nyholmballing.livejournal.com Open in urlscan Pro
81.19.74.1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://nyholmballing.livejournal.com/profile
Submission: On August 22 via manual (August 22nd 2021, 11:11:07 pm UTC) from US

Summary HTTP 46 Redirects Links 33 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 17 domains to perform 46 HTTP transactions. The main IP is 81.19.74.1, located in Moscow, Russian Federation and belongs to RAMBLER-TELECOM-AS, RU. The main domain is nyholmballing.livejournal.com.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on February 28th 2021. Valid for: a year.

This is the only time nyholmballing.livejournal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	81.19.74.1 81.19.74.1	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
1	81.19.87.48 81.19.87.48	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
3	104.111.243.126 104.111.243.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1 3	13.224.102.122 13.224.102.122	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	13.83.132.107 13.83.132.107	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700:303... 2606:4700:3035::ac43:ccdd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	207.62.77.103 207.62.77.103	2152 (CSUNET-NW) (CSUNET-NW)
1 2	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
5	81.19.89.17 81.19.89.17	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
1	2a02:6b8::131 2a02:6b8::131	13238 (YANDEX) (YANDEX)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	87.240.190.78 87.240.190.78	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
1	91.192.150.38 91.192.150.38	42481 (BEGUN-AS) (BEGUN-AS)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
46	19

2 81.19.74.1 (Moscow, Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: livejournal.com

nyholmballing.livejournal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xc3.services.livejournal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.19.87.48 (Moscow, Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: apl.rambler-co.ru

vp.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.243.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-243-126.deploy.static.akamaitechnologies.com

l-stat.livejournal.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.102.122 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-122.zrh50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.83.132.107 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.lasc.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:ccdd (United States)

ASN13335 (CLOUDFLARENET, US)

www.security-guard.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.62.77.103 (United States)

ASN2152 (CSUNET-NW, US)

www.lacitycollege.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 81.19.89.17 (Moscow, Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

st.top100.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kraken.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::131 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

awaps.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.240.190.78 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv78-190-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.192.150.38 (Russian Federation)

ASN42481 (BEGUN-AS, RU)
PTR: rcm.rambler.ru

rcmjs.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	google.com fundingchoicesmessages.google.com	94 KB
4	rambler.ru ssp.rambler.ru Failed vp.rambler.ru rcmjs.rambler.ru kraken.rambler.ru	59 KB
3	top100.ru st.top100.ru	67 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	livejournal.net l-stat.livejournal.net Failed	6 KB
2	facebook.com www.facebook.com	315 B
2	vk.com vk.com	23 KB
2	facebook.net connect.facebook.net	99 KB
2	tns-counter.ru 1 redirects www.tns-counter.ru	699 B
2	livejournal.com nyholmballing.livejournal.com xc3.services.livejournal.com	84 KB
1	googlesyndication.com pagead2.googlesyndication.com	22 KB
1	yandex.ru awaps.yandex.ru	303 B
1	lacitycollege.edu www.lacitycollege.edu	128 KB
1	security-guard.ca www.security-guard.ca
1	lasc.edu www.lasc.edu	586 KB
1	googletagmanager.com www.googletagmanager.com	37 KB
1	google-analytics.com www.google-analytics.com	20 KB
46	17

	Domain	Requested by
12	fundingchoicesmessages.google.com	nyholmballing.livejournal.com
3	st.top100.ru	nyholmballing.livejournal.com st.top100.ru
3	sb.scorecardresearch.com	1 redirects nyholmballing.livejournal.com
3	l-stat.livejournal.net	nyholmballing.livejournal.com
2	kraken.rambler.ru	st.top100.ru
2	www.facebook.com	nyholmballing.livejournal.com connect.facebook.net
2	vk.com	nyholmballing.livejournal.com
2	connect.facebook.net	nyholmballing.livejournal.com connect.facebook.net
2	www.tns-counter.ru	1 redirects nyholmballing.livejournal.com
1	pagead2.googlesyndication.com
1	rcmjs.rambler.ru	nyholmballing.livejournal.com
1	awaps.yandex.ru	nyholmballing.livejournal.com
1	www.lacitycollege.edu	nyholmballing.livejournal.com
1	www.security-guard.ca	nyholmballing.livejournal.com
1	www.lasc.edu	nyholmballing.livejournal.com
1	www.googletagmanager.com	nyholmballing.livejournal.com
1	www.google-analytics.com	nyholmballing.livejournal.com
1	xc3.services.livejournal.com	nyholmballing.livejournal.com
1	vp.rambler.ru	nyholmballing.livejournal.com
1	nyholmballing.livejournal.com
0	ssp.rambler.ru Failed	nyholmballing.livejournal.com
46	21

This site contains links to these domains. Also see Links.

Domain
www.livejournal.com
forsythbreum6.livejournal.com
www.facebook.com
twitter.com
redirect.appmetrica.yandex.com
appgallery.huawei.com
news.livejournal.com

Subject Issuer	Validity	Valid
*.livejournal.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-02-28` - `2022-02-25`	a year	crt.sh
*.rambler.ru RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-20` - `2022-05-19`	a year	crt.sh
livejournal.com DigiCert SHA2 Secure Server CA	`2021-02-11` - `2022-02-15`	a year	crt.sh
*.services.livejournal.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-28` - `2022-05-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
www.lasc.edu InCommon RSA Server CA	`2019-10-22` - `2021-10-21`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-30` - `2022-06-29`	a year	crt.sh
*.lacitycollege.edu GeoTrust RSA CA 2018	`2019-11-06` - `2021-11-05`	2 years	crt.sh
*.tns-counter.ru GlobalSign ECC OV SSL CA 2018	`2020-11-10` - `2021-12-12`	a year	crt.sh
*.top100.ru RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-02-15` - `2022-02-14`	a year	crt.sh
awaps-v6.yandex.net Yandex CA	`2021-07-10` - `2021-12-11`	5 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-06-09` - `2022-06-10`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://nyholmballing.livejournal.com/profile
Frame ID: E0712CFFAB03ED4382E0C0906C6FA5CB
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

nyholmballing - Profile

Detected technologies

LiveJournal (Blogs) Expand

Overall confidence: 100%
Detected patterns

url /\.livejournal\.com/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

46
Requests

87 %
HTTPS

50 %
IPv6

17
Domains

21
Subdomains

19
IPs

3
Countries

1227 kB
Transfer

2315 kB
Size

7
Cookies

33 Outgoing links

These are links going to different origins than the main page.

