urlscan.io logo urlscan.io
SecurityTrails logo

thelib.net Open in urlscan Pro
94.130.11.141  Public Scan

Go To Rescan Add Verdict Report
URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Submission: On November 28 via manual from RU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 57 IPs in 10 countries across 62 domains to perform 228 HTTP transactions. The main IP is 94.130.11.141, located in Falkenstein, Germany and belongs to HETZNER-AS Hetzner Online GmbH, DE. The main domain is thelib.net.
TLS certificate: Issued by R12 on November 16th 2025. Valid for: 3 months.
This is the only time thelib.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
45 94.130.11.141 24940 (HETZNER-A...)
1 142.250.186.106 15169 (GOOGLE)
6 77.88.55.88 13238 (YANDEX YA...)
1 95.181.182.182 210756 (EdgeCente...)
3 8 87.250.251.119 13238 (YANDEX YA...)
2 142.250.186.163 15169 (GOOGLE)
17 37.9.64.225 13238 (YANDEX YA...)
7 13 188.42.189.198 7979 (SERVERS-COM)
1 93.158.134.118 13238 (YANDEX YA...)
1 194.55.244.186 34959 (PROCLOUD ...)
2 3 193.3.184.90 50214 (QWARTA QW...)
3 5 37.0.127.87 61400 (NETRACK-A...)
1 195.209.109.24 52007 (ADRIVER L...)
1 188.114.97.3 13335 (CLOUDFLAR...)
2 3 45.139.25.121 34959 (PROCLOUD ...)
3 4 176.114.74.34 50340 (SELECTEL-...)
1 31.172.81.4 44066 (DE-FIRSTC...)
8 9 193.3.184.135 50214 (QWARTA QW...)
5 5 193.232.148.142 48061 (UMA-TECH-...)
1 1 178.170.196.247 208677 (CLOUDRU-A...)
2 151.236.71.142 204720 (CDNetwork...)
5 9 35.214.136.108 19527 (GOOGLE-2)
1 1 51.255.68.171 16276 (OVH OVH SAS)
2 2 34.1.1.166 15169 (GOOGLE)
4 5 194.55.244.179 34959 (PROCLOUD ...)
1 1 178.250.1.129 44788 (ASN-CRITE...)
2 168.119.72.236 24940 (HETZNER-A...)
6 6 31.172.81.146 44066 (DE-FIRSTC...)
4 4 89.108.120.68 197695 (AS-REGRU ...)
1 4 77.88.21.90 13238 (YANDEX YA...)
1 52.16.91.40 16509 (AMAZON-02)
2 2 31.172.81.170 44066 (DE-FIRSTC...)
12 95.163.41.56 47764 (VK-AS LLC VK)
5 87.250.251.15 13238 (YANDEX YA...)
2 4 194.226.130.226 52016 (ADFACT JS...)
1 87.228.3.219 49505 (SELECTEL ...)
1 5.101.37.37 201589 (EdgeAmLLC...)
2 51.89.9.251 16276 (OVH OVH SAS)
1 83.222.5.43 25532 (MASTERHOS...)
1 1 188.72.107.156 208677 (CLOUDRU-A...)
17 188.124.47.12 49505 (SELECTEL ...)
1 4 195.209.109.11 52007 (ADRIVER L...)
2 37.230.131.22 200197 (HYBRID-Po...)
4 4 157.90.94.85 24940 (HETZNER-A...)
2 2 217.66.147.38 29209 (SPBMTS-AS...)
3 3 217.66.147.42 29209 (SPBMTS-AS...)
4 4 185.65.149.228 51115 (HLL-AS HL...)
1 2 5.189.234.227 50340 (SELECTEL-...)
1 2 130.193.54.247 200350 (YandexClo...)
1 87.242.95.157 208677 (CLOUDRU-A...)
1 104.21.15.59 13335 (CLOUDFLAR...)
1 1 139.45.228.132 57304 (RETNRU-AS...)
1 1 37.48.253.136 50340 (SELECTEL-...)
2 2 37.0.127.208 61400 (NETRACK-A...)
3 83.222.105.118 42632 (MNOGOBYTE...)
1 194.85.16.27 8985 (MSK-IX_Se...)
1 93.95.102.105 48347 (MTW-AS JS...)
1 195.209.109.16 52007 (ADRIVER L...)
2 194.186.91.198 3216 (SOVAM-AS ...)
2 23.111.211.20 39134 (UNITEDNET...)
1 23.111.114.100 39134 (UNITEDNET...)
2 23.111.114.196 39134 (UNITEDNET...)
1 2 185.15.175.132 43226 (SAFEDATA ...)
1 188.72.109.13 208677 (CLOUDRU-A...)
1 23.111.115.236 39134 (UNITEDNET...)
4 194.186.91.197 ()
1 194.186.91.211 ()
1 91.238.111.224 ()
2 37.0.127.199 ()
2 194.226.130.227 ()
1 84.38.186.39 ()
1 104.26.1.235 ()
228 57
45    94.130.11.141 (Falkenstein, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.141.11.130.94.clients.your-server.de
thelib.net
1    142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net
fonts.googleapis.com
6    77.88.55.88 (Russian Federation)

ASN13238 (YANDEX YANDEX LLC, RU)
PTR: yandex.ru
yandex.ru
1    95.181.182.182 (Perm, Russian Federation)

ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU)
cdn.adfinity.pro
8    87.250.251.119 (Russian Federation)

ASN13238 (YANDEX YANDEX LLC, RU)
PTR: mc.yandex.ru
mc.yandex.ru
mc.yandex.com
2    142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net
fonts.gstatic.com
17    37.9.64.225 (Russian Federation)

ASN13238 (YANDEX YANDEX LLC, RU)
PTR: cloud.cdn.yandex.net
yastatic.net
13    188.42.189.198 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    93.158.134.118 (Russian Federation)

ASN13238 (YANDEX YANDEX LLC, RU)
PTR: matchid-production.adfox.yandex.ru
matchid.adfox.yandex.ru
1    194.55.244.186 (Moscow, Russian Federation)

ASN34959 (PROCLOUD KVIKTEL LLC, RU)
yhb.p.otm-r.com
3    193.3.184.90 (Russian Federation)

ASN50214 (QWARTA QWARTA LLC, RU)
ssp-rtb.sape.ru
5    37.0.127.87 (Moscow, Russian Federation)

ASN61400 (NETRACK-AS Start2 LLC, RU)
PTR: s18.kimberlie.io
kimberlite.io
1    195.209.109.24 (Russian Federation)

ASN52007 (ADRIVER LLC AdRiver, RU)
pb.adriver.ru
1    188.114.97.3 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
pbs.alfasense.com
3    45.139.25.121 (Moscow, Russian Federation)

ASN34959 (PROCLOUD KVIKTEL LLC, RU)
ssp.al-adtech.com
4    176.114.74.34 (Moscow, Russian Federation)

ASN50340 (SELECTEL-MSK JSC Selectel, RU)
exchange.buzzoola.com
1    31.172.81.4 (Germany)

ASN44066 (DE-FIRSTCOLO firstcolo GmbH, DE)
hb.bumlam.com
9    193.3.184.135 (Russian Federation)

ASN50214 (QWARTA QWARTA LLC, RU)
PTR: asrv319.qwarta.ru
acint.net
mc.acint.net
www.acint.net
5    193.232.148.142 (Russian Federation)

ASN48061 (UMA-TECH-AS Limited Liability Company GPM Digital Technologies, RU)
PTR: smtp3.sender.ltmse.com
px.adhigh.net
1    178.170.196.247 (Russian Federation)

ASN208677 (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru, RU)
PTR: fr12.segmento.ru
rutarget.ru
2    151.236.71.142 (Germany)

ASN204720 (CDNetworks GLOBAL CLOUD NETWORK LLC, RU)
cache.betweendigital.com
9    35.214.136.108 (Groningen, Netherlands)

ASN19527 (GOOGLE-2, US)
PTR: 108.136.214.35.bc.googleusercontent.com
x.bidswitch.net
1    51.255.68.171 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3028611.ip-51-255-68.eu
dsp.nrich.ai
2    34.1.1.166 (Paris, France)

ASN15169 (GOOGLE, US)
PTR: 166.1.1.34.bc.googleusercontent.com
visitor-betweenx.omnitagjs.com
5    194.55.244.179 (Moscow, Russian Federation)

ASN34959 (PROCLOUD KVIKTEL LLC, RU)
sync.dmp.otm-r.com
1    178.250.1.129 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
dis.criteo.com
2    168.119.72.236 (Falkenstein, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.236.72.119.168.clients.your-server.de
sync.richaudience.com
6    31.172.81.146 (Germany)

ASN44066 (DE-FIRSTCOLO firstcolo GmbH, DE)
sync.bumlam.com
4    89.108.120.68 (Russian Federation)

ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU)
PTR: d51803.reg.regrucolo.ru
x01.aidata.io
4    77.88.21.90 (Russian Federation)

ASN13238 (YANDEX YANDEX LLC, RU)
PTR: bs.yandex.ru
an.yandex.ru
1    52.16.91.40 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-91-40.eu-west-1.compute.amazonaws.com
ap.lijit.com
2    31.172.81.170 (Germany)

ASN44066 (DE-FIRSTCOLO firstcolo GmbH, DE)
sync.bumlam.com
12    95.163.41.56 (Russian Federation)

ASN47764 (VK-AS LLC VK, RU)
PTR: r.myadx.net
ad.mail.ru
5    87.250.251.15 (Russian Federation)

ASN13238 (YANDEX YANDEX LLC, RU)
PTR: log.strm.yandex.ru
log.strm.yandex.ru
4    194.226.130.226 (Russian Federation)

ASN52016 (ADFACT JSC ADFACT, RU)
www.tns-counter.ru
1    87.228.3.219 (St Petersburg, Russian Federation)

ASN49505 (SELECTEL JSC Selectel, RU)
ad.moe.video
1    5.101.37.37 (Yerevan, Armenia)

ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM)
cdn1.moe.video
2    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH OVH SAS, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
1    83.222.5.43 (Russian Federation)

ASN25532 (MASTERHOST-AS LLC "MASTERHOST", RU)
content.adriver.ru
1    188.72.107.156 (Russian Federation)

ASN208677 (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru, RU)
PTR: fr09.segmento.ru
moevideo-sync.rutarget.ru
17    188.124.47.12 (Moscow, Russian Federation)

ASN49505 (SELECTEL JSC Selectel, RU)
rtb.moe.video
4    195.209.109.11 (Russian Federation)

ASN52007 (ADRIVER LLC AdRiver, RU)
ad.adriver.ru
2    37.230.131.22 (Amsterdam, Netherlands)

ASN200197 (HYBRID-Poland HYBRID ADTECH SP.Z.O.O., PL)
dm.hybrid.ai
dm-eu.hybrid.ai
4    157.90.94.85 (Falkenstein, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: prod-hzeu-lb-1.community.moscow
sync.upravel.com
2    217.66.147.38 (Russian Federation)

ASN29209 (SPBMTS-AS MTS PJSC, RU)
PTR: host-38-147-66-217.spbmts.ru
sm.rtb.mts.ru
3    217.66.147.42 (Russian Federation)

ASN29209 (SPBMTS-AS MTS PJSC, RU)
PTR: host-42-147-66-217.spbmts.ru
vma.mts.ru
4    185.65.149.228 (Russian Federation)

ASN51115 (HLL-AS HLL LLC, RU)
cm.a.mts.ru
9685075341764360804899.cm.a.mts.ru
7256799441764360804901.cm.a.mts.ru
2    5.189.234.227 (Moscow, Russian Federation)

ASN50340 (SELECTEL-MSK JSC Selectel, RU)
sync.adspend.space
2    130.193.54.247 (Russian Federation)

ASN200350 (YandexCloud Yandex.Cloud LLC, RU)
cr-frontend.weborama-tech.ru
1    87.242.95.157 (Russian Federation)

ASN208677 (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru, RU)
sync.rambler.ru
1    104.21.15.59 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
a.adspector.io
1    139.45.228.132 (Russian Federation)

ASN57304 (RETNRU-AS JSC "RetnNet", RU)
PTR: serv3.otclick.ru
otclick-adv.ru
1    37.48.253.136 (Russian Federation)

ASN50340 (SELECTEL-MSK JSC Selectel, RU)
sync.techdsp.ru
2    37.0.127.208 (Moscow, Russian Federation)

ASN61400 (NETRACK-AS Start2 LLC, RU)
match.ohmy.bid
3    83.222.105.118 (Russian Federation)

ASN42632 (MNOGOBYTE-AS MnogoByte LLC, RU)
adx.com.ru
bid.adx.com.ru
1    194.85.16.27 (Russian Federation)

ASN8985 (MSK-IX_Services Join-stock company "Internet Exchange"MSK-IX", RU)
ssp.bidvol.com
1    93.95.102.105 (Russian Federation)

ASN48347 (MTW-AS JSC Mediasoft ekspert, RU)
PTR: unspecified.mtw.ru
fcgi4.gnezdo.ru
1    195.209.109.16 (Russian Federation)

ASN52007 (ADRIVER LLC AdRiver, RU)
ad.adriver.ru
2    194.186.91.198 (Russian Federation)

ASN3216 (SOVAM-AS PJSC "Vimpelcom", RU)
PTR: serv33.mt.viaprog.eu
catsnetwork.ru
inplayer.ru
2    23.111.211.20 (Russian Federation)

ASN39134 (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY, RU)
ru.viadata.store
1    23.111.114.100 (Russian Federation)

ASN39134 (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY, RU)
rucdn.viadata.store
2    23.111.114.196 (Russian Federation)

ASN39134 (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY, RU)
dev.viadata.store
sync.viadata.store
2    185.15.175.132 (Russian Federation)

ASN43226 (SAFEDATA Data Storage Center JSC, RU)
dmg.digitaltarget.ru
1    188.72.109.13 (Russian Federation)

ASN208677 (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru, RU)
ll.viadata.store
1    23.111.115.236 (Russian Federation)

ASN39134 (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY, RU)
rurtb.viadata.store
4    194.186.91.197 (None, )

ASN- ()
traffaret.com
1    194.186.91.211 (None, )

ASN- ()
cdn.traffaret.com
1    91.238.111.224 (None, )

ASN- ()
st.top100.ru
2    37.0.127.199 (None, )

ASN- ()
sp.ohmy.bid
2    194.226.130.227 (None, )

ASN- ()
www.tns-counter.ru
1    84.38.186.39 (None, )

ASN- ()
s.tigra.dev
1    104.26.1.235 (None, )

