johnhelmer.net Open in urlscan Pro
31.220.59.176 Public Scan

URL:
http://johnhelmer.net/
Submission: On November 04 via manual (November 4th 2018, 8:02:01 am UTC) from US

Summary HTTP 92 Redirects Links 36 Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 11 domains to perform 92 HTTP transactions. The main IP is 31.220.59.176, located in Lithuania and belongs to AS-HOSTINGER, LT. The main domain is johnhelmer.net.

This is the only time johnhelmer.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	31.220.59.176 31.220.59.176	47583 (AS-HOSTINGER) (AS-HOSTINGER)
7	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2.19.43.118 2.19.43.118	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
14	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
13	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a02:26f0:f1:... 2a02:26f0:f1:280::25eb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:30:... 2606:4700:30::6818:78b4	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2.20.190.164 2.20.190.164	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a05:f500:10:... 2a05:f500:10:101::b93f:9101	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1 3	18.185.192.244 18.185.192.244	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
20	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a00:1450:400... 2a00:1450:4001:81c::200d	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	199.16.156.52 199.16.156.52	13414 (TWITTER) (TWITTER - Twitter Inc.)
92	13

27 31.220.59.176 (Lithuania)

ASN47583 (AS-HOSTINGER, LT)

johnhelmer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81d::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.43.118 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-43-118.deploy.static.akamaitechnologies.com

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:81c::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:f1:280::25eb (European Union)

ASN20940 (AKAMAI-ASN1, US)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::6818:78b4 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

johnhelmer.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.20.190.164 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-20-190-164.deploy.static.akamaitechnologies.com

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:10:101::b93f:9101 (Ireland)

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

static.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.185.192.244 (Cambridge, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-185-192-244.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200d (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.16.156.52 (San Francisco, United States) 1 redirects

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	johnhelmer.net johnhelmer.net	2 MB
21	facebook.com staticxx.facebook.com www.facebook.com
15	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	31 KB
14	google.com apis.google.com accounts.google.com	98 KB
7	google-analytics.com www.google-analytics.com	51 KB
4	sharethis.com 1 redirects platform-api.sharethis.com l.sharethis.com	51 KB
2	linkedin.com platform.linkedin.com	47 KB
1	licdn.com static.licdn.com	41 KB
1	consensu.org c.sharethis.mgr.consensu.org
1	johnhelmer.org johnhelmer.org	146 KB
1	facebook.net connect.facebook.net	57 KB
92	11

	Domain	Requested by
27	johnhelmer.net	johnhelmer.net
20	www.facebook.com	connect.facebook.net
14	platform.twitter.com	johnhelmer.net platform.twitter.com
13	apis.google.com	johnhelmer.net apis.google.com
7	www.google-analytics.com	johnhelmer.net
3	l.sharethis.com	1 redirects johnhelmer.net
2	platform.linkedin.com	johnhelmer.net platform.linkedin.com
1	syndication.twitter.com	1 redirects
1	accounts.google.com	apis.google.com
1	static.licdn.com	www.google-analytics.com
1	staticxx.facebook.com	connect.facebook.net
1	c.sharethis.mgr.consensu.org	platform-api.sharethis.com
1	johnhelmer.org	johnhelmer.net
1	connect.facebook.net	johnhelmer.net
1	platform-api.sharethis.com	johnhelmer.net
92	15

This site contains links to these domains. Also see Links.

Domain
www.constitution.ru
en.kremlin.ru
www.strategic-culture.org
www.state.gov
www.youtube.com
www.bailii.org
en.wikipedia.org
philologist.livejournal.com
www.amazon.com
www.bbc.com
www.neh.gov
www.acls.org
www.nceeer.org
tass.com
www.opcw.org
www.cps.gov.uk
tass.ru
johnhelmer.org
www.atimes.com
www.businessday.co.za
www.businessinsider.com
www.counterpunch.com
www.cruonline.crugroup.com
www.fairplay.co.uk
www.insuranceinsider.com
www.miningmaven.com
www.polishedprices.com
en.portnews.ru
www.bloglines.com
cloud.feedly.com
www.live.com
www.netvibes.com
add.my.yahoo.com

Subject Issuer	Validity	Valid
*.google-analytics.com Google Internet Authority G3	`2018-10-16` - `2019-01-08`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2017-12-02` - `2018-12-05`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh
*.google.com Google Internet Authority G3	`2018-10-16` - `2019-01-08`	3 months	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2018-07-11` - `2020-07-15`	2 years	crt.sh
*.sharethis.mgr.consensu.org DigiCert ECC Secure Server CA	`2018-07-31` - `2019-07-31`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2018-05-30` - `2020-09-01`	2 years	crt.sh
*.sharethis.com Go Daddy Secure Certificate Authority - G2	`2017-09-26` - `2020-09-29`	3 years	crt.sh
accounts.google.com Google Internet Authority G3	`2018-10-16` - `2019-01-08`	3 months	crt.sh

This page contains 46 frames:

Primary Page: http://johnhelmer.net/
Frame ID: EB1A1FB89EA1EAB96598A6295E19C8B8
Requests: 47 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/v1.0/cmp/portal.html
Frame ID: 9CAA06B0B9E35CF699A16C5B6DEB1631
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/__Bz3h5RzMx.js?version=42
Frame ID: 7757608F07501922DABD42343D858803
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.53652c702a2e752df1a75e4b2ec51f45.html?origin=http%3A%2F%2Fjohnhelmer.net&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Frame ID: 1715BF8CD1907699F64755DF6459D3D2
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=http%3A%2F%2Fjohnhelmer.net&url=http%3A%2F%2Fjohnhelmer.net%2Fthe-autocephaly-controversy-between-backing-the-church-and-violating-the-constitution-what-does-the-kremlin-think-its-doing%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.1Fv51E5JcqI.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q%2Fm%3D__features__
Frame ID: 655D32DB1936DFE33FEB04998738BC6D
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=http%3A%2F%2Fjohnhelmer.net&url=http%3A%2F%2Fjohnhelmer.net%2Fthe-russian-interest-in-the-khashoggi-case%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.1Fv51E5JcqI.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q%2Fm%3D__features__
Frame ID: 913E952C6F12312BFE1207180BA48565
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=http%3A%2F%2Fjohnhelmer.net&url=http%3A%2F%2Fjohnhelmer.net%2Funexplained-wealth-opera-oleg-deripaska-vladimir-chernukhin-and-lolita-danilina-sing-in-london%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.1Fv51E5JcqI.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q%2Fm%3D__features__
Frame ID: 1CED97288643E6481C264CAB19B34D6F
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=http%3A%2F%2Fjohnhelmer.net&url=http%3A%2F%2Fjohnhelmer.net%2Fthe-house-of-government-a-snide-history-of-an-elite-moscow-apartment-building-from-california%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.1Fv51E5JcqI.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q%2Fm%3D__features__
Frame ID: 3E25CF32DBFF5C65F395AE3390FF7EEF
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=http%3A%2F%2Fjohnhelmer.net&url=http%3A%2F%2Fjohnhelmer.net%2Fmedvedev-nixes-notched-picks-peaked-lapels-point-to-prime-minister-for-life%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.1Fv51E5JcqI.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q%2Fm%3D__features__
Frame ID: BE185A65783DAA9AA3F4B7EAC226EF2B
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=http%3A%2F%2Fjohnhelmer.net&url=http%3A%2F%2Fjohnhelmer.net%2Fwheres-the-corpus-delicti-the-skripal-case-the-gorilla-indictment%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.1Fv51E5JcqI.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q%2Fm%3D__features__
Frame ID: C3124B173338DEE84CC9CF7B72921031
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=http%3A%2F%2Fjohnhelmer.net&url=http%3A%2F%2Fjohnhelmer.net%2Fkremlin-endorses-kudrin-capitulation-to-us-restrictions%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.1Fv51E5JcqI.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q%2Fm%3D__features__
Frame ID: 10E843E8E7B67A228FF5DD5574E79F35
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=http%3A%2F%2Fjohnhelmer.net&url=http%3A%2F%2Fjohnhelmer.net%2Fkudrin-bids-for-oligarch-support-captain-alexei-america-versus-general-sergei-of-the-russian-army%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.1Fv51E5JcqI.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q%2Fm%3D__features__
Frame ID: B616620DC3F46B861C2A21EDF6D2418D
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=http%3A%2F%2Fjohnhelmer.net&url=http%3A%2F%2Fjohnhelmer.net%2Ftail-wags-dog-did-the-swiss-spiez-laboratory-report-uncovered-by-russian-espionage-expose-the-opcw-british-government-in-faking-skripal-evidence%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.1Fv51E5JcqI.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q%2Fm%3D__features__
Frame ID: 26036B55C1DF31DEC19F4CCA33BEACFB
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=http%3A%2F%2Fjohnhelmer.net&url=http%3A%2F%2Fjohnhelmer.net%2Ftop-secret-noforn-the-russian-corporate-management-reason-for-operations-that-go-wrong%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.1Fv51E5JcqI.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q%2Fm%3D__features__
Frame ID: 14688B9A11E687B10ECAA03C339D68AF
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df26c6fa43a9b24%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&height=21&href=http%3A%2F%2Fjohnhelmer.net%2Fthe-autocephaly-controversy-between-backing-the-church-and-violating-the-constitution-what-does-the-kremlin-think-its-doing%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100
Frame ID: 0EAD00F6BEB4CCC7B9E28EC91F8B310A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df2458c75beac92c%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fjohnhelmer.net%2Fthe-autocephaly-controversy-between-backing-the-church-and-violating-the-constitution-what-does-the-kremlin-think-its-doing%2F&locale=en_US&sdk=joey&type=button_count&width=450
Frame ID: 767D7E8AB167B346B77CC0DCA14EC3CF
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df17b66bf14761ec%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&height=21&href=http%3A%2F%2Fjohnhelmer.net%2Fthe-russian-interest-in-the-khashoggi-case%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100
Frame ID: 8F64604778E03366388047C5952DBFEA
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df28736b4733725%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fjohnhelmer.net%2Fthe-russian-interest-in-the-khashoggi-case%2F&locale=en_US&sdk=joey&type=button_count&width=450
Frame ID: 5B70C31224DD04D5A4120EF326FEF385
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df23a8e32fa869d%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&height=21&href=http%3A%2F%2Fjohnhelmer.net%2Funexplained-wealth-opera-oleg-deripaska-vladimir-chernukhin-and-lolita-danilina-sing-in-london%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100
Frame ID: 1D2E62A9D9AE484F712173BCD82733C2
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df3dd489e61988cc%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fjohnhelmer.net%2Funexplained-wealth-opera-oleg-deripaska-vladimir-chernukhin-and-lolita-danilina-sing-in-london%2F&locale=en_US&sdk=joey&type=button_count&width=450
Frame ID: 547197E6282127DCDC1A9493E9F01087
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df2d9d6dab519ce%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&height=21&href=http%3A%2F%2Fjohnhelmer.net%2Fthe-house-of-government-a-snide-history-of-an-elite-moscow-apartment-building-from-california%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100
Frame ID: 9EFCC950E97221FBA828AA5D0E9D02A0
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df33ce4e9e79c3d%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fjohnhelmer.net%2Fthe-house-of-government-a-snide-history-of-an-elite-moscow-apartment-building-from-california%2F&locale=en_US&sdk=joey&type=button_count&width=450
Frame ID: CA0F9C7897282A820711F6658D390F85
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df213253bbce4c4c%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&height=21&href=http%3A%2F%2Fjohnhelmer.net%2Fmedvedev-nixes-notched-picks-peaked-lapels-point-to-prime-minister-for-life%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100
Frame ID: 9F739D871E94275C246982015520875D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df3c25136377bab4%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fjohnhelmer.net%2Fmedvedev-nixes-notched-picks-peaked-lapels-point-to-prime-minister-for-life%2F&locale=en_US&sdk=joey&type=button_count&width=450
Frame ID: D0603EE6E82AB78168D0741466CA6FD7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df1692b60a755e4c%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&height=21&href=http%3A%2F%2Fjohnhelmer.net%2Fwheres-the-corpus-delicti-the-skripal-case-the-gorilla-indictment%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100
Frame ID: BC2CF9C486C82DC3264A0E09D8AB401F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df3e620176497ac8%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fjohnhelmer.net%2Fwheres-the-corpus-delicti-the-skripal-case-the-gorilla-indictment%2F&locale=en_US&sdk=joey&type=button_count&width=450
Frame ID: FA282EFAC6F3D587A30E0139A604D95F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df2cfb1923c44b%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&height=21&href=http%3A%2F%2Fjohnhelmer.net%2Fkremlin-endorses-kudrin-capitulation-to-us-restrictions%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100
Frame ID: 7B08CE956A9E16623E879B3E4359D16D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df3a6fd3a247a188%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fjohnhelmer.net%2Fkremlin-endorses-kudrin-capitulation-to-us-restrictions%2F&locale=en_US&sdk=joey&type=button_count&width=450
Frame ID: FA414148230B8F6184612AEEAED6C284
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df30b8145f08088c%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&height=21&href=http%3A%2F%2Fjohnhelmer.net%2Fkudrin-bids-for-oligarch-support-captain-alexei-america-versus-general-sergei-of-the-russian-army%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100
Frame ID: 6555077C9776FEE58C097A53D2395414
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df1f4e6461048bac%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fjohnhelmer.net%2Fkudrin-bids-for-oligarch-support-captain-alexei-america-versus-general-sergei-of-the-russian-army%2F&locale=en_US&sdk=joey&type=button_count&width=450
Frame ID: 3FE34A336AEAE8F2E8A9BE72A2AD68A2
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df2b4feedfdec874%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&height=21&href=http%3A%2F%2Fjohnhelmer.net%2Ftail-wags-dog-did-the-swiss-spiez-laboratory-report-uncovered-by-russian-espionage-expose-the-opcw-british-government-in-faking-skripal-evidence%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100
Frame ID: 0F14E5A331E816D9D9AC26BF65D2224E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df3a3a00e9fc777%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fjohnhelmer.net%2Ftail-wags-dog-did-the-swiss-spiez-laboratory-report-uncovered-by-russian-espionage-expose-the-opcw-british-government-in-faking-skripal-evidence%2F&locale=en_US&sdk=joey&type=button_count&width=450
Frame ID: 276A614015910EE882B9FBE2AD127C9C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df508a1a68153bc%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&height=21&href=http%3A%2F%2Fjohnhelmer.net%2Ftop-secret-noforn-the-russian-corporate-management-reason-for-operations-that-go-wrong%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100
Frame ID: CD2CFF1D8192FAB5258035D695BCCB4A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df2c81bbefaa8888%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fjohnhelmer.net%2Ftop-secret-noforn-the-russian-corporate-management-reason-for-operations-that-go-wrong%2F&locale=en_US&sdk=joey&type=button_count&width=450
Frame ID: 3A2F30C876502A0B7A92640B436791D3
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.53652c702a2e752df1a75e4b2ec51f45.en.html
Frame ID: 88C99218F1D298FA9F9BE35351869242
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.53652c702a2e752df1a75e4b2ec51f45.en.html
Frame ID: 734797CB4CF0DB65689B3A50813B16A3
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.53652c702a2e752df1a75e4b2ec51f45.en.html
Frame ID: 197A3EC7D8838621FE70966523A74113
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.53652c702a2e752df1a75e4b2ec51f45.en.html
Frame ID: 6E517B97C3BB0420415CF33CB242BF40
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.53652c702a2e752df1a75e4b2ec51f45.en.html
Frame ID: 3A80C82EA81C7BADE2DF4A0BDAECC841
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.53652c702a2e752df1a75e4b2ec51f45.en.html
Frame ID: F63B3DE76FAA914676FEA066609AD26E
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.53652c702a2e752df1a75e4b2ec51f45.en.html
Frame ID: 718223FD6A0E2027F5050D155A3D4B28
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.53652c702a2e752df1a75e4b2ec51f45.en.html
Frame ID: BA0AF204AAFAB54A6D4F9DF3EE09236B
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.53652c702a2e752df1a75e4b2ec51f45.en.html
Frame ID: 3B86273AD7225018AD5AC6B46BF75556
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.53652c702a2e752df1a75e4b2ec51f45.en.html
Frame ID: 4D9D2FC5D05E3FFF631E1F8A5E9E6813
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fjohnhelmer.net&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.1Fv51E5JcqI.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q%2Fm%3D__features__
Frame ID: 7578B126DA3A2141FF2416525BD808AF
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: FE7815B3434ABEE32930912192CB992E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
meta generator /WordPress( [\d.]+)?/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
meta generator /WordPress( [\d.]+)?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^gaGlobal$/i