URL: https://www.livejournal.com/
Title: LiveJournal

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/2020/
Title: Your 2020 in LJ

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/browse/
Title: Communities

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/syn
Title: RSS Reader

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/shop/
Title: Shop

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/support/
Title: Help

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/login.bml

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/create
Title: Join free Join

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/manage/settings/?cat=display
Title: English (en)

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/lostinfo.bml
Title: Forgot password

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/identity/login.bml?type=facebook&auto_forwhat=user%24nyholmballing%24%2Fprofile
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/identity/login.bml?type=twitter&auto_forwhat=user%24nyholmballing%24%2Fprofile
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/identity/login.bml?type=google&auto_forwhat=user%24nyholmballing%24%2Fprofile
Title: Google

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/identity/login.bml?type=rambler&auto_forwhat=user%24nyholmballing%24%2Fprofile
Title: RAMBLER&Co ID

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/identity/login.bml?type=mailru&auto_forwhat=user%24nyholmballing%24%2Fprofile
Title:

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/identity/login.bml?type=vkontakte&auto_forwhat=user%24nyholmballing%24%2Fprofile
Title:

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/legal/tos-en.bml
Title: User agreement

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/shop/vgift.bml?to=nyholmballing
Title: Send V-Gift

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/shop/profaccount.bml?form=3&for=nyholmballing
Title: Gift

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/directory.bml?opt_sort=ut&s_loc=1&loc_cn=US&loc_st=Oregon
Title: Oregon

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/directory.bml?opt_sort=ut&s_loc=1&loc_cn=US
Title: United States

Search URL Search Domain Scan URL

URL: https://forsythbreum6.livejournal.com/profile
Title: https://forsythbreum6.livejournal.com/profile

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/chat

Search URL Search Domain Scan URL

URL: https://www.facebook.com/livejournal
Title: Follow us on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/LiveJournal
Title: Follow us on Twitter

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/app/
Title: Applications

Search URL Search Domain Scan URL

URL: https://redirect.appmetrica.yandex.com/serve/675709703157784759
Title: iOS

Search URL Search Domain Scan URL

URL: https://redirect.appmetrica.yandex.com/serve/387479329824606650
Title: Android

Search URL Search Domain Scan URL

URL: https://appgallery.huawei.com/#/app/C101747491
Title: Huawei

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/betatest.bml
Title: v.503

Search URL Search Domain Scan URL

URL: https://news.livejournal.com/
Title: News

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/about/
Title: About

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/developer/extshare
Title: Button "Share"

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://www.tns-counter.ru/V13a***R%3E*sup_ru/ru/UTF-8/tmsec=lj_noncyr/722627774 HTTP 302
https://www.tns-counter.ru/V13b***R%3E*sup_ru/ru/UTF-8/tmsec=lj_noncyr/722627774

Request Chain 24

https://sb.scorecardresearch.com/b?c1=2&c2=10463284&ns__t=1629673832263&ns_c=UTF-8&cv=3.5&c8=nyholmballing%20-%20Profile&c7=https%3A%2F%2Fnyholmballing.livejournal.com%2Fprofile&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=10463284&ns__t=1629673832263&ns_c=UTF-8&cv=3.5&c8=nyholmballing%20-%20Profile&c7=https%3A%2F%2Fnyholmballing.livejournal.com%2Fprofile&c9=

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request profile Show response
nyholmballing.livejournal.com/ 312 KB
84 KB 189ms
77ms Document
text/html 81.19.74.1
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nyholmballing.livejournal.com/profile
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.74.1 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: livejournal.com
Software: nginx /
Resource Hash: c3383781226365b464bd3baf56834b1f2aa89e399350655788db06da6e29bc70

Request headers

Host: nyholmballing.livejournal.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Sun, 22 Aug 2021 23:10:32 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 85260
Connection: keep-alive
Keep-Alive: timeout=50
Referrer-Policy: no-referrer-when-downgrade
X-AWS-Id: kr-botws10
X-LJ-Flow-ID: YSLZOAobA1AAAAgrua0AAAAW
Vary: Accept-Encoding,ETag
Cache-Control: private, proxy-revalidate
Content-MD5: lop1Q5HtnwQBxnBHuiDSUg
Content-Encoding: gzip
X-Varnish: 79496909 60051389
Age: 47
X-VWS-Id: os-varn01.lj.rambler.tech
ETag: GgZzlop1Q5HtnwQBxnBHuiDSUg
Accept-Ranges: bytes

GET capirs_async.js
ssp.rambler.ru/ 0
0

GET /
l-stat.livejournal.net/ 0
0

GET /
l-stat.livejournal.net/js/ 0
0

GET
H2 200 sdk.js Show response
vp.rambler.ru/player/ 136 KB
41 KB 169ms
79ms Script
application/javascript 81.19.87.48
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vp.rambler.ru/player/sdk.js
Requested by: Host: nyholmballing.livejournal.com
URL: https://nyholmballing.livejournal.com/profile
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.87.48 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: apl.rambler-co.ru
Software: nginx /
Resource Hash: e30ca74a83bfd59c990a1ec3fa121bc6c675f3c1ba6378c4078450f8f9e650f6

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-bytes-rcv: 0
date: Sun, 22 Aug 2021 23:10:32 GMT
content-encoding: br
x-upstream-addr: 10.136.28.29:80
age: 3549
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
x-upstream-responsetime: -3
x-varnish-hostname: cb57bbd3bcf9b7a988d53aa4ba029c04
x-upstream-headertime: 0
content-length: 40928
x-amz-request-id: 1acff141-0960-4ac2-96bb-260d1c6b4cf9
x-upstream-connecttime: 0
server: nginx
etag: "442b4587af7fe695d585d1d88c8fcd91"
vary: Accept, Origin
x-varnish: 1033509673 1031937034
via: 1.1 varnish (Varnish/6.1)
cache-control: max-age=300, public, max-age=300
x-bytes-snd: 0
accept-ranges: bytes
content-type: application/javascript
x-time: -3

GET
H/1.1 200
OK print-logo.png
l-stat.livejournal.net/img/schemius/ 2 KB
3 KB 22ms
6ms Image
image/png 104.111.243.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-stat.livejournal.net/img/schemius/print-logo.png?v=49361
Requested by: Host: nyholmballing.livejournal.com
URL: https://nyholmballing.livejournal.com/profile
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-243-126.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 96a72c16787d9e55cbe06f31bc91db028934a7ad24aad0e7ee7a7649a6b160ca