ASN- ()
id.adx.bid
Apex Domain
Subdomains		 Transfer
45 thelib.net
thelib.net
906 KB
19 moe.video
ad.moe.video — Cisco Umbrella Rank: 70779
cdn1.moe.video — Cisco Umbrella Rank: 70651
rtb.moe.video — Cisco Umbrella Rank: 77384
111 KB
18 yandex.ru
yandex.ru — Cisco Umbrella Rank: 1194
mc.yandex.ru — Cisco Umbrella Rank: 2500
matchid.adfox.yandex.ru — Cisco Umbrella Rank: 24649
an.yandex.ru — Cisco Umbrella Rank: 6256
log.strm.yandex.ru — Cisco Umbrella Rank: 10382
388 KB
17 yastatic.net
yastatic.net — Cisco Umbrella Rank: 4110
442 KB
15 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2027
cache.betweendigital.com — Cisco Umbrella Rank: 20476
13 KB
12 mail.ru
ad.mail.ru — Cisco Umbrella Rank: 3625 Failed
privacy-cs.mail.ru Failed
95 KB
9 mts.ru
sm.rtb.mts.ru — Cisco Umbrella Rank: 27995
vma.mts.ru — Cisco Umbrella Rank: 32898
cm.a.mts.ru — Cisco Umbrella Rank: 16087
9685075341764360804899.cm.a.mts.ru
7256799441764360804901.cm.a.mts.ru
6 KB
9 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 511
2 KB
9 acint.net
acint.net — Cisco Umbrella Rank: 17876
mc.acint.net — Cisco Umbrella Rank: 33188
www.acint.net — Cisco Umbrella Rank: 23048
4 KB
9 bumlam.com
hb.bumlam.com — Cisco Umbrella Rank: 31650
sync.bumlam.com — Cisco Umbrella Rank: 5060
5 KB
7 viadata.store
ru.viadata.store — Cisco Umbrella Rank: 111707
rucdn.viadata.store — Cisco Umbrella Rank: 130223
dev.viadata.store — Cisco Umbrella Rank: 116226
sync.viadata.store — Cisco Umbrella Rank: 198251
ll.viadata.store — Cisco Umbrella Rank: 112921
rurtb.viadata.store — Cisco Umbrella Rank: 124705
112 KB
7 adriver.ru
pb.adriver.ru — Cisco Umbrella Rank: 27862
content.adriver.ru — Cisco Umbrella Rank: 23074
ad.adriver.ru — Cisco Umbrella Rank: 12912
ev.adriver.ru Failed
21 KB
6 tns-counter.ru
www.tns-counter.ru — Cisco Umbrella Rank: 9249
2 KB
6 otm-r.com
yhb.p.otm-r.com — Cisco Umbrella Rank: 38100
sync.dmp.otm-r.com — Cisco Umbrella Rank: 18552
1 KB
6 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 7412
3 KB
5 traffaret.com
traffaret.com
cdn.traffaret.com
50 KB
5 adhigh.net
px.adhigh.net — Cisco Umbrella Rank: 15444
2 KB
5 kimberlite.io
kimberlite.io — Cisco Umbrella Rank: 23462
3 KB
4 ohmy.bid
match.ohmy.bid — Cisco Umbrella Rank: 35787
sp.ohmy.bid
2 KB
4 upravel.com
sync.upravel.com — Cisco Umbrella Rank: 26674
2 KB
4 aidata.io
x01.aidata.io — Cisco Umbrella Rank: 15915
2 KB
4 buzzoola.com
exchange.buzzoola.com — Cisco Umbrella Rank: 14726
2 KB
3 com.ru
adx.com.ru — Cisco Umbrella Rank: 30673
bid.adx.com.ru — Cisco Umbrella Rank: 43919
262 B
3 al-adtech.com
ssp.al-adtech.com — Cisco Umbrella Rank: 20253
882 B
3 sape.ru
ssp-rtb.sape.ru — Cisco Umbrella Rank: 20664
1 KB
2 digitaltarget.ru
dmg.digitaltarget.ru — Cisco Umbrella Rank: 21360
1 KB
2 weborama-tech.ru
cr-frontend.weborama-tech.ru — Cisco Umbrella Rank: 29119
842 B
2 adspend.space
sync.adspend.space — Cisco Umbrella Rank: 42694
686 B
2 hybrid.ai
dm.hybrid.ai — Cisco Umbrella Rank: 31971
dm-eu.hybrid.ai — Cisco Umbrella Rank: 10485
517 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 954
2 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1477
257 B
2 omnitagjs.com
visitor-betweenx.omnitagjs.com — Cisco Umbrella Rank: 27817
726 B
2 rutarget.ru
rutarget.ru — Cisco Umbrella Rank: 25232
moevideo-sync.rutarget.ru — Cisco Umbrella Rank: 109358
ohmybidvideo-sync.rutarget.ru Failed
ohmybid-sync.rutarget.ru Failed
940 B
2 gstatic.com
fonts.gstatic.com
60 KB
1 adx.bid
id.adx.bid
546 B
1 tigra.dev
s.tigra.dev
2 KB
1 inplayer.ru
inplayer.ru
2 KB
1 top100.ru
st.top100.ru
37 KB
1 catsnetwork.ru
catsnetwork.ru — Cisco Umbrella Rank: 82406
723 B
1 gnezdo.ru
fcgi4.gnezdo.ru — Cisco Umbrella Rank: 40564
190 B
1 bidvol.com
ssp.bidvol.com — Cisco Umbrella Rank: 32023
28 B
1 techdsp.ru
sync.techdsp.ru — Cisco Umbrella Rank: 75158
288 B
1 otclick-adv.ru
otclick-adv.ru — Cisco Umbrella Rank: 38937
686 B
1 adspector.io
a.adspector.io — Cisco Umbrella Rank: 24850
626 B
1 rambler.ru
sync.rambler.ru — Cisco Umbrella Rank: 29865
105 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 1055
193 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 976
844 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 4324
582 B
1 alfasense.com
pbs.alfasense.com — Cisco Umbrella Rank: 46117
582 B
1 adfinity.pro
cdn.adfinity.pro — Cisco Umbrella Rank: 112954
214 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 97
1 KB
0 linkssp.ru Failed
sp.linkssp.ru — Cisco Umbrella Rank: 33049 Failed
0 mediatoday.ru Failed
mediatoday.ru Failed
0 sspnet.tech Failed
bid.sspnet.tech Failed
0 dvgroup.com Failed
sync.dvgroup.com Failed
0 bringads.ru Failed
a.bringads.ru Failed
0 smi2.ru Failed
smi2.ru Failed
0 onetarget.ru Failed
pixel.dsp.onetarget.ru Failed
0 new-programmatic.com Failed
match.new-programmatic.com Failed
0 atraffic.ru Failed
a.atraffic.ru Failed
0 qtarget.tech Failed
match.qtarget.tech Failed
0 bridgertb.tech Failed
bridgertb.tech Failed
228 62
Domain Requested by
45 thelib.net thelib.net
17 rtb.moe.video
17 yastatic.net yandex.ru
an.yandex.ru
13 ads.betweendigital.com 7 redirects thelib.net
yandex.ru
cdn.adfinity.pro
sp.ohmy.bid
12 ad.mail.ru yandex.ru
thelib.net
cdn1.moe.video
rucdn.viadata.store
ad.mail.ru
cdn.traffaret.com
9 x.bidswitch.net 5 redirects thelib.net
cache.betweendigital.com
8 sync.bumlam.com 8 redirects
6 www.tns-counter.ru 2 redirects
6 mc.yandex.com 2 redirects thelib.net
mc.yandex.ru
6 yandex.ru thelib.net
yandex.ru
cdn.adfinity.pro
yastatic.net
5 ad.adriver.ru 1 redirects content.adriver.ru
cdn.traffaret.com
5 log.strm.yandex.ru yandex.ru
yastatic.net
5 sync.dmp.otm-r.com 4 redirects thelib.net
sp.ohmy.bid
5 px.adhigh.net 5 redirects sp.ohmy.bid
5 kimberlite.io 3 redirects yandex.ru
cdn1.moe.video
sp.ohmy.bid
4 traffaret.com yastatic.net
cdn.traffaret.com
4 sync.upravel.com 4 redirects
4 an.yandex.ru 1 redirects thelib.net
rucdn.viadata.store
4 x01.aidata.io 4 redirects
4 mc.acint.net 3 redirects thelib.net
4 acint.net 4 redirects
4 exchange.buzzoola.com 3 redirects thelib.net
sp.ohmy.bid
3 vma.mts.ru 3 redirects
3 ssp.al-adtech.com 2 redirects yandex.ru
3 ssp-rtb.sape.ru 2 redirects yandex.ru
2 sp.ohmy.bid cdn.traffaret.com
sp.ohmy.bid
2 dmg.digitaltarget.ru 1 redirects
2 ru.viadata.store yastatic.net
rucdn.viadata.store
2 bid.adx.com.ru cdn1.moe.video
2 match.ohmy.bid 2 redirects
2 cr-frontend.weborama-tech.ru 1 redirects
2 sync.adspend.space 1 redirects
2 cm.a.mts.ru 2 redirects
2 sm.rtb.mts.ru 2 redirects sp.ohmy.bid
2 onetag-sys.com cache.betweendigital.com
2 sync.richaudience.com thelib.net
2 visitor-betweenx.omnitagjs.com 2 redirects
2 cache.betweendigital.com ads.betweendigital.com
2 fonts.gstatic.com fonts.googleapis.com
2 mc.yandex.ru 1 redirects thelib.net
1 id.adx.bid sp.ohmy.bid
1 s.tigra.dev cdn.traffaret.com
1 inplayer.ru cdn.traffaret.com
1 st.top100.ru cdn.traffaret.com
1 cdn.traffaret.com yastatic.net
1 rurtb.viadata.store rucdn.viadata.store
1 ll.viadata.store
1 sync.viadata.store
1 dev.viadata.store rucdn.viadata.store
1 rucdn.viadata.store yastatic.net
1 catsnetwork.ru cdn1.moe.video
1 fcgi4.gnezdo.ru
1 ssp.bidvol.com
1 adx.com.ru
1 sync.techdsp.ru 1 redirects
1 otclick-adv.ru 1 redirects sp.ohmy.bid
1 a.adspector.io
1 sync.rambler.ru
1 7256799441764360804901.cm.a.mts.ru 1 redirects
1 www.acint.net 1 redirects sp.ohmy.bid
1 9685075341764360804899.cm.a.mts.ru 1 redirects
1 dm-eu.hybrid.ai
1 dm.hybrid.ai
1 moevideo-sync.rutarget.ru 1 redirects
1 content.adriver.ru cdn1.moe.video
1 cdn1.moe.video yastatic.net
1 ad.moe.video yastatic.net
1 ap.lijit.com thelib.net
1 dis.criteo.com 1 redirects
1 dsp.nrich.ai 1 redirects
1 rutarget.ru 1 redirects
1 hb.bumlam.com yandex.ru
1 pbs.alfasense.com yandex.ru
1 pb.adriver.ru yandex.ru
1 yhb.p.otm-r.com yandex.ru
1 matchid.adfox.yandex.ru yandex.ru
1 cdn.adfinity.pro thelib.net
1 fonts.googleapis.com thelib.net
0 ohmybid-sync.rutarget.ru Failed sp.ohmy.bid
0 ohmybidvideo-sync.rutarget.ru Failed sp.ohmy.bid
0 sp.linkssp.ru Failed sp.ohmy.bid
0 mediatoday.ru Failed sp.ohmy.bid
0 ev.adriver.ru Failed sp.ohmy.bid
0 bid.sspnet.tech Failed sp.ohmy.bid
0 sync.dvgroup.com Failed
0 a.bringads.ru Failed sp.ohmy.bid
0 smi2.ru Failed
0 pixel.dsp.onetarget.ru Failed
0 match.new-programmatic.com Failed
0 a.atraffic.ru Failed
0 match.qtarget.tech Failed
0 privacy-cs.mail.ru Failed cdn1.moe.video
ru.viadata.store
ad.mail.ru
0 bridgertb.tech Failed thelib.net
228 93

This site contains no links.

Subject Issuer Validity Valid
thelib.net
R12		 2025-11-16 -
2026-02-14		 3 months crt.sh
upload.video.google.com
WE2		 2025-10-27 -
2026-01-19		 3 months crt.sh
*.yandex.tr
GlobalSign ECC OV SSL CA 2018		 2025-08-26 -
2026-02-23		 6 months crt.sh
*.adfinity.pro
Sectigo RSA Domain Validation Secure Server CA		 2024-12-06 -
2025-12-06		 a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2025-08-16 -
2026-01-26		 5 months crt.sh
*.gstatic.com
WE2		 2025-10-27 -
2026-01-19		 3 months crt.sh
*.yastatic-net.ru
GlobalSign RSA OV SSL CA 2018		 2025-11-05 -
2026-05-05		 6 months crt.sh
matchid.adfox.yandex.ru
GlobalSign RSA OV SSL CA 2018		 2025-08-24 -
2026-02-16		 6 months crt.sh
*.p.otm-r.com
GlobalSign GCC R6 AlphaSSL CA 2023		 2025-03-17 -
2026-04-18		 a year crt.sh
*.sape.ru
R12		 2025-10-08 -
2026-01-06		 3 months crt.sh
*.kimberlite.io
GlobalSign GCC R6 AlphaSSL CA 2023		 2025-03-03 -
2026-04-04		 a year crt.sh
*.adriver.ru
GlobalSign GCC R3 DV TLS CA 2020		 2025-03-18 -
2026-04-19		 a year crt.sh
alfasense.com
WE1		 2025-11-07 -
2026-02-05		 3 months crt.sh
*.al-adtech.com
E7		 2025-10-20 -
2026-01-18		 3 months crt.sh
*.bumlam.com
R13		 2025-10-04 -
2026-01-02		 3 months crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2025-02-06 -
2026-03-09		 a year crt.sh
cache.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2025-02-06 -
2026-03-09		 a year crt.sh
*.richaudience.com
RapidSSL TLS RSA CA G1		 2025-02-20 -
2026-02-25		 a year crt.sh
*.bidswitch.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-10-16 -
2026-01-10		 3 months crt.sh
*.lijit.com
Amazon RSA 2048 M01		 2025-09-22 -
2026-10-21		 a year crt.sh
*.mail.ru
GlobalSign ECC OV SSL CA 2018		 2025-11-06 -
2026-12-08		 a year crt.sh
log.strm.yandex.ru
GlobalSign RSA OV SSL CA 2018		 2025-08-01 -
2025-12-29		 5 months crt.sh
*.moe.video
GlobalSign GCC R6 AlphaSSL CA 2023		 2025-01-21 -
2026-02-22		 a year crt.sh
cdn1.moe.video
E7		 2025-10-16 -
2026-01-14		 3 months crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2025-01-21 -
2025-12-27		 a year crt.sh
*.hybrid.ai
Sectigo Public Server Authentication CA DV R36		 2025-09-22 -
2026-10-04		 a year crt.sh
*.rambler.ru
GlobalSign GCC R3 DV TLS CA 2020		 2025-05-12 -
2026-06-13		 a year crt.sh
adspector.io
WE1		 2025-11-13 -
2026-02-11		 3 months crt.sh
*.adx.com.ru
GlobalSign GCC R6 AlphaSSL CA 2025		 2025-06-20 -
2026-07-22		 a year crt.sh
ssp.bidvol.com
E7		 2025-09-19 -
2025-12-18		 3 months crt.sh
fcgi4.gnezdo.ru
E8		 2025-11-03 -
2026-02-01		 3 months crt.sh
catsnetwork.ru
R13		 2025-10-12 -
2026-01-10		 3 months crt.sh
*.viadata.store
GlobalSign GCC R3 DV TLS CA 2020		 2024-11-27 -
2025-12-29		 a year crt.sh
bs.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2025-07-31 -
2026-01-29		 6 months crt.sh
ll.viadata.store
E8		 2025-11-14 -
2026-02-12		 3 months crt.sh
traffaret.com
R13		 2025-09-25 -
2025-12-24		 3 months crt.sh
*.top100.ru
GlobalSign GCC R3 DV TLS CA 2020		 2025-03-12 -
2026-04-13		 a year crt.sh
*.ohmy.bid
E8		 2025-10-05 -
2026-01-03		 3 months crt.sh
inplayer.ru
R13		 2025-11-10 -
2026-02-08		 3 months crt.sh
*.tns-counter.ru
GlobalSign ECC OV SSL CA 2018		 2024-12-18 -
2026-01-19		 a year crt.sh
s.tigra.dev
E7		 2025-11-21 -
2026-02-19		 3 months crt.sh
adx.bid
WE1		 2025-11-12 -
2026-02-10		 3 months crt.sh

This page contains 15 frames:

Primary Page: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Frame ID: 1D170D90B36DD4B333EFB3598C374B6B
Requests: 77 HTTP requests in this frame

Frame: https://thelib.net/scripts/tools/pdf_viewer/web/viewer.html?file=/files/main_repository/1171000/dc0531d7b0cc5ac13eb624201b97bed6
Frame ID: 90A006ADFA9097042D811BC7357006C2
Requests: 25 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=e63864be-ec9b-524c-af76-335ac65c3138&CACHEBUSTER=155907
Frame ID: 33C089356D914F63C4177F3193FA343E
Requests: 5 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=f3d59642-41d3-524c-80c4-956be9ee9709&CACHEBUSTER=855789
Frame ID: 30B71D8FC9AE04B5D8156329B8DF2A53
Requests: 5 HTTP requests in this frame

Frame: https://cdn1.moe.video/player/mvplayer.min.js
Frame ID: 94CE6B98685141557F3DF55899C0CCAE
Requests: 58 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: C750B07D5646C41F95FCD32906159472
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: B345FD91B870F7DBCE1C8C4B7C7C2A1C
Requests: 1 HTTP requests in this frame

Frame: https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=780801&bt=21&pid=3915086&bid=10043329&bn=10043329&rnd=527366301&tuid=1&cfa=1
Frame ID: 51D3CF1F4305E163BDDD962F9139DF6F
Requests: 1 HTTP requests in this frame

Frame: https://rucdn.viadata.store/js/vpaid/250731_dc654336/main.js
Frame ID: 4340413351A4CD2745C5E593BC3871B6
Requests: 8 HTTP requests in this frame

Frame: https://an.yandex.ru/system/context.js
Frame ID: 6081E0C3C42F794567BEBC011DF30E5D
Requests: 8 HTTP requests in this frame

Frame: https://ad.mail.ru/static/vk-adman.js
Frame ID: 87AF45DB4C312EC601F300ACB743DB4A
Requests: 3 HTTP requests in this frame

Frame: https://cdn.traffaret.com/s/linear/linear-vpaid-v1.js
Frame ID: B450BE4F0419F6BD80C9B9C98223C798
Requests: 14 HTTP requests in this frame

Frame: https://sp.ohmy.bid/cmf?0.039304546163241416
Frame ID: 5C52F3BAD1D7CA8240C14D66720802BF
Requests: 18 HTTP requests in this frame

Frame: https://inplayer.ru/video/black.jpg
Frame ID: EDF497FBC41A8A19D44E49C3F5B1E9E6
Requests: 2 HTTP requests in this frame

Frame: https://s.tigra.dev/wrap/vpaid_ima.js
Frame ID: 7C0016470D18723BB94C230C015E0552
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System - Bill Blunden - download the book in pdf or read online for free

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:adriver\.core\.\d\.js|https?://(?:content|ad|masterh\d)\.adriver\.ru/)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

