server: nginx
etag: "-1-53138"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0102.lb.rambler.tech
content-length: 340280
x-upstream-status: 200
x-request-id: f847d77a792fc90547ac67af3fdecfae
expires: Thu, 21 Dec 2023 13:56:46 GMT

GET
H2 200 seg-25-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 356 KB
356 KB 73ms
73ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-25-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: e9b134fc9427da8de10f18376d5f56918cb225fb48b03f26bbaa3adc930a7865

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:46 GMT
x-r-cache: MISS
server: nginx
etag: "-1-58f38"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0100.lb.rambler.tech
content-length: 364344
x-upstream-status: 200
x-request-id: 04efc2b33a1294c24cc75412263f77ea
expires: Thu, 21 Dec 2023 13:56:46 GMT

GET
H2 200 seg-26-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 344 KB
345 KB 78ms
78ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-26-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: 674c1fea3267f60858bad8b2b00f11b456d3f6bd47113b2e5cc788d65b3f46ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:46 GMT
x-r-cache: MISS
server: nginx
etag: "-1-56038"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0102.lb.rambler.tech
content-length: 352312
x-upstream-status: 200
x-request-id: 5a75d45caa3bc3fdc7be57c09d2583e1
expires: Thu, 21 Dec 2023 13:56:46 GMT

GET
H2 200 seg-27-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 332 KB
333 KB 74ms
74ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-27-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: b44b3cddde7bf4b95160d3be804e09e0bcbc5cb50028aae4a39d46feb79eae6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:46 GMT
x-r-cache: MISS
server: nginx
etag: "-1-53138"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0103.lb.rambler.tech
content-length: 340280
x-upstream-status: 200
x-request-id: 7e991c7e6aca5573eb91e088012a3f76
expires: Thu, 21 Dec 2023 13:56:46 GMT

GET
H2 200 seg-28-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 200 KB
201 KB 74ms
73ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-28-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: d0c24e68799678aa1839640b059ea43038343313318228b2522c31ce5e8b07e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:46 GMT
x-r-cache: MISS
server: nginx
etag: "-1-32078"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0103.lb.rambler.tech
content-length: 204920
x-upstream-status: 200
x-request-id: 9bc6b0445b8e30890ccb53f52e7835f2
expires: Thu, 21 Dec 2023 13:56:46 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 34ms
34ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1V2YHKGDNK&gtm=45je3bt0v9123713254&_p=1703123801074&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=534914086.1703123802&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=kA&_s=2&sid=1703123801&sct=1&seg=0&dl=https%3A%2F%2Fantifreeze.livejournal.com%2F&dt=%D0%A1%D0%B5%D1%80%D0%B1%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B0%D1%80%D1%82%D1%85%D0%B0%D1%83%D1%81%20%E2%80%94%20%D0%96%D0%96&en=not_blocked&ep.event_category=AdBlocker&_et=79&tfd=11243
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1V2YHKGDNK
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://antifreeze.livejournal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 1KUXzD_n0LW200000000U9nJZ5nUk3zKwBMGuP9d1XySTWPbMiRCRavb009Fc4Xejzg9-bZpMHmCgOn0ySmbpsuy0ucNSWDvjLU1H2lZHY3P2P850YQ6cOmr9o3iXOmtQY2ibOpN3I2ilOmt3l4p70NpppA2D5q5atSP6MGO6Fuopc9YO9ZB119PohI0bO5XBTCl8...
yandex.ru/an/rtbcount/ 43 B
215 B 74ms
74ms Ping
image/gif 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1KUXzD_n0LW200000000U9nJZ5nUk3zKwBMGuP9d1XySTWPbMiRCRavb009Fc4Xejzg9-bZpMHmCgOn0ySmbpsuy0ucNSWDvjLU1H2lZHY3P2P850YQ6cOmr9o3iXOmtQY2ibOpN3I2ilOmt3l4p70NpppA2D5q5atSP6MGO6Fuopc9YO9ZB119PohI0bO5XBTCl8FiiqtyWUCKaSBZJfdR9CmO6qwcHcRzvs1Z-Ch60dC0CLCdGowm89ASoWpJFPMO2MGia5S3MRcJEjg-UEdMZa-19PfYlhu9LtWMJFvaTdFWXZcRfsQSCzimAbWKRc7Qm_8S1nWD8x0ii5zx_Nx_fqDgBuZTP85xxOF-GvRnKOjHMpflsRrb07bp0odcIDNijBrZw0ck3marMcELVMK76TB0ri4nWktdksE_Rfuvy5Ph1TkLmy0AsdvVsJNsrViDypvLiCFCEi7cSO6D-nCRhbUjabUST5LmSb9nd_f8DPlDFE6iY-yBU3HzddNjhFukTpTBOoC3KS04xumfsnWti3GqD8ZlOUKwmYpzWNxd_oUVsYsVkIlrWvrd0yMS2ymgE6pyPDt1SJzp1mNYB0oEWdt8mC3JOztA2l3ML4-JZ1PmDp2iubpDku1GxmSbuWPFf1IVZ1qx67voC08Eypu80?test-tag=29&rnd=7349979550873&confirmRatio=1000000&banner-sizes=eyI3MjA1NzYwOTI0MjMzNTQ0NSI6IjE2MDB4MjUwIn0%3D&pcode-active-testids=919403%2C0%2C33&confirmTime=2100000&width=1600&height=250&banner-test-tags=eyI3MjA1NzYwOTI0MjMzNTQ0NSI6IjI4MTQ5MjE1NjYzNzIwMCJ9&constructor-rendered-assets=eyI3MjA1NzYwOTI0MjMzNTQ0NSI6OTUxNX0

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/932051/6f95baa4b95417edd267.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1703123806804199-5698208871266426529-balancer-l7leveler-kubr-yp-vla-154-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 21 Dec 2023 01:56:46 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: image/gif
access-control-allow-origin: https://antifreeze.livejournal.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 21 Dec 2023 01:56:46 GMT

GET
H2 200 seg-29-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 147 KB
148 KB 73ms
73ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-29-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: 901e774be4c2f0055539e1dd834d7ea20dfdd4b501cca5e4c152970a31c35821

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:46 GMT
x-r-cache: MISS
server: nginx
etag: "-1-24cf8"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0103.lb.rambler.tech
content-length: 150776
x-upstream-status: 200
x-request-id: 052d29226c530b68158c6abe69d4d23c
expires: Thu, 21 Dec 2023 13:56:46 GMT

GET
H2 200 seg-30-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 229 KB
230 KB 74ms
73ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-30-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: 4e511821eda64fbc8001fe0999fb98074c0e45921dc4bf52458ac636a6af2a7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:46 GMT
x-r-cache: MISS
server: nginx
etag: "-1-395f8"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0103.lb.rambler.tech
content-length: 235000
x-upstream-status: 200
x-request-id: bbdf6cfe38b9a281fcf6a89017edd5f4
expires: Thu, 21 Dec 2023 13:56:46 GMT

GET
H2 200 /
kraken.rambler.ru/cnt/v2/ 43 B
575 B 73ms
73ms Image
image/gif 81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/v2/?event_type=tech&event_name=ping&project_id=1111412&session_id=723920327_1703123801888&session_number=1&session_event_number=2&version=3.15.1&counter_type=web&experiment=%5B%5B%22exp_ws%22%2C%22no%22%5D%5D&top100_id=t1.1111412.1015191254.1703123801887&adtech_uid=59e38c1b-a82a-4c76-a1e6-6d39663c1751&adtech_uid_scope=livejournal.com&publisher_uid=URNKAWWDm1gLTDxx6qI7AgB%3D&publisher_uid_scope=.livejournal.com&fingerprint=pA8AAENKs1eyjnBqAQiJUQA%3D&fingerprint_ip=pA8AAENKs1eE2YgrAekrYQA%3D&url=https%3A%2F%2Fantifreeze.livejournal.com&request_id=1703123801.886-1831830247&event_id=183438068909197&meta=%7B%22activity%22%3A%7B%7D%2C%22scroll%22%3A%7B%22min%22%3A0%2C%22max%22%3A1200%2C%22current%22%3A0%7D%2C%22doscroll%22%3A%7B%22min%22%3A0%2C%22max%22%3A4%2C%22current%22%3A0%7D%2C%22num%22%3A1%2C%22duration%22%3A5%7D&rn=1011270545
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:46 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-srv: 2kraken-prod0001.ad.rambler.tech
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif, image/gif
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 seg-31-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 409 KB
409 KB 74ms
74ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-31-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: 68cd7335b03002d95ef042f3bf48557082950856f1de592a9a59b72db46b3d90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:47 GMT
x-r-cache: MISS
server: nginx
etag: "-1-662b8"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0102.lb.rambler.tech
content-length: 418488
x-upstream-status: 200
x-request-id: 601665a5f76d47ce544b24fb3b9a97a1
expires: Thu, 21 Dec 2023 13:56:47 GMT