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 22 Aug 2021 23:10:32 GMT
Content-Encoding: gzip
ETag: GgZzYGcFKOznFaw7EFLw6wHnuA
X-VWS-Id: kr-varn07.lj.rambler.tech
X-Gateway: front09.lj.rambler.tech
Connection: keep-alive
Content-Length: 2249
X-remaining-TTL: 86388, 21625, 58320, 48068, 54485
Last-Modified: Thu, 01 Jan 1970 13:42:41 GMT
Server: nginx
X-LJ-Flow-ID: YFyVLQobAyUAAHfOY38AAAAA
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
X-Varnish: 84445690 77085969
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=54485
X-AWS-Id: kr-ws07
Accept-Ranges: bytes
Content-Type: image/png

GET
H/1.1 200
OK userinfo_v8.svg
l-stat.livejournal.net/img/ 1 KB
1 KB 21ms
5ms Image
image/svg+xml 104.111.243.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-stat.livejournal.net/img/userinfo_v8.svg?v=17080?v=503
Requested by: Host: nyholmballing.livejournal.com
URL: https://nyholmballing.livejournal.com/profile
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-243-126.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 535f067852f7f5964da5b260304a60715398e18537479480fedfa7cc535949ea

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 22 Aug 2021 23:10:32 GMT
Content-Encoding: gzip
X-LJ-Flow-ID: YR4Vw6wcAAIAAB3tKXgAAAAY
X-VWS-Id: kr-varn01.lj.rambler.tech
X-Gateway: front10.lj.rambler.tech
Connection: keep-alive
Content-Length: 523
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 01 Jan 1970 04:44:40 GMT
Server: nginx
ETag: GgZz3Lj/0Zs7IF/99OqziMt7VA
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
X-Varnish: 190601469 319490469
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=85349
X-AWS-Id: 3dt-ws11
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-remaining-TTL: 85349

GET
H/1.1 200
OK user.gif
l-stat.livejournal.net/img/profile_icons/ 1 KB
2 KB 21ms
6ms Image
image/gif 104.111.243.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-stat.livejournal.net/img/profile_icons/user.gif?v=14273
Requested by: Host: nyholmballing.livejournal.com
URL: https://nyholmballing.livejournal.com/profile
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-243-126.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7f9d52b861eab9f5d5f282f73b554bd9178240412780f70d1fa8b7267cd9f2db

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 22 Aug 2021 23:10:32 GMT
Content-Encoding: gzip
ETag: GgZzTuG81pLe19AYYpe91+bP0Q
X-VWS-Id: kr-varn03.lj.rambler.tech
X-Gateway: front01.lj.rambler.tech
Connection: keep-alive
Content-Length: 1389
X-remaining-TTL: 29185, 14009, 86400, 75895, 30398
Last-Modified: Thu, 01 Jan 1970 03:57:53 GMT
Server: nginx
X-LJ-Flow-ID: YFybXgobAzQAABF46TUAAAAF
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
X-Varnish: 9873271 3213148
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30398
X-AWS-Id: kr-ws22
Accept-Ranges: bytes
Content-Type: image/gif

GET
H/1.1 200
OK /
xc3.services.livejournal.com/ljcounter/ 35 B
704 B 151ms
43ms Image
image/gif 81.19.74.1
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xc3.services.livejournal.com/ljcounter/?d=srv:kr-botws10,r:0,j:88936150,p:88936150,uri:%22%2Fprofile%22,vig:0,extra:

Requested by

Host: nyholmballing.livejournal.com
URL: https://nyholmballing.livejournal.com/profile

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

81.19.74.1 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),

Reverse DNS

livejournal.com

Software

nginx /

Resource Hash

3992b901546ef4e2685680badcd372d0834724caf9b1c95ea0f1e7c4ce6e5bc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 22 Aug 2021 23:10:32 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000;
Access-Control-Allow-Methods: GET, OPTIONS, POST, PUT, DELETE, HEAD
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: accept, x-custom-parameter, content-type, x-request-id, authorization, accept-language, accept-charset, pragma, user-agent
Content-Length: 35
Keep-Alive: timeout=50

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: nyholmballing.livejournal.com
URL: https://nyholmballing.livejournal.com/profile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 7011
date: Sun, 22 Aug 2021 21:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Sun, 22 Aug 2021 23:13:41 GMT

GET
H2 200 AGSKWxW4FWZuUtdQFTVPtyUM4nsYfj3wG8QdpDhzmDLVqXGEglR_b97iM8a5aTdO549-sZ58LY6aha4qN4XrLBOqmT8= Show response
fundingchoicesmessages.google.com/f/ 96 KB
35 KB 60ms
36ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW4FWZuUtdQFTVPtyUM4nsYfj3wG8QdpDhzmDLVqXGEglR_b97iM8a5aTdO549-sZ58LY6aha4qN4XrLBOqmT8=

Requested by

Host: nyholmballing.livejournal.com
URL: https://nyholmballing.livejournal.com/profile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ed23ce966d0b39371ff3f1fdf0640af641bbc46c1bbc5aa6f4eac21a13bf3dfd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7mjXMuaoSPYP7aS0gIqA5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-7mjXMuaoSPYP7aS0gIqA5w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Aug 2021 23:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-7mjXMuaoSPYP7aS0gIqA5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-7mjXMuaoSPYP7aS0gIqA5w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 39ms
10ms Script
application/javascript 13.224.102.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: nyholmballing.livejournal.com
URL: https://nyholmballing.livejournal.com/profile
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-122.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 22:54:43 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 949
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: bYTan9CsB3v93EWcl7qrBWX10oa-dRru2z2h8fKaYISSIP19e-EHzg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 94 KB
37 KB 37ms
16ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KJBSQR

Requested by

Host: nyholmballing.livejournal.com
URL: https://nyholmballing.livejournal.com/profile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7cb60be0b775cb17a2708a7feb7f8ce2b6bb1979339fe3f10bec5cb36d20ffa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 23:10:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37011
x-xss-protection: 0
last-modified: Sun, 22 Aug 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 22 Aug 2021 23:10:32 GMT

GET
H2 200 Counseling%20Center%202020.png
www.lasc.edu/_resources/images/ 586 KB
586 KB 532ms
165ms Image
image/png 13.83.132.107
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lasc.edu/_resources/images/Counseling%20Center%202020.png
Requested by: Host: nyholmballing.livejournal.com
URL: https://nyholmballing.livejournal.com/profile
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.83.132.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2ba32db87e3200cf03d1b0cd0859319d32a9ab5e6be815685c1e5784113195e9

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 23:10:32 GMT
last-modified: Fri, 13 Mar 2020 14:38:42 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "433ff11745f9d51:0"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 600018