228
Requests

65 %
HTTPS

0 %
IPv6

62
Domains

93
Subdomains

57
IPs

10
Countries

2458 kB
Transfer

51823 kB
Size

90
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46
  • https://mc.yandex.com/sync_cookie_image_check?scid=7d0cb446-edeb-d9b8-b0a5-c06a05200046&cid=96273989 HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?cid=96273989&redirect_domain=mc.yandex.com&scid=7d0cb446-edeb-d9b8-b0a5-c06a05200046&token=10864.1HXJkaP0wSAcll5tIGWobJsUuYOVnwiDppmBraiymsM-ufOM00A_rMciqMcd-5O6.TQyxzaVQMAyIiGUP3k8C9rBJqdo%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?cid=96273989&scid=7d0cb446-edeb-d9b8-b0a5-c06a05200046&token=10864.9sKOOo7JriSBuoa_Ni7Q4Rt4g4GE-4YtveAMyVoEqcEhTYjxKt4ZcR9JjOVCvXnc9UwwuHT15UenLjsow2ldvv3-q5eTed1DPjNLq0AjhAPtT_dFUOcRLHSb0tx5dhKpLgvTpJtomcC2JNOUggJJudaPI9P6-2txjOaKrq4tmd488xIP6G_mr3eESFemyok3VK-iHRZakAAYKzrbYQbzVL5uPZEnSDiZDOZwZeolc9w%2C.31P-j_s4r2J9v2TJeeDvfbJD1PE%2C
Request Chain 59
  • https://ads.betweendigital.com/sspmatch-js?p=42565&randsalt=257097 HTTP 302
  • https://ads.betweendigital.com/sspmatch-js?p=42565&randsalt=257097&crf=1&rts=-471125800773731338
Request Chain 61
  • https://mc.yandex.com/watch/96273989?wmode=7&page-url=https%3A%2F%2Fthelib.net%2F1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aclgul073kv8mluc4beehw6f9wkvkr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A2281%3Acn%3A1%3Adp%3A0%3Als%3A898773473188%3Ahid%3A944777517%3Az%3A60%3Ai%3A20251128211321%3Aet%3A1764360802%3Ac%3A1%3Arn%3A537591282%3Arqn%3A1%3Au%3A1764360802726477338%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A224%3Awv%3A2%3Ads%3A7%2C31%2C51%2C5%2C0%2C0%2C%2C119%2C4%2C%2C%2C%2C286%3Aco%3A0%3Acpf%3A1%3Ans%3A1764360801113%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1764360802%3At%3AThe%20Rootkit%20Arsenal%3A%20Escape%20and%20Evasion%20in%20the%20Dark%20Corners%20of%20the%20System%20-%20Bill%20Blunden%20-%20download%20the%20book%20in%20pdf%20or%20read%20online%20for%20free&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(83952128)ti(1) HTTP 302
  • https://mc.yandex.com/watch/96273989/1?wmode=7&page-url=https%3A%2F%2Fthelib.net%2F1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aclgul073kv8mluc4beehw6f9wkvkr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A2281%3Acn%3A1%3Adp%3A0%3Als%3A898773473188%3Ahid%3A944777517%3Az%3A60%3Ai%3A20251128211321%3Aet%3A1764360802%3Ac%3A1%3Arn%3A537591282%3Arqn%3A1%3Au%3A1764360802726477338%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A224%3Awv%3A2%3Ads%3A7%2C31%2C51%2C5%2C0%2C0%2C%2C119%2C4%2C%2C%2C%2C286%3Aco%3A0%3Acpf%3A1%3Ans%3A1764360801113%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1764360802%3At%3AThe%20Rootkit%20Arsenal%3A%20Escape%20and%20Evasion%20in%20the%20Dark%20Corners%20of%20the%20System%20-%20Bill%20Blunden%20-%20download%20the%20book%20in%20pdf%20or%20read%20online%20for%20free&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2883952128%29ti%281%29
Request Chain 71
  • https://exchange.buzzoola.com/ssp/adfox HTTP 307
  • https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Request Chain 75
  • https://acint.net/cmatch/?dp=14&pi=1628885 HTTP 302
  • https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D14 HTTP 302
  • https://acint.net/rmatch?dp=14&euid=2804420A62022A69CA00318F0213E6DA&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D14 HTTP 302
  • https://mc.acint.net/cmatch?dp=14 HTTP 302
  • https://px.adhigh.net/p/cm/sape?u=0800007F62022A69BC0C7195029A7373 HTTP 302
  • https://px.adhigh.net/p/cm/sape?u=0800007F62022A69BC0C7195029A7373&bounced=1 HTTP 302
  • https://mc.acint.net/rmatch?dp=17&euid=e9ly6XIxESA.AikABlGazBlRDQ&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D17 HTTP 302
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D17&dp=14 HTTP 302
  • https://acint.net/rmatch?dp=14&euid=3E03420A62022A69C700F3AD02A6B7D8&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D17 HTTP 302
  • https://mc.acint.net/cmatch?dp=17 HTTP 302
  • https://rutarget.ru/sync-sape/sync HTTP 302
  • https://mc.acint.net/match?dp=104&euid=-HwAnkii1UFE
Request Chain 78
  • https://x.bidswitch.net/sync?ssp=between&uid=e63864be-ec9b-524c-af76-335ac65c3138&gdpr=0&gdpr_consent=&us_privacy=${GPP_STRING_123}&redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D22%26external_user_id%3D%24%7BUUID%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=between&uid=e63864be-ec9b-524c-af76-335ac65c3138&gdpr=0&gdpr_consent=&us_privacy=${GPP_STRING_123}&redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D22%26external_user_id%3D%24%7BUUID%7D HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=between&bsw_custom_parameter=67f52fc2-5eda-4111-a8c7-2cebbe7b7c81&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=${GPP_STRING_123} HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=00e05e2c-0fe0-47ea-ab27-d5d3c2ad99f7&expires=1&user_group=2&ssp=between&bsw_param=67f52fc2-5eda-4111-a8c7-2cebbe7b7c81&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=67f52fc2-5eda-4111-a8c7-2cebbe7b7c81&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-betweenx.omnitagjs.com/visitor/bsync?uid=cd6403e2c067b584fecdd6a3847819bf&name=gen01&url=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D416%26external_user_id%3DPARTNER_USER_ID&visitor=f3d59642-41d3-524c-80c4-956be9ee9709&gdpr=0&gdpr_consent=&us_privacy=${GPP_STRING_123} HTTP 307
  • https://ads.betweendigital.com/match?bidder_id=416&external_user_id=7b9898d76830fcc20e5cf57ba03bce3e HTTP 302
  • https://sync.dmp.otm-r.com/match/btw?id=f3d59642-41d3-524c-80c4-956be9ee9709 HTTP 302
  • https://sync.dmp.otm-r.com/match/btw?id=f3d59642-41d3-524c-80c4-956be9ee9709&otcm_check=1764360802
Request Chain 79
  • https://visitor-betweenx.omnitagjs.com/visitor/bsync?uid=cd6403e2c067b584fecdd6a3847819bf&name=gen01&url=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D416%26external_user_id%3DPARTNER_USER_ID&visitor=e63864be-ec9b-524c-af76-335ac65c3138&gdpr=0&gdpr_consent=&us_privacy=${GPP_STRING_123} HTTP 307
  • https://ads.betweendigital.com/match?bidder_id=416&external_user_id=7b9898d76830fcc20e5cf57ba03bce3e HTTP 302
  • https://x.bidswitch.net/sync?ssp=between&uid=f3d59642-41d3-524c-80c4-956be9ee9709&gdpr=0&gdpr_consent=&us_privacy=${GPP_STRING_123}&redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D22%26external_user_id%3D%24%7BUUID%7D HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dbetween%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=between&user_id=k-qJrUCGgM4ki8UkOeu77YEGWGf4mrWdrYV5pFnQ&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=67f52fc2-5eda-4111-a8c7-2cebbe7b7c81&gdpr=0&gdpr_consent= HTTP 302
  • https://px.adhigh.net/p/cm/btw HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=e9ly6XIxESA.AikABlGazBlQiQ HTTP 302
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=4AoWPWXbVu&consentString=&r=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D358%26external_user_id%3D%5BPDID%5D
Request Chain 81
  • https://px.adhigh.net/p/cm/btw HTTP 302
  • https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=e9ly6XIxESA.AikABlGazBlQiQ HTTP 302
  • https://bridgertb.tech/ssp/sync/between?sspuid=f3d59642-41d3-524c-80c4-956be9ee9709
Request Chain 83
  • https://sync.bumlam.com/?src=aid0 HTTP 302
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARjihKjJBqIBELCXQmbMlhHwtgwAJZDIJDY* HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=b0974266-cc96-11f0-b60c-002590c82436 HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=b0974266-cc96-11f0-b60c-002590c82436&bounce=1 HTTP 302
  • https://sync.bumlam.com/?src=aid1&uid=iYMOPIBN%2BF2IIGWmDk%2FO2w& HTTP 302
  • https://an.yandex.ru/mapuid/adsniperis/b0974266-cc96-11f0-b60c-002590c82436
Request Chain 88
  • https://sync.bumlam.com/?src=bw1&uid=f3d59642-41d3-524c-80c4-956be9ee9709 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=18&external_user_id=b0974266-cc96-11f0-b60c-002590c82436
Request Chain 90
  • https://ssp.al-adtech.com/api/sync/between HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=294&external_user_id=455ff1f1-205e-4722-a3e5-e7d612919191
Request Chain 92
  • https://sync.bumlam.com/?src=aid0 HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=b0974266-cc96-11f0-b60c-002590c82436 HTTP 302
  • https://sync.bumlam.com/?src=aid1&uid=iYMOPIBN%2BF2IIGWmDk%2FO2w& HTTP 302
  • https://an.yandex.ru/mapuid/adsniperis/b0974266-cc96-11f0-b60c-002590c82436
Request Chain 98
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/155907 HTTP 302
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/155907
Request Chain 100
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/855789 HTTP 302
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/855789
Request Chain 109
  • https://sync.upravel.com/pbd/sync HTTP 302
  • https://sync.upravel.com/pbd/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly90aGVsaWIubmV0LyJdfX0= HTTP 302
  • https://1026--84ebe470-afab-409f-b923-db5a63e7b0d8.stbid.ru/?r=https%3A%2F%2Fsync.upravel.com%2Fimage%3Fsource%3Dpbd HTTP 302
  • https://sync.upravel.com/image?source=pbd HTTP 302
  • https://sync.upravel.com/gpmdata/sync HTTP 302
  • https://tms.gpmdata.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=4a608d62-b43e-464c-ba40-a2d2ff300693&dsp_id=84ebe470-afab-409f-b923-db5a63e7b0d8&ru=https%3A%2F%2Fsync.upravel.com%2Fimage%3Fsource%3Dgpmdata HTTP 302
  • https://sync.upravel.com/image?source=gpmdata HTTP 302
  • https://sync.upravel.com/aidata/sync HTTP 302
  • https://x01.aidata.io/0.gif?pid=MGCOM&id=84ebe470-afab-409f-b923-db5a63e7b0d8&back=
Request Chain 110
  • https://moevideo-sync.rutarget.ru/sync HTTP 302
  • https://rtb.moe.video/cs?b=-HwAnkii1UFE&d=1
Request Chain 111
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=719570&bt=21&bn=719570 HTTP 302
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=719570&bt=21&bn=719570&tuid=-5814673562
Request Chain 112
  • https://sync.bumlam.com/?src=mvn&uid=[user_uid] HTTP 302
  • https://rtb.moe.video/cs?b=b0974266-cc96-11f0-b60c-002590c82436&d=3
Request Chain 113
  • https://kimberlite.io/rtb/sync/moevideo HTTP 307
  • https://kimberlite.io/rtb/sync/moevideo?rc=1 HTTP 307
  • https://exchange.buzzoola.com/cookiesync/redirect?redirect_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbuzzoola%3Fu%3D%24%7BUUID%7D%26f%3Dhttps%253A%252F%252Frtb.moe.video%252Fcs%253Fd%253D4%2526b%253DaSoCZMFWpqg%26n%3D1 HTTP 302
  • https://kimberlite.io/rtb/sync/buzzoola?u=d234d4f2-7a50-45f8-59d4-e8d69ea5cb44&f=https%3A%2F%2Frtb.moe.video%2Fcs%3Fd%3D4%26b%3DaSoCZMFWpqg&n=1 HTTP 307
  • https://dm.hybrid.ai/match?id=414
Request Chain 114
  • https://exchange.buzzoola.com/cookiesync/redirect/moevideo?redirect_url=https%3A%2F%2Frtb.moe.video%2Fcs%3Fd%3D6%26b%3D%24%7BUUID%7D HTTP 302
  • https://rtb.moe.video/cs?d=6&b=d234d4f2-7a50-45f8-59d4-e8d69ea5cb44
Request Chain 115
  • https://ads.betweendigital.com/match?bidder_id=42837&callback_url=https%3A%2F%2Frtb.moe.video%2Fcs%3Fd%3D7%26b%3D%24%7BUSER_ID%7D HTTP 302
  • https://rtb.moe.video/cs?d=7&b=f3d59642-41d3-524c-80c4-956be9ee9709
Request Chain 117
  • https://px.adhigh.net/p/cm/moevideo HTTP 302
  • https://rtb.moe.video/cs?d=9&b=e9ly6XIxESA.AikABlGazBlRDQ
Request Chain 118
  • https://sync.upravel.com/moevideo/sync HTTP 302
  • https://sync.upravel.com/moevideo/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly90aGVsaWIubmV0LyJdfX0= HTTP 302
  • https://rtb.moe.video/cs?d=10&b=4909e26d-1f58-469e-b213-5d932a4f3d68
Request Chain 119
  • https://sm.rtb.mts.ru/p?ssp=moevideo&id=[user_uid] HTTP 301
  • https://vma.mts.ru/match/second?ssp=22&exu=%5Buser_uid%5D HTTP 301
  • https://cm.a.mts.ru/cm/tech?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=4fd06abf-7c69-4ed0-bacd-e48b4a63d1e4&redirect_return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FT9Bqv3xpTtC6zeSLSmPR5A%3Flocation%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D22%2526em%253D0%26sign%3D1709703429 HTTP 302
  • https://9685075341764360804899.cm.a.mts.ru/cm/match?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=4fd06abf-7c69-4ed0-bacd-e48b4a63d1e4&redirect_return_url=https://an.yandex.ru/setud/mts_banner/T9Bqv3xpTtC6zeSLSmPR5A?location%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D22%2526em%253D0%26sign%3D1709703429 HTTP 302
  • https://an.yandex.ru/setud/mts_banner/T9Bqv3xpTtC6zeSLSmPR5A?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D22%26em%3D0&sign=1709703429 HTTP 302
  • https://vma.mts.ru/em?next=22&em=0 HTTP 301
  • https://rtb.moe.video/cs?d=11&b=749442e5-9852-467c-a7b9-e7a5ba91a06f
Request Chain 120
  • https://sync.dmp.otm-r.com/match/moevideo HTTP 302
  • https://rtb.moe.video/cs?d=12&b=NjkyYTAyNjIwYTY0NWI0MA%3D%3D
Request Chain 121
  • https://sync.adspend.space/moevideo?uid=[user_uid] HTTP 302
  • https://sync.adspend.space/check?uid=[user_uid]&ssp=%2Fmoevideo
Request Chain 122
  • https://ssp.al-adtech.com/api/sync/myvideo HTTP 302
  • https://rtb.moe.video/cs?d=14&b=b9d85563-b1c5-4669-8b02-e6d77761ed56
Request Chain 124
  • https://sync.programmatica.com/match/MoeVideo?id=[user_uid] HTTP 302
  • https://a.atraffic.ru/sync?ssp=12
Request Chain 126
  • https://www.acint.net/rmatch?dp=115&r=https%3A%2F%2Frtb.moe.video%2Fcs%3Fd%3D20%26b%3D%24%7BUSER_ID%7D HTTP 302
  • https://rtb.moe.video/cs?d=20&b=0800007F62022A69BC0C7195029A7373
Request Chain 127
  • https://acint.net/cmatch?dp=115 HTTP 302
  • https://sm.rtb.mts.ru/p?ssp=sape&id=0800007F62022A69BC0C7195029A7373 HTTP 301
  • https://vma.mts.ru/match/second?ssp=30&exu=0800007F62022A69BC0C7195029A7373 HTTP 301
  • https://cm.a.mts.ru/cm/tech?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=7814d011-dd22-429a-bffe-24d4944a0fa8&redirect_return_url=https%3A%2F%2Fcr-frontend.weborama-tech.ru%2Fcr%3Fkey%3Dmts%26url%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D30%2526em%253D5%2526ssp%253Dweborama%2526id%253D%257BWEBO_CID%257D HTTP 302
  • https://7256799441764360804901.cm.a.mts.ru/cm/match?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=7814d011-dd22-429a-bffe-24d4944a0fa8&redirect_return_url=https://cr-frontend.weborama-tech.ru/cr?key%3Dmts%26url%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D30%2526em%253D5%2526ssp%253Dweborama%2526id%253D%257BWEBO_CID%257D HTTP 302
  • https://cr-frontend.weborama-tech.ru/cr?key=mts&url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D30%26em%3D5%26ssp%3Dweborama%26id%3D%7BWEBO_CID%7D HTTP 307
  • https://cr-frontend.weborama-tech.ru/cr?key=mts&url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D30%26em%3D5%26ssp%3Dweborama%26id%3D%7BWEBO_CID%7D&bounce=1&random=4108921865
Request Chain 129
  • https://sync.upravel.com/moevideo_outstream/sync HTTP 302
  • https://rtb.moe.video/cs?d=22&b=84ebe470-afab-409f-b923-db5a63e7b0d8
Request Chain 130
  • https://sync.opendsp.ru/match/Moevideo?id=[user_uid] HTTP 302
  • https://sync.opendsp.ru/match/Moevideo?id=%5Buser_uid%5D&chk=1 HTTP 302
  • https://sm.rtb.mts.ru/p?ssp=tradingdesk&id=NGU5YjE3NDcyYjc0Y2YyYg HTTP 301
  • https://vma.mts.ru/match/second?ssp=67&exu=NGU5YjE3NDcyYjc0Y2YyYg HTTP 301
  • https://cm.a.mts.ru/cm/tech?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=7814d011-dd22-429a-bffe-24d4944a0fa8&redirect_return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FeBTQEd0iQpq__iTUlEoPqA%3Flocation%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D67%2526em%253D0%26sign%3D4057469462 HTTP 302
  • https://an.yandex.ru/setud/mts_banner/eBTQEd0iQpq__iTUlEoPqA?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D67%26em%3D0&sign=4057469462 HTTP 302
  • https://vma.mts.ru/em?next=67&em=0 HTTP 301
  • https://sync.opendsp.ru/match/mts_dsp?id=749442e5-9852-467c-a7b9-e7a5ba91a06f HTTP 302
  • https://sync.dmp.otm-r.com/match/open_ssp?id=NGU5YjE3NDcyYjc0Y2YyYg HTTP 302
  • https://sync.dmp.otm-r.com/match/open_ssp?id=NGU5YjE3NDcyYjc0Y2YyYg&otcm_check=1764360805
Request Chain 132
  • https://otclick-adv.ru/core/match.gif?s=54&reference=https%3A%2F%2Frtb.moe.video%2Fcs%3Fd%3D26%26b%3D%23%7BUID%7D HTTP 302
  • https://rtb.moe.video/cs?d=26&b=VUibTjb8FF50LNw
Request Chain 133
  • https://sync.techdsp.ru/sync?src=mvn&uid=[user_uid] HTTP 302
  • https://x01.aidata.io/0.gif?pid=0914828&id=5X7mPX-ITiWZIRvZskUksw&dest=https%3A%2F%2Frtb.moe.video%2Fcs%3Fd%3D27%26b%3D5X7mPX-ITiWZIRvZskUksw HTTP 302
  • https://rtb.moe.video/cs?d=27&b=5X7mPX-ITiWZIRvZskUksw
Request Chain 134
  • https://sync.upravel.com/moevideo_nord/sync HTTP 302
  • https://rtb.moe.video/cs?d=28&b=84ebe470-afab-409f-b923-db5a63e7b0d8
Request Chain 137
  • https://match.ohmy.bid/cm?ssp=mvvideo HTTP 302
  • https://rtb.moe.video/cs?d=31&b=78db0940-cb8d-4b3a-9be1-934edd631231
Request Chain 138
  • https://match.ohmy.bid/cm?ssp=mvban HTTP 302
  • https://rtb.moe.video/cs?d=32&b=6ac18505-930c-494e-b125-16b287f5ed20
Request Chain 142
  • https://sync.dmp.otm-r.com/match/moevideo_banner?id=[user_uid] HTTP 302
  • https://sync.dmp.otm-r.com/match/moevideo_banner?id=%5Buser_uid%5D&otcm_check=1764360804 HTTP 302
  • https://rtb.moe.video/cs?d=36&b=NjkyYTAyNjIwYTY0NWI0MA%3D%3D
Request Chain 143
  • https://sp.linkssp.ru/cm?key=e8d8a1a328ed80f9397920c45c69b1b4&location=https%3A%2F%2Frtb.moe.video%2Fcs%3Fd%3D37%26b%3D%7Buid%7D HTTP 302
  • https://rtb.moe.video/cs?d=37&b=542d86bf-7df7-493c-9a85-86d7acc00f50
Request Chain 144
  • https://sp.linkssp.ru/cm?key=af2153fbaa913034dfb5e17a6bd035af&location=https%3A%2F%2Frtb.moe.video%2Fcs%3Fd%3D38%26b%3D%7Buid%7D HTTP 302
  • https://rtb.moe.video/cs?d=38&b=6ffb5dc4-28da-49fe-8f52-cc6bc2209181
Request Chain 175
  • https://px.adhigh.net/p/cm/viads HTTP 302
  • https://sync.viadata.store/tools/sync?dsp=5&uid=e9ly6XIxESA.AikABlGazBlRDQ
Request Chain 176
  • https://dmg.digitaltarget.ru/1/7205/i/i?a=945&e=653f8278-3fc3-4044-8252-4f3800e42a49&i=1764360806 HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&ts=1764360806552&a=945&e=653f8278-3fc3-4044-8252-4f3800e42a49&i=1764360806
Request Chain 213
  • https://sync.bumlam.com/?src=ohd1&uid=6ac18505-930c-494e-b125-16b287f5ed20 HTTP 302
  • https://sp.ohmy.bid/cm?dsp_id=45&uid=b0974266-cc96-11f0-b60c-002590c82436