GET
H2 200 /
kraken.rambler.ru/cnt/v2/ 43 B
576 B 78ms
78ms Image
image/gif 81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/v2/?event_type=tech&event_name=ping&project_id=7356279&session_id=1063649748_1703123803525&session_number=1&session_event_number=5&version=3.15.1&counter_type=web&experiment=%5B%5B%22exp_ws%22%2C%22no%22%5D%5D&top100_id=t1.1111412.1015191254.1703123801887&adtech_uid=59e38c1b-a82a-4c76-a1e6-6d39663c1751&adtech_uid_scope=livejournal.com&fingerprint=pA8AAENKs1eyjnBqAQiJUQA%3D&fingerprint_ip=pA8AAENKs1eE2YgrAekrYQA%3D&url=https%3A%2F%2Fantifreeze.livejournal.com&request_id=1703123803.524-1895882684&adv_request_id=9061141DD849A85BD874B526225111D5&event_id=788838068912365&split=%5B%22env_browser%22%5D&meta=%7B%22activity%22%3A%7B%7D%2C%22scroll%22%3A%7B%22min%22%3A0%2C%22max%22%3A1200%2C%22current%22%3A0%7D%2C%22doscroll%22%3A%7B%22min%22%3A0%2C%22max%22%3A4%2C%22current%22%3A0%7D%2C%22num%22%3A1%2C%22duration%22%3A5%7D&rn=282856502
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:47 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-srv: 2kraken-prod0001.ad.rambler.tech
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif, image/gif
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 WQ4ejI_zOoVX2Lai0PqC0CCLL1v4emTH1i5ajEFrXZjSlvFLSVGw-nJdaThJvpsTG01RXPniZQxhERh_OFOV6aiOGCUf8YqAQf7aOeCLHJm-H1BCu62N7RuGTF2wC09ui_MHDeqLm3PbktO-fqWaaAmraAn9Fqb0r1iPRFx0DbwbKgbKpg3HiDbXen_GHCaLjySTO...
yandex.ru/an/count/ 43 B
215 B 79ms
79ms Ping
image/gif 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/count/WQ4ejI_zOoVX2Lai0PqC0CCLL1v4emTH1i5ajEFrXZjSlvFLSVGw-nJdaThJvpsTG01RXPniZQxhERh_OFOV6aiOGCUf8YqAQf7aOeCLHJm-H1BCu62N7RuGTF2wC09ui_MHDeqLm3PbktO-fqWaaAmraAn9Fqb0r1iPRFx0DbwbKgbKpg3HiDbXen_GHCaLjySTOvQ3cG0EuWaRk1h6PbQoMWrxqynALgjXwsl8LHejJPDzqkXq1hFFq2Y0lcSR0mZJ0MHz0Bh7O1QX2yIlouyHx0-3LgYRngrYCg94x08tmnQyFIXUylgUD6KQbSqANeGqy05LAXF50C303YCOPCeqo6GdKCXw2ZgjwpesHap3Y1dGwZgCLwW5d0E9uqGnc6u6Anami1E1J8Ec7dtO_2xBchl_ZJTUNTTrB6s6CHD3ZACR6mSFW8d46j8qd0oTHL5cj3PnTI12-RjmBA19XGYN41JyBvly-3RQFd1611xMxOje0zLG-Ote-NbNbCtmQr4pHLKCCwfPGTHGjI8gumwF0qXNyunvVOrcPpcyw81pA040~2=WPmejI_zOoVX2Lak0NKC02EML3G8iDHE20Wl22RVPSMBsVxOo0Lhfr73JjcJxP2N-iuO-dmkT_PiltFd3NU-ocO5Bq8Q-80gbObY061WXn4CEexKDyQoj3STGyuwMyzaDeULSa87DfWduL60DayoLO0sJo9LW3PF4bM0Da-oem1j3dPLW3O7iof0EyLvfFRqUKyd4C1sdyCvtw6mGpKk1a9m8F5pFjymuM0bGRCnamXCGgMsPsObgzMmDysiPBKQjlHKJTcV_T3ksDJEMCGqt3p9ZW2s67IT-tNdCPdPqbSLoaq-DiKOSbEe1Pm3YUD4CPZkigp9RKRn-68AJtZyS08xUdpm1Jpp_rx0CtzlYIgihnMnfSZFqi0no_xC_D9Bxyns2Y2z-pf2jJrlfXLzsPVbgP4zsTETKM7zs00zx9VkloA8GKafyrjQr_KiOb1IohpMixMXVG7qMPaoANZq2AiZJA044lmF-Bl09lmB--uKQJzcvo83inQ8Ab0Wi4GRFTAGRWIncL0pawBr_n_OyYK9c7RhTvsUufGqZrq4~2?test-tag=29&rnd=5397832664478&confirmRatio=1000000&banner-sizes=eyI3MjA1NzYwOTI0MjMzNTQ0NSI6IjE2MDB4MjUwIn0%3D&pcode-active-testids=919403%2C0%2C33&confirmTime=2101000&width=1600&height=250&wmode=0&banner-test-tags=eyI3MjA1NzYwOTI0MjMzNTQ0NSI6IjI4MTQ5MjE1NjYzNzIwMCJ9&constructor-rendered-assets=eyI3MjA1NzYwOTI0MjMzNTQ0NSI6OTUxNX0&actual-format=23

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/932051/6f95baa4b95417edd267.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1703123807004779-9679866696112382860-balancer-l7leveler-kubr-yp-vla-154-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 21 Dec 2023 01:56:47 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: image/gif
access-control-allow-origin: https://antifreeze.livejournal.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 21 Dec 2023 01:56:47 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 34ms
34ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-25HRJD8PTK&gtm=45je3bt0v9137939604&_p=1703123801074&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=534914086.1703123802&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=2&dl=https%3A%2F%2Fantifreeze.livejournal.com%2F&dt=%D0%A1%D0%B5%D1%80%D0%B1%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B0%D1%80%D1%82%D1%85%D0%B0%D1%83%D1%81%20%E2%80%94%20%D0%96%D0%96&sid=1703123801&sct=1&seg=0&en=not_blocked&_ee=1&ep.event_category=AdBlocker&_et=1&tfd=11468
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-25HRJD8PTK&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://antifreeze.livejournal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 34ms
34ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-L6DJ5ZXH43&gtm=45je3bt0v9114342211&_p=1703123801074&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=534914086.1703123802&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=kAAI&_s=2&sid=1703123801&sct=1&seg=0&dl=https%3A%2F%2Fantifreeze.livejournal.com%2F&dt=%D0%A1%D0%B5%D1%80%D0%B1%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B0%D1%80%D1%82%D1%85%D0%B0%D1%83%D1%81%20%E2%80%94%20%D0%96%D0%96&en=not_blocked&ep.event_category=AdBlocker&_et=87&tfd=11518
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L6DJ5ZXH43&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://antifreeze.livejournal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
kraken.rambler.ru/cnt/v2/ 43 B
623 B 74ms
73ms Fetch
image/gif 81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kraken.rambler.ru/cnt/v2/?event_name=activityPing&event_type=rec&counter_type=web&project_id=7696632&version=1.9.7395%2Bgdec31bc74&session_id=iWjshKRTc_v_79KHSWxTd&adtech_uid=59e38c1b-a82a-4c76-a1e6-6d39663c1751&adtech_uid_scope=livejournal.com&request_id=1703123802.028-119147328&event_id=d6bjfhuNp6xQ6MTS39g4X&session_event_number=2&random=93177910994&url=https%3A%2F%2Fantifreeze.livejournal.com%2F&meta=%7B%22xuid%22%3A%22f127c914d222fe5f165839b4e9aab4cc19c252e40a7ac5443%22%2C%22xuidRcmId%22%3A%22RCM-2564%22%2C%22itemRcmId%22%3A%22RCM-2564%22%2C%22referrer%22%3A%22%22%2C%22activityCounters%22%3A%220_0_0_0_0%22%2C%22activityDurations%22%3A%220_0_0_0_0%22%2C%22duration%22%3A5004%2C%22editorChoice%22%3A%222%22%2C%22position%22%3A1%2C%22timestamp%22%3A1703123807050%2C%22itemId%22%3A%2223096348-1860851%22%7D
Requested by: Host: rcmjs.rambler.ru
URL: https://rcmjs.rambler.ru/static/recommender.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:47 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-srv: 2kraken-prod0001.ad.rambler.tech
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif, image/gif
access-control-allow-origin: https://antifreeze.livejournal.com
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 /
kraken.rambler.ru/cnt/v2/ 43 B
576 B 74ms
74ms Image
image/gif 81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/v2/?event_type=tech&event_name=ping&project_id=7643964&session_id=1531928425_1703123803527&session_number=1&session_event_number=2&version=3.15.1&counter_type=web&experiment=%5B%5B%22exp_ws%22%2C%22no%22%5D%5D&top100_id=t1.1111412.1015191254.1703123801887&adtech_uid=59e38c1b-a82a-4c76-a1e6-6d39663c1751&adtech_uid_scope=livejournal.com&fingerprint=pA8AAENKs1eyjnBqAQiJUQA%3D&fingerprint_ip=pA8AAENKs1eE2YgrAekrYQA%3D&url=https%3A%2F%2Fantifreeze.livejournal.com&request_id=1703123803.527-768153265&adv_request_id=9061141DD849A85BD874B526225111D5&event_id=573838068914918&split=%5B%22env_browser%22%5D&meta=%7B%22activity%22%3A%7B%7D%2C%22scroll%22%3A%7B%22min%22%3A0%2C%22max%22%3A1200%2C%22current%22%3A0%7D%2C%22doscroll%22%3A%7B%22min%22%3A0%2C%22max%22%3A4%2C%22current%22%3A0%7D%2C%22num%22%3A1%2C%22duration%22%3A5%7D&rn=871008756
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://antifreeze.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 01:56:47 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-srv: 2kraken-prod0001.ad.rambler.tech
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif, image/gif
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 seg-32-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 329 KB
330 KB 74ms
74ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-32-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: 33c9ecba9020efa70cced60f8894b927e3e9aed11bb7ef8db4213e92586fc659

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:47 GMT
x-r-cache: MISS
server: nginx
etag: "-1-52578"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0100.lb.rambler.tech
content-length: 337272
x-upstream-status: 200
x-request-id: 584afeff221b526379942a9a6b59f390
expires: Thu, 21 Dec 2023 13:56:47 GMT

GET
H2 200 seg-33-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 318 KB
318 KB 74ms
73ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-33-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: 8860239529a1caf2de1911baad523cb26b87566c5c37e46e53e03c5e49f5c0b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:47 GMT
x-r-cache: MISS
server: nginx
etag: "-1-4f678"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0101.lb.rambler.tech
content-length: 325240
x-upstream-status: 200
x-request-id: afa1e28ef88171ae7f11d8f93d3b7831
expires: Thu, 21 Dec 2023 13:56:47 GMT

GET
H2 200 seg-34-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 323 KB
324 KB 75ms
74ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-34-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: 710593076439ac686a9f691391483251184baa56dcba4302cbee04b0446ecfcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:47 GMT
x-r-cache: MISS
server: nginx
etag: "-1-50df8"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0100.lb.rambler.tech
content-length: 331256
x-upstream-status: 200
x-request-id: 19baba6a169554e0fb07388c69c013d8
expires: Thu, 21 Dec 2023 13:56:47 GMT