GET
H2 403 DSC_2006.JPG
www.security-guard.ca/wp-content/uploads/2015/01/ 0
0 43ms
11ms Image
text/html 2606:4700:3035::ac43:ccdd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.security-guard.ca/wp-content/uploads/2015/01/DSC_2006.JPG
Requested by: Host: nyholmballing.livejournal.com
URL: https://nyholmballing.livejournal.com/profile
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:ccdd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK Header-Office-of-Special-ServicesW.jpg
www.lacitycollege.edu/LACC/media/Welcome-Center/ 128 KB
128 KB 969ms
313ms Image
image/jpeg 207.62.77.103
CSUNET-NW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lacitycollege.edu/LACC/media/Welcome-Center/Header-Office-of-Special-ServicesW.jpg

Requested by

Host: nyholmballing.livejournal.com
URL: https://nyholmballing.livejournal.com/profile

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

207.62.77.103 , United States, ASN2152 (CSUNET-NW, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

a04d0c5d8f2962f5dc68527802019df8a620892b2ff0678ce6e6e3a005003daf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 22 Aug 2021 23:08:09 GMT
Last-Modified: Sat, 29 Apr 2017 00:24:28 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "e1f9c6f67ec0d21:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 130807

GET
H2

200

722627774
www.tns-counter.ru/V13b***R%3E*sup_ru/ru/UTF-8/tmsec=lj_noncyr/
Redirect Chain

https://www.tns-counter.ru/V13a***R%3E*sup_ru/ru/UTF-8/tmsec=lj_noncyr/722627774
https://www.tns-counter.ru/V13b***R%3E*sup_ru/ru/UTF-8/tmsec=lj_noncyr/722627774

43 B
296 B

42ms
42ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b***R%3E*sup_ru/ru/UTF-8/tmsec=lj_noncyr/722627774
Requested by: Host: nyholmballing.livejournal.com
URL: https://nyholmballing.livejournal.com/profile
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.2.9/1.20.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Aug 2021 23:10:32 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.2.9/1.20.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Sun, 22 Aug 2021 23:10:32 GMT
server: ms-counter-3.2.9/1.20.1
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://www.tns-counter.ru/V13b***R%3E*sup_ru/ru/UTF-8/tmsec=lj_noncyr/722627774
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 top100.js Show response
st.top100.ru/top100/ 158 KB
53 KB 175ms
88ms Script
application/javascript 81.19.89.17
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://st.top100.ru/top100/top100.js
Requested by: Host: nyholmballing.livejournal.com
URL: https://nyholmballing.livejournal.com/profile
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.89.17 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: b7fd098062298a75a840519701d887c9a7aa72dbc4902a318538624d77e43324

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 23:10:32 GMT
content-encoding: gzip
last-modified: Tue, 17 Aug 2021 11:16:43 GMT
server: nginx/1.19.4
etag: W/"611b9a9b-27976"
vary: Accept-Encoding
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: max-age=3600
content-type: application/javascript
expires: Mon, 23 Aug 2021 00:10:32 GMT

GET
H/1.1 200
OK 001001.gif
awaps.yandex.ru/0/9999/ 43 B
303 B 159ms
61ms Image
image/gif 2a02:6b8::131
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awaps.yandex.ru/0/9999/001001.gif?0-0-27076-0-&timestamp=27076&awcode=6&subsection=0

Requested by

Host: nyholmballing.livejournal.com
URL: https://nyholmballing.livejournal.com/profile

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::131 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 22 Aug 2021 23:10:32 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=5
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
P3P: CP="NOI DEVa TAIa OUR BUS UNI STA"

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: nyholmballing.livejournal.com
URL: https://nyholmballing.livejournal.com/profile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

525f091870c1282bb4823f9e64192983f1652a3bbc84c97ca5e6c4f063ca6e82

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25940
x-xss-protection: 0
pragma: public
x-fb-debug: P6gcp9bIU9v4XvNyedQ7hrG4UUQQz18Cz+WEqpfQG8uAubkajIVpCR2WJ92kOvkkdvHE0v1090OuBpJroE6OLA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 22 Aug 2021 23:10:32 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 openapi.js Show response
vk.com/js/api/ 100 KB
22 KB 102ms
33ms Script
application/x-javascript 87.240.190.78
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?168
Requested by: Host: nyholmballing.livejournal.com
URL: https://nyholmballing.livejournal.com/profile
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS: srv78-190-240-87.vk.com
Software: kittenx /
Resource Hash: 4a59afde8e0c966992b4cf31107f3e706e78572223f8f28162c218673bf7a71b

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 23:10:32 GMT
content-encoding: br
x-frontend: front226205
last-modified: Tue, 15 Jun 2021 09:11:55 GMT
server: kittenx
etag: "60c86edb-5802"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 22530
expires: Thu, 26 Aug 2021 23:10:32 GMT

GET
H2 200 recommender.js Show response
rcmjs.rambler.ru/static/ 51 KB
17 KB 176ms
43ms Script
application/javascript 91.192.150.38
BEGUN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rcmjs.rambler.ru/static/recommender.js

Requested by

Host: nyholmballing.livejournal.com
URL: https://nyholmballing.livejournal.com/profile

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.192.150.38 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

rcm.rambler.ru

Software

nginx /

Resource Hash

696c9b5b7934bb9098c84173256663b86d303d0a465eec234e42c949c748a780

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 23:10:32 GMT
content-encoding: gzip
last-modified: Mon, 16 Aug 2021 07:35:04 GMT
server: nginx
etag: W/"611a1528-cc63"
strict-transport-security: max-age=0
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
cache-control: max-age=3600, must-revalidate
x-passed: 0bal1
content-type: application/javascript

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=10463284&ns__t=1629673832263&ns_c=UTF-8&cv=3.5&c8=nyholmballing%20-%20Profile&c7=https%3A%2F%2Fnyholmballing.livejournal.com%2Fprofile&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=10463284&ns__t=1629673832263&ns_c=UTF-8&cv=3.5&c8=nyholmballing%20-%20Profile&c7=https%3A%2F%2Fnyholmballing.livejournal.com%2Fprofile&c9=

64 B
329 B

26ms
26ms

Image
image/gif

13.224.102.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=10463284&ns__t=1629673832263&ns_c=UTF-8&cv=3.5&c8=nyholmballing%20-%20Profile&c7=https%3A%2F%2Fnyholmballing.livejournal.com%2Fprofile&c9=
Requested by: Host: nyholmballing.livejournal.com
URL: https://nyholmballing.livejournal.com/profile
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-122.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 23:10:32 GMT
via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: aX41GKyWx6Glrucm8iVIyBfSbc8mRd2siVEsxP9oKGa4hDtqjasC0w==