228 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
thelib.net/ 		28 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
524ffecdc80f21c84aced5b2338487a07251124a96806b933d1d65c129d0814e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Fri, 28 Nov 2025 20:13:21 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified
Sat, 27 Jan 2024 17:33:25 +0300 GMT
Pragma
no-cache
Server
nginx/1.28.0
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
styles.css
thelib.net/templates/books_and_texts/css/ 		30 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thelib.net/templates/books_and_texts/css/styles.css?v=2
Requested by
Host: thelib.net
URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
1d6469c8840232a9af66cbbce1bd9092b6270f9fd4203fdf4134bf96495662ae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"68192b1b-7825"
Connection
keep-alive
Date
Fri, 28 Nov 2025 20:13:21 GMT
Content-Type
text/css
Last-Modified
Mon, 05 May 2025 21:18:19 GMT
Server
nginx/1.28.0
engine.css
thelib.net/templates/books_and_texts/css/ 		125 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thelib.net/templates/books_and_texts/css/engine.css?v=3
Requested by
Host: thelib.net
URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
c07e39124fdbf33eaa289f2e4eac22c5328e6e475101d045270d112e4608ccf4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"68192b1b-1f3b1"
Connection
keep-alive
Date
Fri, 28 Nov 2025 20:13:21 GMT
Content-Type
text/css
Last-Modified
Mon, 05 May 2025 21:18:19 GMT
Server
nginx/1.28.0
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600&display=swap&subset=cyrillic
Requested by
Host: thelib.net
URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f10.1e100.net
Software
ESF /
Resource Hash
c1bdebb23ab90a2b13a4a6548527a733a65144cee2d4309fa56481f30ca7aec8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 20:13:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 28 Nov 2025 20:13:21 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 28 Nov 2025 18:45:43 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
context.js
yandex.ru/ads/system/ 		430 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: thelib.net
URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.88.55.88 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
yandex.ru
Software
/
Resource Hash
9bbfa54801921fca94f84f2cd5aa5a7829b27fa5373b79699ab33123f542ad15
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

x-robots-tag
noindex, noarchive, nofollow
x-yandex-req-id
1764360801463529-16926926116204497239-balancer-l7leveler-kubr-yp-sas-98-BAL
cache-control
private, max-age=3600
timing-allow-origin
*
content-encoding
br
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-Viewport-Width, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width, Sec-Ch-Viewport-Height
etag
"bc8f98b96a0ec2c85c6888c9f78e2ffb-1303043"
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 21:13:21 GMT
access-control-allow-origin
*
content-type
text/javascript; charset=utf-8
adfinity.js
cdn.adfinity.pro/code/thelib.net/ 		752 KB
214 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adfinity.pro/code/thelib.net/adfinity.js
Requested by
Host: thelib.net
URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),
Reverse DNS
Software
nginx /
Resource Hash
096cd94b73d02dc00a069959ce4bf5aea2c17d57d0116e45eea58419304d7aa6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

x-cached-since
2025-11-28T19:07:53+00:00
cache
HIT
cache-control
no-cache
content-encoding
gzip
etag
W/"6927e9b6-bbed6"
access-control-allow-credentials
true
access-control-allow-methods
*
expires
Thu, 01 Jan 1970 00:00:01 GMT
access-control-allow-origin
*
date
Fri, 28 Nov 2025 20:13:21 GMT
last-modified
Thu, 27 Nov 2025 06:03:34 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
x-node
m9p-up-gc68
277b7728fddc835b6d44461c96a939f2-g.jpg
thelib.net/covers/files_70/2562000/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thelib.net/covers/files_70/2562000/277b7728fddc835b6d44461c96a939f2-g.jpg
Requested by
Host: thelib.net
URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
b76de57afd5ebb709ded2bd10f270608c5fa22705b127d5b0761245dc48eb9fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html

Response headers

ETag
"681927fe-dc4"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3524
Date
Fri, 28 Nov 2025 20:13:21 GMT
Content-Type
image/jpeg
Last-Modified
Mon, 05 May 2025 21:05:02 GMT
Server
nginx/1.28.0
4f83f2bc9735057f3a5dc2ba691ff1a4-d.jpg
thelib.net/covers/files_70/1962000/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thelib.net/covers/files_70/1962000/4f83f2bc9735057f3a5dc2ba691ff1a4-d.jpg
Requested by
Host: thelib.net
URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
e7d93d16d642bb1c7a31fbc11917e0d2181fbb69789b9c8042e8014b7919f896

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html

Response headers

ETag
"68192957-d17"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3351
Date
Fri, 28 Nov 2025 20:13:21 GMT
Content-Type
image/jpeg
Last-Modified
Mon, 05 May 2025 21:10:47 GMT
Server
nginx/1.28.0
7f4aa54231b149462d4731ee1f641d3b-d.jpg
thelib.net/covers/files_70/1796000/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thelib.net/covers/files_70/1796000/7f4aa54231b149462d4731ee1f641d3b-d.jpg
Requested by
Host: thelib.net
URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
9923e120a086c0f00be8c5d0d7db9f5dace42442a6df325e16f6fa10c131cf76

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html

Response headers

ETag
"68192935-928"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2344
Date
Fri, 28 Nov 2025 20:13:21 GMT
Content-Type
image/jpeg
Last-Modified
Mon, 05 May 2025 21:10:13 GMT
Server
nginx/1.28.0
7691d40f83a798ad9be6fe84f3304194-g.jpg
thelib.net/covers/files_70/3251000/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thelib.net/covers/files_70/3251000/7691d40f83a798ad9be6fe84f3304194-g.jpg
Requested by
Host: thelib.net
URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
16d997ea5864eff8f404cfda4800ddb93b3c1600fc812203a52028669cf60ce2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html

Response headers

ETag
"6819295d-828"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2088
Date
Fri, 28 Nov 2025 20:13:21 GMT
Content-Type
image/jpeg
Last-Modified
Mon, 05 May 2025 21:10:53 GMT
Server
nginx/1.28.0
0e07f10f13c7bdcb923993e6edaf26d6-d.jpg
thelib.net/covers/files_70/2028000/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thelib.net/covers/files_70/2028000/0e07f10f13c7bdcb923993e6edaf26d6-d.jpg
Requested by
Host: thelib.net
URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
e03fd94ac2cf44546c685ab3c3ecbc4bd4db429c338ec864afd9940c5122b62e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html

Response headers

ETag
"68192963-844"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2116
Date
Fri, 28 Nov 2025 20:13:21 GMT
Content-Type
image/jpeg
Last-Modified
Mon, 05 May 2025 21:10:59 GMT
Server
nginx/1.28.0
noavatar.png
thelib.net/templates/books_and_texts/dleimages/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thelib.net/templates/books_and_texts/dleimages/noavatar.png
Requested by
Host: thelib.net
URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
ae98b5aeeaa3f1d82c86b770cc1fd441ae770814633e986ae6eff0526e299d1e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html

Response headers

ETag
"68192b1b-23f6"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9206
Date
Fri, 28 Nov 2025 20:13:21 GMT
Content-Type
image/png
Last-Modified
Mon, 05 May 2025 21:18:19 GMT
Server
nginx/1.28.0
dc0531d7b0cc5ac13eb624201b97bed6-d.jpg
thelib.net/covers/files_200/1171000/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thelib.net/covers/files_200/1171000/dc0531d7b0cc5ac13eb624201b97bed6-d.jpg
Requested by
Host: thelib.net
URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
630e511d321ab6611e7630bad010b1ac063b88b04f9a4a5b75ea0897bc55a7f7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html

Response headers

ETag
"6819217a-347e"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13438
Date
Fri, 28 Nov 2025 20:13:21 GMT
Content-Type
image/jpeg
Last-Modified
Mon, 05 May 2025 20:37:14 GMT
Server
nginx/1.28.0
qr_code.php
thelib.net/scripts/tools/qr_code/ 		999 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thelib.net/scripts/tools/qr_code/qr_code.php?data=https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Requested by
Host: thelib.net
URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
ada2a09749bedaf31f93491fd466376136b4b6dade5cd7edc5e395e58d8f4cf1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html

Response headers

Content-Length
999
Date
Fri, 28 Nov 2025 20:13:21 GMT
Content-Type
image/png
Server
nginx/1.28.0
Connection
keep-alive
antibot.php
thelib.net/engine/modules/antibot/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thelib.net/engine/modules/antibot/antibot.php
Requested by
Host: thelib.net
URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
24dec32d7fc65b4f08ead87e6a9674809d69ae1da10655294d9735a76b163671

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Content-Length
5413
Date
Fri, 28 Nov 2025 20:13:21 GMT
Content-Type
image/jpeg
Server
nginx/1.28.0
index.php
thelib.net/engine/classes/min/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thelib.net/engine/classes/min/index.php?g=general3&v=f4j64
Requested by
Host: thelib.net
URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
5f55e209be722b88bb75df5b584e8e9030a85db8b96c806149ab1f5538aedcd0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html

Response headers

Cache-Control
max-age=31536000
Content-Encoding
gzip
ETag
"pub1746479613;gz"
Connection
keep-alive
Expires
Sat, 28 Nov 2026 20:13:21 GMT
Content-Length
30393
Date
Fri, 28 Nov 2025 20:13:21 GMT
Last-Modified
Mon, 05 May 2025 21:13:33 GMT
Content-Type
application/x-javascript; charset=utf-8
Vary
Accept-Encoding
Server
nginx/1.28.0
index.php
thelib.net/engine/classes/min/ 		170 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thelib.net/engine/classes/min/index.php?f=engine/classes/js/jqueryui3.js,engine/classes/js/dle_js.js&v=f4j64
Requested by
Host: thelib.net
URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
5843b8f47c35f0826602ef4642e9042aed5882456cddb5e1c5acd8673c3d17c2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html

Response headers

Cache-Control
max-age=31536000
Content-Encoding
gzip
ETag
"pub1746479613;gz"
Connection
keep-alive
Expires
Sat, 28 Nov 2026 20:13:21 GMT
Content-Length
45460
Date
Fri, 28 Nov 2025 20:13:21 GMT
Last-Modified
Mon, 05 May 2025 21:13:33 GMT
Content-Type
application/x-javascript; charset=utf-8
Vary
Accept-Encoding
Server
nginx/1.28.0
libs.js
thelib.net/templates/books_and_texts/js/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thelib.net/templates/books_and_texts/js/libs.js?v=4
Requested by
Host: thelib.net
URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
fe11f388f6f6aa8402c7083667de5558f4e72ad75d31f28c6ea38a7a1e9da91d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"68192b1b-c837"
Connection
keep-alive
Date
Fri, 28 Nov 2025 20:13:21 GMT
Content-Type
application/javascript; charset=utf-8
Last-Modified
Mon, 05 May 2025 21:18:19 GMT
Server
nginx/1.28.0
viewer.html
thelib.net/scripts/tools/pdf_viewer/web/ Frame 90A0 		28 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thelib.net/scripts/tools/pdf_viewer/web/viewer.html?file=/files/main_repository/1171000/dc0531d7b0cc5ac13eb624201b97bed6
Requested by
Host: thelib.net
URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
1fd0de0802ae22aa0579681b1d806d07eda1a333ee3441bf8020b7a0cd6ba5b9

Request headers

Referer
https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
5247
Content-Type
text/html; charset=UTF-8
Date
Fri, 28 Nov 2025 20:13:21 GMT
ETag
"6f9d-6346a09eeabad-gzip"
Last-Modified
Mon, 05 May 2025 21:18:18 GMT
Server
nginx/1.28.0
Vary
Accept-Encoding
tag.js
mc.yandex.ru/metrika/ 		241 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: thelib.net
URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
243ace0d4549bb58e76ec3824a72f6ec46f0fc5c7e7cda4f27921b907f4fd0ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
content-encoding
br
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"692088d9-140f9"
expires
Fri, 28 Nov 2025 21:13:21 GMT
access-control-allow-origin
*
content-length
82169
date
Fri, 28 Nov 2025 20:13:21 GMT
last-modified
Fri, 21 Nov 2025 15:44:25 GMT
content-type
application/javascript
logo.png
thelib.net/templates/books_and_texts/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thelib.net/templates/books_and_texts/images/logo.png
Requested by
Host: thelib.net
URL: https://thelib.net/templates/books_and_texts/css/styles.css?v=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
276268c31921565ae87aa141d83896a059fd831d7d6adf33b487bb28d88c7c4f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/templates/books_and_texts/css/styles.css?v=2

Response headers

ETag
"68192b1b-261f"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9759
Date
Fri, 28 Nov 2025 20:13:21 GMT
Content-Type
image/png
Last-Modified
Mon, 05 May 2025 21:18:19 GMT
Server
nginx/1.28.0
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v31/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v31/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600&display=swap&subset=cyrillic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
06b16db7a969135d48d38c49183be7fb88d4452e2a3011957c7851941f4e4879
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://fonts.googleapis.com/

Response headers

age
299600
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 25 Nov 2026 09:00:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 25 Nov 2025 09:00:01 GMT
last-modified
Thu, 04 Sep 2025 17:09:22 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
37956
x-xss-protection
0
server
sffe
fa-light-300.woff2
thelib.net/templates/books_and_texts/webfonts/ 		181 KB
181 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thelib.net/templates/books_and_texts/webfonts/fa-light-300.woff2
Requested by
Host: thelib.net
URL: https://thelib.net/templates/books_and_texts/css/engine.css?v=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
2dc0e215dc2374fc5cdacf24707fabeabc2e4193e12ec9c0203ac9a52a5daf3e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://thelib.net/templates/books_and_texts/css/engine.css?v=3

Response headers

ETag
"68192b1b-2d410"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
185360
Date
Fri, 28 Nov 2025 20:13:21 GMT
Content-Type
font/woff2
Last-Modified
Mon, 05 May 2025 21:18:19 GMT
Server
nginx/1.28.0
fa-solid-900.woff2
thelib.net/templates/books_and_texts/webfonts/ 		134 KB
135 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thelib.net/templates/books_and_texts/webfonts/fa-solid-900.woff2
Requested by
Host: thelib.net
URL: https://thelib.net/templates/books_and_texts/css/engine.css?v=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
68eb827a2fa6f035eab41392f863522ae5dc0d4c0c31d5245362a7f1a5aed46a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://thelib.net/templates/books_and_texts/css/engine.css?v=3