GET
H2 200 sandbox Show response
profile.ssp.rambler.ru/ Frame A779 129 B
327 B 69ms
69ms Document
text/html 91.192.148.14
BEGUN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.ssp.rambler.ru/sandbox?img=NuDXEovhQPknK0MZ-BLOZy2vqsOd-uDgicOUGOKnNzHt7IoOcWwvAGQwu1Rzydcuyjoj8kg1Y5KbsVzZ9ApboEjRGmef-QCGrokPoZQNHKDdrIBI2Of6fJ-xdkdM2-JsqhRullVGnzviZEM0yGqFeAXQtLuaxCp6u7pZ4t3iJrBBkJ*fLuo4s6a94VML*YOYAgAAALrcvAoAAAAA&img=GkRg-cs4wheWD2rHR3nD2qyXr4PT3ErTZLToPbWGRAD5SWQSOXHzyDGrhcdB1kvlTNgGHhP1Zst8fyCWrgFH8jbIfd0WxVhSOiG8Bkto169p*7AbC7WgNlqFnKbi8ozNTmkgac9M0480dzGnJkDaZr2lVNspgoDFBA1uLm1adTxmpEofzvHlrtTBl*Dut2hXZOCUFEuhGCoMwIw6V6l58YkORqtIfsvdw8TA4cr4rNAMQrLjmlrINB*iiRROYgZxkrYi-G45OW-ZMrdfx-DQKltAPfWXCtxyFjCmiFqAlGECAAAAuty8CgAAAAA&img=k4VnMH8*-3mWNHvHfntBaJMymDTivz-4Nf0SkWPBOKiXQ1DjoZlDELvcgJkAUH*r1-4aqLNnJLLBHd*UwCTaPH0SEORe6KRncFHaohUO0h7OP-DiCazvu4AFTvSqg9vUUNmTTk4QQwxuEYWEORlL9AIAAAC63LwKAAAAAA&img=hwnkXREE-ODgV8DO0JOOxiPw6CCboI6hPQgm3ikncbJKnaZoVpGORbYtgNHHuTyQN1Tb-rrtK2NctJslGUkk-8zkl9e-Dth-T4fb2aU*qDSqIT3qLvidSqDLO2MZxLUs6I1qk5oECSoQxRylb6w*5gIAAAC63LwKAAAAAA&img=R6*RucH5l5YLkB-Rwo1POMomeuvu34iYBR8CDGBa3SdJNj57jvRm83FOLu8ylaJhgVV1XmBZEHryBbUtG2-9W0X0wN8cQyKzCC7vg-QP0fUCAAAAuty8CgAAAAA&img=Ib6EU1GYHeoT-QTIM4wVxug-4L126*4G47iRyHgJ0v-e09lYqDQrkIEn2gu9K23q5J4wdcv3H9yHRgTC-a9UWnTqsv*lxOaj41t-P9BZB79In6GLbs7WRYbG4surJ-y8AgAAALrcvAoAAAAA&img=52G7Tm24L-5by-haE3UwNeWQL87ERccx9pfzsI1UxKB*TRUFl1e6APqDiHAXKRc3B6MwSHqw1O2DD0wgd0d2CwcXXNwanVKYFjDqEbMMKDt*e-1w9fc8zkV4CJI7KShvt639yw3QUNxkEHTsJ-4e3Zr475ZLZiQFyX8nPMHMTwECAAAAuty8CgAAAAA&img=8viimFUA*yD7vO8CQJatCnd6H29rvf*IftVu1E0Cuh8-szLJi4Oe4ah4A0PDtcJWdzIR4hT*lVo5ehNiGhy-MCqmBcNAe8dpG7PLFSOwsafu1izPmWj0gff-GSlcdDKP0wSYY-r5WTTpNCImt1YYIdiWbHPYYV4nUH47w9TrOIyp08lFfRvDJULsyysGep9DMviWS2ND2hyf-*svWxA-egKhBmysEs6SvcJxXUArIdoCAAAAuty8CgAAAAA&img=1FsHIL0nm*FkT*hmMBZHDdV8tPiUEfV0tHHnkLxKjhrgeBzNDNRilLOiRtW*hd6MMgU*hQ9mycM-hctOAOsRKX7EjtjN11tQh55QqPQJuWeVjQm*yhlQ4XQQvAFuPLtw6ba5*3u2fJVmqMoQzcqSxRipF0TlWDOV-iDV96RY4akCAAAAuty8CgAAAAA&img=LqOrq05nNL-QwrVSIXN2xuSa1wEjgAnDMbNVMmuerXQUgCKXUkBstCTIIW9fkwRNS5bqe90GaMeVdwvpRjKKxTcnVik2sVTIRc2MwHQSpocCAAAAuty8CgAAAAA&img=wJY3n0MVCPt0UmmX5ZOvcFe4OwUtRE5ZUbxkETJAcYpMFgOhQ0LwFxwTNfpwVLxzVmlb6x6Bxdu6S8tiDZWEC9EPjykLCZ0rDzb9pWRCeRk0dY7D*zZyqBccHTTWgPSFCRuopxnX*1KNPEWsyr*xz3Z7UfGa6HLyTTDK21LAMTQCAAAAuty8CgAAAAA&img=h-7-HRicj2*cQwK8BH-V2akhz19sFLJAbS23190gSk0fyfe9MaG5mtvi6cVvvLy0G9NL9DR9davZqslWZDmQyPctU6gi*gsdBZMqty9tjcZlUdV2P-V31zuRsvVSsbJfGp2Zd97c*jRrRUUjrG52ogIAAAC63LwKAAAAAA&img=soW2p*g8x3w9hGHRwFmNBIbRx5ctENG*30xzNUNhrGijcrlRnXy*d2tI1KysTrCbqabmoVz2dfMK9ntLzAPDAk69CJildpQUiKoAK3gGstm0VnNwbMQdCmLXStL6*qR4WdxRBjiawFmi6HRPU20K3U*A6AuHEooHSh8lP-26ntOnZd3HsloBLSgPhmxWv0FWFplEXRp7rVp-L*HYtzPj8AIAAAC63LwKAAAAAA&img=z0-DiC0zMD52JP3k1K4KgYbVuR50dvkwM657K7-DiWoam3yUgLVdJBRC3yTkkYe2ICADF*Rt2ymZNeILPUMuydi0bF35xg5pTbDHHUbpZ9M8NmgY4vy4-Xpz3GdGPysE1aLOIm7bhb97Rxy35x7fVQ*UBqtilIGStqTk1XPhQFMCAAAAuty8CgAAAAA&img=DOwlbAfWgyk--yvW6D2sgsroA2Qlx70ncUmGaiUPoJ--rmWCFopPfprnZkp1qKUKSUigUAa3YKAPU1gegmkTVllM6g0ESQTc3Lnyg78aeZBQmYRhl533T9r6fIi2VDjD8rIdqeBqKgQMPZ56lmZERwIAAAC63LwKAAAAAA

Requested by

Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

91.192.148.14 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

zvezda.ssp.rambler.ru

Software

nginx /

Resource Hash

2acd33ad74c4bf968c43200f3085901505a1d635c8a5ad53b450e0e24d00b758

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://profile.ssp.rambler.ru/sandbox?img=W73iozI7uy8a4dEFlQ0UVLlgdqFSHC*YviWGfztjxxN5jlJAoLm4*z1cio7owEewUEmUDZzLOVApSi-yy2dl1yxpRkbtgF4K36B8owGVx-MCAAAAuty8CgAAAAA&img=-U6TQK6bvwqUmiFdQ2GNwKs3LEW2LCqUIychC747U2FQUaJ3V21kxcMLbzMTEUPDReRSwbnvTEfR1VlNz0oyp2ahjYwP8ZPD4CWIzGo*woy60SV-j9z3l*YTNW60-i9kTrEwCAnh3v7gMNIeULtiRwIAAAC63LwKAAAAAA&img=CaHcYUUXenukhfStA68O9UEITBcx6cuvtzuxBNlgB3xsZtsFr8PiOxXDINtdEij3EhppUpl6yessULac9ayi33dZpI85JQeF9X0iqifWIC8RR-7upMDX0oU4hM5Xfb0iYb4GTxrSFkb0*m-ITuXhW-3iN*8DCLHbu*jztc0IuL25bfl-rWoiwP4HGZBNW5xit9g2UnviNzyHsMpDllC8yMeOUmTVqWrz9qoSZIeWIgEBTHiSSU6*-plMaBsvUE*GMa-8g7G2g6jO70SCQUgiG8MZvaDv3o7fgsGHbhPzKQcCAAAAuty8CgAAAAA&img=duIZJUjsUI1dxNfQx8RVJ3wJxUCFY9oyVev2gkZdBsrndDm1PNSYourBP63BYz8l1Zdxo65xEO5IOxFfLr3IQTNlUYdWfw5eCHEhdbYHxMd*Q15Mb6-AuuhGI4ScCH8QcPNhUKKFxlkaDTyjPgddQfvVBU2SvRxwRdB8hu5w8SsCAAAAuty8CgAAAAA&img=VfYw9oO9lUy9Wp6QBqnNnJgs0296z94BsGRywFEkDfUJP-fVS7zWJiL2fP15jHib73SHxBKaihY7*LHszuYifa3QXsu-KCMy57vCQ9M7E3sTQpVLb5U48j*QtpyafjFqxlN8PzBAI0xyXRO8aoom*YcCP7oDzfbJyi4wc5NiKRUCAAAAuty8CgAAAAA&img=DJRZsI8kLAI*6D-tz1WIPY-nVa-Q-mMb9i3*K1*2waktSe143tyrtLu48VC*hm9fXGldInv2kptoivFuvS8K-i5qjda58qIPNBCs096jfmsCAAAAuty8CgAAAAA&img=YpCDrWlMppDgmdgYjRYAKYI1oRZZO6rd*GZVHaxJOB4RmDlxUuiW2iXZwDOBlEQ7f8WJI4qf9TQCRhbuKFU*W6uIlDnFjPy*epqpGVTR8ld4MWmcwRNsQSE540ntrighibPjdgfGlJ6qU7rbQdJ568WfAtpdjOvotJfshn*c9XuFgskZUdy8lmdgsqKj7CcGRmoqtJJ-L0Mq8X50VCvSOyDZenvgEoLAdtGTD-jxSyUCAAAAuty8CgAAAAA&img=zyeTTDI-dptlFVtb8feGRWb28Ap56LRIUn700sd6ffY5woZf13RLzxtf350PmeMhgdKSPNriAnZCCX5y*jmor9JDtP0e6sEv4jDi1ehu790HpbJZNqtGipgP1AoLzmBw2ZhzUKpT9VnJYOVTJHMbgwIAAAC63LwKAAAAAA&img=WEsfaYtGKFQpNeKfDSlTS81e5EmMTv6rAkI7mj26HsOFyladQkVcBOMDgKcT4fo444qlqp3SFeqrdTpupJYCxen6DRDvt0SbeNYnIFTTHGI3a70h*D8mF0NXKpg5WYBBPlj3c79DafzP-DP9scoNMO55ZpYG5E1d-xfT9lYaXetdYv8JSDINmtqzoWIIG7vmHZMipusLbW2Ib7tnYUM37gIAAAC63LwKAAAAAA&img=Uyv8TdK-w3JMmVQP8gA-K8mXEKT1s2i9zXEfafn22Si3CyHp7B8l*xKQ-asvgiaBYuD7TNIvZL5Nv6Um6C4wGuaJNZsCUQEGLVZjWUy7qRDVUlpuAgpqWCprNcxfRabuW0pxPodq2XrigJtVeaKTvwCiaT7z8wyNlaRIiDO2DA1e3yvzKCLA8NXAVFJfQIGTAgAAALrcvAoAAAAA&script=*ollo05vechen7acUtDJLr1x1446gtTkuYN7Z3s8w8Y2MO7AFY*eukhfYJ2B4fQYRr-D2eIejEyFVtqEzQFgXTVWp7qW3vY3H2FmoYWOPBKkJdhclvHU5gTnYsVNdx2Y-Un6TIJEFGfqteDsmXXbzgIAAAC63LwKAAAAAA&img=8IQRGoytCHaY0u1dErCtk05kr8VYj1JuufhuEyH4CfO24LprbDlywJcPB1B7uT5jEUgm7lPZT2A5J4mC73DpHE7vz7lFdA7jLU6c4AycMMEiMMIFgcHJBxM4MbBRFB25AgAAALrcvAoAAAAA&img=DkbhzcZ6LCgInQctInGHfb-CW*TnQNQuFCWw-Bfa-UqxaikFBGXjli1Yg1m2Zeoa6Arj6DRRuUt-ohvFpZkcivjsr2KFnEpRnOK26OK5TQ5PiicIkBd4uIUX86fvNyX2VZp4xhMIwi3znSFaw5x0Ig9kh9RKMFM*Itk8RfAW6CYCAAAAuty8CgAAAAA&img=MVlsTOA2G0wW0GHTDArIwaLQKrHiINmpfVJmPekCUiLy0kLd855OCi-YVI4MhJYNSI5DcKqRzvKQ1JiK6-ziXek1FqL2-tUPPVhE6xzH*lP5wFZ8Evwnv3XtacDVbZqgvu-XhXrD7ppJnsdbMq04BgIAAAC63LwKAAAAAA&img=A3muT*kOOmK*CHUcZ64CDGbKKJwtBD7-k8D7sSGlE5ejOv-dxrdRpJI6qurBKdjg9lhv9EM8lLDGluDxKLittraHaQ5T9AOjJqy26YSzwKkaePohV0eucASL*wp9OirGmS*EoCIb44Kih-n8Ww0BhAIAAAC63LwKAAAAAA&img=B93LlTMk0ZzN8GCWds4BebsbQfXUAvdB1ElWq-zoKXxq-fTpsEYuZfwIc7yawsuxHLXTKGZW3vXx8e-WaPDr298a7quU2E*TrZWCKAYpvmgBc*F0ledmEl02RMB7NXuSeUtGqEZSWxDIEf8XJ6ETb7unFCHzLYnas4nRQfjv5zcCAAAAuty8CgAAAAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Thu, 21 Dec 2023 01:56:47 GMT
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
server: nginx
strict-transport-security: max-age=0
x-passed: 2bal1