Redirect headers

date: Sun, 22 Aug 2021 23:10:32 GMT
via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=10463284&ns__t=1629673832263&ns_c=UTF-8&cv=3.5&c8=nyholmballing%20-%20Profile&c7=https%3A%2F%2Fnyholmballing.livejournal.com%2Fprofile&c9=
content-length: 204
x-amz-cf-id: sOEULLXZV0iOYfPY3JO3iLffIPXjWAtHgnvqe9MHppThPSJU5GgVPg==

POST
H3-29 204 AGSKWxU_rbiFLrpMK7gKRFutigS6wxZm-TuRFtVrzEE07PmO9Fmske7iLwOTyLRAiQqQWTcZSJfsYcscFmYj5wHeo1c= Show response
fundingchoicesmessages.google.com/el/ 0
27 B 34ms
20ms XHR
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU_rbiFLrpMK7gKRFutigS6wxZm-TuRFtVrzEE07PmO9Fmske7iLwOTyLRAiQqQWTcZSJfsYcscFmYj5wHeo1c=?pvid=9821FA6B-3370-4B55-8976-8BF23E82B16E&anonid=F8B52BF4-E8F2-4032-8397-82CE2D02DB4F

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.sMcRJ6zYHUg.es5.O/d=1/rs=AJlcJMw427_YWFF5zwCZTl93xE5Y2BtUWA/m=loader_js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uDnBQIEZp88wqIuJQvSKXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-uDnBQIEZp88wqIuJQvSKXQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 22 Aug 2021 23:10:32 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://nyholmballing.livejournal.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-uDnBQIEZp88wqIuJQvSKXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-uDnBQIEZp88wqIuJQvSKXQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 AGSKWxUurmlui__NopgOw3q2hzLpsO1UKH_yRC_scLNah72Dsq7N8ufEL2Tj5l4TFi3rnT3eNxT1XoYyDVOAXJSKISU= Show response
fundingchoicesmessages.google.com/f/ 88 KB
32 KB 53ms
39ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUurmlui__NopgOw3q2hzLpsO1UKH_yRC_scLNah72Dsq7N8ufEL2Tj5l4TFi3rnT3eNxT1XoYyDVOAXJSKISU=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjI5NjczODMyLDMxMzAwMDAwMF0sIjk4MjFGQTZCLTMzNzAtNEI1NS04OTc2LThCRjIzRTgyQjE2RSIsIkY4QjUyQkY0LUU4RjItNDAzMi04Mzk3LTgyQ0UyRDAyREI0RiIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL255aG9sbWJhbGxpbmcubGl2ZWpvdXJuYWwuY29tL3Byb2ZpbGUiXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.sMcRJ6zYHUg.es5.O/d=1/rs=AJlcJMw427_YWFF5zwCZTl93xE5Y2BtUWA/m=loader_js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5cecac9d8f05ec767cbb202b5c27ea9e7bc257fe2c66a20b2d9c598c888f1c3c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zpAJ8jdmXMQ/9/uqnE3e3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-zpAJ8jdmXMQ/9/uqnE3e3A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Aug 2021 23:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-zpAJ8jdmXMQ/9/uqnE3e3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-zpAJ8jdmXMQ/9/uqnE3e3A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 2982212878480459 Show response
connect.facebook.net/signals/config/ 254 KB
73 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2982212878480459?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5bdff28fb6981c5a0e5dce9e80de75089a25b901fb51a4209029c84329654511

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74211
x-xss-protection: 0
pragma: public
x-fb-debug: EfWlSKyoYcWCfDbXZRdc3A0rQvyuM7P8/uLxPiC9MBc5cEeYh8riC016oR5rUVjWgBUMFFXiHQLYtBb35m6V/Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 22 Aug 2021 23:10:32 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 18ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2982212878480459&ev=PageView&dl=https%3A%2F%2Fnyholmballing.livejournal.com%2Fprofile&rl=&if=false&ts=1629673832361&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1629673832360.1417642704&it=1629673832322&coo=false&rqm=GET

Requested by

Host: nyholmballing.livejournal.com
URL: https://nyholmballing.livejournal.com/profile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 23:10:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 22 Aug 2021 23:10:32 GMT

GET
H2 200 rtrg
vk.com/ 49 B
445 B 40ms
39ms Image
image/gif 87.240.190.78
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/rtrg?p=VK-RTRG-491315-al132&metatag_url=https%3A%2F%2Fnyholmballing.livejournal.com%2Fprofile&metatag_title=nyholmballing%20-%20Profile

Requested by

Host: nyholmballing.livejournal.com
URL: https://nyholmballing.livejournal.com/profile

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv78-190-240-87.vk.com

Software

kittenx / KPHP/7.4.108298

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 23:10:32 GMT
content-encoding: gzip
x-frontend: front226205
server: kittenx
x-powered-by: KPHP/7.4.108298
strict-transport-security: max-age=15768000
content-type: image/gif
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 65

GET
H2 200 usability.js Show response
st.top100.ru/top100/1.19.1/ 16 KB
7 KB 42ms
41ms Script
application/javascript 81.19.89.17
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://st.top100.ru/top100/1.19.1/usability.js
Requested by: Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.89.17 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: 5d3386aa1375c83adfc8e3c111267392a6090e9d37a88430d6b634728b7ddc4b

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-bytes-rcv: 0
date: Sun, 22 Aug 2021 23:10:32 GMT
content-encoding: br
x-upstream-addr: 10.136.24.44:80
age: 3502
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
x-upstream-responsetime: -1
x-varnish-hostname: fb048d08da58cc88b746725af521d114
x-upstream-headertime: 0
content-length: 6701
x-amz-request-id: f299baf4-449e-4ed3-8e45-6b85c082a2f2
x-upstream-connecttime: 1
server: nginx/1.19.4
etag: "f63dca9a1f1545dc402c1978ca1e6106"
vary: Accept, Origin
x-varnish: 1019418029 1016168077
via: 1.1 varnish (Varnish/6.1)
x-bytes-snd: 0
accept-ranges: bytes
content-type: application/javascript
x-time: 0

GET
H2 200 media.js Show response
st.top100.ru/top100/1.19.1/ 17 KB
8 KB 42ms
42ms Script
application/javascript 81.19.89.17
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://st.top100.ru/top100/1.19.1/media.js
Requested by: Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.89.17 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: b1bc5445f2bbe4f3ab4513cb13e6b4e375b098d406ee4b4aced955b0d75348ad