Twitter Emoji (Twemoji) (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

env /^twemoji$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

92
Requests

68 %
HTTPS

64 %
IPv6

11
Domains

15
Subdomains

13
IPs

4
Countries

2744 kB
Transfer

3389 kB
Size

1
Cookies

36 Outgoing links

These are links going to different origins than the main page.

URL: http://www.constitution.ru/en/10003000-02.htm
Title: Article 14)

Search URL Search Domain Scan URL

URL: http://www.constitution.ru/en/10003000-03.htm
Title: Article 28

Search URL Search Domain Scan URL

URL: http://en.kremlin.ru/events/president/news/58813
Title: announce

Search URL Search Domain Scan URL

URL: http://en.kremlin.ru/events/president/news/58848
Title: declare

Search URL Search Domain Scan URL

URL: https://www.strategic-culture.org/news/2018/09/21/us-state-department-ukraine-any-decision-autocephaly-internal-church-matter.html
Title: policy

Search URL Search Domain Scan URL

URL: https://www.state.gov/r/pa/prs/ps/2018/09/286188.htm
Title: According

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=0oE4fNKeutM
Title: pronounced

Search URL Search Domain Scan URL

URL: http://www.bailii.org/cgi-bin/lucy_search_1.cgi?highlight=1&datehigh=&method=boolean&sort=rank&query=(%22deripaska%22)&datelow=&mask_path=ew/cases%20uk/cases/UKHL%20uk/cases/UKPC%20uk/cases/UKSC%20ew/cases/EWHC
Title: 95 cases

Search URL Search Domain Scan URL

URL: http://www.bailii.org/cgi-bin/lucy_search_1.cgi?sort=rank&query=(title:(%20Chernukhin%20))&highlight=1&method=boolean&datehigh=&datelow=&mask_path=ew/cases%20uk/cases/UKHL%20uk/cases/UKPC%20uk/cases/UKSC%20ew/cases/EWHC
Title: most recent

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Clean_hands
Title: explanation

Search URL Search Domain Scan URL

URL: https://philologist.livejournal.com/9444335.html
Title: interviewer

Search URL Search Domain Scan URL

URL: https://www.amazon.com/House-Government-Saga-Russian-Revolution/dp/0691176949
Title: released

Search URL Search Domain Scan URL

URL: https://www.bbc.com/russian/features-45025696
Title: published

Search URL Search Domain Scan URL

URL: https://www.neh.gov/about/history
Title: the National Endowment for the Humanities

Search URL Search Domain Scan URL

URL: http://www.acls.org/committees/
Title: American Council of Learned Societies

Search URL Search Domain Scan URL

URL: https://www.nceeer.org/who-we-are.html
Title: the National Council for Eurasian and East European Research

Search URL Search Domain Scan URL

URL: http://tass.com/world/1026858
Title: appearance

Search URL Search Domain Scan URL

URL: https://www.opcw.org/chemical-weapons-convention/articles/article-ix-consultations-cooperation-and-fact-finding
Title: Chemical Weapons Convention

Search URL Search Domain Scan URL

URL: https://www.cps.gov.uk/legal-guidance/drafting-indictment
Title: present

Search URL Search Domain Scan URL

URL: https://tass.ru/politika/5668231
Title: said

Search URL Search Domain Scan URL

URL: http://johnhelmer.org/wp-content/uploads/2018/10/2148.jpg

Search URL Search Domain Scan URL

URL: http://www.atimes.com/
Title: Asia Times

Search URL Search Domain Scan URL

URL: http://www.businessday.co.za/
Title: Business Day

Search URL Search Domain Scan URL

URL: http://www.businessinsider.com/
Title: Business Insider

Search URL Search Domain Scan URL

URL: http://www.counterpunch.com/
Title: Counterpunch

Search URL Search Domain Scan URL

URL: http://www.cruonline.crugroup.com/SteelandFerroalloys/CRUSteelNews/tabid/76/Default.aspx
Title: CRU Steel News

Search URL Search Domain Scan URL

URL: http://www.fairplay.co.uk/
Title: Fairplay

Search URL Search Domain Scan URL

URL: http://www.insuranceinsider.com/
Title: Insurance Insider

Search URL Search Domain Scan URL

URL: http://www.miningmaven.com/
Title: MiningMaven

Search URL Search Domain Scan URL

URL: http://www.polishedprices.com/
Title: Polished Prices

Search URL Search Domain Scan URL

URL: http://en.portnews.ru/
Title: PortNews IAA

Search URL Search Domain Scan URL

URL: http://www.bloglines.com/sub/http://johnhelmer.net/feed/
Title: Bloglines

Search URL Search Domain Scan URL

URL: http://cloud.feedly.com/#subscription/feed/http%3A%2F%2Fjohnhelmer.net%2Ffeed%2F
Title: Feedly

Search URL Search Domain Scan URL

URL: http://www.live.com/?add=http%3A%2F%2Fjohnhelmer.net%2F
Title: Live

Search URL Search Domain Scan URL

URL: http://www.netvibes.com/subscribe.php?url=http%3A%2F%2Fjohnhelmer.net%2Ffeed%2F
Title: Netvibes

Search URL Search Domain Scan URL

URL: http://add.my.yahoo.com/rss?url=http%3A%2F%2Fjohnhelmer.net%2Ffeed%2F
Title: Yahoo!

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

http://connect.facebook.net/en_US/all.js HTTP 307
https://connect.facebook.net/en_US/all.js

Request Chain 32

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 34

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 40

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=568896646&utmhn=johnhelmer.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Dances%20with%20Bears&utmhid=189540199&utmr=-&utmp=%2F&utmht=1541318509598&utmac=UA-3229816-5&utmcc=__utma%3D171064891.1707534987.1541318509.1541318510.1541318510.1%3B%2B__utmz%3D171064891.1541318510.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=382583601&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=568896646&utmhn=johnhelmer.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Dances%20with%20Bears&utmhid=189540199&utmr=-&utmp=%2F&utmht=1541318509598&utmac=UA-3229816-5&utmcc=__utma%3D171064891.1707534987.1541318509.1541318510.1541318510.1%3B%2B__utmz%3D171064891.1541318510.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=382583601&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~

Request Chain 41

https://l.sharethis.com/pview?event=pview&version=st_sop.js&lang=en&fpc=6cb5566-166ddbe031d-567ce3c2-1&sessionID=1541318509341.99626&hostname=johnhelmer.net&location=%2F&product=ga&url=http%3A%2F%2Fjohnhelmer.net%2F&sharURL=&buttonType=&destination=&source=sharethis.js&st_optout=false&title=Dances%20with%20Bears&publisher=anonymous&ts1541318509341=&sop=true HTTP 301
https://l.sharethis.com/sc?cm=ZGAOZ1vep20AAAAURzPHAw%3D%3D&uid=true&url=http%3A%2F%2Fjohnhelmer.net%2F

Request Chain 90

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

92 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
johnhelmer.net/ 117 KB
117 KB 1045ms
826ms Document
text/html 31.220.59.176
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: http://johnhelmer.net/
Protocol: HTTP/1.1
Server: 31.220.59.176 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: Apache/2.2.15 / PHP/5.3.3
Resource Hash: 262402a5cd844521c7d65cec7eeb6136ddc5f5689018ecce4ef9e9f435434bfc

Request headers

Host: johnhelmer.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 04 Nov 2018 08:01:47 GMT
Server: Apache/2.2.15
X-Powered-By: PHP/5.3.3
Link: <http://johnhelmer.net/wp-json/>; rel="https://api.w.org/"
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK style.css
johnhelmer.net/wp-content/themes/dances_with_bears/ 4 KB
4 KB 305ms
126ms Stylesheet
text/css 31.220.59.176
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: http://johnhelmer.net/wp-content/themes/dances_with_bears/style.css
Requested by: Host: johnhelmer.net
URL: http://johnhelmer.net/
Protocol: HTTP/1.1
Server: 31.220.59.176 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: Apache/2.2.15 /
Resource Hash: 05e2d158eff86d458f09fd65b7e8e5e8effda9614cb6705e12eb0b3aae87eb7c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: johnhelmer.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://johnhelmer.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 04 Nov 2018 08:01:48 GMT
Last-Modified: Tue, 17 Jan 2017 15:37:52 GMT
Server: Apache/2.2.15
ETag: "c2765-e62-5464c15473400"
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 3682

GET
S 200 analytics.js Show response
www.google-analytics.com/ 42 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81d::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: johnhelmer.net
URL: http://johnhelmer.net/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8cb05b675fe6419a9e91eb587c60902c7ed1cb6c42b8cff8ce404ef89f635cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Oct 2018 19:41:26 GMT
server: Golfe2
age: 5549
date: Sun, 04 Nov 2018 06:29:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 17301
expires: Sun, 04 Nov 2018 08:29:19 GMT

GET
H/1.1 200
OK email-css.css
johnhelmer.net/wp-content/plugins/wp-email/ 590 B
835 B 253ms
112ms Stylesheet
text/css 31.220.59.176
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: http://johnhelmer.net/wp-content/plugins/wp-email/email-css.css?ver=2.67.5
Requested by: Host: johnhelmer.net
URL: http://johnhelmer.net/
Protocol: HTTP/1.1
Server: 31.220.59.176 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: Apache/2.2.15 /
Resource Hash: 0d935e9a0486996a88e5a9f1dffcc004989be37ae295a5093530f77ffca0d713

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: johnhelmer.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://johnhelmer.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 04 Nov 2018 08:01:48 GMT
Last-Modified: Wed, 07 Mar 2018 17:44:53 GMT
Server: Apache/2.2.15
ETag: "121764-24e-566d61dd9a2e0"
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 590

GET
H/1.1 200
OK styles.css
johnhelmer.net/wp-content/plugins/sem-subscribe-me/css/ 2 KB
2 KB 253ms
113ms Stylesheet
text/css 31.220.59.176
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: http://johnhelmer.net/wp-content/plugins/sem-subscribe-me/css/styles.css?ver=20140104
Requested by: Host: johnhelmer.net
URL: http://johnhelmer.net/
Protocol: HTTP/1.1
Server: 31.220.59.176 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: Apache/2.2.15 /
Resource Hash: a7132592dfbc28415f810dd083f00629c37f84e890af3ee0a8eb7bec38d2f747

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: johnhelmer.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://johnhelmer.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 04 Nov 2018 08:01:48 GMT
Last-Modified: Tue, 17 Jan 2017 15:37:27 GMT
Server: Apache/2.2.15
ETag: "140da6-65c-5464c13c9bbc0"
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 1628

GET
H/1.1 200
OK /
johnhelmer.net/ 63 B
249 B 633ms
493ms Stylesheet
text/css 31.220.59.176
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: http://johnhelmer.net/?sccss=1&ver=4.9.8
Requested by: Host: johnhelmer.net
URL: http://johnhelmer.net/
Protocol: HTTP/1.1
Server: 31.220.59.176 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: Apache/2.2.15 / PHP/5.3.3
Resource Hash: 777587a84c79c6714f6842d07420f03b482285d4db1fde28faed4cf21acdd66c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: johnhelmer.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://johnhelmer.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 04 Nov 2018 08:01:48 GMT
Server: Apache/2.2.15
Connection: close
X-Powered-By: PHP/5.3.3
Transfer-Encoding: chunked
Content-Type: text/css

GET
H/1.1 200
OK jquery.js Show response
johnhelmer.net/wp-includes/js/jquery/ 95 KB
95 KB 271ms
124ms Script
text/javascript 31.220.59.176
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: http://johnhelmer.net/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: johnhelmer.net
URL: http://johnhelmer.net/
Protocol: HTTP/1.1
Server: 31.220.59.176 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: Apache/2.2.15 /
Resource Hash: fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: johnhelmer.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://johnhelmer.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 04 Nov 2018 08:01:48 GMT
Last-Modified: Tue, 17 Jan 2017 18:27:32 GMT
Server: Apache/2.2.15
ETag: "144c6c-17ba0-5464e740dad00"
Content-Type: text/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 97184

GET
H/1.1 200
OK jquery-migrate.min.js Show response
johnhelmer.net/wp-includes/js/jquery/ 10 KB
10 KB 481ms
118ms Script
text/javascript 31.220.59.176
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: http://johnhelmer.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: johnhelmer.net
URL: http://johnhelmer.net/
Protocol: HTTP/1.1
Server: 31.220.59.176 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: Apache/2.2.15 /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: johnhelmer.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://johnhelmer.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 04 Nov 2018 08:01:49 GMT
Last-Modified: Tue, 17 Jan 2017 18:27:38 GMT
Server: Apache/2.2.15
ETag: "144c38-2748-5464e74693a80"
Content-Type: text/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 10056