GET
H2 200 seg-35-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 341 KB
342 KB 74ms
74ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-35-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: 9086d7ed6604e2a076491eb0bdfc1397a21816d3e6a2a2e102478bf44909a21d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:47 GMT
x-r-cache: MISS
server: nginx
etag: "-1-55478"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0103.lb.rambler.tech
content-length: 349304
x-upstream-status: 200
x-request-id: dbc00db44fd634a7ab30e0352fd9230b
expires: Thu, 21 Dec 2023 13:56:47 GMT

GET
H2 200 seg-36-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 373 KB
374 KB 75ms
74ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-36-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: 8d40d074f2f0682d63ca856aa711eeb662dfe499a4e923f984e1e469231777a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:47 GMT
x-r-cache: MISS
server: nginx
etag: "-1-5d5b8"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0101.lb.rambler.tech
content-length: 382392
x-upstream-status: 200
x-request-id: 76afb19b17b0288550db9638e1683c2c
expires: Thu, 21 Dec 2023 13:56:47 GMT

GET
H2 200 seg-37-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 344 KB
345 KB 74ms
74ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-37-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: 2ceda359670df4636f764a877b3e7939e0d06f2acfcb62197d63a332ae4596c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:47 GMT
x-r-cache: MISS
server: nginx
etag: "-1-56038"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0102.lb.rambler.tech
content-length: 352312
x-upstream-status: 200
x-request-id: d7796481ff57d6efdc298dd95cf37918
expires: Thu, 21 Dec 2023 13:56:47 GMT

GET
H2 200 seg-38-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 344 KB
345 KB 74ms
74ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-38-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: 47097940cc05e9046f8779952a794b0e5f0f3a6fbe8f290b1e0278e5271398d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:47 GMT
x-r-cache: MISS
server: nginx
etag: "-1-56038"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0102.lb.rambler.tech
content-length: 352312
x-upstream-status: 200
x-request-id: 9005e816f850c9cc75194c075494bcf4
expires: Thu, 21 Dec 2023 13:56:47 GMT

GET
H2 200 seg-39-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 329 KB
330 KB 75ms
75ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-39-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: cabd261756463d8f8339164eeb8661bee7528dde761e113562fe7a0d5fa278bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:47 GMT
x-r-cache: MISS
server: nginx
etag: "-1-52578"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0102.lb.rambler.tech
content-length: 337272
x-upstream-status: 200
x-request-id: 9e70df4b01baaa3e3ab6db47538549ba
expires: Thu, 21 Dec 2023 13:56:47 GMT

GET
H2 200 seg-40-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 332 KB
333 KB 75ms
75ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-40-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: bc91825f175885b60361e8fa1a2e25df7b84db0918bd329493be2dda88236b8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:47 GMT
x-r-cache: MISS
server: nginx
etag: "-1-53138"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0102.lb.rambler.tech
content-length: 340280
x-upstream-status: 200
x-request-id: ee73d5fb925044f55254e418b02e078e
expires: Thu, 21 Dec 2023 13:56:47 GMT

GET
H2 200 seg-41-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 309 KB
309 KB 74ms
73ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-41-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: 5188018fc27cc3441f9b9730887bd4cf3730d30b373849f1253c6e25f6b95f8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:47 GMT
x-r-cache: MISS
server: nginx
etag: "-1-4d338"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0103.lb.rambler.tech
content-length: 316216
x-upstream-status: 200
x-request-id: bc1657f754e0e5bc6f7aa793087c4c01
expires: Thu, 21 Dec 2023 13:56:47 GMT

GET
H2 200 seg-42-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 353 KB
354 KB 74ms
74ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-42-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: 1a34438b28e709609760fcd8ed4d12995b579f4b9e4104f3a1a46a250f04ee33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:47 GMT
x-r-cache: MISS
server: nginx
etag: "-1-58378"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0102.lb.rambler.tech
content-length: 361336
x-upstream-status: 200
x-request-id: b2f3a6fcabede2a0cc413ebfbbf8df7f
expires: Thu, 21 Dec 2023 13:56:47 GMT

GET
H2 200 seg-43-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 344 KB
345 KB 74ms
73ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-43-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: 70768939d65a5e2a35fe81a301fa85cf8d9807019e9eb185d007f8f12380a857

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:48 GMT
x-r-cache: MISS
server: nginx
etag: "-1-56038"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0101.lb.rambler.tech
content-length: 352312
x-upstream-status: 200
x-request-id: baa63aa8215a6d43faed4bb660f6660b
expires: Thu, 21 Dec 2023 13:56:48 GMT

GET
H2 200 seg-44-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 350 KB
351 KB 74ms
74ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-44-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: 4e7d6102e00395e77fb5f7c8151063a79cb105d244ad6c733bdd25153fc2fbbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:48 GMT
x-r-cache: MISS
server: nginx
etag: "-1-577b8"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0102.lb.rambler.tech
content-length: 358328
x-upstream-status: 200
x-request-id: fc30c2c9c86a8c47590477693cec13d0
expires: Thu, 21 Dec 2023 13:56:48 GMT

GET
H2 200 seg-45-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 315 KB
315 KB 75ms
75ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-45-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: b840423f1a5d16f73f93daa6bf34765cd601bb306f26d6582beef6b6900122b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:48 GMT
x-r-cache: MISS
server: nginx
etag: "-1-4eab8"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0100.lb.rambler.tech
content-length: 322232
x-upstream-status: 200
x-request-id: 6fc5cb400d0b4045a510e7dc4f913e9c
expires: Thu, 21 Dec 2023 13:56:48 GMT

GET
H2 200 seg-46-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 379 KB
380 KB 75ms
75ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-46-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: 96f485845329b15497bc78ca7adc4ab8c289ed0bca78523ee4359a108a648e8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:48 GMT
x-r-cache: MISS
server: nginx
etag: "-1-5ed38"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0103.lb.rambler.tech
content-length: 388408
x-upstream-status: 200
x-request-id: f3ee1b023387c2b901601923eb41493e
expires: Thu, 21 Dec 2023 13:56:48 GMT

GET
H2 200 seg-47-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 332 KB
333 KB 77ms
77ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-47-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: f278e2a85ab645b5328771e6b721baf524d005e4cb0d356440d4c83462b89c4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:48 GMT
x-r-cache: MISS
server: nginx
etag: "-1-53138"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0101.lb.rambler.tech
content-length: 340280
x-upstream-status: 200
x-request-id: da9db9fd444ba9ae937abb6df644b2fe
expires: Thu, 21 Dec 2023 13:56:48 GMT

GET
H2 200 seg-48-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 306 KB
306 KB 74ms
74ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-48-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: 57a092f379d6a148f9972e5c180e74f3ef1e6fa4a751dc764eafe9dabcba7916

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:48 GMT
x-r-cache: MISS
server: nginx
etag: "-1-4c778"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0101.lb.rambler.tech
content-length: 313208
x-upstream-status: 200
x-request-id: f2909a56206addf8243b302d7a7b9430
expires: Thu, 21 Dec 2023 13:56:48 GMT

GET
H2 200 seg-49-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 368 KB
368 KB 74ms
74ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-49-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: f6637e72807cb089cb67144d6eeeb7746ddf783183aafcd02c2cd80d7d198507