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-bytes-rcv: 0
date: Sun, 22 Aug 2021 23:10:32 GMT
content-encoding: br
x-upstream-addr: 10.144.36.20:80
age: 2564
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
x-upstream-responsetime: -4
x-varnish-hostname: cb57bbd3bcf9b7a988d53aa4ba029c04
x-upstream-headertime: 1
content-length: 7141
x-amz-request-id: 085089ff-e18c-4eb5-9e7b-2e511d01c9ea
x-upstream-connecttime: 0
server: nginx/1.19.4
etag: "fa1b716d48d30cca6b96ccac5ff61d18"
vary: Accept, Origin
x-varnish: 294801153 294209483
via: 1.1 varnish (Varnish/6.1)
x-bytes-snd: 0
accept-ranges: bytes
content-type: application/javascript
x-time: -3

GET
H2 200 userip Show response
kraken.rambler.ru/ 13 B
428 B 133ms
41ms XHR
text/plain 81.19.89.17
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kraken.rambler.ru/userip
Requested by: Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.17 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: 3ebc5aaad8d6b83408eae5c19a5f1d3801f14c9db754a3dad171fd4730bb42bc

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://nyholmballing.livejournal.com
date: Sun, 22 Aug 2021 23:10:32 GMT
x-srv: 1node0044.top100.rambler.tech
content-type: application/octet-stream, text/plain
content-length: 13
server: nginx/1.19.4
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"

GET
H2 200 /
kraken.rambler.ru/cnt/ 43 B
584 B 128ms
43ms Image
image/gif 81.19.89.17
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/?et=pv&pid=1111412&rid=1629673832.479-1350352375&tid=t1.1111412.2096992998.1629673832480&v=1.19.1&exp=exp_bot%2Csplit_b%2Cexp_ab3%2Cc%2Cexp_intl_retry%2Csplit_z&rn=1694397774&bs=1600x1200&ce=1&rf&en=UTF-8&pt=nyholmballing%20-%20Profile&sr=1600x1200&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=-120&fv&sv&lv&cv=uid&url=https%3A%2F%2Fnyholmballing.livejournal.com%2Fprofile&eid=6933738324858604&fid=pA8AAN9Js1cw9pWKAcd2DQA%3D&fip=pA8AAN9Js1ewhlHBAZH%2BfAA%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.17 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Aug 2021 23:10:32 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: no-cache
x-srv: 2node0043.top100.rambler.tech
access-control-allow-credentials: true
content-type: image/gif, image/gif
access-control-allow-headers: content-type
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H3-29 200 /
www.facebook.com/tr/ 0
18 B 13ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarydzZe3hHtBWRpLq1e

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Sun, 22 Aug 2021 23:10:32 GMT
content-type: text/plain
access-control-allow-origin: https://nyholmballing.livejournal.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H3-29 200 _ Show response
fundingchoicesmessages.google.com/f/AGSKWxVTKMmzybLIMqW7bfvp_n9sbFHzrRP8SWFlEgz1QVn5XHWVTAb73TE1IMPSo61yGhogNnW--lbWmEywcHdxLlwMusnpRg8mFcoIhNwO2m6b5fVnDUfG9vSPbJhfBc0prBl80IryhXWPYj15XX9vc6wIu7rhT... 54 B
107 B 21ms
20ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVTKMmzybLIMqW7bfvp_n9sbFHzrRP8SWFlEgz1QVn5XHWVTAb73TE1IMPSo61yGhogNnW--lbWmEywcHdxLlwMusnpRg8mFcoIhNwO2m6b5fVnDUfG9vSPbJhfBc0prBl80IryhXWPYj15XX9vc6wIu7rhTzAxcKp6tpa9jb0FX4L_VK2LKqkKbk6VN582BheggOThU3GOVIEGFXqI502-znrIadkB2IYHA2hwBBKgkAY=/_?module=ads//leaderad./badge_ad_/336x280.315px;)

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.80n1mLWjCNg.es5.O/d=1/rs=AJlcJMwEBjJUS5dvlViUtOPBhXs2aUmXAA/m=detection

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4e4aef3e544041af34cbf3903c54511548c5e485fed8bb0502c6b94b46c1258e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5nut0Jks0O8HWHFr/viv4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-5nut0Jks0O8HWHFr/viv4A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 23:10:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-5nut0Jks0O8HWHFr/viv4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-5nut0Jks0O8HWHFr/viv4A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 56 KB
22 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b5bff9984f72badd18aadc3b57f4c0198e3d8c2b80454c3155a005ddb6185d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 22:57:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 755
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21542
x-xss-protection: 0
server: cafe
etag: 13566247180148098686
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 22 Aug 2021 23:57:58 GMT

POST
H3-29 204 AGSKWxUyAjyln_kz_vsNPh04_RUjJMq2O1CQhSr3vxYrR4Ry436NUJiTR8seatWxG6NqIWjl5kGLMEmLsMHQDpPnc-5rM783yKN9WJkTD1SJpc7BEKt8daRDQDXWqHxoCN9WZICOHr1CWqLkkbX3sw_Pmi32muSXfoWRfgVS41dyuIh5F7SQ9fh-A3ahiHdf Show response
fundingchoicesmessages.google.com/el/ 0
26 B 21ms
21ms XHR
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUyAjyln_kz_vsNPh04_RUjJMq2O1CQhSr3vxYrR4Ry436NUJiTR8seatWxG6NqIWjl5kGLMEmLsMHQDpPnc-5rM783yKN9WJkTD1SJpc7BEKt8daRDQDXWqHxoCN9WZICOHr1CWqLkkbX3sw_Pmi32muSXfoWRfgVS41dyuIh5F7SQ9fh-A3ahiHdf