GET
H/1.1 200
OK sharethis.js Show response
platform-api.sharethis.com/js/ 135 KB
49 KB 41ms
9ms Script
text/javascript 2.19.43.118
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: johnhelmer.net
URL: http://johnhelmer.net/
Protocol: HTTP/1.1
Server: 2.19.43.118 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-43-118.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 72621fa58581e37e61125e4907438914f70530ff809f4018ce4e20938972c3fc

Request headers

Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 04 Nov 2018 08:01:48 GMT
Content-Encoding: gzip
ETag: W/"21b6c-T8A0mnLpPsAj0Xn0o/NxTw"
Vary: Accept-Encoding
Access-Control-Allow-Methods: DELETE, GET, HEAD, OPTIONS, POST, PUT
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 50096

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 93 KB
28 KB 54ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: johnhelmer.net
URL: http://johnhelmer.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40F9) /
Resource Hash: 873b3e70235a906b02b8fdf4d12dfc44760148d1e471a48f3cf099e066c162ff

Request headers

Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 04 Nov 2018 08:01:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Nov 2018 22:42:42 GMT
Server: ECS (fcn/40F9)
Etag: "0bc8be028613c5152bba43152502e830+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Content-Length: 27917

GET
S

200

all.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/all.js
https://connect.facebook.net/en_US/all.js

187 KB
57 KB

6ms
6ms

Script
application/x-javascript

2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: johnhelmer.net
URL: http://johnhelmer.net/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

729f42856266c841c8ea0eb02ef896893c9c623a2b9fbda4e93c91c04aebe638

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: uaVM6twXzMI6bHCLr89f2Q==
status: 200
content-length: 57882
x-xss-protection: 0
x-fb-debug: 03XrenfLZf0OgQUXxIzpoTPIv7PmbngQQZ5K90VKLly9MUUZrZBvC7rE26Ll8umP/sxAuwPJVDrU3MVK/yYBAg==
x-fb-content-md5: a20fcfe1597ccd1ddc1f4508e1e2d67e
x-frame-options: DENY
date: Sun, 04 Nov 2018 08:01:48 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "869af55001481935673c60393fb0e207"
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
timing-allow-origin: *
expires: Sun, 04 Nov 2018 08:13:16 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/all.js#xfbml=1
Non-Authoritative-Reason: HSTS

GET
S 200 plusone.js Show response
apis.google.com/js/ 43 KB
17 KB 65ms
50ms Script
application/javascript 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: johnhelmer.net
URL: http://johnhelmer.net/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

35c45214acf1b6064e78d9147c86801c230cb3bc3524620413490d5f818d2087

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 04 Nov 2018 08:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: script-src 'report-sample' 'nonce-K+lb5XUAFCrYRclUj5EACKNaTuc' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "7e3c3320da6f2f5f6a561d9aa0055c47"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin: *
expires: Sun, 04 Nov 2018 08:01:48 GMT

GET
H/1.1 200
OK in.js Show response
platform.linkedin.com/ 4 KB
2 KB 80ms
8ms Script
text/javascript 2a02:26f0:f1:280::25eb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.linkedin.com/in.js
Requested by: Host: johnhelmer.net
URL: http://johnhelmer.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:f1:280::25eb , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 42f27ed757d09b6f9f570085182aff16b708a92bd4fd2d4ca58597fff0d2c2b5

Request headers

Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-LI-Proto: http/1.1
Date: Sun, 04 Nov 2018 08:01:48 GMT
Content-Encoding: gzip
X-LI-UUID: 9EwXB9OvYxXAJgraFisAAA==
Server: Apache-Coyote/1.1
X-Li-Pop: prod-ela1
Vary: Accept-Encoding
P3P: CP="CAO CUR ADM DEV PSA PSD OUR"
Cache-Control: max-age=86400
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1746
X-CDN: AKAM
X-Li-Fabric: prod-lor1
Expires: Sun, 04 Nov 2018 01:01:13 GMT

GET
H/1.1 200
OK print.gif
johnhelmer.net/wp-content/plugins/wp-print/images/ 1 KB
1 KB 283ms
129ms Image
image/gif 31.220.59.176
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://johnhelmer.net/wp-content/plugins/wp-print/images/print.gif
Requested by: Host: johnhelmer.net
URL: http://johnhelmer.net/
Protocol: HTTP/1.1
Server: 31.220.59.176 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: Apache/2.2.15 /
Resource Hash: c65af59f029145e60cb1462c257e18b59fe44f1faf68aa1b64cdd2a9254107f3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: johnhelmer.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://johnhelmer.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 04 Nov 2018 08:01:49 GMT
Last-Modified: Tue, 17 Jan 2017 15:37:43 GMT
Server: Apache/2.2.15
ETag: "140e59-40f-5464c14bddfc0"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 1039

GET
H/1.1 200
OK 2154B.jpg
johnhelmer.net/wp-content/uploads/2018/11/ 176 KB
176 KB 297ms
131ms Image
image/jpeg 31.220.59.176
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://johnhelmer.net/wp-content/uploads/2018/11/2154B.jpg
Requested by: Host: johnhelmer.net
URL: http://johnhelmer.net/
Protocol: HTTP/1.1
Server: 31.220.59.176 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: Apache/2.2.15 /
Resource Hash: bf41cc18f5c1905b2afb2a80bfff3c910b71d25cdcd3aea4b25df91892508e36

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: johnhelmer.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://johnhelmer.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 04 Nov 2018 08:01:49 GMT
Last-Modified: Thu, 01 Nov 2018 10:35:14 GMT
Server: Apache/2.2.15
ETag: "4fe4c-2be85-57997f967810c"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 179845

GET
H/1.1 200
OK 2-6.png
johnhelmer.net/wp-content/uploads/2018/10/ 216 KB
216 KB 296ms
130ms Image
image/png 31.220.59.176
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://johnhelmer.net/wp-content/uploads/2018/10/2-6.png
Requested by: Host: johnhelmer.net
URL: http://johnhelmer.net/
Protocol: HTTP/1.1
Server: 31.220.59.176 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: Apache/2.2.15 /
Resource Hash: 46257bdae6f3073e666cb3ca346cae549c14a8e8b44c257af4d6c185d2ad9506

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: johnhelmer.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://johnhelmer.net/
Cookie: _ga=GA1.2.1707534987.1541318509; _gid=GA1.2.1069791753.1541318509; _gat=1; __sharethis_cookie_test__=1; __unam=6cb5566-166ddbe031d-567ce3c2-1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 04 Nov 2018 08:01:49 GMT
Last-Modified: Wed, 31 Oct 2018 06:47:16 GMT
Server: Apache/2.2.15
ETag: "4f2ce-35e00-57980ac417980"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 220672

GET
H/1.1 200
OK 2153.jpg
johnhelmer.net/wp-content/uploads/2018/10/ 207 KB
207 KB 538ms
131ms Image
image/jpeg 31.220.59.176
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://johnhelmer.net/wp-content/uploads/2018/10/2153.jpg
Requested by: Host: johnhelmer.net
URL: http://johnhelmer.net/
Protocol: HTTP/1.1
Server: 31.220.59.176 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: Apache/2.2.15 /
Resource Hash: 5e28b7dc6feabd7a777042bf33667971f956a8861ecea2170666d70b2a66d83d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: johnhelmer.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://johnhelmer.net/
Cookie: _ga=GA1.2.1707534987.1541318509; _gid=GA1.2.1069791753.1541318509; _gat=1; __sharethis_cookie_test__=1; __unam=6cb5566-166ddbe031d-567ce3c2-1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 04 Nov 2018 08:01:49 GMT
Last-Modified: Mon, 29 Oct 2018 06:24:38 GMT
Server: Apache/2.2.15
ETag: "4f87e-33aff-579581fabab05"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 211711

GET
H/1.1 200
OK 2151b.jpg
johnhelmer.net/wp-content/uploads/2018/10/ 150 KB
151 KB 611ms
115ms Image
image/jpeg 31.220.59.176
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://johnhelmer.net/wp-content/uploads/2018/10/2151b.jpg
Requested by: Host: johnhelmer.net
URL: http://johnhelmer.net/
Protocol: HTTP/1.1
Server: 31.220.59.176 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: Apache/2.2.15 /
Resource Hash: 4e70226072ea8787cee8086e1677fe306d101614c07cd1470b3b61b4e010bd5a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: johnhelmer.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://johnhelmer.net/
Cookie: _ga=GA1.2.1707534987.1541318509; _gid=GA1.2.1069791753.1541318509; _gat=1; __sharethis_cookie_test__=1; __unam=6cb5566-166ddbe031d-567ce3c2-1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 04 Nov 2018 08:01:49 GMT
Last-Modified: Mon, 22 Oct 2018 07:02:54 GMT
Server: Apache/2.2.15
ETag: "4fc77-25941-578cbd7946a93"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 153921

GET
H/1.1 200
OK 2-3.png
johnhelmer.net/wp-content/uploads/2018/10/ 442 KB
442 KB 506ms
119ms Image
image/png 31.220.59.176
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://johnhelmer.net/wp-content/uploads/2018/10/2-3.png
Requested by: Host: johnhelmer.net
URL: http://johnhelmer.net/
Protocol: HTTP/1.1
Server: 31.220.59.176 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: Apache/2.2.15 /
Resource Hash: 6e7e54b0250a71b4a2b47f3fb86c6a2a67205029ee2b4207c857f1fc12ad2283

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: johnhelmer.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://johnhelmer.net/
Cookie: _ga=GA1.2.1707534987.1541318509; _gid=GA1.2.1069791753.1541318509; _gat=1; __sharethis_cookie_test__=1; __unam=6cb5566-166ddbe031d-567ce3c2-1; __utma=171064891.1707534987.1541318509.1541318510.1541318510.1; __utmc=171064891; __utmz=171064891.1541318510.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=171064891.1.10.1541318510
Connection: keep-alive
Cache-Control: no-cache
Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 04 Nov 2018 08:01:50 GMT
Last-Modified: Mon, 22 Oct 2018 06:48:35 GMT
Server: Apache/2.2.15
ETag: "4fc64-6e84a-578cba4662690"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 452682

GET
H/1.1 200
OK 2152.jpg
johnhelmer.net/wp-content/uploads/2018/10/ 188 KB
188 KB 266ms
129ms Image
image/jpeg 31.220.59.176
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://johnhelmer.net/wp-content/uploads/2018/10/2152.jpg
Requested by: Host: johnhelmer.net
URL: http://johnhelmer.net/
Protocol: HTTP/1.1
Server: 31.220.59.176 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: Apache/2.2.15 /
Resource Hash: 3201212b015779d1bb850144018b83cc632268320d5354f911aca358274a5848

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: johnhelmer.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://johnhelmer.net/
Cookie: _ga=GA1.2.1707534987.1541318509; _gid=GA1.2.1069791753.1541318509; _gat=1; __sharethis_cookie_test__=1; __unam=6cb5566-166ddbe031d-567ce3c2-1; __utma=171064891.1707534987.1541318509.1541318510.1541318510.1; __utmc=171064891; __utmz=171064891.1541318510.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=171064891.1.10.1541318510
Connection: keep-alive
Cache-Control: no-cache
Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 04 Nov 2018 08:01:50 GMT
Last-Modified: Fri, 19 Oct 2018 06:11:11 GMT
Server: Apache/2.2.15
ETag: "4efc0-2f0ad-5788ec5249927"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 192685

GET
H/1.1 200
OK 2150.jpg
johnhelmer.net/wp-content/uploads/2018/10/ 230 KB
231 KB 304ms
129ms Image
image/jpeg 31.220.59.176
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://johnhelmer.net/wp-content/uploads/2018/10/2150.jpg
Requested by: Host: johnhelmer.net
URL: http://johnhelmer.net/
Protocol: HTTP/1.1
Server: 31.220.59.176 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: Apache/2.2.15 /
Resource Hash: 4f46e0a2042062a23e0aefa3dc6dea218f1dff6fa3191c5ac189cc0f085a9c77

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: johnhelmer.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://johnhelmer.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 04 Nov 2018 08:01:50 GMT
Last-Modified: Tue, 16 Oct 2018 06:13:20 GMT
Server: Apache/2.2.15
ETag: "4feb8-39959-578527347d9bd"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 235865

GET
H/1.1 200
OK 2149.jpg
johnhelmer.net/wp-content/uploads/2018/10/ 221 KB
222 KB 290ms
114ms Image
image/jpeg 31.220.59.176
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://johnhelmer.net/wp-content/uploads/2018/10/2149.jpg
Requested by: Host: johnhelmer.net
URL: http://johnhelmer.net/
Protocol: HTTP/1.1
Server: 31.220.59.176 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: Apache/2.2.15 /
Resource Hash: ac5f97e3195fdf43874a89aeb1c86a5e2e77f94c1ba3aaee8f4dbbd9dd4f37fc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: johnhelmer.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://johnhelmer.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 04 Nov 2018 08:01:50 GMT
Last-Modified: Thu, 11 Oct 2018 09:21:05 GMT
Server: Apache/2.2.15
ETag: "4f927-375df-577f07d8e728f"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 226783

GET
H/1.1 200
OK 2148.jpg
johnhelmer.org/wp-content/uploads/2018/10/ 145 KB
146 KB 254ms
225ms Image
image/jpeg 2606:4700:30::6818:78b4
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://johnhelmer.org/wp-content/uploads/2018/10/2148.jpg
Requested by: Host: johnhelmer.net
URL: http://johnhelmer.net/
Protocol: HTTP/1.1
Server: 2606:4700:30::6818:78b4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56cd3fbe04a8596a632f552bb196dadb3a015a46aa278e33dd4afdfcaef6726d

Request headers

Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 04 Nov 2018 08:01:49 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Tue, 09 Oct 2018 06:14:18 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 47458e0bf672975c-FRA
Content-Length: 148491
Expires: Sun, 04 Nov 2018 12:01:49 GMT

GET
H/1.1 200
OK 2147.jpg
johnhelmer.net/wp-content/uploads/2018/10/ 95 KB
96 KB 469ms
127ms Image
image/jpeg 31.220.59.176
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://johnhelmer.net/wp-content/uploads/2018/10/2147.jpg
Requested by: Host: johnhelmer.net
URL: http://johnhelmer.net/
Protocol: HTTP/1.1
Server: 31.220.59.176 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: Apache/2.2.15 /
Resource Hash: 7ded054bd6752fb8b30bae328d72969326829377199eadc17ca75e86525a4008