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:48 GMT
x-r-cache: MISS
server: nginx
etag: "-1-5be38"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0102.lb.rambler.tech
content-length: 376376
x-upstream-status: 200
x-request-id: bc903b4f900da0f450c6f95ab7468b8f
expires: Thu, 21 Dec 2023 13:56:48 GMT

GET
H2 200 seg-50-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 338 KB
339 KB 74ms
74ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-50-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: 83a7c0c275bf7f953ee1fb578380e61061eb333112f31468b5c63c9919d96920

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:48 GMT
x-r-cache: MISS
server: nginx
etag: "-1-548b8"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0102.lb.rambler.tech
content-length: 346296
x-upstream-status: 200
x-request-id: 603334c9cee287e9b38630c909169ffa
expires: Thu, 21 Dec 2023 13:56:48 GMT

GET
H2 200 seg-51-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 338 KB
339 KB 74ms
74ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-51-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: 717f3679b5fe59c40febf29738a7edc07255c51eb863a20bb280d54a1680e3dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:48 GMT
x-r-cache: MISS
server: nginx
etag: "-1-548b8"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0100.lb.rambler.tech
content-length: 346296
x-upstream-status: 200
x-request-id: 3599e10e5b1479bd4a213493826df3bf
expires: Thu, 21 Dec 2023 13:56:48 GMT

GET
H2 200 seg-52-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 262 KB
262 KB 78ms
77ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-52-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: cb43db7895614e568f9d958804255d86f25dc735b0ba4cd9f431d1ba3484efe5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:48 GMT
x-r-cache: MISS
server: nginx
etag: "-1-41738"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0103.lb.rambler.tech
content-length: 268088
x-upstream-status: 200
x-request-id: ee631053d3e13763926467d8970b8795
expires: Thu, 21 Dec 2023 13:56:48 GMT

GET
H2 200 seg-53-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 385 KB
386 KB 76ms
76ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-53-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: 491f8059fab9f314b350c02bfd6bf3abc7d40441aa9d2139e02dfce4ac42ef3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:48 GMT
x-r-cache: MISS
server: nginx
etag: "-1-604b8"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0102.lb.rambler.tech
content-length: 394424
x-upstream-status: 200
x-request-id: 422fa19000873ba0139eb5b50ca4bb12
expires: Thu, 21 Dec 2023 13:56:48 GMT

GET
H2 200 seg-54-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 326 KB
327 KB 74ms
74ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-54-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: 32d5ae810747b4bf40e72e6c517a0edc2ccf9fdec2a3a5a2e22a2f6fde6f103d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:49 GMT
x-r-cache: MISS
server: nginx
etag: "-1-519b8"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0100.lb.rambler.tech
content-length: 334264
x-upstream-status: 200
x-request-id: 6d8348e773104723a3405575f56380ef
expires: Thu, 21 Dec 2023 13:56:49 GMT

GET
H2 200 seg-55-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 362 KB
362 KB 74ms
73ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-55-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: ed4af5749eeb5ef0e1a47b117331ccbf11dc1fd581b36d2c9d63da852a695533

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:49 GMT
x-r-cache: MISS
server: nginx
etag: "-1-5a6b8"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0102.lb.rambler.tech
content-length: 370360
x-upstream-status: 200
x-request-id: e7198749acd9eb2fcd18a318a0fbeb21
expires: Thu, 21 Dec 2023 13:56:49 GMT

GET
H2 200 seg-56-v1-a1.ts Show response
hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/ Frame 7CCB 309 KB
309 KB 74ms
74ms XHR
video/mp2t 81.19.87.41
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsvod.rambler.eaglecdn.com/lj/20230911/Fnw4EC6H7QcUq.mp4/seg-56-v1-a1.ts
Requested by: Host: vp.rambler.ru
URL: https://vp.rambler.ru/player/1.125.0/player.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.87.41 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: download.rambler.eaglecdn.com
Software: nginx /
Resource Hash: d1f0c617a9cb9b8a8d461fa8593896d791f86ff72092a8f72e754d1ed4131648

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:56:49 GMT
x-r-cache: MISS
server: nginx
etag: "-1-4d338"
content-type: video/MP2T
access-control-allow-origin: *
x-upstream: 10.128.17.43:80
cache-control: max-age=43200
accept-ranges: bytes
x-balancer: 1node0102.lb.rambler.tech
content-length: 316216
x-upstream-status: 200
x-request-id: ab0270c41b2528e37fc00fc206052d13
expires: Thu, 21 Dec 2023 13:56:49 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.1dmp.io
URL: https://sync.1dmp.io/pixel.gif?cid=6464e806-bc68-4a4f-8893-22ec34eb02f1&pid=957b2d53-9bf9-48fd-95ea-df093901ffcf&uid=5B9606213CE1C709A7978035725C50C9

Verdicts & Comments Add Verdict or Comment

285 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

68 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.livejournal.com/	1970-01-20 17:15:28	Name: splittest Value: none
.livejournal.com/	1970-01-21 02:41:23	Name: luid Value: URNKAWWDm1gLTDxx6qI7AgB=
.livejournal.com/	1970-01-21 02:41:23	Name: ljuniq Value: BLl3g8ZTu4J8v8U:1703123801:pgstats0
.livejournal.com/	1970-01-21 02:41:23	Name: ljprof Value: f127c914d222fe5f165839b4e9aab4cc19c252e40a7ac5443
.vk.com/	1970-01-21 01:45:57	Name: remixlang Value: 6
.vk.com/	1970-01-21 01:50:59	Name: remixstlid Value: 9095742807517093092_8cITXiWSCvNi7vF8zG3MPvprGmeptEoNma73GBophpX
.livejournal.com/	1970-01-20 17:06:50	Name: _gid Value: GA1.2.1169374619.1703123802
.tns-counter.ru/	1970-01-21 01:50:59	Name: guid Value: 97EB7A2065839B59X1703123801
.livejournal.com/	1970-01-20 17:05:23	Name: _gat Value: 1
.livejournal.com/	1970-01-20 17:05:23	Name: _gat_gtag_UA_113076623_1 Value: 1
.livejournal.com/	1970-01-21 02:41:23	Name: _ga_1V2YHKGDNK Value: GS1.1.1703123801.1.0.1703123801.0.0.0
.livejournal.com/	1970-01-21 01:04:55	Name: tmr_lvid Value: f3726b1118acb491d3ca86bc2148f089
.livejournal.com/	1970-01-21 01:04:55	Name: tmr_lvidTS Value: 1703123801850
.livejournal.com/	1970-01-21 01:50:59	Name: adtech_uid Value: 59e38c1b-a82a-4c76-a1e6-6d39663c1751%3Alivejournal.com
.livejournal.com/	1970-01-21 01:50:59	Name: top100_id Value: t1.1111412.1015191254.1703123801887
.livejournal.com/	1970-01-21 02:41:23	Name: _ga Value: GA1.1.534914086.1703123802
.livejournal.com/	1970-01-21 02:41:23	Name: _ga_25HRJD8PTK Value: GS1.2.1703123801.1.0.1703123801.0.0.0
.yandex.ru/	1970-01-21 02:41:23	Name: i Value: h0MVMEuAe/KSZa1Cy24XZbjIQb7HZV4GRJeItzdjdqpbFwEOdN9F6FjEPFzykLcWvcOnw3Mwv5v+NGhpewFlFAjRm4U=
.yandex.ru/	1970-01-21 02:41:23	Name: yandexuid Value: 1363203471703123801
.livejournal.com/	1970-01-21 02:41:23	Name: _ga_L6DJ5ZXH43 Value: GS1.1.1703123801.1.0.1703123802.0.0.0
.livejournal.com/	1970-01-21 01:50:59	Name: _ym_uid Value: 1703123802457634768
.livejournal.com/	1970-01-21 01:50:59	Name: _ym_d Value: 1703123802
.mc.yandex.com/	1970-01-20 17:05:24	Name: sync_cookie_csrf Value: 2992346423fake
.mc.yandex.ru/	1970-01-20 17:05:24	Name: sync_cookie_csrf Value: 1432685205fake
.livejournal.com/	1970-01-20 17:06:35	Name: _ym_isad Value: 2
.rambler.ru/	1970-01-21 02:41:23	Name: ruid Value: 1CIAAFqbg2WkCsSdAXzzLQB=
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: ihNNJbWNnh8
.youtube.com/	1970-01-20 21:24:35	Name: VISITOR_INFO1_LIVE Value: LbUIb3S61Ws
.yandex.com/	1970-01-21 01:50:59	Name: yandexuid Value: 1363203471703123801
.yandex.com/	1970-01-21 01:50:59	Name: yuidss Value: 1363203471703123801
.yandex.com/	1970-01-21 02:41:23	Name: i Value: h0MVMEuAe/KSZa1Cy24XZbjIQb7HZV4GRJeItzdjdqpbFwEOdN9F6FjEPFzykLcWvcOnw3Mwv5v+NGhpewFlFAjRm4U=
.yandex.com/	1970-01-21 02:41:23	Name: yp Value: 1703210202.yu.91538191703123802
.mc.yandex.com/	1970-01-20 17:06:50	Name: sync_cookie_ok Value: synced
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 42270451703123802
.yandex.com/	1970-01-21 01:50:59	Name: ymex Value: 1705715802.oyu.91538191703123802#1734659802.yrts.1703123802
.yandex.com/	1970-01-21 01:50:59	Name: bh Value: KgI/MA==
.yandex.ru/	1970-01-21 01:50:59	Name: yashr Value: 3060973871703123802
.livejournal.com/	1970-01-21 01:50:59	Name: vpuid Value: 1703123803.383-1033365366
.livejournal.com/	1970-01-21 02:41:23	Name: last_visit Value: 1703120203525%3A%3A1703123803525
.rambler.ru/	1970-01-21 01:50:59	Name: _ym_uid Value: 1703123804689242517
.rambler.ru/	1970-01-21 01:50:59	Name: _ym_d Value: 1703123804
.rambler.ru/	1970-01-20 17:06:35	Name: _ym_isad Value: 2
.livejournal.com/	1970-01-21 01:50:59	Name: FCNEC Value: %5B%5B%22AKsRol-SghiFgm6yyTJcaq9WItLg-iiQR-okC1_GPc9z310eNPJgnWvQDy8xaeo6YaBZJ8-pHh9xNE5VJoNw-_lq_nqUTOSNvp5ZsP7tQ8teCnj8nR_Brdr9ssGBDHmwKlk1Fqxd6UgYdXsK77haB0K52chWi1a4ww%3D%3D%22%5D%2Cnull%2C%5B%5B5%2C%22463%22%5D%5D%5D
antifreeze.livejournal.com/	1970-01-20 17:06:50	Name: tmr_detect Value: 0%7C1703123804418
.rambler.ru/	1970-01-20 17:48:35	Name: sts Value: 0.1703123804.1.1703123804.2.1703123804.3.1703123804.4.1703123804
.yandex.ru/	1970-01-21 02:41:23	Name: yuidss Value: 1363203471703123801
.weborama.fr/	1970-01-21 02:31:19	Name: AFFICHE_W Value: HaPdPMJqUp0d17
.bumlam.com/	1970-01-21 02:41:23	Name: suuid3 Value: IiQzMTliNzkxYy05ZmE0LTExZWUtODZlMC0wMDI1OTBjMDY0N2M*
.upravel.com/	1970-01-20 17:05:23	Name: session_tptc Value: 1703123805076
.upravel.com/	1970-01-21 02:41:23	Name: user_id Value: abd63a56-b3d5-4057-a244-d394ce1e592e
.betweendigital.com/	1970-01-21 01:50:59	Name: dc Value: mow1
.betweendigital.com/	1970-01-21 01:50:59	Name: tuuid Value: 6747683c-a6af-5163-b427-2c34d1a4b769
.betweendigital.com/	1970-01-21 01:50:59	Name: ss Value: 1
.betweendigital.com/	1970-01-21 01:50:59	Name: ut Value: ZYObXQAC_aDB27dCJpmhbpTvtccCm93sP6al_w==
.mail.ru/	1970-01-21 01:52:26	Name: VID Value: 2zQaMG0bGjIM0000182GbC2M:::0-0-0-a9df419-0:CAASEG6W8IGk_NDYHY7gXsVIPDgaYMwwjmNkVCGseCm4YT9cmpbOq-ZU-4eiErP9EISTkTQgxXVJBAx3ayU9aGVBU_Wz919Cfm4PEkFc7gOyxNF42pSurJAq18EE3-VvIt7dja9r6zVZh1hjdcq8W9av7iynqg
.sberbank.ru/	1970-01-21 01:50:59	Name: _sv Value: SA1.75eddeb4-225f-49b7-8cbe-f76f0da91f59.1703123712
.dmg.digitaltarget.ru/	1970-01-21 02:41:23	Name: viuserid Value: UF1tDmRFgCKiifk7H-2h
.wi-fi.ru/	1970-01-21 01:50:59	Name: dmpuid Value: j9iMDs3ORzCeCQhKdskdmQ
.doubleclick.net/	1970-01-20 17:05:24	Name: test_cookie Value: CheckForPermission
.bidvol.com/	1970-01-21 02:41:23	Name: bvuid Value: 5f51u81n1v
.adhigh.net/	1970-01-21 01:50:59	Name: gi_u Value: u7OdHk4efL1D.AikABlGMihblJQ
.aidata.io/	1970-01-21 02:41:23	Name: __upin Value: CzFx3ohMtsx31ZmWnbOjfg
.aidata.io/	1970-01-21 02:41:23	Name: __upints Value: 1703123805
.mos.ru/	1970-01-21 02:41:23	Name: mos_id Value: Cg+IA2WDm10loHkWC5PQAgA=
x01.aidata.io/	1970-01-20 17:09:43	Name: livin Value: 1
.antifreeze.livejournal.com/	1970-01-21 01:50:59	Name: t3_sid_1111412 Value: s1.723920327.1703123801888.1703123806890.1.3
.antifreeze.livejournal.com/	1970-01-21 01:50:59	Name: t3_sid_7356279 Value: s1.1063649748.1703123803525.1703123806891.1.6
.antifreeze.livejournal.com/	1970-01-21 01:50:59	Name: t3_sid_7643964 Value: s1.1531928425.1703123803527.1703123806891.1.3