Response headers

ETag
"68192b1b-219e8"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
137704
Date
Fri, 28 Nov 2025 20:13:21 GMT
Content-Type
font/woff2
Last-Modified
Mon, 05 May 2025 21:18:19 GMT
Server
nginx/1.28.0
fa-brands-400.woff2
thelib.net/templates/books_and_texts/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thelib.net/templates/books_and_texts/webfonts/fa-brands-400.woff2
Requested by
Host: thelib.net
URL: https://thelib.net/templates/books_and_texts/css/engine.css?v=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
ec2e22fd918a8ffef0f54f466fb7edd2c586f39dad794cd25a0a97ce36c404d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://thelib.net/templates/books_and_texts/css/engine.css?v=3

Response headers

ETag
"68192b1b-128e8"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
76008
Date
Fri, 28 Nov 2025 20:13:21 GMT
Content-Type
font/woff2
Last-Modified
Mon, 05 May 2025 21:18:19 GMT
Server
nginx/1.28.0
JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v31/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v31/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600&display=swap&subset=cyrillic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
a187b077090fe8ae3fd2d7496aabbeae604819c718a282e0afc92df72b450766
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://fonts.googleapis.com/

Response headers

age
303755
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 25 Nov 2026 07:50:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 25 Nov 2025 07:50:46 GMT
last-modified
Thu, 04 Sep 2025 17:11:54 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23828
x-xss-protection
0
server
sffe
pdf.js
thelib.net/scripts/tools/pdf_viewer/build/ Frame 90A0 		555 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thelib.net/scripts/tools/pdf_viewer/build/pdf.js
Requested by
Host: thelib.net
URL: https://thelib.net/scripts/tools/pdf_viewer/web/viewer.html?file=/files/main_repository/1171000/dc0531d7b0cc5ac13eb624201b97bed6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
d83766f20a4c31fbce5a29d98789cdfbef781b147441da45be1d1079e8e0f81c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/scripts/tools/pdf_viewer/web/viewer.html?file=/files/main_repository/1171000/dc0531d7b0cc5ac13eb624201b97bed6

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"68192b1a-8abe6"
Connection
keep-alive
Date
Fri, 28 Nov 2025 20:13:21 GMT
Content-Type
application/javascript; charset=utf-8
Last-Modified
Mon, 05 May 2025 21:18:18 GMT
Server
nginx/1.28.0
viewer.css
thelib.net/scripts/tools/pdf_viewer/web/ Frame 90A0 		95 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thelib.net/scripts/tools/pdf_viewer/web/viewer.css
Requested by
Host: thelib.net
URL: https://thelib.net/scripts/tools/pdf_viewer/web/viewer.html?file=/files/main_repository/1171000/dc0531d7b0cc5ac13eb624201b97bed6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
b4a2799df7bfba78a7e2861004eb2c767efdb28190f3c53fc5a92263c666a9ea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/scripts/tools/pdf_viewer/web/viewer.html?file=/files/main_repository/1171000/dc0531d7b0cc5ac13eb624201b97bed6

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"68192b1a-17aa6"
Connection
keep-alive
Date
Fri, 28 Nov 2025 20:13:21 GMT
Content-Type
text/css
Last-Modified
Mon, 05 May 2025 21:18:18 GMT
Server
nginx/1.28.0
viewer.js
thelib.net/scripts/tools/pdf_viewer/web/ Frame 90A0 		427 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thelib.net/scripts/tools/pdf_viewer/web/viewer.js
Requested by
Host: thelib.net
URL: https://thelib.net/scripts/tools/pdf_viewer/web/viewer.html?file=/files/main_repository/1171000/dc0531d7b0cc5ac13eb624201b97bed6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
5b760c5eec12769c853e4968bfd82350ab2815056019959e0e54211117c6a34c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/scripts/tools/pdf_viewer/web/viewer.html?file=/files/main_repository/1171000/dc0531d7b0cc5ac13eb624201b97bed6

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"68192b1a-6ad89"
Connection
keep-alive
Date
Fri, 28 Nov 2025 20:13:21 GMT
Content-Type
application/javascript; charset=utf-8
Last-Modified
Mon, 05 May 2025 21:18:18 GMT
Server
nginx/1.28.0
toolbarButton-viewThumbnail.svg
thelib.net/scripts/tools/pdf_viewer/web/images/ Frame 90A0 		1 KB
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thelib.net/scripts/tools/pdf_viewer/web/images/toolbarButton-viewThumbnail.svg
Requested by
Host: thelib.net
URL: https://thelib.net/scripts/tools/pdf_viewer/web/viewer.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
5fa35769db66b33d6408f378e8aa68fa060331f0cc9dd6ad41fb7366082aad34

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://thelib.net/scripts/tools/pdf_viewer/web/viewer.css

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"68192b1a-574"
Connection
keep-alive
Date
Fri, 28 Nov 2025 20:13:21 GMT
Content-Type
image/svg+xml
Last-Modified
Mon, 05 May 2025 21:18:18 GMT
Server
nginx/1.28.0
toolbarButton-viewOutline.svg
thelib.net/scripts/tools/pdf_viewer/web/images/ Frame 90A0 		332 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thelib.net/scripts/tools/pdf_viewer/web/images/toolbarButton-viewOutline.svg
Requested by
Host: thelib.net
URL: https://thelib.net/scripts/tools/pdf_viewer/web/viewer.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
eeb6cd0ce94dcfea6bd2aca222da7b1583d74800ea9c94640ff8fa06c13fb044

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://thelib.net/scripts/tools/pdf_viewer/web/viewer.css

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"68192b1a-14c"
Connection
keep-alive
Date
Fri, 28 Nov 2025 20:13:21 GMT
Content-Type
image/svg+xml
Last-Modified
Mon, 05 May 2025 21:18:18 GMT
Server
nginx/1.28.0
toolbarButton-viewAttachments.svg
thelib.net/scripts/tools/pdf_viewer/web/images/ Frame 90A0 		570 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thelib.net/scripts/tools/pdf_viewer/web/images/toolbarButton-viewAttachments.svg
Requested by
Host: thelib.net
URL: https://thelib.net/scripts/tools/pdf_viewer/web/viewer.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
e07fbf17b3c7ca2cda9c4e54cdd66cb0aa63d368232cbb2c9aed5559720bf96c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://thelib.net/scripts/tools/pdf_viewer/web/viewer.css

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"68192b1a-23a"
Connection
keep-alive
Date
Fri, 28 Nov 2025 20:13:21 GMT
Content-Type
image/svg+xml
Last-Modified
Mon, 05 May 2025 21:18:18 GMT
Server
nginx/1.28.0
toolbarButton-viewLayers.svg
thelib.net/scripts/tools/pdf_viewer/web/images/ Frame 90A0 		671 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thelib.net/scripts/tools/pdf_viewer/web/images/toolbarButton-viewLayers.svg
Requested by
Host: thelib.net
URL: https://thelib.net/scripts/tools/pdf_viewer/web/viewer.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
e0b8a59c272dc9a1d9a07d461363f96c3b3bd3df2db778f8f99743dfffd51d78

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://thelib.net/scripts/tools/pdf_viewer/web/viewer.css

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"68192b1a-29f"
Connection
keep-alive
Date
Fri, 28 Nov 2025 20:13:21 GMT
Content-Type
image/svg+xml
Last-Modified
Mon, 05 May 2025 21:18:18 GMT
Server
nginx/1.28.0
toolbarButton-sidebarToggle.svg
thelib.net/scripts/tools/pdf_viewer/web/images/ Frame 90A0 		2 KB
936 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thelib.net/scripts/tools/pdf_viewer/web/images/toolbarButton-sidebarToggle.svg
Requested by
Host: thelib.net
URL: https://thelib.net/scripts/tools/pdf_viewer/web/viewer.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
88098d3e47fd921122c5263dce50ee67c662c9cb65908be0481891dfe521a6c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://thelib.net/scripts/tools/pdf_viewer/web/viewer.css

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"68192b1a-618"
Connection
keep-alive
Date
Fri, 28 Nov 2025 20:13:21 GMT
Content-Type
image/svg+xml
Last-Modified
Mon, 05 May 2025 21:18:18 GMT
Server
nginx/1.28.0
toolbarButton-search.svg
thelib.net/scripts/tools/pdf_viewer/web/images/ Frame 90A0 		1 KB
923 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thelib.net/scripts/tools/pdf_viewer/web/images/toolbarButton-search.svg
Requested by
Host: thelib.net
URL: https://thelib.net/scripts/tools/pdf_viewer/web/viewer.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
32889acafd84edeec513db6131252fa97ffff00fee6272d05e35e2d95216e30f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://thelib.net/scripts/tools/pdf_viewer/web/viewer.css

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"68192b1a-4d2"
Connection
keep-alive
Date
Fri, 28 Nov 2025 20:13:21 GMT
Content-Type
image/svg+xml
Last-Modified
Mon, 05 May 2025 21:18:18 GMT
Server
nginx/1.28.0
toolbarButton-pageUp.svg
thelib.net/scripts/tools/pdf_viewer/web/images/ Frame 90A0 		682 B
669 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thelib.net/scripts/tools/pdf_viewer/web/images/toolbarButton-pageUp.svg
Requested by
Host: thelib.net
URL: https://thelib.net/scripts/tools/pdf_viewer/web/viewer.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
bac79138cb730c6bfa63bef02d7e5906aee727bb54df15878823426822badaaa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://thelib.net/scripts/tools/pdf_viewer/web/viewer.css

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"68192b1a-2aa"
Connection
keep-alive
Date
Fri, 28 Nov 2025 20:13:21 GMT
Content-Type
image/svg+xml
Last-Modified
Mon, 05 May 2025 21:18:18 GMT
Server
nginx/1.28.0
toolbarButton-pageDown.svg
thelib.net/scripts/tools/pdf_viewer/web/images/ Frame 90A0 		701 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thelib.net/scripts/tools/pdf_viewer/web/images/toolbarButton-pageDown.svg
Requested by
Host: thelib.net
URL: https://thelib.net/scripts/tools/pdf_viewer/web/viewer.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
09a14cbd902aad9fe40f2351db2ac5593ad897aed8810b9c6aeb0e56389ff100

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://thelib.net/scripts/tools/pdf_viewer/web/viewer.css

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"68192b1a-2bd"
Connection
keep-alive
Date
Fri, 28 Nov 2025 20:13:21 GMT
Content-Type
image/svg+xml
Last-Modified
Mon, 05 May 2025 21:18:18 GMT
Server
nginx/1.28.0
toolbarButton-print.svg
thelib.net/scripts/tools/pdf_viewer/web/images/ Frame 90A0 		927 B
728 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thelib.net/scripts/tools/pdf_viewer/web/images/toolbarButton-print.svg
Requested by
Host: thelib.net
URL: https://thelib.net/scripts/tools/pdf_viewer/web/viewer.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
267745d6c176afe038630c3f7c0fcda78141fc7634f73898ffc6cbb1262c77ab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://thelib.net/scripts/tools/pdf_viewer/web/viewer.css

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"68192b1a-39f"
Connection
keep-alive
Date
Fri, 28 Nov 2025 20:13:21 GMT
Content-Type
image/svg+xml
Last-Modified
Mon, 05 May 2025 21:18:18 GMT
Server
nginx/1.28.0
toolbarButton-download.svg
thelib.net/scripts/tools/pdf_viewer/web/images/ Frame 90A0 		1 KB
785 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thelib.net/scripts/tools/pdf_viewer/web/images/toolbarButton-download.svg
Requested by
Host: thelib.net
URL: https://thelib.net/scripts/tools/pdf_viewer/web/viewer.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
afa286c8ea1941eaec589ed6a2103c5a845f3ff76a7423ba985f449465005163

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://thelib.net/scripts/tools/pdf_viewer/web/viewer.css

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"68192b1a-40c"
Connection
keep-alive
Date
Fri, 28 Nov 2025 20:13:21 GMT
Content-Type
image/svg+xml
Last-Modified
Mon, 05 May 2025 21:18:18 GMT
Server
nginx/1.28.0
toolbarButton-editorFreeText.svg
thelib.net/scripts/tools/pdf_viewer/web/images/ Frame 90A0 		915 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thelib.net/scripts/tools/pdf_viewer/web/images/toolbarButton-editorFreeText.svg
Requested by
Host: thelib.net
URL: https://thelib.net/scripts/tools/pdf_viewer/web/viewer.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
47b71a702afcbca881d390f6478ebf4acc682871e1891dee7f3bfce898a8dd33

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://thelib.net/scripts/tools/pdf_viewer/web/viewer.css

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"68192b1a-393"
Connection
keep-alive
Date
Fri, 28 Nov 2025 20:13:21 GMT
Content-Type
image/svg+xml
Last-Modified
Mon, 05 May 2025 21:18:18 GMT
Server
nginx/1.28.0
toolbarButton-editorInk.svg
thelib.net/scripts/tools/pdf_viewer/web/images/ Frame 90A0 		1 KB
886 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thelib.net/scripts/tools/pdf_viewer/web/images/toolbarButton-editorInk.svg
Requested by
Host: thelib.net
URL: https://thelib.net/scripts/tools/pdf_viewer/web/viewer.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
081bf99d3c2390036a2d9c7e9485316bcd049f90a74e982f1eebcfd4d9b178e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://thelib.net/scripts/tools/pdf_viewer/web/viewer.css

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"68192b1a-4a5"
Connection
keep-alive
Date
Fri, 28 Nov 2025 20:13:21 GMT
Content-Type
image/svg+xml
Last-Modified
Mon, 05 May 2025 21:18:18 GMT
Server
nginx/1.28.0
toolbarButton-secondaryToolbarToggle.svg
thelib.net/scripts/tools/pdf_viewer/web/images/ Frame 90A0 		1 KB
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thelib.net/scripts/tools/pdf_viewer/web/images/toolbarButton-secondaryToolbarToggle.svg
Requested by
Host: thelib.net
URL: https://thelib.net/scripts/tools/pdf_viewer/web/viewer.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
ff717321d89309f51bcccc28f347e6a888e73570527845d6560a84f5d70cb3a0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://thelib.net/scripts/tools/pdf_viewer/web/viewer.css

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"68192b1a-438"
Connection
keep-alive
Date
Fri, 28 Nov 2025 20:13:21 GMT
Content-Type
image/svg+xml
Last-Modified
Mon, 05 May 2025 21:18:18 GMT
Server
nginx/1.28.0
toolbarButton-zoomOut.svg
thelib.net/scripts/tools/pdf_viewer/web/images/ Frame 90A0 		472 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thelib.net/scripts/tools/pdf_viewer/web/images/toolbarButton-zoomOut.svg
Requested by
Host: thelib.net
URL: https://thelib.net/scripts/tools/pdf_viewer/web/viewer.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
366a40c3627e67f97164976d5ff38b5484716e834d08fefe252a6ea37feda895

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://thelib.net/scripts/tools/pdf_viewer/web/viewer.css

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"68192b1a-1d8"
Connection
keep-alive
Date
Fri, 28 Nov 2025 20:13:21 GMT
Content-Type
image/svg+xml
Last-Modified
Mon, 05 May 2025 21:18:18 GMT
Server
nginx/1.28.0
toolbarButton-zoomIn.svg
thelib.net/scripts/tools/pdf_viewer/web/images/ Frame 90A0 		958 B
747 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thelib.net/scripts/tools/pdf_viewer/web/images/toolbarButton-zoomIn.svg
Requested by
Host: thelib.net
URL: https://thelib.net/scripts/tools/pdf_viewer/web/viewer.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
722dfe315686a5841d0a0d00f34df8f706d2c6e24551d46a5ebe971fe4af62d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://thelib.net/scripts/tools/pdf_viewer/web/viewer.css

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"68192b1a-3be"
Connection
keep-alive
Date
Fri, 28 Nov 2025 20:13:21 GMT
Content-Type
image/svg+xml
Last-Modified
Mon, 05 May 2025 21:18:18 GMT
Server
nginx/1.28.0
toolbarButton-menuArrow.svg
thelib.net/scripts/tools/pdf_viewer/web/images/ Frame 90A0 		681 B
661 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thelib.net/scripts/tools/pdf_viewer/web/images/toolbarButton-menuArrow.svg
Requested by
Host: thelib.net
URL: https://thelib.net/scripts/tools/pdf_viewer/web/viewer.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
2db41f97615a8c912f676a62c88b12e2b8715f4ed188df325737423501aa4a8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://thelib.net/scripts/tools/pdf_viewer/web/viewer.css

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"68192b1a-2a9"
Connection
keep-alive
Date
Fri, 28 Nov 2025 20:13:21 GMT
Content-Type
image/svg+xml
Last-Modified
Mon, 05 May 2025 21:18:18 GMT
Server
nginx/1.28.0
locale.properties
thelib.net/scripts/tools/pdf_viewer/web/locale/ Frame 90A0 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://thelib.net/scripts/tools/pdf_viewer/web/locale/locale.properties
Requested by
Host: thelib.net
URL: https://thelib.net/scripts/tools/pdf_viewer/web/viewer.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
d7629ee59240e677b88def782fa09d916958d04cd7e3b09c6eed3f27864fef46

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/scripts/tools/pdf_viewer/web/viewer.html?file=/files/main_repository/1171000/dc0531d7b0cc5ac13eb624201b97bed6