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: johnhelmer.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://johnhelmer.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 04 Nov 2018 08:01:50 GMT
Last-Modified: Fri, 05 Oct 2018 09:52:29 GMT
Server: Apache/2.2.15
ETag: "4f3e8-17dd8-577783acc84ba"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 97752

GET
H/1.1 200
OK bear_ship_small.jpg
johnhelmer.net/ 6 KB
6 KB 221ms
124ms Image
image/jpeg 31.220.59.176
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://johnhelmer.net/bear_ship_small.jpg
Requested by: Host: johnhelmer.net
URL: http://johnhelmer.net/
Protocol: HTTP/1.1
Server: 31.220.59.176 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: Apache/2.2.15 /
Resource Hash: baaf2bfbb985dfdd8b9a18c25d34a835a63b2bdff446f51939235d5cbb84bd65

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: johnhelmer.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://johnhelmer.net/
Cookie: _ga=GA1.2.1707534987.1541318509; _gid=GA1.2.1069791753.1541318509; _gat=1; __sharethis_cookie_test__=1; __unam=6cb5566-166ddbe031d-567ce3c2-1; __utma=171064891.1707534987.1541318509.1541318510.1541318510.1; __utmc=171064891; __utmz=171064891.1541318510.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=171064891.1.10.1541318510
Connection: keep-alive
Cache-Control: no-cache
Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 04 Nov 2018 08:01:49 GMT
Last-Modified: Tue, 17 Jan 2017 15:08:11 GMT
Server: Apache/2.2.15
ETag: "409df-17dd-5464bab1f4cc0"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 6109

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
johnhelmer.net/wp-includes/js/ 12 KB
12 KB 380ms
130ms Script
text/javascript 31.220.59.176
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: http://johnhelmer.net/wp-includes/js/wp-emoji-release.min.js?ver=4.9.8
Requested by: Host: johnhelmer.net
URL: http://johnhelmer.net/
Protocol: HTTP/1.1
Server: 31.220.59.176 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: Apache/2.2.15 /
Resource Hash: d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: johnhelmer.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://johnhelmer.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 04 Nov 2018 08:01:50 GMT
Last-Modified: Fri, 03 Aug 2018 07:07:10 GMT
Server: Apache/2.2.15
ETag: "144c2f-2efa-572829393454f"
Content-Type: text/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 12026

GET
S 200 collect
www.google-analytics.com/r/ 35 B
101 B 15ms
13ms Image
image/gif 2a00:1450:4001:81d::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j71&a=189540199&t=pageview&_s=1&dl=http%3A%2F%2Fjohnhelmer.net%2F&ul=en-us&de=UTF-8&dt=Dances%20with%20Bears&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1142868254&gjid=735203871&cid=1707534987.1541318509&tid=UA-33288465-2&_gid=1069791753.1541318509&_r=1&z=376004987

Requested by

Host: johnhelmer.net
URL: http://johnhelmer.net/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Nov 2018 08:01:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK feed-large.gif
johnhelmer.net/wp-content/plugins/sem-subscribe-me/icons/ 2 KB
2 KB 380ms
136ms Image
image/gif 31.220.59.176
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://johnhelmer.net/wp-content/plugins/sem-subscribe-me/icons/feed-large.gif
Requested by: Host: johnhelmer.net
URL: http://johnhelmer.net/
Protocol: HTTP/1.1
Server: 31.220.59.176 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: Apache/2.2.15 /
Resource Hash: 0548d3e654b5048875eeaab894c080a80ef3ceee9ea94729c7e2fe34efd71a0b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: johnhelmer.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://johnhelmer.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 04 Nov 2018 08:01:50 GMT
Last-Modified: Tue, 17 Jan 2017 15:37:28 GMT
Server: Apache/2.2.15
ETag: "140daa-7ee-5464c13d8fe00"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 2030

GET
H/1.1 200
OK email-js.js Show response
johnhelmer.net/wp-content/plugins/wp-email/ 4 KB
5 KB 240ms
113ms Script
text/javascript 31.220.59.176
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: http://johnhelmer.net/wp-content/plugins/wp-email/email-js.js?ver=2.67.5
Requested by: Host: johnhelmer.net
URL: http://johnhelmer.net/
Protocol: HTTP/1.1
Server: 31.220.59.176 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: Apache/2.2.15 /
Resource Hash: c124fab0de2117b1a58241d3d7bac1b88b7558dc8cde9f16e381cfc2d41f500c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: johnhelmer.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://johnhelmer.net/
Cookie: _ga=GA1.2.1707534987.1541318509; _gid=GA1.2.1069791753.1541318509; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 04 Nov 2018 08:01:49 GMT
Last-Modified: Wed, 07 Mar 2018 17:44:53 GMT
Server: Apache/2.2.15
ETag: "121767-118e-566d61dd9a6c8"
Content-Type: text/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 4494

GET
H/1.1 200
OK scripts.js Show response
johnhelmer.net/wp-content/plugins/sem-subscribe-me/js/ 2 KB
2 KB 252ms
113ms Script
text/javascript 31.220.59.176
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: http://johnhelmer.net/wp-content/plugins/sem-subscribe-me/js/scripts.js?ver=20141009
Requested by: Host: johnhelmer.net
URL: http://johnhelmer.net/
Protocol: HTTP/1.1
Server: 31.220.59.176 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: Apache/2.2.15 /
Resource Hash: d20a91d1c9dcb1332f6349e84239f5b1fab8661137b9bec6bf3ed9c2f129fccc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: johnhelmer.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://johnhelmer.net/
Cookie: _ga=GA1.2.1707534987.1541318509; _gid=GA1.2.1069791753.1541318509; _gat=1; __sharethis_cookie_test__=1; __unam=6cb5566-166ddbe031d-567ce3c2-1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 04 Nov 2018 08:01:49 GMT
Last-Modified: Tue, 17 Jan 2017 15:37:29 GMT
Server: Apache/2.2.15
ETag: "140da1-7d2-5464c13e84040"
Content-Type: text/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 2002

GET
H/1.1 200
OK wp-embed.min.js Show response
johnhelmer.net/wp-includes/js/ 1 KB
2 KB 265ms
122ms Script
text/javascript 31.220.59.176
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: http://johnhelmer.net/wp-includes/js/wp-embed.min.js?ver=4.9.8
Requested by: Host: johnhelmer.net
URL: http://johnhelmer.net/
Protocol: HTTP/1.1
Server: 31.220.59.176 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: Apache/2.2.15 /
Resource Hash: dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: johnhelmer.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://johnhelmer.net/
Cookie: _ga=GA1.2.1707534987.1541318509; _gid=GA1.2.1069791753.1541318509; _gat=1; __sharethis_cookie_test__=1; __unam=6cb5566-166ddbe031d-567ce3c2-1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 04 Nov 2018 08:01:49 GMT
Last-Modified: Tue, 17 Jan 2017 18:25:30 GMT
Server: Apache/2.2.15
ETag: "144b43-576-5464e6cc81a80"
Content-Type: text/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 1398

GET
S 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.1Fv51E5JcqI.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=QQ/rs=AGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q/ 131 KB
46 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.1Fv51E5JcqI.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=QQ/rs=AGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5d7cbea5271b4f1eeab1602ea2bf5fa3efbbd1b5d7530a19ad30afbe1b71b1a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 03 Nov 2018 08:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Nov 2018 22:38:38 GMT
server: sffe
age: 84625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 46712
x-xss-protection: 1; mode=block
expires: Sun, 03 Nov 2019 08:31:24 GMT

GET
H/1.1 200
OK secureAnonymousFramework Show response
platform.linkedin.com/js/ 156 KB
45 KB 7ms
6ms Script
text/javascript 2a02:26f0:f1:280::25eb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.linkedin.com/js/secureAnonymousFramework?v=1.0.348-1429&
Requested by: Host: platform.linkedin.com
URL: https://platform.linkedin.com/in.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:f1:280::25eb , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a80b4f007f652dc9e20f80d791fe8a73de6b3cf06237272a3b47152c1bbf7962

Request headers

Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 04 Nov 2018 08:01:49 GMT
Content-Encoding: gzip
X-LI-UUID: ni7+0SjSYBWAEPfVNCsAAA==
Server: Apache-Coyote/1.1
X-Li-Pop: prod-efr5
Vary: Accept-Encoding
X-Li-Fabric: prod-lva1
X-LI-Proto: http/1.1
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 45458
X-CDN: AKAM

GET
S

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

42 KB
17 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:81d::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: johnhelmer.net
URL: http://johnhelmer.net/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8cb05b675fe6419a9e91eb587c60902c7ed1cb6c42b8cff8ce404ef89f635cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Oct 2018 19:41:26 GMT
server: Golfe2
age: 5550
date: Sun, 04 Nov 2018 06:29:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 17301
expires: Sun, 04 Nov 2018 08:29:19 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
S 200 collect
www.google-analytics.com/ 35 B
99 B 6ms
6ms Image
image/gif 2a00:1450:4001:81d::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j71&a=189540199&t=pageview&_s=2&dl=http%3A%2F%2Fjohnhelmer.net%2F&ul=en-us&de=UTF-8&dt=Dances%20with%20Bears&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEAB~&jid=&gjid=&cid=1707534987.1541318509&tid=UA-33288465-2&_gid=1069791753.1541318509&z=1888147127

Requested by

Host: johnhelmer.net
URL: http://johnhelmer.net/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Oct 2018 20:31:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 300608
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
S

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

6ms
5ms

Script
text/javascript

2a00:1450:4001:81d::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: johnhelmer.net
URL: http://johnhelmer.net/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Oct 2018 19:41:26 GMT
server: Golfe2
age: 3235
date: Sun, 04 Nov 2018 07:07:54 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 17168
expires: Sun, 04 Nov 2018 09:07:54 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK bg.gif
johnhelmer.net/wp-content/themes/dances_with_bears/images/ 246 B
491 B 216ms
111ms Image
image/gif 31.220.59.176
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://johnhelmer.net/wp-content/themes/dances_with_bears/images/bg.gif
Requested by: Host: johnhelmer.net
URL: http://johnhelmer.net/
Protocol: HTTP/1.1
Server: 31.220.59.176 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: Apache/2.2.15 /
Resource Hash: 2f802a4e98368647b1b2abcfbcac84b6daab89432c0b249c1266c28539eff31d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: johnhelmer.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://johnhelmer.net/wp-content/themes/dances_with_bears/style.css
Cookie: _ga=GA1.2.1707534987.1541318509; _gid=GA1.2.1069791753.1541318509; _gat=1; __sharethis_cookie_test__=1; __unam=6cb5566-166ddbe031d-567ce3c2-1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://johnhelmer.net/wp-content/themes/dances_with_bears/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 04 Nov 2018 08:01:49 GMT
Last-Modified: Tue, 17 Jan 2017 15:37:58 GMT
Server: Apache/2.2.15
ETag: "140e70-f6-5464c15a2c180"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 246

GET
H/1.1 200
OK header.jpg
johnhelmer.net/wp-content/themes/dances_with_bears/images/ 35 KB
35 KB 217ms
113ms Image
image/jpeg 31.220.59.176
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://johnhelmer.net/wp-content/themes/dances_with_bears/images/header.jpg
Requested by: Host: johnhelmer.net
URL: http://johnhelmer.net/
Protocol: HTTP/1.1
Server: 31.220.59.176 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: Apache/2.2.15 /
Resource Hash: c0761b8a2f39ee2294e7d249ab9a54a64f594278a7e9e8c96297c7949ddcd08c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: johnhelmer.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://johnhelmer.net/wp-content/themes/dances_with_bears/style.css
Cookie: _ga=GA1.2.1707534987.1541318509; _gid=GA1.2.1069791753.1541318509; _gat=1; __sharethis_cookie_test__=1; __unam=6cb5566-166ddbe031d-567ce3c2-1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://johnhelmer.net/wp-content/themes/dances_with_bears/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 04 Nov 2018 08:01:49 GMT
Last-Modified: Tue, 17 Jan 2017 15:37:58 GMT
Server: Apache/2.2.15
ETag: "140e6f-8caf-5464c15a2c180"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 36015

GET
H/1.1 200
OK portal.html
c.sharethis.mgr.consensu.org/v1.0/cmp/ Frame 9CAA 0
0 62ms
5ms Document
text/html 2.20.190.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/v1.0/cmp/portal.html
Requested by: Host: platform-api.sharethis.com
URL: http://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.20.190.164 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-190-164.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Host: c.sharethis.mgr.consensu.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://johnhelmer.net/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: DELETE, GET, HEAD, OPTIONS, POST, PUT
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
ETag: W/"26b-4977387000"
Last-Modified: Tue, 01 Jan 1980 00:00:00 GMT
Vary: Accept-Encoding
Content-Length: 334
Cache-Control: public, max-age=3600
Date: Sun, 04 Nov 2018 08:01:49 GMT
Connection: keep-alive

GET
H2 200 __Bz3h5RzMx.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 7757 0
0 1123ms
3ms Document
text/html 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter/r/__Bz3h5RzMx.js?version=42

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter/r/__Bz3h5RzMx.js?version=42
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://johnhelmer.net/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

status: 200
expires: Fri, 01 Nov 2019 20:13:34 GMT
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: public,max-age=31536000,immutable
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
content-encoding: gzip
x-fb-debug: SlJHLdYNO2OVmlg+GPB1LBk1YJ2K2tHCdJTIZX1xeNH4VID2M4JgtZxEvZqwUv632h6CQm8UnxIhXGMlLwD0vQ==
content-length: 12740
date: Sun, 04 Nov 2018 08:01:50 GMT

GET
S 200 sprite_connect_v14.png
static.licdn.com/scds/common/u/images/apps/connect/sprites/ 41 KB
41 KB 56ms
16ms Image
image/png 2a05:f500:10:101::b93f:9101
LinkedIn Corporation

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/ga.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9101 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software: Play /
Resource Hash: 2d7481c72a3827dee23254b8198fa70f7ce5c637791658b4e0c6550a568af105

Request headers

Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 04 Nov 2018 06:13:37 GMT
content-encoding: gzip
x-cdn-client-ip-version: IPV6
x-cdn: LCDN-COAL
x-cache: hit-fresh
status: 200
x-cdn-proto: HTTP2
content-length: 41680
x-li-uuid: Dd3JqgTdYxVgTbFJhisAAA==
server: Play
timing-allow-origin: *
last-modified: Mon, 05 Nov 2012 04:00:51 GMT
x-li-pop: prod-efr5
cache-control: max-age=31536000, immutable
x-cdn-entry: www
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-CDN, X-CDN-CLIENT-IP-VERSION, X-CDN-Proto
x-li-proto: http/2
x-li-static-content: 1
x-li-fabric: prod-lva1
expires: Mon, 04 Nov 2019 06:13:37 GMT

GET
S

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=568896646&utmhn=johnhelmer.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Dances%...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=568896646&utmhn=johnhelmer.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Dances...