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://antifreeze.livejournal.com/img/c5a15be93e425dcb8a26b06645ad4574_a_2144-40.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: https://vp.rambler.ru/player/sdk.js Message: Allow attribute will take precedence over 'allowfullscreen'.
other	warning	URL: https://l.lj-toys.com/?auth_token=sessionless%3A1703120400%3Aembedcontent%3A8864793%26767%26%26%26youtube%26Q9Fo2byNdGE%3A533d57c32e5e4e389cfd85f96360e53707c76a39&source=youtube&vid=Q9Fo2byNdGE&moduleid=767&preview=&journalid=8864793&noads=(Line 68) Message: Unrecognized feature: 'web-share'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
an.yandex.ru
antifreeze.livejournal.com
api.vp.rambler.ru
avatars.mds.yandex.net
counter.yadro.ru
dmg.digitaltarget.ru
favicon.yandex.net
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
hlsvod.rambler.eaglecdn.com
i.ibb.co
i.ytimg.com
ic.pics.livejournal.com
imasdk.googleapis.com
img02.ssp.rambler.ru
jnn-pa.googleapis.com
kraken.rambler.ru
l-api.livejournal.com
l-files.livejournal.net
l-stat.livejournal.net
l-userpic.livejournal.com
l.lj-toys.com
lbs-ru1.ads.betweendigital.com
log.strm.yandex.ru
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
profile.ssp.rambler.ru
px.adhigh.net
rcmjs.rambler.ru
redirect.frontend.weborama.fr
region1.google-analytics.com
sandbox.ssp.rambler.ru
sb.scorecardresearch.com
sentry-saas.rambler-co.ru
ssp.adriver.ru
ssp.bidvol.com
ssp.rambler.ru
st.top100.ru
static-mon.yandex.net
static.doubleclick.net
static.eaglecdn.com
stats.g.doubleclick.net
stats.mos.ru
sync.1dmp.io
sync.bumlam.com
sync.rambler.ru
sync.upravel.com
tms.dmp.wi-fi.ru
top-fwz1.mail.ru
vc.videos.livejournal.com
visor.sberbank.ru
vk.com
vp.rambler.ru
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.livejournal.com
www.tns-counter.ru
www.youtube.com
x.bidswitch.net
x01.aidata.io
xc3.services.livejournal.com
yandex.ru
yastatic.net
yt3.ggpht.com
sync.1dmp.io
142.250.184.198
162.19.58.156
185.15.175.131
193.232.148.134
2001:4860:4802:34::36
2001:6d0:4001::226
212.11.151.56
23.111.200.118
2a00:1450:4001:800::2002
2a00:1450:4001:801::2006
2a00:1450:4001:802::2003
2a00:1450:4001:802::2004
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2008
2a00:1450:4001:812::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2016
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::200e
2a00:1450:4001:830::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9b
2a02:6b8:20::215
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::28d
2a02:6b8::36
2a02:6b8::402
2a02:6b8::90
2a02:6b8:a::a
2a13:1ec0::1037
3.124.69.248
31.172.81.160
35.190.24.218
65.109.65.188
65.9.95.111
81.19.73.31
81.19.74.0
81.19.74.1
81.19.82.56
81.19.87.28
81.19.87.29
81.19.87.41
81.19.87.48
81.19.89.18
81.222.128.213
84.252.144.107
87.240.137.164
88.198.16.238
88.212.201.204
89.108.120.68
91.192.148.14
91.192.148.30
91.192.149.12
91.192.149.52
91.220.120.9
95.163.52.67
02a00f433f65d24289c6e7dd7b70bea2a4cc3f67e131fde03c897a4032cd8ba7
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
04c6787165bc9b6eea4fdd9dbb14ce5665de34683975724e2307015709649318
08d4cb950cc8303cbdfa5c25d17902c40c80f50422c1167ed805ea178be440c2
09416e85998ce2c89943da3aa3563633045a0135d33f8124818dda75075bfd73
0d5171d060bad88b97a426e8bf980d143d9158be2fe5978c4857d199c19f29db
0d7cee86d143f6ed4357a38a339b7f034a406a7e20d3ac49af1b06f25f87781b
10242f3b5a51bb1d438493c30e2c7b99657351e7a792e2214d5cacf4ec37ab3b
12034f03013910b24ea5e6b792b7acab81f5fd4326bca60b9842429300c23525
13ef64cf22c03f048ddc99c226aca0fb661342a509cd20ec427b4ea64feb7526
14f0824aacf181d8c2256e56b2f02e869c2263610eee88275dc988179ddd1bcb
158b03902c4ce47d7c1380a8765215bc4551711cfea797c9842752ec7a0f5263
166c8bf32625cc164e4a3e0dca06700f7061d37e9e1932865eb2082ee32f4aaf
18220bbba0e1f98301f2f248eff119179e41ac33bcc6544f8f5ec2165fdc88f2
1a34438b28e709609760fcd8ed4d12995b579f4b9e4104f3a1a46a250f04ee33
1a8b126e5c3aeb9114ce0402d2f09794d6efd5d818458d8304e48c162d649610
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b0a547f7196ad80a878408319f3c0ab2a2fe95bad39dac4c7d1578bb6851b03
1bfaddb95c4b34064e7e7a435f9a7e49682349869f7f66b73ff6c643f7a39fc0
1c153960c8700866d1deb0201078fed83806efeecbcf31b92d3878958600b241
1c8789b4e70340223b9f2e96e43d53479002ae394b5e49a43106fae926521b48
1d59c60f3badbe620acd95a3be2e1c2d62c557a0e38d1cc4752ecfd494019462
1e1e80ad9f74989f6d5e2ecdd5494e91a77e9d55b72f6af37cb4c402c735ff9c
1efced8fca1c49c2334f0a92917d99f59ec6de81180943417bca5ba8fc6e163e
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
20573f81eb385e09fa914fcf18f91093fd242f20215d923e1be04b27db9a4ca6
21b13af13449b3e70c78033dc39f50a11b266b31545d711530255c068331d5e8
22e5e72d347b23a6dcbe89257b12c631f62523da44b9ea0af2085b8ceb2e044e
23b8eff28ea03e5718046946e1250518858a7ece4a28ba989fe1e2b1e0fc852c
2424fab189cc30846148fd0880f30f7eefca10a595d55f49773c9b51fa722542
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
25ee40716dfc039234a0a0107b39712fba15b80c4a5704d26b17b1a108208694
2623f8ead1021eef68257ebfd1e5e2a54083683cb0eed2cddc5c9bee1fa9fb2d
276937ed9b66990d16cc250dac88898099a2e783c5cdfb073965139d8ec9bc5d
282ab6cb1232fab1c6cd65b944358c04b07d62bea233c5aa67952db7cbd4ab5b
2a0ee4bbbc60aa4f390bb844c6e543f38133ec52a8d503c517e2c57f62507895
2acd33ad74c4bf968c43200f3085901505a1d635c8a5ad53b450e0e24d00b758
2ceda359670df4636f764a877b3e7939e0d06f2acfcb62197d63a332ae4596c1
2cf6d44b98e56cb40602260452da43148ee15960d907c69610a21b32ee25a0a1
2cfbb4e9cef1e4b6d08df192f5dc277bb2c8103c3327a66020139c63c381b59c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e16624a29cf6ca0d4ebf6fba61b904ddf4da1980d9623eb9ade8e1f18c94ca9
2e43938512568a6819be40d8c79292dc4b5d9ac9888f23a9f5ba931f98ce81aa
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30bb9e5f42bad415ab9949896a47370c98d2af34f76bb78b4fe561fd9b0e422e
326d069f1cb7602aaa5e796b8bc79db8acbca3683e85a8c6812f2b4bee81f3da
32d5ae810747b4bf40e72e6c517a0edc2ccf9fdec2a3a5a2e22a2f6fde6f103d
33c9ecba9020efa70cced60f8894b927e3e9aed11bb7ef8db4213e92586fc659
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
3485f2589fdff8acc46c74ca71c64e24b8ef6804f4d24d9412266aa309ae94e6
3507f701473053dc51abaeaeb2bfd84650fb206a9bc7bcfb9945fec7c26075b4
35d812090ac340a8bbd515ff32a7e2149c568239cc49dda26574b586a503725c
370d1cb851652caca3716e9747049e947d2eaefd263f7ae3fe5d75cd1213db16
3715234ab5089eb44008fe9f4a8fbbef4cb7f4bba34c9479aa90858519981e74