Response headers

Accept-Ranges
bytes
Content-Length
4606
Date
Fri, 28 Nov 2025 20:13:21 GMT
ETag
"11fe-6346a09ee9c0d"
Last-Modified
Mon, 05 May 2025 21:18:18 GMT
Server
nginx/1.28.0
Connection
keep-alive
viewer.properties
thelib.net/scripts/tools/pdf_viewer/web/locale/de/ Frame 90A0 		12 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://thelib.net/scripts/tools/pdf_viewer/web/locale/de/viewer.properties
Requested by
Host: thelib.net
URL: https://thelib.net/scripts/tools/pdf_viewer/web/viewer.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
9e2f6c43a9552d14732c39f05d4d58da85b94b0480ae747259df508f27e1465f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/scripts/tools/pdf_viewer/web/viewer.html?file=/files/main_repository/1171000/dc0531d7b0cc5ac13eb624201b97bed6

Response headers

Accept-Ranges
bytes
Content-Length
12659
Date
Fri, 28 Nov 2025 20:13:21 GMT
ETag
"3173-6346a09ee7ccd"
Last-Modified
Mon, 05 May 2025 21:18:18 GMT
Server
nginx/1.28.0
Connection
keep-alive
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check?scid=7d0cb446-edeb-d9b8-b0a5-c06a05200046&cid=96273989
  • https://mc.yandex.ru/sync_cookie_image_start?cid=96273989&redirect_domain=mc.yandex.com&scid=7d0cb446-edeb-d9b8-b0a5-c06a05200046&token=10864.1HXJkaP0wSAcll5tIGWobJsUuYOVnwiDppmBraiymsM-ufOM00A_rMc...
  • https://mc.yandex.com/sync_cookie_image_decide?cid=96273989&scid=7d0cb446-edeb-d9b8-b0a5-c06a05200046&token=10864.9sKOOo7JriSBuoa_Ni7Q4Rt4g4GE-4YtveAMyVoEqcEhTYjxKt4ZcR9JjOVCvXnc9UwwuHT15UenLjsow2l...
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?cid=96273989&scid=7d0cb446-edeb-d9b8-b0a5-c06a05200046&token=10864.9sKOOo7JriSBuoa_Ni7Q4Rt4g4GE-4YtveAMyVoEqcEhTYjxKt4ZcR9JjOVCvXnc9UwwuHT15UenLjsow2ldvv3-q5eTed1DPjNLq0AjhAPtT_dFUOcRLHSb0tx5dhKpLgvTpJtomcC2JNOUggJJudaPI9P6-2txjOaKrq4tmd488xIP6G_mr3eESFemyok3VK-iHRZakAAYKzrbYQbzVL5uPZEnSDiZDOZwZeolc9w%2C.31P-j_s4r2J9v2TJeeDvfbJD1PE%2C
Requested by
Host: thelib.net
URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Protocol
H2
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
location
https://mc.yandex.com/sync_cookie_image_decide?cid=96273989&scid=7d0cb446-edeb-d9b8-b0a5-c06a05200046&token=10864.9sKOOo7JriSBuoa_Ni7Q4Rt4g4GE-4YtveAMyVoEqcEhTYjxKt4ZcR9JjOVCvXnc9UwwuHT15UenLjsow2ldvv3-q5eTed1DPjNLq0AjhAPtT_dFUOcRLHSb0tx5dhKpLgvTpJtomcC2JNOUggJJudaPI9P6-2txjOaKrq4tmd488xIP6G_mr3eESFemyok3VK-iHRZakAAYKzrbYQbzVL5uPZEnSDiZDOZwZeolc9w%2C.31P-j_s4r2J9v2TJeeDvfbJD1PE%2C
advert.gif
mc.yandex.com/metrika/ 		43 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: thelib.net
URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"692088d9-2b"
expires
Fri, 28 Nov 2025 21:13:21 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
date
Fri, 28 Nov 2025 20:13:21 GMT
content-type
image/gif
last-modified
Fri, 21 Nov 2025 15:44:25 GMT
pdf.worker.js
thelib.net/scripts/tools/pdf_viewer/build/ Frame 90A0 		0
0
toolbarButton-editorStamp.svg
thelib.net/scripts/tools/pdf_viewer/web/images/ Frame 90A0 		777 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thelib.net/scripts/tools/pdf_viewer/web/images/toolbarButton-editorStamp.svg
Requested by
Host: thelib.net
URL: https://thelib.net/scripts/tools/pdf_viewer/web/viewer.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
caecd203f60286176aa48c7930ea683bc88d9c00970da66a12fdcfd9f987e414

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://thelib.net/scripts/tools/pdf_viewer/web/viewer.css

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"68192b1a-309"
Connection
keep-alive
Date
Fri, 28 Nov 2025 20:13:21 GMT
Content-Type
image/svg+xml
Last-Modified
Mon, 05 May 2025 21:18:18 GMT
Server
nginx/1.28.0
text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.9.64.225 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
cloud.cdn.yandex.net
Software
nginx /
Resource Hash
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://thelib.net/

Response headers

x-request-id
18d70630215d3401
etag
"7f0cdaf91230f9789ca4162aedff612e"
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires
Sun, 29 Nov 2026 02:02:31 GMT
date
Fri, 28 Nov 2025 20:13:21 GMT
content-type
font/woff2
last-modified
Mon, 25 Apr 2022 14:02:39 GMT
vary
Accept-Encoding
cache-host
cloudcdn-m9-12.cdn.yandex.net
strict-transport-security
max-age=43200000; includeSubDomains;
cache-control
public, max-age=31556952
timing-allow-origin
*
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
x-amz-meta-owner
{"role":"admin","login":"4eb0da"}
x-nginx-request-id
5f76564dcbfb861c
accept-ranges
bytes
access-control-allow-origin
*
content-length
26004
x-strm-log-split
1
cache-status
HIT
server
nginx
433205139a5541120751.js
yastatic.net/partner-code-bundles/1303043/ 		73 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/1303043/433205139a5541120751.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.9.64.225 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
cloud.cdn.yandex.net
Software
nginx /
Resource Hash
9d0646fb9701e43a8c08ee41ac452e05f30a62dfe419dc96cf7a3776bdce2572
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://thelib.net/

Response headers

x-robots-tag
noindex, noarchive, nofollow
x-request-id
3745b7478f9b0e30
content-encoding
br
etag
"5c37483788622e5981f4881b4f0e56e2"
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires
Mon, 29 Nov 2055 02:44:07 GMT
date
Fri, 28 Nov 2025 20:13:21 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Tue, 25 Nov 2025 14:29:21 GMT
cache-host
cloudcdn-m9-12.cdn.yandex.net
strict-transport-security
max-age=43200000; includeSubDomains;
cache-control
public, max-age=946708560
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin
*
accept-ranges
bytes
access-control-allow-origin
*
content-length
17537
x-strm-log-split
7
cache-status
HIT
server
nginx
ef456837425d0a5d18cd.js
yastatic.net/partner-code-bundles/1303043/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/1303043/ef456837425d0a5d18cd.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.9.64.225 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
cloud.cdn.yandex.net
Software
nginx /
Resource Hash
c19e365c7aa378aaa551bd8e6707ef34a93aa198c2398cda3c9998ee045189b8
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://thelib.net/

Response headers

x-robots-tag
noindex, noarchive, nofollow
x-request-id
1abfa40ca75132bb
content-encoding
br
etag
"94848eb732648efa64e349ecd59798c3"
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires
Mon, 29 Nov 2055 02:44:09 GMT
date
Fri, 28 Nov 2025 20:13:21 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Tue, 25 Nov 2025 14:29:23 GMT
cache-host
cloudcdn-m9-12.cdn.yandex.net
strict-transport-security
max-age=43200000; includeSubDomains;
cache-control
public, max-age=946708560
timing-allow-origin
*
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
accept-ranges
bytes
access-control-allow-origin
*
content-length
5745
x-strm-log-split
9
cache-status
HIT
server
nginx
803c8f0430266dff4d25.js
yastatic.net/partner-code-bundles/1303043/ 		686 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/1303043/803c8f0430266dff4d25.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.9.64.225 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
cloud.cdn.yandex.net
Software
nginx /
Resource Hash
eb96d4f91eb17bf2c0bf2a87979e9c318e5b360a57eb1c9e73a76b044436a577
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://thelib.net/

Response headers

x-robots-tag
noindex, noarchive, nofollow
x-request-id
0f46eab61a90db71
content-encoding
br
etag
"c22fb7dad3e5b622f45edc45eaef7430"
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires
Mon, 29 Nov 2055 02:44:01 GMT
date
Fri, 28 Nov 2025 20:13:21 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Tue, 25 Nov 2025 14:29:22 GMT
cache-host
cloudcdn-m9-12.cdn.yandex.net
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
access-control-allow-origin
*
content-length
135107
x-strm-log-split
2
cache-status
HIT
server
nginx
host.js
yastatic.net/safeframe-bundles/0.83/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.9.64.225 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
cloud.cdn.yandex.net
Software
nginx /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://thelib.net/

Response headers

x-robots-tag
noindex, noarchive, nofollow
x-request-id
59c9c8ff319eede1
content-encoding
br
etag
"f80882bf67cf261aa08d636da095149a"
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires
Mon, 29 Nov 2055 02:42:25 GMT
date
Fri, 28 Nov 2025 20:13:21 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
cache-host
cloudcdn-m9-12.cdn.yandex.net
strict-transport-security
max-age=43200000; includeSubDomains;
cache-control
public, max-age=946708560
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin
*
accept-ranges
bytes
access-control-allow-origin
*
content-length
8878
x-strm-log-split
1
cache-status
HIT
server
nginx
8ce05b70a5b8b3e9b965.js
yastatic.net/partner-code-bundles/1303043/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/1303043/8ce05b70a5b8b3e9b965.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.9.64.225 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
cloud.cdn.yandex.net
Software
nginx /
Resource Hash
e3f66c791ace3e381a2eb9ffda109028d8d5aea8a4b0a8e3a3ce8d058695fb6b
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://thelib.net/

Response headers

x-robots-tag
noindex, noarchive, nofollow
x-request-id
88b3523c6c4e9f2e
content-encoding
br
etag
"2f42400ee05420ffc6d9de87bcd2f3e7"
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires
Mon, 29 Nov 2055 02:44:14 GMT
date
Fri, 28 Nov 2025 20:13:21 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Tue, 25 Nov 2025 14:29:22 GMT
cache-host
cloudcdn-m9-12.cdn.yandex.net
strict-transport-security
max-age=43200000; includeSubDomains;
cache-control
public, max-age=946708560
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin
*
accept-ranges
bytes
access-control-allow-origin
*
content-length
5042
x-strm-log-split
8
cache-status
HIT
server
nginx
b75cd6e8da3d53975b63.js
yastatic.net/partner-code-bundles/1303043/ 		124 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/1303043/b75cd6e8da3d53975b63.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.9.64.225 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
cloud.cdn.yandex.net
Software
nginx /
Resource Hash
af5ceda4287dbb55765f583c3a405505854622b484590b76852375f3a621758a
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://thelib.net/

Response headers

x-robots-tag
noindex, noarchive, nofollow
x-request-id
7ba06de7cd70687a
content-encoding
br
etag
"56982ca38f89ed758c275078cc5808ed"
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires
Mon, 29 Nov 2055 02:44:06 GMT
date
Fri, 28 Nov 2025 20:13:21 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Tue, 25 Nov 2025 14:29:23 GMT
cache-host
cloudcdn-m9-12.cdn.yandex.net
strict-transport-security
max-age=43200000; includeSubDomains;
cache-control
public, max-age=946708560
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin
*
accept-ranges
bytes
access-control-allow-origin
*
content-length
25223
x-strm-log-split
6
cache-status
HIT
server
nginx
v2
yandex.ru/ads/adfox/689817/getBulk/ 		171 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/adfox/689817/getBulk/v2?pr=1522408671&pr1=1440790584&dl=https%3A%2F%2Fthelib.net&prr=&extid_loader=MTc2NDM2MDgwMjcyNjQ3NzMzOA%3D%3D&extid_tag_loader=thelib.net&fa=&date=2025-11-28T21%3A13%3A21.895%2B01%3A00&pd=28&pw=5&pv=21&pdw=1600&pdh=1200&ylv=0.1303043&ybv=0.1303043&ytt=283124245200901&is-turbo=0&skip-token=&ad-session-id=5015441764360801897&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A336%2C%22h%22%3A300%2C%22width%22%3A336%2C%22height%22%3A300%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A1264%2C%22top%22%3A1231%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&pcode-version=1303043&yaru=true&p2=jijk&pp=chlz&ps=lhtz&ld=https%3A%2F%2Fthelib.net&slotNumber=1&bids=W10%3D&utf8=%E2%9C%93&duid=MTc2NDM2MDgwMjcyNjQ3NzMzOA%3D%3D&pcode-test-ids=1387855%2C0%2C29%3B1411934%2C0%2C17%3B1409129%2C0%2C43%3B1403047%2C0%2C22%3B1353316%2C0%2C0%3B1415640%2C0%2C28%3B1409109%2C0%2C10%3B1426951%2C0%2C10%3B1360193%2C0%2C17%3B1425422%2C0%2C5&csrf-token=f7acb60f6d9c576d7670b30b6331f8ea9b5e71bc%3A1764360801&pcode-uid=3104099221764360801&pcode-flags-map=eJylk1Fv2yAUhf8Lz30wxmA7bwRuMhQHPMC02TRdTVseNnXapGXTpKr%2FfbLdtbHbJqvKEzx8h8s5hxuiTZDLBlA1Rm1QObsyfiujcZYs3t%2BQ3x%2Bvf%2B3Jguz%2F%2FCAX5LD%2FeTCfyYLUOWcVI7cfLkiSAUMcNBL4MAcpy6ioxDFMWVEWvLqnuwBobIge5BbDxrQY3QYsrpxHFdOpOWiRcZ7n91JPycTYTCRY1q%2BXqijZSmXibiLFn1MBOxjSelga3T%2FQY9hZNYE%2FHa6neC6q8sGVxq37OCLYiLrzQyTYgldg49Thqbd5mYlxiFY5DWeyYVkpZlPUtOID%2F68aGkL0bodwFcFb2aDyIKNJgPLubapxARDSfLTHadU0rwdxC5dH9p6hWFaUk5E8dONG6vC%2FrNQrd4VvO%2Bh6XncKjkn6DPVGtq2xEAKGzifYoVHzr%2FHt%2B9cv0ww4Y1QMeN%2Ft5QYvzTtUrnF%2BKLVM6%2FF0ug%2BUiyJ7MgmpX5dBNmbgYesSoIXOu17brM8EkYua0zG%2B8fJkNDi8a3vjXHuSZyKjNXvoZgL%2FuI8Fm93Ji%2BFT3f4FwdhXvA%3D%3D&pcode-active-testids=1403047%2C0%2C22&pcode-icookie=vdgDqSjW93bkQVRfN2wN%2F%2FkIPsuMNRm6l9LN%2BfgiYwClX7D4f2eWuk%2B2FgrGOGeyYBNwoRM%2FFE%2FARe3EpkkiA3Zlbco%3D&disable-base64=1&top-ancestor=https%3A%2F%2Fthelib.net&top-ancestor-undetermined=0&grab-orig-len=3504&grab=eyJncmFiX3ZlcnNpb24iOjJ9ChKlonDkSOqCEFCfC23pL5fAbUsxvakeClESSxQrT2zphluZ13bpeONv41Jq2FiWZP2yHDmC1nX9AoXQEyvR6UmIAui5AFcYjbklLlFLaazkzy2CT4l5vCGEhoeGEEZbJPxgVbGE34ctloQWaheDy-8TWc6B18JEm2Ivo5JOougMs89R7EnEHbHlMluZ4aKIR-JNNDmVnuLMQi-JlBNDt6Y7SVqtk6Qaxe7lUHYmKDUP24sV5czb3qYtnDnN9OxnLrWVPoWHEKbeJZRathKrhzHLsDo6ud2jk5oZnr18OrmEXgI6OdD5rXqOvcTmPLFRObHFyR9xmilzXyHkKTrzJ3dUY4gupBVuj6EJRmjcfjC5shgrbL3ay2YnW6YRepqxO0ZqgSObRmi1gdWK4LVDc5nVQnf4Jdcs4Exr8Hqcf9DMMbat-iLWaCUc4NN3nnAKM5s9jWX4qE8jB35-rWVFR3y22t2eF9-yHWWzL_s9J34T8N3Y5ZSMX_M6hyAnOyrv3odkE2rSmYyR0mRMWpOdHYiDzNOgbClt06TUAlaUbc506ogRnRxJlIslduOyIAjSMLFIu3vt9LDOmd6TXAuyU78qVIUUInZTJljAVrPt2i9wsESf8vMsWS0fzVE2WCSUHpawibysQoxr5y0kF0tLD6pACeVgTDH2kRy-u722FPnbnFYtuoJFGfFBUR78gTSxKrSWAyNnJ9eoMnkZH5vdmR0PIxqJ4dqV2_KPVtfKIrrgglyMPJtGHckTzqiWwCrQUXzpZU2Np9uWCDFzxcZPIdRdEuf_XuCzeQGLeiDovUCXlyckrM_oJMcooBVhplKYPcLDnQJ4UgoyKRkFGUSsAzSgARmzRAcMGwwdng5fx9NxdZB1ODrcA8TT8XU40ol-6rB1WDp8NphsMKl4WAc4G5EOhw0UHd4BwWcDbRtNHRSpDnjpAR8SLhvhi18SoFId0JfEn5dFJKXiKTL0UgpyyOQpFBxUaVjWSIRDNEnIKUnIJtoSCe7IgdU5VJyGOtfOmSjW2aEc94HEbZQOIr1VR_AIBWXDElfHY4PuQxD3oQ5ILRAfwA9eNmiHRSibbNB9wMJjA3HqANbxFzy0xxkgzv3dXh0WG7SpA24DTMej4jJyiCEHEoNiONZN2000KmP9xi0B0e1NtpoTJ7h9OPyeIImT5K6Gih-RjRYib3DGJGyhjVsYh58edxNpMEYK0BxwENAKOAUEtJhkZP3D1vJrmpZRZpkTS-Smbn3_yqFXi0bJr_ypVQtxSoaY2zrBPPFSspqeSVTK1eUwkUR3AWEHuztVk8VuVSzLrT34pQ0MminUnZvbZxifiyvstqI2-p64qoECgZT8VA0hrX67T2d74L6G8P9_K47Cm5xs-EnHGi2QTuX61UKNtX1RZfvhEXsknSh2MqbWmQsRdbda2S1C3LgHjGnIA1BngkfNmeA9uqHenyRGWgLM4dVevlu-eYa5C7d9k8UG1g_k8Oaf_wIMI1lSGrd9-wj20W8WXv8kQNJig2JvElHzJhFX0EtDQuNKMmi6EuxspGvP9a74HvTaNGcKcta0a1EX7KNX7Qn4ecZgfBYgM64SjyKdxCzN8Prnao6Yh5nK2Tcj2uqrzEOxv1BS8xfKYZqc1T5jLrSuooAYpJAhSPcfSNIVT2uswob5tUiHk67xoer5rEsc0kncnWbeZq_mtWQHTbahFDHSEVDzpI5gt9R3E74O8-YAEY14Qy8lp4DWF3VAfczj-qmN-8mN8Jsdb2F3zvgRDRAdd74EPhtIl_VQX82A_U4G6nkiesLw2UA-KFDn4XC_nvFWANxdy08H5A9thDuWpw5DLQ3nsDt3tdIwVgjMb5Tvky0GX-WFpwrBp0F_OsB8gvD8SIDt6jD8Boa9fA8Ehg5Ta8EGwsXDfQowLgGLDSpW2mKwJGsnxRKvzaiVPIyqrirMn9m7fa0NR9UZYmBquNJXeNI4Mbl6czhN_xliqIiRD0I1pc_q5lSmksSCaoKSU3djr90JDLkIGbQcBWgt4BllmyWYB-gS_GwaK12YmoAfqJyFD5ng0sCR55MzCFMMP6I1OKRQ8TsJJZ-c7k6GbnZkNLLTMLrRerJEysIMH2IF3rAWgnwyVhmjMnSsLS7V16b2BLsPZtdJRkFOJqFckEwQyA3Red-VKgsCO5evbpJH_HrlSfjuN1ECrQojFyK7LaYmTn3sIAhHERhD0JU9iIpg6zH09Kz2wk1byMQT1iJ6QVAalf43HlMS2zsKH6tsRMFqxQBJmwa3jd8WHxjAxT4wMBNDvWAKWj5cQdi9YxIatboe9iRtxCRsHyAAkFhVWsqzF25LuayGLp1o7WwGLc_5uZ_yVcezePzNwc0nVnvjtFt0ao5G6jLPKMNc22hPpNdyl1hoMbRsoO_rf1qPXmleXlaOYQ7H6RrT3rBZvf7c9eb74ol115j0iNhuzEudbCxelnX6e9pR-pqnUo8v4QXE90h7pPm5KFtWCFIfS-12NwN_s1imFc78kYsZZaS3CZUzB3e0uhQkneCXaef9O2afkGYHNndBX-anbAj4GrONxONM0XB4q2N2DtNVgr-p3SrL5j2-bW_P6v3M37U24fav_TkbliEN7cH3fse7lUd_Toexs2Ms1fbFhVlr7YUrpJ5n8_gdLB53k0wwUk_nV1q057SnWXR-OmzFqcb12Mk_UQiZdLp3J9cUHn8nmSeU3cIh7C7qZMRndUoe37KWuTSWZ-p7RH-wfs_0n8XZqbIbVaOxEtKJt5Vto76uS9yFp-9fzl1i69xmXit6vmYu7-2C8_hJ1hqSfe4xt6G9SVjXZ286cFJGke0m5MxoiKKG5tz8GaP6VIUf_NeH42LPJ8uT6JXZXtkIHu_FJXqWvTwm1HTsTXdpJrQTG_upCs7Tl-iIT4p977M_3lj4oGobVZamVHhS5jxES3_6Z_j9QuDPsorEiZ6hKVz_8TFN37ue5d6GysXEWFFvoSKCKgslFjuKK5aEk7dGdDFdhFfUOKeaMETR42NH-kM5pErXoigFex7fusxZrQqK17CCakOYu0IjW4vPPWxGK8w6lZb5Fd57MtpORaOPhTuiReleDFXrT9Jo7D0tY9shRp7yHboVgYOpnq0d6-nN_YtOn9zmPSG9jyJ_JPoTUXwKO_F46HqaXI-dNc9pd25zOumkO_s27rBQsTPuQF01JgnHvc7i0T4iaKNaawJUpEiGrpmguh7M0ttCL6W_7cLZdyJy6NoZqrND1qu3y9RlSLPq-lvoFUXDwo0EAQXw6U_w81GWxYrEOWzbxansigQMZYfjtvKlr1wDOPSjECcSuf0GPycaLH7Tu3OrbeIiI4RcWElIKFUIhhcYkRZVFVVTrw-745wls3MdB81NhcSE0GhizwqTg6OCy3fekEHkHhhCpRK6eGYbNMMJE5xIB8eM2dBQ0beYjF8JLGQcAwkPAwkPAwkPAwkPAwkPAwkPRIWEpwItGv7ipi4AlgTQ&tga-with-creatives=1&banner-lang=en
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.88.55.88 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
yandex.ru
Software
/
Resource Hash
57dd6ad4d7d38e4545534d789af1364060b1e8c71c1960047d5e20f022d87654
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://thelib.net/