35 B
101 B

15ms
15ms

Image
image/gif

2a00:1450:4001:81d::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=568896646&utmhn=johnhelmer.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Dances%20with%20Bears&utmhid=189540199&utmr=-&utmp=%2F&utmht=1541318509598&utmac=UA-3229816-5&utmcc=__utma%3D171064891.1707534987.1541318509.1541318510.1541318510.1%3B%2B__utmz%3D171064891.1541318510.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=382583601&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~

Requested by

Host: johnhelmer.net
URL: http://johnhelmer.net/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Nov 2018 08:01:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=568896646&utmhn=johnhelmer.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Dances%20with%20Bears&utmhid=189540199&utmr=-&utmp=%2F&utmht=1541318509598&utmac=UA-3229816-5&utmcc=__utma%3D171064891.1707534987.1541318509.1541318510.1541318510.1%3B%2B__utmz%3D171064891.1541318510.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=382583601&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~
Non-Authoritative-Reason: HSTS

GET
H/1.1

301
Moved Permanently

sc Show response
l.sharethis.com/
Redirect Chain

https://l.sharethis.com/pview?event=pview&version=st_sop.js&lang=en&fpc=6cb5566-166ddbe031d-567ce3c2-1&sessionID=1541318509341.99626&hostname=johnhelmer.net&location=%2F&product=ga&url=http%3A%2F%2...
https://l.sharethis.com/sc?cm=ZGAOZ1vep20AAAAURzPHAw%3D%3D&uid=true&url=http%3A%2F%2Fjohnhelmer.net%2F

0
-1 B

53ms
9ms

XHR
text/html

18.185.192.244
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/sc?cm=ZGAOZ1vep20AAAAURzPHAw%3D%3D&uid=true&url=http%3A%2F%2Fjohnhelmer.net%2F
Requested by: Host: johnhelmer.net
URL: http://johnhelmer.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.192.244 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-185-192-244.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 04 Nov 2018 08:01:49 GMT
Access-Control-Allow-Origin: http://johnhelmer.net
Access-Control-Max-Age: 1728000
P3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT DEM"
Location: /sc?cm=ZGAOZ1vep20AAAAURzPHAw%3D%3D&uid=true&url=http%3A%2F%2Fjohnhelmer.net%2F
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Headers: *
Content-Length: 122
Stid: ZGAOZ1vep20AAAAURzPHAw==

Redirect headers

Date: Sun, 04 Nov 2018 08:01:49 GMT
Access-Control-Allow-Origin: http://johnhelmer.net
Access-Control-Max-Age: 1728000
P3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT DEM"
Location: /sc?cm=ZGAOZ1vep20AAAAURzPHAw%3D%3D&uid=true&url=http%3A%2F%2Fjohnhelmer.net%2F
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Headers: *
Content-Length: 122
Stid: ZGAOZ1vep20AAAAURzPHAw==

GET
S 200 collect
www.google-analytics.com/ 35 B
93 B 6ms
6ms Image
image/gif 2a00:1450:4001:81d::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j71&a=189540199&t=pageview&_s=3&dl=http%3A%2F%2Fjohnhelmer.net%2F&ul=en-us&de=UTF-8&dt=Dances%20with%20Bears&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=171064891.1707534987.1541318509.1541318510.1541318510.1&_utmz=171064891.1541318510.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1541318509639&_u=KEBCAEAB~&jid=&gjid=&cid=1707534987.1541318509&tid=UA-33288465-2&_gid=1069791753.1541318509&z=176385182

Requested by

Host: johnhelmer.net
URL: http://johnhelmer.net/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Oct 2018 20:31:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 300608
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK button.gif
johnhelmer.net/wp-content/themes/dances_with_bears/images/ 1 KB
1 KB 223ms
113ms Image
image/gif 31.220.59.176
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://johnhelmer.net/wp-content/themes/dances_with_bears/images/button.gif
Requested by: Host: johnhelmer.net
URL: http://johnhelmer.net/
Protocol: HTTP/1.1
Server: 31.220.59.176 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: Apache/2.2.15 /
Resource Hash: 0bb06f3ab151b449a322502d06f2894405adb81d54b6401ae599498b08a6508a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: johnhelmer.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://johnhelmer.net/wp-content/themes/dances_with_bears/style.css
Cookie: _ga=GA1.2.1707534987.1541318509; _gid=GA1.2.1069791753.1541318509; _gat=1; __sharethis_cookie_test__=1; __unam=6cb5566-166ddbe031d-567ce3c2-1; __utma=171064891.1707534987.1541318509.1541318510.1541318510.1; __utmc=171064891; __utmz=171064891.1541318510.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=171064891.1.10.1541318510
Connection: keep-alive
Cache-Control: no-cache
Referer: http://johnhelmer.net/wp-content/themes/dances_with_bears/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 04 Nov 2018 08:01:49 GMT
Last-Modified: Tue, 17 Jan 2017 15:37:58 GMT
Server: Apache/2.2.15
ETag: "140e6e-49c-5464c15a2c180"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 1180

POST
H/1.1 200
OK / Show response
johnhelmer.net/ 0
182 B 684ms
583ms XHR
text/html 31.220.59.176
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: http://johnhelmer.net/?ga_action=googleanalytics_get_script
Requested by: Host: johnhelmer.net
URL: http://johnhelmer.net/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol: HTTP/1.1
Server: 31.220.59.176 , Lithuania, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: Apache/2.2.15 / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Origin: http://johnhelmer.net
Accept-Encoding: gzip, deflate
Host: johnhelmer.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Cache-Control: no-cache
X-Requested-With: XMLHttpRequest
Cookie: _ga=GA1.2.1707534987.1541318509; _gid=GA1.2.1069791753.1541318509; _gat=1; __sharethis_cookie_test__=1; __unam=6cb5566-166ddbe031d-567ce3c2-1; __utma=171064891.1707534987.1541318509.1541318510.1541318510.1; __utmc=171064891; __utmz=171064891.1541318510.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=171064891.1.10.1541318510
Connection: keep-alive
Referer: http://johnhelmer.net/
Content-Length: 33
Accept: */*
Referer: http://johnhelmer.net/
Origin: http://johnhelmer.net
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 04 Nov 2018 08:01:49 GMT
Server: Apache/2.2.15
Connection: close
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK widget_iframe.53652c702a2e752df1a75e4b2ec51f45.html
platform.twitter.com/widgets/ Frame 1715 0
0 7ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.53652c702a2e752df1a75e4b2ec51f45.html?origin=http%3A%2F%2Fjohnhelmer.net&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E2) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://johnhelmer.net/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

Content-Encoding: gzip
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Nov 2018 08:01:49 GMT
Etag: "347ce5de96d97a02c18244967b8b6532+gzip"
Last-Modified: Thu, 01 Nov 2018 22:41:58 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40E2)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5783

GET
H/1.1 200
OK button.e96bb6acc0f8bda511c0c46a84ee18e4.js Show response
platform.twitter.com/js/ 7 KB
3 KB 12ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.e96bb6acc0f8bda511c0c46a84ee18e4.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E1) /
Resource Hash: 00ce74a18bd6071ed7e4810d9df7393b6749531165bff6b45d237ccaee9f2808

Request headers

Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 04 Nov 2018 08:01:49 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Nov 2018 22:41:50 GMT
Server: ECS (fcn/40E1)
Etag: "afc5be16085c49e57e5c7974de717b28+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Content-Length: 2300

GET
S 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.1Fv51E5JcqI.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=QQ/rs=AGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q/ 100 KB
35 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.1Fv51E5JcqI.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=QQ/rs=AGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c54962db5b78c5b2c3cd89e65db35cd071dd33d9041a5e7b79d521c2fc6caeed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://johnhelmer.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 03 Nov 2018 09:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Nov 2018 22:38:38 GMT
server: sffe
age: 82175
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35668
x-xss-protection: 1; mode=block
expires: Sun, 03 Nov 2019 09:12:14 GMT