384f81d2d0d027cdc119bc70f2ef646e3d04eadefa60a2a8d92e79d09c58541f
3992b901546ef4e2685680badcd372d0834724caf9b1c95ea0f1e7c4ce6e5bc8
3a793ba3b6c7e17ead801000cddf5f00786dc4e1a73f61266bc41b55681b1d52
3af28db12b8826b24c46e089fd1c409ddd9a53eb6df7fe0daa0c10e1465f91fb
3df011a5a8c4f4fe92a77c64d7c3290f38e28379834f21106f875bf245a07fa5
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ef95393581ee21565ead2f4db5d935944d6b3292dc01bd2c9d05a7effdadfd6
3f9d572539e13042d60e4901942615e88505b251dbeb0f90b4990f9343be5210
425aeda39236f95c85bd65ee3e66337d8edad0080545a0861f7c00a65cd7d015
42a54925a8b91072ebd5f9749c9a07f2ca5cb23725cddfca1d5906e3552123e2
43293ef38ee86d376e1c869a21a62eda81dd929c5ae78a1ee220ffe57885f48c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
444763ba14aa0becb1dc5a4cc23f75128aa3daac95cf71d63b21d16b0e79df59
459f57f8684b82b40fa355c994b814070aca457eca4c0f57de23b3e4ae561d3e
47097940cc05e9046f8779952a794b0e5f0f3a6fbe8f290b1e0278e5271398d2
4770dd26bd6c9496f673a28394ec11fcef15795c679f1e74b2807d68a4cedb70
489b36c66d89d768b386541c192b3e8e00f5f562236f2e89834fe8269a6e2797
491f8059fab9f314b350c02bfd6bf3abc7d40441aa9d2139e02dfce4ac42ef3c
49e4a3219317eb4dd77a3e6ed75c92cc06ce5c19b0212d78e8f025a14600377b
4b50c6ce7ee5d00cef881412b3ac370d85274b5ec5c57b6f417f509f83844d83
4cff9e46811d860fc420585ec85721b4c1147cc7fba2bd68ea469f59637ed408
4e511821eda64fbc8001fe0999fb98074c0e45921dc4bf52458ac636a6af2a7a
4e7d6102e00395e77fb5f7c8151063a79cb105d244ad6c733bdd25153fc2fbbc
51162743cd61ea3a29f49ccf624d9ac18ea2bd366f35131171c79388341c2c70
5188018fc27cc3441f9b9730887bd4cf3730d30b373849f1253c6e25f6b95f8d
52b26dc3cd036f1aa241848fb4d7bad85358b5a1ca728a8df11505ebda833159
535f067852f7f5964da5b260304a60715398e18537479480fedfa7cc535949ea
53a562787502cb48cbd1be12f85f01ed3bc8206d134bae4eda9ec9be1007c7b9
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
54497c3b880dea921dd273760eb8dd01d5e2f70cca7ac32d80715565942a2f27
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b5869592fdbb9b7b250d43babb2f6228bf3f98bda4063125e1b739d6486f03
571852034274c2ff4179e21b797fbef2f2776944ab08bd2f56065df3fa91593c
571a514661f0a60c5b869e16f6053ff64b30a18d27015f1178cf6a6cc020de62
57a092f379d6a148f9972e5c180e74f3ef1e6fa4a751dc764eafe9dabcba7916
57d45fce5261d436e77c41e3bfc0ecfe76137f0a334662806b2a545e01ee37bb
589d926fb09946afab8bb917b9a402603deac43e2689cc2de049f1acdd5ee771
5a03f6860af4498f80463337d825416c7ab6e7a10a50a779412ccc4369c3fc12
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b01c4ae173b39ae96bd51d92217b45b724ae6a1d3a78de3307348472b5ab46b
5b1396003e2821c437960323ef4c4716ef2df0e2c6c4ed73272458db8304091d
5d2d95dbee1b4b982387e83bc0b11d5bdca11e304e1ee5de2ec33f6ed4dcd470
5d8c5b06839122c71898e33ac3c5deadf53e1dfadede7b969a178a18d812c828
5ef3c9504ce9e7f29853d410f120ad870b62ab48fde2f0cd79cc429e5922f87c
6007c0f13eb31ba75fff4a748fc0ff5cc024ebe868a2b78a5f8155f3b1a27d24
6382c8594d1d999817dd484910b3129537e6dc93fc3075d69e60f5e8a920d6f9
647193078dc68f6a0219b969bce3eb051dad6c018ecf85f18b49c2ea729fcde6
655e80b62e10069c8dd62e43aae829f0047fc7ceffcaece8bfcb24011cda91cd
674c1fea3267f60858bad8b2b00f11b456d3f6bd47113b2e5cc788d65b3f46ea
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68c9261f5b0bbf0439afdba30a498abd2222058eca2c323d758cf341879fbebf
68cd7335b03002d95ef042f3bf48557082950856f1de592a9a59b72db46b3d90
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d45866a3bb44bf80566f663574ad521f8df9fb46746a788c1311298d52ba329
6d6164063eca4f69b65efac46f68007013a0a24dab50ee93a690a1295926348d
6e09dfca4338fcc922e6a0d3c1ba802844b87297215283935baa8ca028739d0a
6e1076e8e806a9a875a89a05ecf6eff909f295eb50c0f84cfcb97c07b10a5b60
7061b16241a2e2594d0b5af066337d4cd10666a12d17973f6976b7a9ba258a20
70768939d65a5e2a35fe81a301fa85cf8d9807019e9eb185d007f8f12380a857
710593076439ac686a9f691391483251184baa56dcba4302cbee04b0446ecfcf
717f3679b5fe59c40febf29738a7edc07255c51eb863a20bb280d54a1680e3dd
7625320ee58f3bef4a51e3b360a5e39ccc37154777b2f32e7af5b238288695ae
76ebe04a9471cc38eae66c23a479564e75f085b3ab3c802cbea890ff32f9d3f0
77356174980c88a9746dd93ec99cc8d2ddf50a9e4a4cfd76bc97e0bd5cb504fa
797d36c5083f2539d2db1a563ebfa9e7a0a81f33fbb5216a64b4ad0bb6b60fd9
7a0fa7bd6181cdeac66437e7d2a1e0c0287c8031f2ee1dec15251c429178fea1
7aeb35717293888406e3e040166249d61c1d4aea34543938f18fdabd11154cf6
7d7e954fb80e4179a35b4b1fb91d7426458f4c247ca9436b1eb0b707999168c4
7dd7ce3f7a4f16c9c5c0b74620797d7a0d891862540ab5b709ab8b8468247ba6
7ed1c710ea71d0870b1a5ea774247d1564f5812172ac579d9741db870118ce01
7f5227e46407757193378bcaf07518e02bd8dc212583257f730708a2e7b08aac
7f8f4d3f777dedf0a74cc1f7fa44a00ad8474ce2ea6d6819b1f613409e538fb1
7fb1b807bede7741e5a3159a5125d6ece967803d08864eb8d95ebdd5b28b017c
803a84a09167c609289069441d4134db2a33a29cc61c3b69707961bb91ad2ccc
819d01206536a27a00c68fe4988356064cbb2104021ee156cb09fa90398908d7
81bbb7a582c039e2af99f571e47035df3365a8ba471f8b4022363748ee8d8f28
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a7c0c275bf7f953ee1fb578380e61061eb333112f31468b5c63c9919d96920
83f349a8823b7e3e7e578ff192f94ebdd525b76c8c8c0617e673d556762faec6
85a44e933b6519583d1d4d769648d7f523ea1866cebd533b87f3e4580693d2a5
85f69dbc0aa0241b7dd7684c59f8a912227848ab580c3eab3b7c142e42009f16
87ca3531a2da7ba47ffc67331a5ab361a974151f9352c800bbac84efe86b0220
87cc848024ed1ae502431b6a9d6fb300c698b13499f59261c8e2bf85d31e3a9b
8860239529a1caf2de1911baad523cb26b87566c5c37e46e53e03c5e49f5c0b3
8ac2849597f0f4c4f7e2187da0758e4c2b821e983532d143317de0420c05c652
8d40d074f2f0682d63ca856aa711eeb662dfe499a4e923f984e1e469231777a1
8e178fe89a58bad46636baa1c7effd52807b565072379703ba31a7756b341bb8
8f5aeba25fd371707e9489cff88d4a714c2e0febc2531e29009f7ecbd2b97f0e
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8f6f50a212527a1efa874696854384ffbff0a9df6aacb4eb25b5a81eeb40dee1
8f931f043c195a04729e15d2e482e00a28e02a2fd997c36792640a6fa78f89e1
901e774be4c2f0055539e1dd834d7ea20dfdd4b501cca5e4c152970a31c35821
905f0f6528e29c533ea6b1122ecd474aac10dfca473a0c5b491216d6abb84d8e
9086d7ed6604e2a076491eb0bdfc1397a21816d3e6a2a2e102478bf44909a21d
9150050da4db30044477a46c419cdc83dd57fd9e3d8b090911d2d1f8574928a9
91f8f5c1c769187b263544a7d2d87067ca6b7dc9b7c7ff5e8adabed1771d5abe
9419ea5be8b74cfb80f220de82c215c409668260662da6a5cd130299027512c4
96a72c16787d9e55cbe06f31bc91db028934a7ad24aad0e7ee7a7649a6b160ca
96f485845329b15497bc78ca7adc4ab8c289ed0bca78523ee4359a108a648e8b
99d8ecd4e18393a4437e46aa933e73e10bb2279656714d5fd73f53ce29aba0a8