Response headers

x-yandex-req-id
1764360801989821-16557331133183384142-balancer-l7leveler-kubr-yp-sas-98-BAL
content-encoding
gzip
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-ads-queuetime
0.117000
x-content-type-options
nosniff
expires
Mon, 04 Dec 1999 21:29:02 GMT
p3p
policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
x-ads-loadaverageonarrival
0.600000
content-type
application/json
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-Viewport-Width, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width, Sec-Ch-Viewport-Height
pragma
no-cache
access-control-allow-credentials
true
x-yt-request-id
cbb9f1ae-9fc6a096-746d2bdd-77ef69d0
x-ads-degradation
0.000000
x-adfox-request-id
4699412657243037957
x-ads-loadaverage
0.333333
access-control-allow-origin
https://thelib.net
x-yt-trace-id
b2e69130-2792791a-464ff65e-617d42bd
x-xss-protection
1; mode=block
header-bidding.js
yandex.ru/ads/system/ 		141 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/header-bidding.js
Requested by
Host: cdn.adfinity.pro
URL: https://cdn.adfinity.pro/code/thelib.net/adfinity.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.88.55.88 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
yandex.ru
Software
/
Resource Hash
d242b1b129134f4719798ba2ee59f6cb9521635a72b6d23573e6f39ddb23b94f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

x-robots-tag
noindex, noarchive, nofollow
x-yandex-req-id
1764360801990143-6335995571918239576-balancer-l7leveler-kubr-yp-sas-98-BAL
cache-control
private, max-age=3600
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
content-encoding
br
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-Viewport-Width, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width, Sec-Ch-Viewport-Height
etag
"c232cd3f4ea97aa0f0743a52a16dde0f-1303043"
timing-allow-origin
*
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 21:13:21 GMT
access-control-allow-origin
*
content-type
text/javascript; charset=utf-8
sspmatch-js
ads.betweendigital.com/
Redirect Chain
  • https://ads.betweendigital.com/sspmatch-js?p=42565&randsalt=257097
  • https://ads.betweendigital.com/sspmatch-js?p=42565&randsalt=257097&crf=1&rts=-471125800773731338
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-js?p=42565&randsalt=257097&crf=1&rts=-471125800773731338
Requested by
Host: thelib.net
URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Protocol
H2
Server
188.42.189.198 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2f8e65779c4ca85ed080e17b0bfe3763dae265d9ee097d98b67c4488ed548dd4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

content-type
text/javascript
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
1367

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
location
/sspmatch-js?p=42565&randsalt=257097&crf=1&rts=-471125800773731338
content-length
0
dc0531d7b0cc5ac13eb624201b97bed6
thelib.net/files/main_repository/1171000/ Frame 90A0 		42 MB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://thelib.net/files/main_repository/1171000/dc0531d7b0cc5ac13eb624201b97bed6
Requested by
Host: thelib.net
URL: https://thelib.net/scripts/tools/pdf_viewer/build/pdf.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/scripts/tools/pdf_viewer/web/viewer.html?file=/files/main_repository/1171000/dc0531d7b0cc5ac13eb624201b97bed6

Response headers

Cache-Control
max-age=2592000, public, max-age=2592000, immutable
ETag
"67894910-6a1c079"
Connection
keep-alive
Expires
Sun, 28 Dec 2025 20:13:21 GMT
Accept-Ranges
bytes, bytes
Content-Length
111263865
Date
Fri, 28 Nov 2025 20:13:21 GMT
Content-Type
application/octet-stream
Last-Modified
Thu, 16 Jan 2025 17:59:44 GMT
Server
nginx/1.28.0
Content-Disposition
inline
1
mc.yandex.com/watch/96273989/
Redirect Chain
  • https://mc.yandex.com/watch/96273989?wmode=7&page-url=https%3A%2F%2Fthelib.net%2F1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html&charset=utf-8&uah=chm%0A%3F0&b...
  • https://mc.yandex.com/watch/96273989/1?wmode=7&page-url=https%3A%2F%2Fthelib.net%2F1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html&charset=utf-8&uah=chm%0A%3F0...
664 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/96273989/1?wmode=7&page-url=https%3A%2F%2Fthelib.net%2F1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aclgul073kv8mluc4beehw6f9wkvkr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A2281%3Acn%3A1%3Adp%3A0%3Als%3A898773473188%3Ahid%3A944777517%3Az%3A60%3Ai%3A20251128211321%3Aet%3A1764360802%3Ac%3A1%3Arn%3A537591282%3Arqn%3A1%3Au%3A1764360802726477338%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A224%3Awv%3A2%3Ads%3A7%2C31%2C51%2C5%2C0%2C0%2C%2C119%2C4%2C%2C%2C%2C286%3Aco%3A0%3Acpf%3A1%3Ans%3A1764360801113%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1764360802%3At%3AThe%20Rootkit%20Arsenal%3A%20Escape%20and%20Evasion%20in%20the%20Dark%20Corners%20of%20the%20System%20-%20Bill%20Blunden%20-%20download%20the%20book%20in%20pdf%20or%20read%20online%20for%20free&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2883952128%29ti%281%29
Requested by
Host: thelib.net
URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Protocol
H2
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
15965a13b72908dbe8bb7a09de2955ed3599a35df752d10fc15877e62d8bc9d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 28-Nov-2025 20:13:22 GMT
access-control-allow-origin
https://thelib.net
content-length
664
x-xss-protection
1; mode=block
content-type
application/json; charset=utf-8
last-modified
Fri, 28-Nov-2025 20:13:22 GMT

Redirect headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
location
/watch/96273989/1?wmode=7&page-url=https%3A%2F%2Fthelib.net%2F1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aclgul073kv8mluc4beehw6f9wkvkr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A2281%3Acn%3A1%3Adp%3A0%3Als%3A898773473188%3Ahid%3A944777517%3Az%3A60%3Ai%3A20251128211321%3Aet%3A1764360802%3Ac%3A1%3Arn%3A537591282%3Arqn%3A1%3Au%3A1764360802726477338%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A224%3Awv%3A2%3Ads%3A7%2C31%2C51%2C5%2C0%2C0%2C%2C119%2C4%2C%2C%2C%2C286%3Aco%3A0%3Acpf%3A1%3Ans%3A1764360801113%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1764360802%3At%3AThe%20Rootkit%20Arsenal%3A%20Escape%20and%20Evasion%20in%20the%20Dark%20Corners%20of%20the%20System%20-%20Bill%20Blunden%20-%20download%20the%20book%20in%20pdf%20or%20read%20online%20for%20free&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2883952128%29ti%281%29
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
expires
Fri, 28-Nov-2025 20:13:21 GMT
access-control-allow-origin
https://thelib.net
x-xss-protection
1; mode=block
last-modified
Fri, 28-Nov-2025 20:13:21 GMT
getcookie
matchid.adfox.yandex.ru/ 		86 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://matchid.adfox.yandex.ru/getcookie
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.158.134.118 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
matchid-production.adfox.yandex.ru
Software
/
Resource Hash
e3746a77d7de2865368bbc8887a10dd3bf1343f97e804af8a27f46fac9f12c1f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://thelib.net/

Response headers

access-control-allow-origin
https://thelib.net
timing-allow-origin
*
content-length
86
date
Fri, 28 Nov 2025 20:13:22 GMT
content-type
application/json
access-control-allow-credentials
true
x-content-type-options
nosniff
ff0c2db138e15ecd5e14.js
yastatic.net/partner-code-bundles/1303043/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/1303043/ff0c2db138e15ecd5e14.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.9.64.225 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
cloud.cdn.yandex.net
Software
nginx /
Resource Hash
71fac208daf191fe5bca728fbdbf21a329c4da958b084d41f897b3e9aa188f04
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://thelib.net/

Response headers

x-robots-tag
noindex, noarchive, nofollow
x-request-id
2b5f7736c38c23aa
content-encoding
br
etag
"609662d02dbd753d6997c9edfb217899"
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires
Mon, 29 Nov 2055 02:46:49 GMT
date
Fri, 28 Nov 2025 20:13:22 GMT
content-type
text/javascript; charset=utf-8
last-modified
Tue, 25 Nov 2025 14:29:24 GMT
vary
Accept-Encoding
cache-host
cloudcdn-m9-12.cdn.yandex.net
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
cache-control
public, max-age=946708560
timing-allow-origin
*
accept-ranges
bytes
access-control-allow-origin
*
content-length
3557
x-strm-log-split
5
cache-status
HIT
server
nginx
bdaefb56421b6b0e2169.js
yastatic.net/partner-code-bundles/1303043/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/1303043/bdaefb56421b6b0e2169.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.9.64.225 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
cloud.cdn.yandex.net
Software
nginx /
Resource Hash
a7453e61e8586ceb6493c7cb4e3fcb5f7b7f6de1a3712d8f804b86ff62c76d76
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://thelib.net/

Response headers

x-robots-tag
noindex, noarchive, nofollow
x-request-id
5fd4a955fcffcf50
content-encoding
br
etag
"73f36a7049f984e885bd6e524b457b1d"
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires
Mon, 29 Nov 2055 02:48:16 GMT
date
Fri, 28 Nov 2025 20:13:22 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Tue, 25 Nov 2025 14:29:23 GMT
cache-host
cloudcdn-m9-12.cdn.yandex.net
strict-transport-security
max-age=43200000; includeSubDomains;
cache-control
public, max-age=946708560
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin
*
accept-ranges
bytes
access-control-allow-origin
*
content-length
10748
x-strm-log-split
9
cache-status
HIT
server
nginx
yhb
yhb.p.otm-r.com/ 		11 B
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yhb.p.otm-r.com/yhb
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.55.244.186 Moscow, Russian Federation, ASN34959 (PROCLOUD KVIKTEL LLC, RU),
Reverse DNS
Software
nginx/1.27.4 /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://thelib.net/

Response headers

access-control-allow-origin
https://thelib.net
content-length
11
date
Fri, 28 Nov 2025 20:13:22 GMT
content-type
text/plain; charset=utf-8
vary
Origin
server
nginx/1.27.4
access-control-allow-credentials
true
adfoxhb
ssp-rtb.sape.ru/ 		11 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-rtb.sape.ru/adfoxhb
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.184.90 , Russian Federation, ASN50214 (QWARTA QWARTA LLC, RU),
Reverse DNS
Software
openresty /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://thelib.net/

Response headers

access-control-allow-origin
https://thelib.net
content-length
11
date
Fri, 28 Nov 2025 20:13:22 GMT
content-type
application/json
server
openresty
access-control-allow-credentials
true
access-control-allow-methods
POST
adfox
kimberlite.io/rtb/bid/hb/ 		11 B
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kimberlite.io/rtb/bid/hb/adfox
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
37.0.127.87 Moscow, Russian Federation, ASN61400 (NETRACK-AS Start2 LLC, RU),
Reverse DNS
s18.kimberlie.io
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://thelib.net/

Response headers

access-control-allow-origin
https://thelib.net
server-timing
app;srv=s13a;dur=0.0004
Content-Length
11
Date
Fri, 28 Nov 2025 20:13:22 GMT
Server
nginx
Connection
keep-alive
access-control-allow-credentials
true
bid.cgi
pb.adriver.ru/cgi-bin/ 		0
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.209.109.24 , Russian Federation, ASN52007 (ADRIVER LLC AdRiver, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://thelib.net/

Response headers

Cache-control
no-cache, max-age=0, must-revalidate, no-store
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Origin
https://thelib.net
Content-Length
0
Date
Fri, 28 Nov 2025 20:13:22 GMT
auction
pbs.alfasense.com/yandex/ 		0
582 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbs.alfasense.com/yandex/auction
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://thelib.net/