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LvhgYd0Fhur6uK9su1g+eA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-LvhgYd0Fhur6uK9su1g+eA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 22 Aug 2021 23:10:33 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://nyholmballing.livejournal.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-LvhgYd0Fhur6uK9su1g+eA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-LvhgYd0Fhur6uK9su1g+eA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 AGSKWxUyAjyln_kz_vsNPh04_RUjJMq2O1CQhSr3vxYrR4Ry436NUJiTR8seatWxG6NqIWjl5kGLMEmLsMHQDpPnc-5rM783yKN9WJkTD1SJpc7BEKt8daRDQDXWqHxoCN9WZICOHr1CWqLkkbX3sw_Pmi32muSXfoWRfgVS41dyuIh5F7SQ9fh-A3ahiHdf Show response
fundingchoicesmessages.google.com/el/ 0
26 B 34ms
33ms XHR
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oxpT3di9nPiRubUkMXDgkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-oxpT3di9nPiRubUkMXDgkw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 22 Aug 2021 23:10:33 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://nyholmballing.livejournal.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-oxpT3di9nPiRubUkMXDgkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-oxpT3di9nPiRubUkMXDgkw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 AGSKWxUyAjyln_kz_vsNPh04_RUjJMq2O1CQhSr3vxYrR4Ry436NUJiTR8seatWxG6NqIWjl5kGLMEmLsMHQDpPnc-5rM783yKN9WJkTD1SJpc7BEKt8daRDQDXWqHxoCN9WZICOHr1CWqLkkbX3sw_Pmi32muSXfoWRfgVS41dyuIh5F7SQ9fh-A3ahiHdf Show response
fundingchoicesmessages.google.com/el/ 0
27 B 30ms
30ms XHR
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-M0JSRvW480ajAlAniFP/nA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-M0JSRvW480ajAlAniFP/nA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 22 Aug 2021 23:10:33 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://nyholmballing.livejournal.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-M0JSRvW480ajAlAniFP/nA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-M0JSRvW480ajAlAniFP/nA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 AGSKWxXza7w_cQN4r_0fegviHOBZSry2svW13gGDPGjWaL-Lxv3PAjYiScTb4wOUx31a9-FVp-GqXeDFiSampWZpjAmQXehcPzESYVa3ZFeTdZdQBgCcJlINabJaU6KZd3PEUaYSYVXVd6sBk9u6MTZ5olfAnpCR6C4sa8E1dg_-1Rlmew3yp-9X61Y5jH4W Show response
fundingchoicesmessages.google.com/f/ 70 KB
26 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXza7w_cQN4r_0fegviHOBZSry2svW13gGDPGjWaL-Lxv3PAjYiScTb4wOUx31a9-FVp-GqXeDFiSampWZpjAmQXehcPzESYVa3ZFeTdZdQBgCcJlINabJaU6KZd3PEUaYSYVXVd6sBk9u6MTZ5olfAnpCR6C4sa8E1dg_-1Rlmew3yp-9X61Y5jH4W?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjI5NjczODMzLDUxMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbMSxbNyw2XV0sImh0dHBzOi8vbnlob2xtYmFsbGluZy5saXZlam91cm5hbC5jb20vcHJvZmlsZSJd

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4e5ce6356e173d1fc5e1392be5a4d6682f56e28f200609a90f033a7d32a05900

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JPT1a/2894iZ8xvEW4rfhQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-JPT1a/2894iZ8xvEW4rfhQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 23:10:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-JPT1a/2894iZ8xvEW4rfhQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-JPT1a/2894iZ8xvEW4rfhQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 AGSKWxUyAjyln_kz_vsNPh04_RUjJMq2O1CQhSr3vxYrR4Ry436NUJiTR8seatWxG6NqIWjl5kGLMEmLsMHQDpPnc-5rM783yKN9WJkTD1SJpc7BEKt8daRDQDXWqHxoCN9WZICOHr1CWqLkkbX3sw_Pmi32muSXfoWRfgVS41dyuIh5F7SQ9fh-A3ahiHdf Show response
fundingchoicesmessages.google.com/el/ 0
26 B 42ms
42ms XHR
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qdaT3ayAVaGW9qfXVoE+Xg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-qdaT3ayAVaGW9qfXVoE+Xg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 22 Aug 2021 23:10:33 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://nyholmballing.livejournal.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-qdaT3ayAVaGW9qfXVoE+Xg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-qdaT3ayAVaGW9qfXVoE+Xg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 AGSKWxU_El__0QsprUZmmpl7S7aIj7spHsE-EIGHwJ3RccgRBQerR8__IRKK19MTdjsmpM0m1mjnOI8TT70UYRAR8yZCspgMwLCvyKAVvuRXbRfcTWQ27bt9ixhGAId_CEegTWEruKNPPF1kdaNr9r1M4AmoObU3vlqu2SDLSDI2r8QZ2BvAqT2PFrkewlg6 Show response
fundingchoicesmessages.google.com/el/ 0
27 B 19ms
19ms XHR
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU_El__0QsprUZmmpl7S7aIj7spHsE-EIGHwJ3RccgRBQerR8__IRKK19MTdjsmpM0m1mjnOI8TT70UYRAR8yZCspgMwLCvyKAVvuRXbRfcTWQ27bt9ixhGAId_CEegTWEruKNPPF1kdaNr9r1M4AmoObU3vlqu2SDLSDI2r8QZ2BvAqT2PFrkewlg6

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.en_US.CuRoWxQgN8s.es5.O/d=1/rs=AJlcJMwMFXxFL9oeUB34r4ZXTFsNsH4Thg/m=cookie_refresh

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cp9JgU9FXkwio9rk//3yaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-cp9JgU9FXkwio9rk//3yaw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 22 Aug 2021 23:10:33 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://nyholmballing.livejournal.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-cp9JgU9FXkwio9rk//3yaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-cp9JgU9FXkwio9rk//3yaw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 AGSKWxU_El__0QsprUZmmpl7S7aIj7spHsE-EIGHwJ3RccgRBQerR8__IRKK19MTdjsmpM0m1mjnOI8TT70UYRAR8yZCspgMwLCvyKAVvuRXbRfcTWQ27bt9ixhGAId_CEegTWEruKNPPF1kdaNr9r1M4AmoObU3vlqu2SDLSDI2r8QZ2BvAqT2PFrkewlg6 Show response
fundingchoicesmessages.google.com/el/ 0
27 B 55ms
55ms XHR
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hCb+Wb8ikwYey4nICjEsvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-hCb+Wb8ikwYey4nICjEsvw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 22 Aug 2021 23:10:33 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://nyholmballing.livejournal.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-hCb+Wb8ikwYey4nICjEsvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-hCb+Wb8ikwYey4nICjEsvw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 AGSKWxU_El__0QsprUZmmpl7S7aIj7spHsE-EIGHwJ3RccgRBQerR8__IRKK19MTdjsmpM0m1mjnOI8TT70UYRAR8yZCspgMwLCvyKAVvuRXbRfcTWQ27bt9ixhGAId_CEegTWEruKNPPF1kdaNr9r1M4AmoObU3vlqu2SDLSDI2r8QZ2BvAqT2PFrkewlg6 Show response
fundingchoicesmessages.google.com/el/ 0
26 B 55ms
55ms XHR
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9hVEcf/qmdSCm9yQYBpIXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-9hVEcf/qmdSCm9yQYBpIXQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://nyholmballing.livejournal.com/profile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 22 Aug 2021 23:10:33 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://nyholmballing.livejournal.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-9hVEcf/qmdSCm9yQYBpIXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-9hVEcf/qmdSCm9yQYBpIXQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js