GET
H2 200 fastbutton
apis.google.com/se/0/_/+1/ Frame 655D 0
0 35ms
35ms Document
text/html 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=http%3A%2F%2Fjohnhelmer.net&url=http%3A%2F%2Fjohnhelmer.net%2Fthe-autocephaly-controversy-between-backing-the-church-and-violating-the-constitution-what-does-the-kremlin-think-its-doing%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.1Fv51E5JcqI.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=http%3A%2F%2Fjohnhelmer.net&url=http%3A%2F%2Fjohnhelmer.net%2Fthe-autocephaly-controversy-between-backing-the-church-and-violating-the-constitution-what-does-the-kremlin-think-its-doing%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.1Fv51E5JcqI.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://johnhelmer.net/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge, chrome=1
vary: Accept-Encoding
timing-allow-origin: *
expires: Sun, 04 Nov 2018 08:01:50 GMT
date: Sun, 04 Nov 2018 08:01:50 GMT
cache-control: private, max-age=3600
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy-report-only: script-src 'report-sample' 'nonce-RdRzr9xpQrm4VL1sMpz/9Ox3VRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /se/0/_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
set-cookie: NID=144=yqTecyHs4UwRHSBQlfDHQRSJ89LPMZuxua7YmP2LsPXq-4zuWtReRtG-UzYZbtUn_SApYpl0MY8jBmoS-COauUtUdvr8itrnxsmN2q-fwNke5etvO230biFUYtux8le6nv8iV3cny_2jXwSWI-PrrV1bRykv-cQTiKjyeCClPMQ;Domain=.google.com;Path=/;Expires=Mon, 06-May-2019 08:01:50 GMT;HttpOnly
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 fastbutton
apis.google.com/se/0/_/+1/ Frame 913E 0
0 35ms
34ms Document
text/html 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=http%3A%2F%2Fjohnhelmer.net&url=http%3A%2F%2Fjohnhelmer.net%2Fthe-russian-interest-in-the-khashoggi-case%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.1Fv51E5JcqI.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=http%3A%2F%2Fjohnhelmer.net&url=http%3A%2F%2Fjohnhelmer.net%2Fthe-russian-interest-in-the-khashoggi-case%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.1Fv51E5JcqI.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://johnhelmer.net/
accept-encoding: gzip, deflate
cookie: NID=144=yqTecyHs4UwRHSBQlfDHQRSJ89LPMZuxua7YmP2LsPXq-4zuWtReRtG-UzYZbtUn_SApYpl0MY8jBmoS-COauUtUdvr8itrnxsmN2q-fwNke5etvO230biFUYtux8le6nv8iV3cny_2jXwSWI-PrrV1bRykv-cQTiKjyeCClPMQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge, chrome=1
vary: Accept-Encoding
timing-allow-origin: *
expires: Sun, 04 Nov 2018 08:01:50 GMT
date: Sun, 04 Nov 2018 08:01:50 GMT
cache-control: private, max-age=3600
content-security-policy-report-only: script-src 'report-sample' 'nonce-bgEP2susOIhU73Mev3Lk8NSMrMo' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /se/0/_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 fastbutton
apis.google.com/se/0/_/+1/ Frame 1CED 0
0 36ms
35ms Document
text/html 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=http%3A%2F%2Fjohnhelmer.net&url=http%3A%2F%2Fjohnhelmer.net%2Funexplained-wealth-opera-oleg-deripaska-vladimir-chernukhin-and-lolita-danilina-sing-in-london%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.1Fv51E5JcqI.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=http%3A%2F%2Fjohnhelmer.net&url=http%3A%2F%2Fjohnhelmer.net%2Funexplained-wealth-opera-oleg-deripaska-vladimir-chernukhin-and-lolita-danilina-sing-in-london%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.1Fv51E5JcqI.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://johnhelmer.net/
accept-encoding: gzip, deflate
cookie: NID=144=yqTecyHs4UwRHSBQlfDHQRSJ89LPMZuxua7YmP2LsPXq-4zuWtReRtG-UzYZbtUn_SApYpl0MY8jBmoS-COauUtUdvr8itrnxsmN2q-fwNke5etvO230biFUYtux8le6nv8iV3cny_2jXwSWI-PrrV1bRykv-cQTiKjyeCClPMQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge, chrome=1
vary: Accept-Encoding
timing-allow-origin: *
expires: Sun, 04 Nov 2018 08:01:50 GMT
date: Sun, 04 Nov 2018 08:01:50 GMT
cache-control: private, max-age=3600
content-security-policy-report-only: script-src 'report-sample' 'nonce-AsPY1JGYzfPX8KEW9qjWMJzhoV8' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /se/0/_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 fastbutton
apis.google.com/se/0/_/+1/ Frame 3E25 0
0 39ms
30ms Document
text/html 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=http%3A%2F%2Fjohnhelmer.net&url=http%3A%2F%2Fjohnhelmer.net%2Fthe-house-of-government-a-snide-history-of-an-elite-moscow-apartment-building-from-california%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.1Fv51E5JcqI.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=http%3A%2F%2Fjohnhelmer.net&url=http%3A%2F%2Fjohnhelmer.net%2Fthe-house-of-government-a-snide-history-of-an-elite-moscow-apartment-building-from-california%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.1Fv51E5JcqI.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://johnhelmer.net/
accept-encoding: gzip, deflate
cookie: NID=144=yqTecyHs4UwRHSBQlfDHQRSJ89LPMZuxua7YmP2LsPXq-4zuWtReRtG-UzYZbtUn_SApYpl0MY8jBmoS-COauUtUdvr8itrnxsmN2q-fwNke5etvO230biFUYtux8le6nv8iV3cny_2jXwSWI-PrrV1bRykv-cQTiKjyeCClPMQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge, chrome=1
vary: Accept-Encoding
timing-allow-origin: *
expires: Sun, 04 Nov 2018 08:01:50 GMT
date: Sun, 04 Nov 2018 08:01:50 GMT
cache-control: private, max-age=3600
content-security-policy-report-only: script-src 'report-sample' 'nonce-MoF6KMxf5WQu+UGfOwcv8zkLUys' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /se/0/_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 fastbutton
apis.google.com/se/0/_/+1/ Frame BE18 0
0 33ms
32ms Document
text/html 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=http%3A%2F%2Fjohnhelmer.net&url=http%3A%2F%2Fjohnhelmer.net%2Fmedvedev-nixes-notched-picks-peaked-lapels-point-to-prime-minister-for-life%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.1Fv51E5JcqI.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=http%3A%2F%2Fjohnhelmer.net&url=http%3A%2F%2Fjohnhelmer.net%2Fmedvedev-nixes-notched-picks-peaked-lapels-point-to-prime-minister-for-life%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.1Fv51E5JcqI.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://johnhelmer.net/
accept-encoding: gzip, deflate
cookie: NID=144=yqTecyHs4UwRHSBQlfDHQRSJ89LPMZuxua7YmP2LsPXq-4zuWtReRtG-UzYZbtUn_SApYpl0MY8jBmoS-COauUtUdvr8itrnxsmN2q-fwNke5etvO230biFUYtux8le6nv8iV3cny_2jXwSWI-PrrV1bRykv-cQTiKjyeCClPMQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge, chrome=1
vary: Accept-Encoding
timing-allow-origin: *
expires: Sun, 04 Nov 2018 08:01:50 GMT
date: Sun, 04 Nov 2018 08:01:50 GMT
cache-control: private, max-age=3600
content-security-policy-report-only: script-src 'report-sample' 'nonce-i0e044lUj8yFzOl4nMWCHe2E2os' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /se/0/_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 fastbutton
apis.google.com/se/0/_/+1/ Frame C312 0
0 39ms
35ms Document
text/html 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=http%3A%2F%2Fjohnhelmer.net&url=http%3A%2F%2Fjohnhelmer.net%2Fwheres-the-corpus-delicti-the-skripal-case-the-gorilla-indictment%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.1Fv51E5JcqI.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=http%3A%2F%2Fjohnhelmer.net&url=http%3A%2F%2Fjohnhelmer.net%2Fwheres-the-corpus-delicti-the-skripal-case-the-gorilla-indictment%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.1Fv51E5JcqI.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://johnhelmer.net/
accept-encoding: gzip, deflate
cookie: NID=144=yqTecyHs4UwRHSBQlfDHQRSJ89LPMZuxua7YmP2LsPXq-4zuWtReRtG-UzYZbtUn_SApYpl0MY8jBmoS-COauUtUdvr8itrnxsmN2q-fwNke5etvO230biFUYtux8le6nv8iV3cny_2jXwSWI-PrrV1bRykv-cQTiKjyeCClPMQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge, chrome=1
vary: Accept-Encoding
timing-allow-origin: *
expires: Sun, 04 Nov 2018 08:01:50 GMT
date: Sun, 04 Nov 2018 08:01:50 GMT
cache-control: private, max-age=3600
content-security-policy-report-only: script-src 'report-sample' 'nonce-pqMqp4Jm+QV54E0RSzH8cCS3ONY' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /se/0/_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 fastbutton
apis.google.com/se/0/_/+1/ Frame 10E8 0
0 28ms
27ms Document
text/html 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=http%3A%2F%2Fjohnhelmer.net&url=http%3A%2F%2Fjohnhelmer.net%2Fkremlin-endorses-kudrin-capitulation-to-us-restrictions%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.1Fv51E5JcqI.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=http%3A%2F%2Fjohnhelmer.net&url=http%3A%2F%2Fjohnhelmer.net%2Fkremlin-endorses-kudrin-capitulation-to-us-restrictions%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.1Fv51E5JcqI.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://johnhelmer.net/
accept-encoding: gzip, deflate
cookie: NID=144=yqTecyHs4UwRHSBQlfDHQRSJ89LPMZuxua7YmP2LsPXq-4zuWtReRtG-UzYZbtUn_SApYpl0MY8jBmoS-COauUtUdvr8itrnxsmN2q-fwNke5etvO230biFUYtux8le6nv8iV3cny_2jXwSWI-PrrV1bRykv-cQTiKjyeCClPMQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge, chrome=1
vary: Accept-Encoding
timing-allow-origin: *
expires: Sun, 04 Nov 2018 08:01:50 GMT
date: Sun, 04 Nov 2018 08:01:50 GMT
cache-control: private, max-age=3600
content-security-policy-report-only: script-src 'report-sample' 'nonce-0Pnv+0Sxa7IUdEEZTCAZ/sxBpnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /se/0/_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 fastbutton
apis.google.com/se/0/_/+1/ Frame B616 0
0 38ms
32ms Document
text/html 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=http%3A%2F%2Fjohnhelmer.net&url=http%3A%2F%2Fjohnhelmer.net%2Fkudrin-bids-for-oligarch-support-captain-alexei-america-versus-general-sergei-of-the-russian-army%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.1Fv51E5JcqI.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=http%3A%2F%2Fjohnhelmer.net&url=http%3A%2F%2Fjohnhelmer.net%2Fkudrin-bids-for-oligarch-support-captain-alexei-america-versus-general-sergei-of-the-russian-army%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.1Fv51E5JcqI.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://johnhelmer.net/
accept-encoding: gzip, deflate
cookie: NID=144=yqTecyHs4UwRHSBQlfDHQRSJ89LPMZuxua7YmP2LsPXq-4zuWtReRtG-UzYZbtUn_SApYpl0MY8jBmoS-COauUtUdvr8itrnxsmN2q-fwNke5etvO230biFUYtux8le6nv8iV3cny_2jXwSWI-PrrV1bRykv-cQTiKjyeCClPMQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge, chrome=1
vary: Accept-Encoding
timing-allow-origin: *
expires: Sun, 04 Nov 2018 08:01:50 GMT
date: Sun, 04 Nov 2018 08:01:50 GMT
cache-control: private, max-age=3600
content-security-policy-report-only: script-src 'report-sample' 'nonce-Dh564o/wS0A5wnHvygFW59r7Se4' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /se/0/_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 fastbutton
apis.google.com/se/0/_/+1/ Frame 2603 0
0 34ms
33ms Document
text/html 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=http%3A%2F%2Fjohnhelmer.net&url=http%3A%2F%2Fjohnhelmer.net%2Ftail-wags-dog-did-the-swiss-spiez-laboratory-report-uncovered-by-russian-espionage-expose-the-opcw-british-government-in-faking-skripal-evidence%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.1Fv51E5JcqI.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=http%3A%2F%2Fjohnhelmer.net&url=http%3A%2F%2Fjohnhelmer.net%2Ftail-wags-dog-did-the-swiss-spiez-laboratory-report-uncovered-by-russian-espionage-expose-the-opcw-british-government-in-faking-skripal-evidence%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.1Fv51E5JcqI.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://johnhelmer.net/
accept-encoding: gzip, deflate
cookie: NID=144=yqTecyHs4UwRHSBQlfDHQRSJ89LPMZuxua7YmP2LsPXq-4zuWtReRtG-UzYZbtUn_SApYpl0MY8jBmoS-COauUtUdvr8itrnxsmN2q-fwNke5etvO230biFUYtux8le6nv8iV3cny_2jXwSWI-PrrV1bRykv-cQTiKjyeCClPMQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge, chrome=1
vary: Accept-Encoding
timing-allow-origin: *
expires: Sun, 04 Nov 2018 08:01:50 GMT
date: Sun, 04 Nov 2018 08:01:50 GMT
cache-control: private, max-age=3600
content-security-policy-report-only: script-src 'report-sample' 'nonce-gv7MIrc9VyNdBI+uvPxcqLaju6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /se/0/_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 fastbutton
apis.google.com/se/0/_/+1/ Frame 1468 0
0 40ms
30ms Document
text/html 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=http%3A%2F%2Fjohnhelmer.net&url=http%3A%2F%2Fjohnhelmer.net%2Ftop-secret-noforn-the-russian-corporate-management-reason-for-operations-that-go-wrong%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.1Fv51E5JcqI.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=http%3A%2F%2Fjohnhelmer.net&url=http%3A%2F%2Fjohnhelmer.net%2Ftop-secret-noforn-the-russian-corporate-management-reason-for-operations-that-go-wrong%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.1Fv51E5JcqI.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://johnhelmer.net/
accept-encoding: gzip, deflate
cookie: NID=144=yqTecyHs4UwRHSBQlfDHQRSJ89LPMZuxua7YmP2LsPXq-4zuWtReRtG-UzYZbtUn_SApYpl0MY8jBmoS-COauUtUdvr8itrnxsmN2q-fwNke5etvO230biFUYtux8le6nv8iV3cny_2jXwSWI-PrrV1bRykv-cQTiKjyeCClPMQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge, chrome=1
vary: Accept-Encoding
timing-allow-origin: *
expires: Sun, 04 Nov 2018 08:01:50 GMT
date: Sun, 04 Nov 2018 08:01:50 GMT
cache-control: private, max-age=3600
content-security-policy-report-only: script-src 'report-sample' 'nonce-wkU3r4q2JbfPdw+z+oyu3+oGnSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /se/0/_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H/1.1 200
OK sc Show response
l.sharethis.com/ 51 B
692 B 14ms
10ms XHR
text/plain 18.185.192.244
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/sc?cm=ZGAOZ1vep20AAAAURzPHAw%3D%3D&uid=true&url=http%3A%2F%2Fjohnhelmer.net%2F
Requested by: Host: johnhelmer.net
URL: http://johnhelmer.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.192.244 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-185-192-244.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: fe9167d29ae11785398e6d9b883b293dcbac7f7de108d9b6050fa3ef21297037

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/
Origin: http://johnhelmer.net

Response headers

Date: Sun, 04 Nov 2018 08:01:50 GMT
Access-Control-Max-Age: 1728000
P3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT DEM"
Access-Control-Allow-Origin: http://johnhelmer.net
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Headers: *
Content-Length: 51
Stid: ZGAXE1vep24AAAAUST/BAw==

GET
H2 200 like.php
www.facebook.com/plugins/ Frame 0EAD 0
0 111ms
43ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df26c6fa43a9b24%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&height=21&href=http%3A%2F%2Fjohnhelmer.net%2Fthe-autocephaly-controversy-between-backing-the-church-and-violating-the-constitution-what-does-the-kremlin-think-its-doing%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df26c6fa43a9b24%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&height=21&href=http%3A%2F%2Fjohnhelmer.net%2Fthe-autocephaly-controversy-between-backing-the-church-and-violating-the-constitution-what-does-the-kremlin-think-its-doing%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://johnhelmer.net/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

status: 200
timing-allow-origin: *
x-xss-protection: 0
pragma: no-cache
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
cache-control: private, no-cache, no-store, must-revalidate
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset="utf-8"
x-fb-debug: TRAnRNTNer8eKnIJB94nd3paYsmZxGH9JliroMIuIT4EknVYquaBj6Dnf8QZ2NyAWwgTC7urvSF46RSL+exIfg==
date: Sun, 04 Nov 2018 08:01:50 GMT

GET
H2 200 share_button.php
www.facebook.com/plugins/ Frame 767D 0
0 149ms
105ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df2458c75beac92c%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fjohnhelmer.net%2Fthe-autocephaly-controversy-between-backing-the-church-and-violating-the-constitution-what-does-the-kremlin-think-its-doing%2F&locale=en_US&sdk=joey&type=button_count&width=450

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df2458c75beac92c%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fjohnhelmer.net%2Fthe-autocephaly-controversy-between-backing-the-church-and-violating-the-constitution-what-does-the-kremlin-think-its-doing%2F&locale=en_US&sdk=joey&type=button_count&width=450
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://johnhelmer.net/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

status: 200
timing-allow-origin: *
x-xss-protection: 0
pragma: no-cache
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
cache-control: private, no-cache, no-store, must-revalidate
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset="utf-8"
x-fb-debug: BtqHYPwLMv9Y8T/ddbKofh4RFKtAnMzPKlHKQ3lQR6Ic3Ho+SFpr3NqBXrw3zOd2W3aSNHTl/CgrLt2Yf5lr2w==
date: Sun, 04 Nov 2018 08:01:50 GMT

GET
H2 200 like.php
www.facebook.com/plugins/ Frame 8F64 0
0 98ms
55ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df17b66bf14761ec%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&height=21&href=http%3A%2F%2Fjohnhelmer.net%2Fthe-russian-interest-in-the-khashoggi-case%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df17b66bf14761ec%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&height=21&href=http%3A%2F%2Fjohnhelmer.net%2Fthe-russian-interest-in-the-khashoggi-case%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://johnhelmer.net/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

status: 200
timing-allow-origin: *
x-xss-protection: 0
pragma: no-cache
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
cache-control: private, no-cache, no-store, must-revalidate
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset="utf-8"
x-fb-debug: n1x5GZuOw+lqAmk1qBBmVkYq1sRkDQqlD4yNyPb70eCOUcKX/jw+fW161tQs8xc48aXX5ZZrWoIy2W6fqyEWCw==
date: Sun, 04 Nov 2018 08:01:50 GMT

GET
H2 200 share_button.php
www.facebook.com/plugins/ Frame 5B70 0
0 138ms
95ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df28736b4733725%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fjohnhelmer.net%2Fthe-russian-interest-in-the-khashoggi-case%2F&locale=en_US&sdk=joey&type=button_count&width=450

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df28736b4733725%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fjohnhelmer.net%2Fthe-russian-interest-in-the-khashoggi-case%2F&locale=en_US&sdk=joey&type=button_count&width=450
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://johnhelmer.net/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

status: 200
timing-allow-origin: *
x-xss-protection: 0
pragma: no-cache
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
cache-control: private, no-cache, no-store, must-revalidate
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset="utf-8"
x-fb-debug: VV1uk9HZHztzgWZnojOgP40mzYxDT7sdlOqa4YsczLKqgzaeWg7lP67/930MHJXoxzBZIuuHtEE6qVbltKtu7w==
date: Sun, 04 Nov 2018 08:01:50 GMT

GET
H2 200 like.php
www.facebook.com/plugins/ Frame 1D2E 0
0 96ms
54ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df23a8e32fa869d%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&height=21&href=http%3A%2F%2Fjohnhelmer.net%2Funexplained-wealth-opera-oleg-deripaska-vladimir-chernukhin-and-lolita-danilina-sing-in-london%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df23a8e32fa869d%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&height=21&href=http%3A%2F%2Fjohnhelmer.net%2Funexplained-wealth-opera-oleg-deripaska-vladimir-chernukhin-and-lolita-danilina-sing-in-london%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://johnhelmer.net/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

status: 200
timing-allow-origin: *
x-xss-protection: 0
pragma: no-cache
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
cache-control: private, no-cache, no-store, must-revalidate
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset="utf-8"
x-fb-debug: VOGQ13Urpjs+aN8T+1k3MwrJhm3LGcxfAIktllcDkLdd+1wC5w7HvUqyzCEC29pbqedaw+TGvJyQEkMmmkhHtA==
date: Sun, 04 Nov 2018 08:01:50 GMT