9b2c36195d8149926940ce2d9ed3b6c4e4390464224b8f4733cf096cc4494e74
a04f63f4989df5dae922fa318ba328cb3ff1f5d446cb2c33f533da0c25767222
a11dff2724f0b51aa5b088f475e89d0dba9de577ffc069f1b283ed23fdc04250
a5180628c01079691f3d21afc8086479b923f6127b860cad410a5c48c6bf4ad5
a6e39d72db63d4c66cfb0960b226efb1ad8d6d7d5914e330713badbc81c65d7d
a7b4b3e5262d4b260ceaaed0761200629b101c53404ffef296ebc00d82ca1c32
a83616230be174f08654a3a4f157967145b172a47b6025537be19dba2c2f1184
ab7c9b16f2d5bab8c846cc9e453e05b55d8eee7cf8647d671e14e7d7e9e955c5
abbda51c88a9a22c60f30b677f8925355382798bfcabb143d3938400c484d0f4
af17d4cff542b33c97ee3a95f82a21d8993c87fd3472dff534fa855828a3b615
b11001892dcb3e0ebe1f6c98391d4e9df1c7e7ad25b5670258e692351f73e655
b43eee07689e71cec756a74d42329bd47228c11384d7465133d4f64c83a2fe7d
b44b3cddde7bf4b95160d3be804e09e0bcbc5cb50028aae4a39d46feb79eae6e
b840423f1a5d16f73f93daa6bf34765cd601bb306f26d6582beef6b6900122b3
b88490dd2c6162773ee24841e5769529fe5ffc050dd7fc569eefb937c095e2f7
b9a019ce7026011a4bd6adce6243df46d65733b9fb2fb88c6c5ccab551b9e0a0
bac39e173d6023c117eb4e6a8d2d06fe05d7e4b2d035eb3075010ea6519d541a
bc91825f175885b60361e8fa1a2e25df7b84db0918bd329493be2dda88236b8e
beb8691f6c3c6c90bbcb585e9ed4d8132cf3f37cf1a6888f83f4ca779ae6cead
bf46d00f68b9c039d5f7bd123c40ec6abbb50e00be6eb36adcbfddce96675f59
c039b93bb6809c62a3c0b96290c065277098736b1d7fc9716ab8cc2b617b4b00
c12fd08cd9b4cb041d564eb8e32b4c7dde5343775001a06833b33c2df175446f
c209375834da44f19df1087169dbf99c4ad0534653273b26c2b9681e9ddc0477
c2f5f2f1a2ad0637eae613f9dc5a82f59b72d70e2d632f4a27c5701e85450032
c321c1d49a653b7b2d87a712da06fca0f6fe8fb17d7970f9ad5a93ae7dafb458
c8452dbff5118d3b7957ddff6ee8de97dcdeabb47320dc3642285d4cd76a27a8
c8d2e94ee99c6562aac3b808672a547db16a174db8f06c95e3339203ccd2c32a
cabd261756463d8f8339164eeb8661bee7528dde761e113562fe7a0d5fa278bc
cb43db7895614e568f9d958804255d86f25dc735b0ba4cd9f431d1ba3484efe5
cc1a1fb0f86b2271ea00fda9c4f10ce62c361065fcd40f951de8031c8da361e8
cc4f806b4f268920a593fcde5ae019038b7dc308ccb6f491a517d7be9bb5d5d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfbdbff420cd30ce99a7a49d8381d4c0a4f7cd606f4c3aa8da822d67fd057bdc
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0c24e68799678aa1839640b059ea43038343313318228b2522c31ce5e8b07e9
d10b5eaf69017bcfd2cb70f36ae93b7ce1b59ef8793851b0f1c5d10a1cad64b6
d1f0c617a9cb9b8a8d461fa8593896d791f86ff72092a8f72e754d1ed4131648
d28d4b93cddc332ded20d1b9a24823332afcfaf7050d55cfbb312c0ae803f6b9
d2ac904bf48a7e3eab72d83762b92c5798df5ee8e6f8600266912cd5cd99d676
d3eb0fa40c106409328a16dad688a5f51a9af7e191a4a333f13bad5042ae44a5
d409330f64bf4e2924b1a9dec92df34d841b3dd026100c81011643fa77563681
d4da749d437be918018d2c675ffc94733a7000ce39af46f39fe398b594b6bac4
d5aa980c0b1afdd801657b157eb4b4e6f5fb079055e7dd345a072e403610092b
d609e06904494ad13a8163146b79690999ee354249c1bf621c0ecf7c11acddfe
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d854531f9c3833536d6971b4fd7617dafe1a2c6fd0bbed9469122e73ff3b13a1
da75d72084f47803b533d292d7ebb2642665b0f96253957b156ee922ee65919e
dac9ce6b163b009d3fae39abc37e728afa2476e5dd0b5e5ac9480a9969fbbe6f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dee0154b4136f817ac146bcfa33dc76367154a20ae016a42f4409c8380d1b8b8
df1947033764c139910edc3f17037fc1b4e7f0729d7c4f1fb966e805f3403c2b
e03548e5238f8d96d3a69f21f8d29e5a19bfad5dbb34529980edf5dbd27ae0f8
e083301e3628526066ef9f47b7c030dcefe7d3770b3a5778db0145009beb2dc1
e17481a560308a792b9263e5ae7dfdbc33c1f77d3425999e5436185a750c65a4
e1a3f812f0e882ecd370d53d16f01194e2bf1060d5f4292a479930b363bf4e2e
e347d0bdaeb521112beb0ce804546cac66f3487c3b78b0d69fa71aa120a85f05
e3723ec70d0849f094d6ebbc71fa6355e2b64c265437b3add6e93a5bf77cd7d7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b3b50d9a51eff7c3f2dfe47d344c0454e82b42ae4020cbf2a3d921e8523fa6
e3ec6f5f8a01ceaaafd7de19f41d88013fe2d4c02a88c94b04899a775a72d358
e3ff03dadc4fed7f78697a840bd74c5851c37f6c353d3df86f351b981aa6c9ea
e4fb105c58edca9d12ee830f14365d6cd0723109ba37b81a0c98cb0686479d89
e50b3437118e3987bcf15bbe18094b785119f764d2af29be181b531de3b1bb08
e5adeabd4de820275552e433c4127b434de021739b66c80ef2e1be7b341ce77b
e969316594807453c070eca662afc992bd3e413696bd4e17aef043fa54afe1d2
e9b134fc9427da8de10f18376d5f56918cb225fb48b03f26bbaa3adc930a7865
eac75f5d487227c23755db7619dc7fb253e724b6cffaebb8c1cd41e3a161d2fb
eb04faaca4ff67e87e85d577661aa7344d77cb3568da4ef91f53996c34f491ee
ebaef59c26e222ee15fdbd8a559dff85cd7134eb5345ceea0b59ff2ad77e1e02
ed4af5749eeb5ef0e1a47b117331ccbf11dc1fd581b36d2c9d63da852a695533
edb65cd3f4de5aba36a9f7bf899945ec9bd224c7fd9ab967ad5b3c6d31c23e1f
ee0b849f050f13103a95190598e5af183a779f1e1b514742098192dca3ae3248
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eecd9d7a279ba94cde6b656b8681581f1c646175e21e3054d9976ce80c71cd0e
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1d7f50ce0aa135c2ea75848e86b3bbd9062f9104f4aceb0287013bf94014f0f
f278e2a85ab645b5328771e6b721baf524d005e4cb0d356440d4c83462b89c4b
f38313d4ab69fc2196d95236f15e799bae5dad65bbd6e1237fd951110ec19f40
f4387f020b926ae7da80d4cbd030b5d0a89196861379185a520c0b91befe249d
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f6637e72807cb089cb67144d6eeeb7746ddf783183aafcd02c2cd80d7d198507
f68c99b6008bfeb2dcb5d62528374bec62c0ffb696f058afb4ec009e254aab56
f74b8bf2f6c9a9252aee254bef6d7b908b145820835ee38c8423f1ab8c59b891
f7b751320696388bb6ca8a2b40840a7a8774df565ccac55a4bf38c409977c538
f8ade158d7787ab081f0bb441099ba27fcce48e907414ce491648658b641adcd
f9779e7df52fcf7cdc5f1c107c0be832e61c7d3fd34c1ef593fbedc0a2474c4e
fd6440013decd7ea173eaa34789464a1505b58bb2b9037bb6574cdff7340b29f
fdd8c1cf2078d3ff31ac39bd72a7b6e4b8cafc2b44c43c1d4f284308326339da
fe735de4cda81179b66134bf4af189db58f1e31d9a1aaa5b69cad9487e9c3355
fe81bedd25f0a618755cf7b065fd24a6e0004b3340965e999e9bcb91c8e830a3

antifreeze.livejournal.com Open in urlscan Pro 81.19.74.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

370 Requests

94 %HTTPS

46 %IPv6

41 Domains

70 Subdomains

53 IPs

7 Countries

29719 kBTransfer

51614 kBSize

68 Cookies

102 Outgoing links

Redirected requests

370 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

antifreeze.livejournal.com Open in urlscan Pro
81.19.74.1 Public Scan

Screenshot
Live screenshot

Full Image

370
Requests

94 %
HTTPS

46 %
IPv6

41
Domains

70
Subdomains

53
IPs

7
Countries

29719 kB
Transfer

51614 kB
Size

68
Cookies

370 HTTP transactions
10 data transactions