Domain: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/??schemius_v4/header_v5.css,schemius_v4/header_v5-adaptive.css,schemius_v4/header-journal.css,schemius_v4/header-journal-adaptive.css,lj-basestrap.css,lj-basestrap-app.css,flatbutton.css,svg/flaticon.css,svg/headerextra.css,medius/scheme/components.css,core/components/basepopup.css,core/components/lightcontrols.css,popup/popup-suggestion.css,popup/popup-trump.css,popup/popup-map-invite.css,notifications/list.css,schemius_v4/asap-news.css,schemius_v4/normalize.css,schemius_v4/layout.css,schemius_v4/print.css?v=1629472876

Domain: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/??profile/profile-v3.css,ljuser/ljuser_light.css,menu_v2.css,popup/popupus.css,popup/popupus-blue.css,widgets/filter-settings.css,widgets/rutos.css,widgets/likes.css,widgets/login_v2.css,msgsystem.css?v=1629472876

Domain: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/??svg/headerextra.css,proximanova-opentype.css?v=1629472876

Domain: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1629472876

Domain: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/js/??profile/main.js,profile_new.js,scheme/schemius.js,widgets/angular/login.js,scheme/medius.js?v=1629472876

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.livejournal.com/	1970-01-20 05:26:49	Name: FCNEC Value: [["AKsRol_Vy60hxE73wrRyn-5f2CeU_7cpSmm-pGFSQ-gaGlWZHw-3EShU6zXwPolgjCGiT2cH4Dyswd5zO1COUVKG6ILHKIyLsQd1e5Z_-UWutp98PCRMbdJgOGHwJLPgGaXXGe5S6nhJEmaK1r4hUKD98c2Br-YE2Q=="],null]
.nyholmballing.livejournal.com/	1970-01-20 20:41:13	Name: last_visit Value: 1629666632483::1629673832483
.livejournal.com/	1970-01-19 21:24:25	Name: user-id_1.0.5_lr_lruid Value: pQ8AAGjZImEz%2BivZAdPMXwA%3D
.livejournal.com/	1970-01-20 20:41:13	Name: top100_id Value: t1.1111412.2096992998.1629673832480
.livejournal.com/	1970-01-19 22:50:49	Name: _fbp Value: fb.1.1629673832360.1417642704
.livejournal.com/	1970-01-20 06:02:49	Name: FCCDCF Value: [["AKsRol_Vy60hxE73wrRyn-5f2CeU_7cpSmm-pGFSQ-gaGlWZHw-3EShU6zXwPolgjCGiT2cH4Dyswd5zO1COUVKG6ILHKIyLsQd1e5Z_-UWutp98PCRMbdJgOGHwJLPgGaXXGe5S6nhJEmaK1r4hUKD98c2Br-YE2Q=="],null,["[[],[],[],[],null,null,true]",1629673833108]]
.livejournal.com/	1970-01-21 16:36:25	Name: ljprof Value: f56eaaf01c2f75f146122d95d1215423deb48c0bc4077d471

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

awaps.yandex.ru
connect.facebook.net
fundingchoicesmessages.google.com
kraken.rambler.ru
l-stat.livejournal.net
nyholmballing.livejournal.com
pagead2.googlesyndication.com
rcmjs.rambler.ru
sb.scorecardresearch.com
ssp.rambler.ru
st.top100.ru
vk.com
vp.rambler.ru
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.lacitycollege.edu
www.lasc.edu
www.security-guard.ca
www.tns-counter.ru
xc3.services.livejournal.com
l-stat.livejournal.net
ssp.rambler.ru
104.111.243.126
13.224.102.122
13.83.132.107
2001:6d0:4001::226
207.62.77.103
2606:4700:3035::ac43:ccdd
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::200e
2a02:6b8::131
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
81.19.74.1
81.19.87.48
81.19.89.17
87.240.190.78
91.192.150.38
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
2ba32db87e3200cf03d1b0cd0859319d32a9ab5e6be815685c1e5784113195e9
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3992b901546ef4e2685680badcd372d0834724caf9b1c95ea0f1e7c4ce6e5bc8
3ebc5aaad8d6b83408eae5c19a5f1d3801f14c9db754a3dad171fd4730bb42bc
4a59afde8e0c966992b4cf31107f3e706e78572223f8f28162c218673bf7a71b
4b5bff9984f72badd18aadc3b57f4c0198e3d8c2b80454c3155a005ddb6185d5
4e4aef3e544041af34cbf3903c54511548c5e485fed8bb0502c6b94b46c1258e
4e5ce6356e173d1fc5e1392be5a4d6682f56e28f200609a90f033a7d32a05900
525f091870c1282bb4823f9e64192983f1652a3bbc84c97ca5e6c4f063ca6e82
535f067852f7f5964da5b260304a60715398e18537479480fedfa7cc535949ea
5bdff28fb6981c5a0e5dce9e80de75089a25b901fb51a4209029c84329654511
5cecac9d8f05ec767cbb202b5c27ea9e7bc257fe2c66a20b2d9c598c888f1c3c
5d3386aa1375c83adfc8e3c111267392a6090e9d37a88430d6b634728b7ddc4b
696c9b5b7934bb9098c84173256663b86d303d0a465eec234e42c949c748a780
7cb60be0b775cb17a2708a7feb7f8ce2b6bb1979339fe3f10bec5cb36d20ffa1
7f9d52b861eab9f5d5f282f73b554bd9178240412780f70d1fa8b7267cd9f2db
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
96a72c16787d9e55cbe06f31bc91db028934a7ad24aad0e7ee7a7649a6b160ca
a04d0c5d8f2962f5dc68527802019df8a620892b2ff0678ce6e6e3a005003daf
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
b1bc5445f2bbe4f3ab4513cb13e6b4e375b098d406ee4b4aced955b0d75348ad
b7fd098062298a75a840519701d887c9a7aa72dbc4902a318538624d77e43324
c3383781226365b464bd3baf56834b1f2aa89e399350655788db06da6e29bc70
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e30ca74a83bfd59c990a1ec3fa121bc6c675f3c1ba6378c4078450f8f9e650f6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
ed23ce966d0b39371ff3f1fdf0640af641bbc46c1bbc5aa6f4eac21a13bf3dfd

nyholmballing.livejournal.com Open in urlscan Pro 81.19.74.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

46 Requests

87 %HTTPS

50 %IPv6

17 Domains

21 Subdomains

19 IPs

3 Countries

1227 kBTransfer

2315 kBSize

7 Cookies

33 Outgoing links

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

nyholmballing.livejournal.com Open in urlscan Pro
81.19.74.1 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

87 %
HTTPS

50 %
IPv6

17
Domains

21
Subdomains

19
IPs

3
Countries

1227 kB
Transfer

2315 kB
Size

7
Cookies

46 HTTP transactions
0 data transactions