GET
H2 200 share_button.php
www.facebook.com/plugins/ Frame 5471 0
0 105ms
63ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df3dd489e61988cc%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fjohnhelmer.net%2Funexplained-wealth-opera-oleg-deripaska-vladimir-chernukhin-and-lolita-danilina-sing-in-london%2F&locale=en_US&sdk=joey&type=button_count&width=450

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df3dd489e61988cc%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fjohnhelmer.net%2Funexplained-wealth-opera-oleg-deripaska-vladimir-chernukhin-and-lolita-danilina-sing-in-london%2F&locale=en_US&sdk=joey&type=button_count&width=450
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://johnhelmer.net/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

status: 200
timing-allow-origin: *
x-xss-protection: 0
pragma: no-cache
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
cache-control: private, no-cache, no-store, must-revalidate
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset="utf-8"
x-fb-debug: nKLBSG+fIF6Llk68I1ybfG6RhBPqRPr+4gLKgVhfL/QwEsvxMuqDODgPbSpQeDCG8hiG2zChWm73V8aVeVP4tw==
date: Sun, 04 Nov 2018 08:01:50 GMT

GET
H2 200 like.php
www.facebook.com/plugins/ Frame 9EFC 0
0 146ms
105ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df2d9d6dab519ce%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&height=21&href=http%3A%2F%2Fjohnhelmer.net%2Fthe-house-of-government-a-snide-history-of-an-elite-moscow-apartment-building-from-california%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df2d9d6dab519ce%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&height=21&href=http%3A%2F%2Fjohnhelmer.net%2Fthe-house-of-government-a-snide-history-of-an-elite-moscow-apartment-building-from-california%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://johnhelmer.net/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

status: 200
timing-allow-origin: *
x-xss-protection: 0
pragma: no-cache
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
cache-control: private, no-cache, no-store, must-revalidate
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset="utf-8"
x-fb-debug: LxXLcEtTvLz3eugo7npQCTpMjCi/xFo9i8/rR8/PuKJCm45JK35dHFNqeFvRfz8jjfXIJrSTQO+xuovW3Gg+Ag==
date: Sun, 04 Nov 2018 08:01:50 GMT

GET
H2 200 share_button.php
www.facebook.com/plugins/ Frame CA0F 0
0 136ms
95ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df33ce4e9e79c3d%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fjohnhelmer.net%2Fthe-house-of-government-a-snide-history-of-an-elite-moscow-apartment-building-from-california%2F&locale=en_US&sdk=joey&type=button_count&width=450

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df33ce4e9e79c3d%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fjohnhelmer.net%2Fthe-house-of-government-a-snide-history-of-an-elite-moscow-apartment-building-from-california%2F&locale=en_US&sdk=joey&type=button_count&width=450
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://johnhelmer.net/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

status: 200
timing-allow-origin: *
x-xss-protection: 0
pragma: no-cache
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
cache-control: private, no-cache, no-store, must-revalidate
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset="utf-8"
x-fb-debug: mjCuANBmYwmDNerpLAPCI/C5xsWNHn9lo9FSXOHyzLGHGt2+3t4vo15nXoM3x2UWU81nGk+l+2QywsDD5Isx/w==
date: Sun, 04 Nov 2018 08:01:50 GMT

GET
H2 200 like.php
www.facebook.com/plugins/ Frame 9F73 0
0 86ms
70ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df213253bbce4c4c%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&height=21&href=http%3A%2F%2Fjohnhelmer.net%2Fmedvedev-nixes-notched-picks-peaked-lapels-point-to-prime-minister-for-life%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;report-uri https://www.facebook.com/csp.php
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df213253bbce4c4c%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&height=21&href=http%3A%2F%2Fjohnhelmer.net%2Fmedvedev-nixes-notched-picks-peaked-lapels-point-to-prime-minister-for-life%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://johnhelmer.net/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

status: 200
timing-allow-origin: *
x-xss-protection: 0
pragma: no-cache
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;report-uri https://www.facebook.com/csp.php
cache-control: private, no-cache, no-store, must-revalidate
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset="utf-8"
x-fb-debug: LNBWewb/XbQdzCIlT/fASZZ526DeVuTsBRLXNsvfrhOiDCOSYlEuKXGkkxyj4Yjh07eH8bl7eT4yoVCi+goj+g==
date: Sun, 04 Nov 2018 08:01:50 GMT

GET
H2 200 share_button.php
www.facebook.com/plugins/ Frame D060 0
0 71ms
55ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df3c25136377bab4%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fjohnhelmer.net%2Fmedvedev-nixes-notched-picks-peaked-lapels-point-to-prime-minister-for-life%2F&locale=en_US&sdk=joey&type=button_count&width=450

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df3c25136377bab4%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fjohnhelmer.net%2Fmedvedev-nixes-notched-picks-peaked-lapels-point-to-prime-minister-for-life%2F&locale=en_US&sdk=joey&type=button_count&width=450
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://johnhelmer.net/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

status: 200
timing-allow-origin: *
x-xss-protection: 0
pragma: no-cache
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
cache-control: private, no-cache, no-store, must-revalidate
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset="utf-8"
x-fb-debug: o8M4QlbbfTEycJcQiCk2n9UknnMfSgwAHrCULz8grp2lB43HXvOIXZhlpi1XiS5QXrt3mrRp68Gy2XvZ2lk1og==
date: Sun, 04 Nov 2018 08:01:50 GMT

GET
H2 200 like.php
www.facebook.com/plugins/ Frame BC2C 0
0 85ms
70ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df1692b60a755e4c%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&height=21&href=http%3A%2F%2Fjohnhelmer.net%2Fwheres-the-corpus-delicti-the-skripal-case-the-gorilla-indictment%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df1692b60a755e4c%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&height=21&href=http%3A%2F%2Fjohnhelmer.net%2Fwheres-the-corpus-delicti-the-skripal-case-the-gorilla-indictment%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://johnhelmer.net/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

status: 200
timing-allow-origin: *
x-xss-protection: 0
pragma: no-cache
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
cache-control: private, no-cache, no-store, must-revalidate
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset="utf-8"
x-fb-debug: m6VAd8zfFL64WHYhFe2fwV19LCDe/dxsnimZQAhWCL/D3s47UAcrjNKIZs5sKAB+lWSCKfJSRlbPNE2SY/4dAA==
date: Sun, 04 Nov 2018 08:01:50 GMT

GET
H2 200 share_button.php
www.facebook.com/plugins/ Frame FA28 0
0 78ms
62ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df3e620176497ac8%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fjohnhelmer.net%2Fwheres-the-corpus-delicti-the-skripal-case-the-gorilla-indictment%2F&locale=en_US&sdk=joey&type=button_count&width=450

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df3e620176497ac8%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fjohnhelmer.net%2Fwheres-the-corpus-delicti-the-skripal-case-the-gorilla-indictment%2F&locale=en_US&sdk=joey&type=button_count&width=450
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://johnhelmer.net/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

status: 200
timing-allow-origin: *
x-xss-protection: 0
pragma: no-cache
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
cache-control: private, no-cache, no-store, must-revalidate
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset="utf-8"
x-fb-debug: /AK9KLkt4B7zzqZbMnd/DPBzVmhQyhjmJ2vMDUbUQmF2NIDT2y4qKF5fR3jAsuLKV4bMa7OgvLw4vwfMIb1yVA==
date: Sun, 04 Nov 2018 08:01:50 GMT

GET
H2 200 like.php
www.facebook.com/plugins/ Frame 7B08 0
0 70ms
55ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df2cfb1923c44b%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&height=21&href=http%3A%2F%2Fjohnhelmer.net%2Fkremlin-endorses-kudrin-capitulation-to-us-restrictions%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df2cfb1923c44b%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&height=21&href=http%3A%2F%2Fjohnhelmer.net%2Fkremlin-endorses-kudrin-capitulation-to-us-restrictions%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://johnhelmer.net/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

status: 200
timing-allow-origin: *
x-xss-protection: 0
pragma: no-cache
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
cache-control: private, no-cache, no-store, must-revalidate
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset="utf-8"
x-fb-debug: /GoakRaARDnpy4tjYM4z7kzI3fNJAuLSrXxNpLxk1N3JQKqGzWq+TbwcXxNeblttkIP96iHBs8ezKncLL3tfzA==
date: Sun, 04 Nov 2018 08:01:50 GMT

GET
H2 200 share_button.php
www.facebook.com/plugins/ Frame FA41 0
0 100ms
86ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df3a6fd3a247a188%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fjohnhelmer.net%2Fkremlin-endorses-kudrin-capitulation-to-us-restrictions%2F&locale=en_US&sdk=joey&type=button_count&width=450

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df3a6fd3a247a188%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fjohnhelmer.net%2Fkremlin-endorses-kudrin-capitulation-to-us-restrictions%2F&locale=en_US&sdk=joey&type=button_count&width=450
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://johnhelmer.net/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

status: 200
timing-allow-origin: *
x-xss-protection: 0
pragma: no-cache
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
cache-control: private, no-cache, no-store, must-revalidate
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset="utf-8"
x-fb-debug: llt8foRZYpjbIxTu4ATKzTdg6ALqcPuIPhXtx/PvO1DO+npOCNcYJI3yT9RUfeUjKgveEGJtLuJn4YhvGzBgJQ==
date: Sun, 04 Nov 2018 08:01:50 GMT

GET
H2 200 like.php
www.facebook.com/plugins/ Frame 6555 0
0 89ms
75ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df30b8145f08088c%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&height=21&href=http%3A%2F%2Fjohnhelmer.net%2Fkudrin-bids-for-oligarch-support-captain-alexei-america-versus-general-sergei-of-the-russian-army%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df30b8145f08088c%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&height=21&href=http%3A%2F%2Fjohnhelmer.net%2Fkudrin-bids-for-oligarch-support-captain-alexei-america-versus-general-sergei-of-the-russian-army%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://johnhelmer.net/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

status: 200
timing-allow-origin: *
x-xss-protection: 0
pragma: no-cache
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
cache-control: private, no-cache, no-store, must-revalidate
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset="utf-8"
x-fb-debug: rgvziuvxoFIRywPsXHg/fOfeOxZ7aERUgjy3MiVPRSsuJiT19tpnvoaEct2fe0xMaHu2kj0RC6wmB3P0lZbFLA==
date: Sun, 04 Nov 2018 08:01:50 GMT

GET
H2 200 share_button.php
www.facebook.com/plugins/ Frame 3FE3 0
0 109ms
94ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df1f4e6461048bac%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fjohnhelmer.net%2Fkudrin-bids-for-oligarch-support-captain-alexei-america-versus-general-sergei-of-the-russian-army%2F&locale=en_US&sdk=joey&type=button_count&width=450

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df1f4e6461048bac%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fjohnhelmer.net%2Fkudrin-bids-for-oligarch-support-captain-alexei-america-versus-general-sergei-of-the-russian-army%2F&locale=en_US&sdk=joey&type=button_count&width=450
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://johnhelmer.net/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

status: 200
timing-allow-origin: *
x-xss-protection: 0
pragma: no-cache
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
cache-control: private, no-cache, no-store, must-revalidate
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset="utf-8"
x-fb-debug: dxpha7Q7R4B88PjSnVaJMCUfFtf8ClObg4quByCaTMo43rDRgkbPQdzZgMsCtlyZ9nBVqp8X0AG97euNf6xM4A==
date: Sun, 04 Nov 2018 08:01:50 GMT

GET
H2 200 like.php
www.facebook.com/plugins/ Frame 0F14 0
0 99ms
85ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df2b4feedfdec874%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&height=21&href=http%3A%2F%2Fjohnhelmer.net%2Ftail-wags-dog-did-the-swiss-spiez-laboratory-report-uncovered-by-russian-espionage-expose-the-opcw-british-government-in-faking-skripal-evidence%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df2b4feedfdec874%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&height=21&href=http%3A%2F%2Fjohnhelmer.net%2Ftail-wags-dog-did-the-swiss-spiez-laboratory-report-uncovered-by-russian-espionage-expose-the-opcw-british-government-in-faking-skripal-evidence%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://johnhelmer.net/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

status: 200
timing-allow-origin: *
x-xss-protection: 0
pragma: no-cache
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
cache-control: private, no-cache, no-store, must-revalidate
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset="utf-8"
x-fb-debug: sKiWyFkpiEdzQvn788gWOalDEh1vglpR2wdlFnUOJ2F5vQTdkbSY/IhN2bxgka8P2GEQyJeVQ+Uz7X2DlcTlPA==
date: Sun, 04 Nov 2018 08:01:50 GMT

GET
H2 200 share_button.php
www.facebook.com/plugins/ Frame 276A 0
0 89ms
75ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df3a3a00e9fc777%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fjohnhelmer.net%2Ftail-wags-dog-did-the-swiss-spiez-laboratory-report-uncovered-by-russian-espionage-expose-the-opcw-british-government-in-faking-skripal-evidence%2F&locale=en_US&sdk=joey&type=button_count&width=450

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df3a3a00e9fc777%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fjohnhelmer.net%2Ftail-wags-dog-did-the-swiss-spiez-laboratory-report-uncovered-by-russian-espionage-expose-the-opcw-british-government-in-faking-skripal-evidence%2F&locale=en_US&sdk=joey&type=button_count&width=450
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://johnhelmer.net/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

status: 200
timing-allow-origin: *
x-xss-protection: 0
pragma: no-cache
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
cache-control: private, no-cache, no-store, must-revalidate
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset="utf-8"
x-fb-debug: sSwEiSMsAljDylULze0Fc6s3VFh6l9WitcyAbmFhO/HcnaHHq8A0DfXafWYlfROVH5HIfgVDS4cH/bys0YObtg==
date: Sun, 04 Nov 2018 08:01:50 GMT

GET
H2 200 like.php
www.facebook.com/plugins/ Frame CD2C 0
0 98ms
85ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df508a1a68153bc%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&height=21&href=http%3A%2F%2Fjohnhelmer.net%2Ftop-secret-noforn-the-russian-corporate-management-reason-for-operations-that-go-wrong%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df508a1a68153bc%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&height=21&href=http%3A%2F%2Fjohnhelmer.net%2Ftop-secret-noforn-the-russian-corporate-management-reason-for-operations-that-go-wrong%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://johnhelmer.net/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

status: 200
timing-allow-origin: *
x-xss-protection: 0
pragma: no-cache
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
cache-control: private, no-cache, no-store, must-revalidate
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset="utf-8"
x-fb-debug: kchymtfe1p0Um/QQ/vxGu8wtMD44dzB0gbUC9eMpd/wJ4SU9FMKSM46yCRugAO5NEin18lpuoWTKBpoef0O2FQ==
date: Sun, 04 Nov 2018 08:01:50 GMT

GET
H2 200 share_button.php
www.facebook.com/plugins/ Frame 3A2F 0
0 130ms
117ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df2c81bbefaa8888%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fjohnhelmer.net%2Ftop-secret-noforn-the-russian-corporate-management-reason-for-operations-that-go-wrong%2F&locale=en_US&sdk=joey&type=button_count&width=450

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;report-uri https://www.facebook.com/csp.php
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F__Bz3h5RzMx.js%3Fversion%3D42%23cb%3Df2c81bbefaa8888%26domain%3Djohnhelmer.net%26origin%3Dhttp%253A%252F%252Fjohnhelmer.net%252Ff25c91a49a8a4fc%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fjohnhelmer.net%2Ftop-secret-noforn-the-russian-corporate-management-reason-for-operations-that-go-wrong%2F&locale=en_US&sdk=joey&type=button_count&width=450
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://johnhelmer.net/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

status: 200
timing-allow-origin: *
x-xss-protection: 0
pragma: no-cache
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;report-uri https://www.facebook.com/csp.php
cache-control: private, no-cache, no-store, must-revalidate
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset="utf-8"
x-fb-debug: meH+uAe85HEhQe8JzlxDhIyKCv8L6iYaNqa+3HJnmRD8xL964Fv6QLu5Z+Z32S3dJfrFTYrIxBRxl8QSsE7nXg==
date: Sun, 04 Nov 2018 08:01:50 GMT

GET
H/1.1 200
OK tweet_button.53652c702a2e752df1a75e4b2ec51f45.en.html
platform.twitter.com/widgets/ Frame 88C9 0
0 38ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.53652c702a2e752df1a75e4b2ec51f45.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41D7) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://johnhelmer.net/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

Content-Encoding: gzip
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Nov 2018 08:01:50 GMT
Etag: "48812b336230941a9a1dcb123051857e+gzip"
Last-Modified: Thu, 01 Nov 2018 22:41:55 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/41D7)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 12219

GET
H/1.1 200
OK tweet_button.53652c702a2e752df1a75e4b2ec51f45.en.html
platform.twitter.com/widgets/ Frame 7347 0
0 38ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.53652c702a2e752df1a75e4b2ec51f45.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40FA) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://johnhelmer.net/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

Content-Encoding: gzip
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Nov 2018 08:01:50 GMT
Etag: "48812b336230941a9a1dcb123051857e+gzip"
Last-Modified: Thu, 01 Nov 2018 22:41:55 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40FA)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 12219

GET
H/1.1 200
OK tweet_button.53652c702a2e752df1a75e4b2ec51f45.en.html
platform.twitter.com/widgets/ Frame 197A 0
0 90ms
23ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.53652c702a2e752df1a75e4b2ec51f45.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/419F) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://johnhelmer.net/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

Content-Encoding: gzip
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Nov 2018 08:01:50 GMT
Etag: "48812b336230941a9a1dcb123051857e+gzip"
Last-Modified: Thu, 01 Nov 2018 22:41:55 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/419F)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 12219

GET
H/1.1 200
OK tweet_button.53652c702a2e752df1a75e4b2ec51f45.en.html
platform.twitter.com/widgets/ Frame 6E51 0
0 90ms
23ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.53652c702a2e752df1a75e4b2ec51f45.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41A8) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://johnhelmer.net/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

Content-Encoding: gzip
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Nov 2018 08:01:50 GMT
Etag: "48812b336230941a9a1dcb123051857e+gzip"
Last-Modified: Thu, 01 Nov 2018 22:41:55 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/41A8)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 12219

GET
H/1.1 200
OK tweet_button.53652c702a2e752df1a75e4b2ec51f45.en.html
platform.twitter.com/widgets/ Frame 3A80 0
0 126ms
8ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.53652c702a2e752df1a75e4b2ec51f45.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4193) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://johnhelmer.net/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

Content-Encoding: gzip
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Nov 2018 08:01:50 GMT
Etag: "48812b336230941a9a1dcb123051857e+gzip"
Last-Modified: Thu, 01 Nov 2018 22:41:55 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/4193)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 12219

GET
H/1.1 200
OK tweet_button.53652c702a2e752df1a75e4b2ec51f45.en.html
platform.twitter.com/widgets/ Frame F63B 0
0 132ms
14ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.53652c702a2e752df1a75e4b2ec51f45.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40DC) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://johnhelmer.net/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

Content-Encoding: gzip
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Nov 2018 08:01:50 GMT
Etag: "48812b336230941a9a1dcb123051857e+gzip"
Last-Modified: Thu, 01 Nov 2018 22:41:55 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40DC)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 12219

GET
H/1.1 200
OK tweet_button.53652c702a2e752df1a75e4b2ec51f45.en.html
platform.twitter.com/widgets/ Frame 7182 0
0 273ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.53652c702a2e752df1a75e4b2ec51f45.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40DF) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://johnhelmer.net/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

Content-Encoding: gzip
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Nov 2018 08:01:50 GMT
Etag: "48812b336230941a9a1dcb123051857e+gzip"
Last-Modified: Thu, 01 Nov 2018 22:41:55 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40DF)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 12219

GET
H/1.1 200
OK tweet_button.53652c702a2e752df1a75e4b2ec51f45.en.html
platform.twitter.com/widgets/ Frame BA0A 0
0 286ms
9ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.53652c702a2e752df1a75e4b2ec51f45.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40B0) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://johnhelmer.net/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

Content-Encoding: gzip
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Nov 2018 08:01:50 GMT
Etag: "48812b336230941a9a1dcb123051857e+gzip"
Last-Modified: Thu, 01 Nov 2018 22:41:55 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40B0)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 12219

GET
H/1.1 200
OK tweet_button.53652c702a2e752df1a75e4b2ec51f45.en.html
platform.twitter.com/widgets/ Frame 3B86 0
0 357ms
26ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.53652c702a2e752df1a75e4b2ec51f45.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40D6) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://johnhelmer.net/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

Content-Encoding: gzip
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Nov 2018 08:01:50 GMT
Etag: "48812b336230941a9a1dcb123051857e+gzip"
Last-Modified: Thu, 01 Nov 2018 22:41:55 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40D6)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 12219

GET
H/1.1 200
OK tweet_button.53652c702a2e752df1a75e4b2ec51f45.en.html
platform.twitter.com/widgets/ Frame 4D9D 0
0 393ms
8ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.53652c702a2e752df1a75e4b2ec51f45.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41A3) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://johnhelmer.net/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

Content-Encoding: gzip
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Nov 2018 08:01:50 GMT
Etag: "48812b336230941a9a1dcb123051857e+gzip"
Last-Modified: Thu, 01 Nov 2018 22:41:55 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/41A3)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 12219

GET
H2 200 postmessageRelay
accounts.google.com/o/oauth2/ Frame 7578 0
0 265ms
0ms Document
text/html 2a00:1450:4001:81c::200d
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fjohnhelmer.net&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.1Fv51E5JcqI.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.1Fv51E5JcqI.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=QQ/rs=AGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q/cb=gapi.loaded_1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::200d , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yZQxGSES2rSC6yoUE8CSoGYuKI4' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=http%3A%2F%2Fjohnhelmer.net&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.1Fv51E5JcqI.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOyJiHj0gUnZRPcdezkeAYSoD_n5Q%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://johnhelmer.net/
accept-encoding: gzip, deflate
cookie: NID=144=yqTecyHs4UwRHSBQlfDHQRSJ89LPMZuxua7YmP2LsPXq-4zuWtReRtG-UzYZbtUn_SApYpl0MY8jBmoS-COauUtUdvr8itrnxsmN2q-fwNke5etvO230biFUYtux8le6nv8iV3cny_2jXwSWI-PrrV1bRykv-cQTiKjyeCClPMQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://johnhelmer.net/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 04 Nov 2018 08:01:51 GMT
content-security-policy: script-src 'report-sample' 'nonce-yZQxGSES2rSC6yoUE8CSoGYuKI4' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H/1.1

200
OK

jot.html
platform.twitter.com/ Frame FE78
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

6ms
6ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40DD) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
Origin: null
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Accept-Ranges: bytes
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Nov 2018 08:01:51 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Thu, 01 Nov 2018 22:42:42 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40DD)
X-Cache: HIT
Content-Length: 80

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Sun, 04 Nov 2018 08:01:51 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Sun, 04 Nov 2018 08:01:51 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_b
strict-transport-security: max-age=631138519
x-connection-hash: 505914257c3c7744c6b5616fb908d91f
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 11
x-transaction: 00e3a8df00c95f5b
x-tsa-request-body-time: 0
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-19 00:32:09	Name: NID Value: 144=yqTecyHs4UwRHSBQlfDHQRSJ89LPMZuxua7YmP2LsPXq-4zuWtReRtG-UzYZbtUn_SApYpl0MY8jBmoS-COauUtUdvr8itrnxsmN2q-fwNke5etvO230biFUYtux8le6nv8iV3cny_2jXwSWI-PrrV1bRykv-cQTiKjyeCClPMQ

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://johnhelmer.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
c.sharethis.mgr.consensu.org
connect.facebook.net
johnhelmer.net
johnhelmer.org
l.sharethis.com
platform-api.sharethis.com
platform.linkedin.com
platform.twitter.com
static.licdn.com
staticxx.facebook.com
syndication.twitter.com
www.facebook.com
www.google-analytics.com
18.185.192.244
199.16.156.52
2.19.43.118
2.20.190.164
2606:2800:234:59:254c:406:2366:268c
2606:4700:30::6818:78b4
2a00:1450:4001:81c::200d
2a00:1450:4001:81c::200e
2a00:1450:4001:81d::200e
2a02:26f0:f1:280::25eb
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:f500:10:101::b93f:9101
31.220.59.176
00ce74a18bd6071ed7e4810d9df7393b6749531165bff6b45d237ccaee9f2808
0548d3e654b5048875eeaab894c080a80ef3ceee9ea94729c7e2fe34efd71a0b
05e2d158eff86d458f09fd65b7e8e5e8effda9614cb6705e12eb0b3aae87eb7c
0bb06f3ab151b449a322502d06f2894405adb81d54b6401ae599498b08a6508a
0d935e9a0486996a88e5a9f1dffcc004989be37ae295a5093530f77ffca0d713
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
262402a5cd844521c7d65cec7eeb6136ddc5f5689018ecce4ef9e9f435434bfc
2d7481c72a3827dee23254b8198fa70f7ce5c637791658b4e0c6550a568af105
2f802a4e98368647b1b2abcfbcac84b6daab89432c0b249c1266c28539eff31d
3201212b015779d1bb850144018b83cc632268320d5354f911aca358274a5848
35c45214acf1b6064e78d9147c86801c230cb3bc3524620413490d5f818d2087
42f27ed757d09b6f9f570085182aff16b708a92bd4fd2d4ca58597fff0d2c2b5
46257bdae6f3073e666cb3ca346cae549c14a8e8b44c257af4d6c185d2ad9506
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4e70226072ea8787cee8086e1677fe306d101614c07cd1470b3b61b4e010bd5a
4f46e0a2042062a23e0aefa3dc6dea218f1dff6fa3191c5ac189cc0f085a9c77
56cd3fbe04a8596a632f552bb196dadb3a015a46aa278e33dd4afdfcaef6726d
5d7cbea5271b4f1eeab1602ea2bf5fa3efbbd1b5d7530a19ad30afbe1b71b1a2
5e28b7dc6feabd7a777042bf33667971f956a8861ecea2170666d70b2a66d83d
6e7e54b0250a71b4a2b47f3fb86c6a2a67205029ee2b4207c857f1fc12ad2283
72621fa58581e37e61125e4907438914f70530ff809f4018ce4e20938972c3fc
729f42856266c841c8ea0eb02ef896893c9c623a2b9fbda4e93c91c04aebe638
777587a84c79c6714f6842d07420f03b482285d4db1fde28faed4cf21acdd66c
7ded054bd6752fb8b30bae328d72969326829377199eadc17ca75e86525a4008
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
873b3e70235a906b02b8fdf4d12dfc44760148d1e471a48f3cf099e066c162ff
8cb05b675fe6419a9e91eb587c60902c7ed1cb6c42b8cff8ce404ef89f635cde
a7132592dfbc28415f810dd083f00629c37f84e890af3ee0a8eb7bec38d2f747
a80b4f007f652dc9e20f80d791fe8a73de6b3cf06237272a3b47152c1bbf7962
ac5f97e3195fdf43874a89aeb1c86a5e2e77f94c1ba3aaee8f4dbbd9dd4f37fc
baaf2bfbb985dfdd8b9a18c25d34a835a63b2bdff446f51939235d5cbb84bd65
bf41cc18f5c1905b2afb2a80bfff3c910b71d25cdcd3aea4b25df91892508e36
c0761b8a2f39ee2294e7d249ab9a54a64f594278a7e9e8c96297c7949ddcd08c
c124fab0de2117b1a58241d3d7bac1b88b7558dc8cde9f16e381cfc2d41f500c
c54962db5b78c5b2c3cd89e65db35cd071dd33d9041a5e7b79d521c2fc6caeed
c65af59f029145e60cb1462c257e18b59fe44f1faf68aa1b64cdd2a9254107f3
d20a91d1c9dcb1332f6349e84239f5b1fab8661137b9bec6bf3ed9c2f129fccc
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
fe9167d29ae11785398e6d9b883b293dcbac7f7de108d9b6050fa3ef21297037

johnhelmer.net Open in urlscan Pro 31.220.59.176 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

92 Requests

68 %HTTPS

64 %IPv6

11 Domains

15 Subdomains

13 IPs

4 Countries

2744 kBTransfer

3389 kBSize

1 Cookies

36 Outgoing links

Redirected requests

92 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

johnhelmer.net Open in urlscan Pro
31.220.59.176 Public Scan

Screenshot
Live screenshot

Full Image

92
Requests

68 %
HTTPS

64 %
IPv6

11
Domains

15
Subdomains

13
IPs

4
Countries

2744 kB
Transfer

3389 kB
Size

1
Cookies

92 HTTP transactions
0 data transactions