Response headers

x-bid
d4l04ohgv6k8kdqkmk90
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-methods
GET, HEAD, POST, OPTIONS, PUT, DELETE
x-error
empty candidates
cf-ray
9a5c86850a850b0c-FRA
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=U%2B8ZvRIsrrVEJ6uGPV%2BjwAACq1NFF8pbaK0Nh0ng%2F1ZYSzyBzLZbFc%2B9U334BoglIYBuDPidWcLsimU5HdOqrUu796hvZuPQLEZ8v9u6oLBM"}]}
access-control-allow-origin
https://thelib.net
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 28 Nov 2025 20:13:22 GMT
server
cloudflare
priority
u=1,i
access-control-allow-headers
Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
bids
ssp.al-adtech.com/api/adfox/ 		11 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.al-adtech.com/api/adfox/bids
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.139.25.121 Moscow, Russian Federation, ASN34959 (PROCLOUD KVIKTEL LLC, RU),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://thelib.net/

Response headers

Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://thelib.net
Content-Length
11
Date
Fri, 28 Nov 2025 20:13:22 GMT
Content-Type
application/json
Vary
Origin
Server
nginx/1.20.1
adfox
exchange.buzzoola.com/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/ssp/adfox
  • https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
11 B
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Requested by
Host: thelib.net
URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Protocol
H2
Server
176.114.74.34 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

serverid
TODO
access-control-expose-headers
Set-Cookie, Etag
access-control-allow-credentials
true
access-control-allow-origin
https://thelib.net
content-length
11
date
Fri, 28 Nov 2025 20:13:22 GMT
content-type
text/plain; charset=utf-8
server
nginx
access-control-allow-headers
Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, X-Aidata-FP, If-None-Match

Redirect headers

serverid
TODO
access-control-expose-headers
Set-Cookie, Etag
location
/ssp/adfox?set_buzzoola_cookie=t
access-control-allow-credentials
true
access-control-allow-origin
https://thelib.net
content-length
0
date
Fri, 28 Nov 2025 20:13:22 GMT
server
nginx
access-control-allow-headers
Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, X-Aidata-FP, If-None-Match
/
ad.mail.ru/hbid_yandex/ 		0
0
/
hb.bumlam.com/yandex/ 		11 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.bumlam.com/yandex/
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.172.81.4 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://thelib.net/

Response headers

Access-Control-Allow-Origin
https://thelib.net
Content-Length
11
Date
Fri, 28 Nov 2025 20:13:22 GMT
Content-Type
application/json; charset=utf-8
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
adjson
ads.betweendigital.com/ 		11 B
891 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=adfox
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.189.198 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://thelib.net/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-origin
https://thelib.net
content-encoding
gzip
content-type
application/json
vary
Accept-Encoding
access-control-allow-credentials
true
match
mc.acint.net/
Redirect Chain
  • https://acint.net/cmatch/?dp=14&pi=1628885
  • https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D14
  • https://acint.net/rmatch?dp=14&euid=2804420A62022A69CA00318F0213E6DA&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D14
  • https://mc.acint.net/cmatch?dp=14
  • https://px.adhigh.net/p/cm/sape?u=0800007F62022A69BC0C7195029A7373
  • https://px.adhigh.net/p/cm/sape?u=0800007F62022A69BC0C7195029A7373&bounced=1
  • https://mc.acint.net/rmatch?dp=17&euid=e9ly6XIxESA.AikABlGazBlRDQ&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D17
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D17&dp=14
  • https://acint.net/rmatch?dp=14&euid=3E03420A62022A69C700F3AD02A6B7D8&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D17
  • https://mc.acint.net/cmatch?dp=17
  • https://rutarget.ru/sync-sape/sync
  • https://mc.acint.net/match?dp=104&euid=-HwAnkii1UFE
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.acint.net/match?dp=104&euid=-HwAnkii1UFE
Requested by
Host: thelib.net
URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Protocol
H2
Server
193.3.184.135 , Russian Federation, ASN50214 (QWARTA QWARTA LLC, RU),
Reverse DNS
asrv319.qwarta.ru
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

cache-control
private, no-cache, no-store, must-revalidate, max-age=0
expires
Wed, 19 Apr 2000 11:43:00 GMT
content-length
43
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
date
Fri, 28 Nov 2025 20:13:23 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty

Redirect headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Location
https://mc.acint.net/match?dp=104&euid=-HwAnkii1UFE
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://segmento.ru/p3p/ to get more information."
Date
Fri, 28 Nov 2025 20:13:23 GMT
Server
nginx
Connection
close
1
mc.yandex.com/watch/96273989/ 		43 B
85 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/96273989/1?page-url=https%3A%2F%2Fthelib.net%2F1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html&charset=utf-8&uah=chm%0A%3F0&hittoken=1764360802_87de21ab296d4e4605549f46c4dddb919f0a67e5a920da9544ba65e16aa8b7bc&browser-info=pa%3A1%3Aar%3A1%3Avf%3Aclgul073kv8mluc4beehw6f9wkvkr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A2281%3Acn%3A1%3Adp%3A1%3Als%3A898773473188%3Ahid%3A944777517%3Az%3A60%3Ai%3A20251128211322%3Aet%3A1764360802%3Ac%3A1%3Arn%3A316256900%3Arqn%3A2%3Au%3A1764360802726477338%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1764360801113%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1764360802&t=gdpr(14)mc(p-1)clc(0-0-0)rqnt(2)aw(1)rcm(1)cdl(na)eco(83952128)w2s(0)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22adSessionID%22%3A%225015441764360801897%22%7D%7D
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
expires
Fri, 28-Nov-2025 20:13:22 GMT
access-control-allow-origin
https://thelib.net
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif
last-modified
Fri, 28-Nov-2025 20:13:22 GMT
bidder_18.html
cache.betweendigital.com/code/ Frame 33C0 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cache.betweendigital.com/code/bidder_18.html?USER_ID=e63864be-ec9b-524c-af76-335ac65c3138&CACHEBUSTER=155907
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-js?p=42565&randsalt=257097
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.71.142 , Germany, ASN204720 (CDNetworks GLOBAL CLOUD NETWORK LLC, RU),
Reverse DNS
Software
nginx /
Resource Hash
15791520a6ffd0ad248425a084e755a031b34112e85499dfcd4e1b690f10d0cb

Request headers

Referer
https://thelib.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Fri, 28 Nov 2025 20:13:22 GMT
etag
W/"68d0fb7c-f57"
last-modified
Mon, 22 Sep 2025 07:32:12 GMT
server
nginx
x-cdn-edge-cache
HIT
x-cdn-edge-id
224
x-cdn-request-id
c9ed7a715388a6c0ae07367413d4f93b
btw
sync.dmp.otm-r.com/match/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between&uid=e63864be-ec9b-524c-af76-335ac65c3138&gdpr=0&gdpr_consent=&us_privacy=${GPP_STRING_123}&redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D...
  • https://x.bidswitch.net/ul_cb/sync?ssp=between&uid=e63864be-ec9b-524c-af76-335ac65c3138&gdpr=0&gdpr_consent=&us_privacy=${GPP_STRING_123}&redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder...
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=between&bsw_custom_parameter=67f52fc2-5eda-4111-a8c7-2cebbe7b7c81&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=${GPP_STRING_123}
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=00e05e2c-0fe0-47ea-ab27-d5d3c2ad99f7&expires=1&user_group=2&ssp=between&bsw_param=67f52fc2-5eda-4111-a8c7-2cebbe7b7c81&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=67f52fc2-5eda-4111-a8c7-2cebbe7b7c81&gdpr=0&gdpr_consent=
  • https://visitor-betweenx.omnitagjs.com/visitor/bsync?uid=cd6403e2c067b584fecdd6a3847819bf&name=gen01&url=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D416%26external_user_id%3DPARTNER_...
  • https://ads.betweendigital.com/match?bidder_id=416&external_user_id=7b9898d76830fcc20e5cf57ba03bce3e
  • https://sync.dmp.otm-r.com/match/btw?id=f3d59642-41d3-524c-80c4-956be9ee9709
  • https://sync.dmp.otm-r.com/match/btw?id=f3d59642-41d3-524c-80c4-956be9ee9709&otcm_check=1764360802
0
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/btw?id=f3d59642-41d3-524c-80c4-956be9ee9709&otcm_check=1764360802
Requested by
Host: thelib.net
URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Protocol
H2
Server
194.55.244.179 Moscow, Russian Federation, ASN34959 (PROCLOUD KVIKTEL LLC, RU),
Reverse DNS
Software
nginx/1.27.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

date
Fri, 28 Nov 2025 20:13:22 GMT
server
nginx/1.27.5
access-control-allow-origin
*

Redirect headers

access-control-allow-origin
*
location
/match/btw?id=f3d59642-41d3-524c-80c4-956be9ee9709&otcm_check=1764360802
content-length
0
date
Fri, 28 Nov 2025 20:13:22 GMT
server
nginx/1.27.5
/
sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/
Redirect Chain
  • https://visitor-betweenx.omnitagjs.com/visitor/bsync?uid=cd6403e2c067b584fecdd6a3847819bf&name=gen01&url=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D416%26external_user_id%3DPARTNER_...
  • https://ads.betweendigital.com/match?bidder_id=416&external_user_id=7b9898d76830fcc20e5cf57ba03bce3e
  • https://x.bidswitch.net/sync?ssp=between&uid=f3d59642-41d3-524c-80c4-956be9ee9709&gdpr=0&gdpr_consent=&us_privacy=${GPP_STRING_123}&redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D...
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dbetween%26user_id%3D%40%40CRITEO_USERID%40%40
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=between&user_id=k-qJrUCGgM4ki8UkOeu77YEGWGf4mrWdrYV5pFnQ&gdpr=0&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=67f52fc2-5eda-4111-a8c7-2cebbe7b7c81&gdpr=0&gdpr_consent=
  • https://px.adhigh.net/p/cm/btw
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=e9ly6XIxESA.AikABlGazBlQiQ
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=4AoWPWXbVu&consentString=&r=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D358%26external_user_id%3D%5BPDID%5D
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=4AoWPWXbVu&consentString=&r=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D358%26external_user_id%3D%5BPDID%5D
Requested by
Host: thelib.net
URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Protocol
H2
Server
168.119.72.236 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.5
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Fri, 28 Nov 2025 20:07:35 GMT
x-powered-by
PHP/8.2.5
server
nginx/1.14.1

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
location
https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=4AoWPWXbVu&consentString=&r=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D358%26external_user_id%3D%5BPDID%5D
content-length
0
/
sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=4AoWPWXbVu&consentString=&r=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D358%26external_user_id%3D%5BPDID%5D
Requested by
Host: thelib.net
URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.72.236 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.5
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Fri, 28 Nov 2025 20:07:35 GMT
x-powered-by
PHP/8.2.5
server
nginx/1.14.1
between
bridgertb.tech/ssp/sync/
Redirect Chain
  • https://px.adhigh.net/p/cm/btw
  • https://px.adhigh.net/p/cm/btw?bounced=1
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=e9ly6XIxESA.AikABlGazBlQiQ
  • https://bridgertb.tech/ssp/sync/between?sspuid=f3d59642-41d3-524c-80c4-956be9ee9709
0
0
sync
x.bidswitch.net/ Frame 33C0 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=between
Requested by
Host: thelib.net
URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.136.108 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS
108.136.214.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://cache.betweendigital.com/

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Fri, 28 Nov 2025 20:13:22 GMT
content-type
image/gif
b0974266-cc96-11f0-b60c-002590c82436
an.yandex.ru/mapuid/adsniperis/ Frame 33C0
Redirect Chain
  • https://sync.bumlam.com/?src=aid0
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARjihKjJBqIBELCXQmbMlhHwtgwAJZDIJDY*
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=b0974266-cc96-11f0-b60c-002590c82436
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=b0974266-cc96-11f0-b60c-002590c82436&bounce=1
  • https://sync.bumlam.com/?src=aid1&uid=iYMOPIBN%2BF2IIGWmDk%2FO2w&
  • https://an.yandex.ru/mapuid/adsniperis/b0974266-cc96-11f0-b60c-002590c82436
43 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/adsniperis/b0974266-cc96-11f0-b60c-002590c82436
Requested by
Host: thelib.net
URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Protocol
H2
Server
77.88.21.90 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://cache.betweendigital.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
x-ads-service-name
yabs-server.partner.meta
x-ads-queuetime
0.060000
x-ads-degradation
0.000000
expires
Fri, 28 Nov 2025 20:13:23 GMT
x-ads-loadaverage
0.555556
x-xss-protection
1; mode=block
x-ads-loadaverageonarrival
0.555556
content-type
image/gif; charset=utf-8
last-modified
Fri, 28 Nov 2025 20:13:23 GMT
date
Fri, 28 Nov 2025 20:13:23 GMT

Redirect headers

Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Location
https://an.yandex.ru/mapuid/adsniperis/b0974266-cc96-11f0-b60c-002590c82436
Connection
keep-alive
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Fri, 28 Nov 2025 20:13:23 GMT
Content-Type
text/html; charset=utf-8
Server
nginx
sspmatch-js
ads.betweendigital.com/ 		933 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-js?p=42565&randsalt=184866
Requested by
Host: cdn.adfinity.pro
URL: https://cdn.adfinity.pro/code/thelib.net/adfinity.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.189.198 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
19d1a0593e624c02feb17e9057d0bd5be598a6845dff8da1a8f8694ca29b0c23

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

content-type
text/javascript
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
933
sspmatch-js
ads.betweendigital.com/ 		0
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-js?p=42565&randsalt=524302
Requested by
Host: cdn.adfinity.pro
URL: https://cdn.adfinity.pro/code/thelib.net/adfinity.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.189.198 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

content-type
text/javascript
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
bidder_18.html
cache.betweendigital.com/code/ Frame 30B7 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cache.betweendigital.com/code/bidder_18.html?USER_ID=f3d59642-41d3-524c-80c4-956be9ee9709&CACHEBUSTER=855789
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-js?p=42565&randsalt=184866
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.71.142 , Germany, ASN204720 (CDNetworks GLOBAL CLOUD NETWORK LLC, RU),
Reverse DNS
Software
nginx /
Resource Hash
15791520a6ffd0ad248425a084e755a031b34112e85499dfcd4e1b690f10d0cb

Request headers

Referer
https://thelib.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Fri, 28 Nov 2025 20:13:23 GMT
etag
W/"68d0fb7c-f57"
last-modified
Mon, 22 Sep 2025 07:32:12 GMT
server
nginx
x-cdn-edge-cache
HIT
x-cdn-edge-id
224
x-cdn-request-id
a63c12fa942cece6a15fd79a2af70779
pixel
ap.lijit.com/ 		0
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
Requested by
Host: thelib.net
URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.16.91.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-91-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

access-control-allow-headers
X-Requested-With, Content-Type
access-control-allow-origin
*
date
Fri, 28 Nov 2025 20:13:23 GMT
vary
Accept-Encoding
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, DELETE, PUT
match
ads.betweendigital.com/
Redirect Chain
  • https://sync.bumlam.com/?src=bw1&uid=f3d59642-41d3-524c-80c4-956be9ee9709
  • https://ads.betweendigital.com/match?bidder_id=18&external_user_id=b0974266-cc96-11f0-b60c-002590c82436
68 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=b0974266-cc96-11f0-b60c-002590c82436
Requested by
Host: thelib.net
URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Protocol
H2
Server
188.42.189.198 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

content-type
image/png
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68

Redirect headers

Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Location
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=b0974266-cc96-11f0-b60c-002590c82436
Connection
keep-alive
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Fri, 28 Nov 2025 20:13:23 GMT
Content-Type
text/html; charset=utf-8
Server
nginx
cm.gif
ad.mail.ru/ 		43 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mail.ru/cm.gif?p=13&ssp_user_id=f3d59642-41d3-524c-80c4-956be9ee9709
Requested by
Host: thelib.net
URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
r.myadx.net
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

cache-control
max-age=21600
timing-allow-origin
*
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
expires
Sat, 29 Nov 2025 02:13:23 GMT
cross-origin-embedder-policy
require-corp
content-length
43
date
Fri, 28 Nov 2025 20:13:23 GMT
content-type
image/gif
last-modified
Fri, 28 Nov 2025 20:13:23 GMT
server
nginx
match
ads.betweendigital.com/
Redirect Chain
  • https://ssp.al-adtech.com/api/sync/between
  • https://ads.betweendigital.com/match?bidder_id=294&external_user_id=455ff1f1-205e-4722-a3e5-e7d612919191
68 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=294&external_user_id=455ff1f1-205e-4722-a3e5-e7d612919191
Requested by
Host: thelib.net
URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Protocol
H2
Server
188.42.189.198 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

content-type
image/png
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68

Redirect headers

Location
https://ads.betweendigital.com/match?bidder_id=294&external_user_id=455ff1f1-205e-4722-a3e5-e7d612919191
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
Content-Length
0
Date
Fri, 28 Nov 2025 20:13:23 GMT
Vary
Origin
Server
nginx/1.20.1
sync
x.bidswitch.net/ Frame 30B7 		43 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=between
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=f3d59642-41d3-524c-80c4-956be9ee9709&CACHEBUSTER=855789
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.136.108 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS
108.136.214.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://cache.betweendigital.com/

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Fri, 28 Nov 2025 20:13:23 GMT
content-type
image/gif
b0974266-cc96-11f0-b60c-002590c82436
an.yandex.ru/mapuid/adsniperis/ Frame 30B7
Redirect Chain
  • https://sync.bumlam.com/?src=aid0
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=b0974266-cc96-11f0-b60c-002590c82436
  • https://sync.bumlam.com/?src=aid1&uid=iYMOPIBN%2BF2IIGWmDk%2FO2w&
  • https://an.yandex.ru/mapuid/adsniperis/b0974266-cc96-11f0-b60c-002590c82436
43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/adsniperis/b0974266-cc96-11f0-b60c-002590c82436
Protocol
H2
Server
77.88.21.90 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://cache.betweendigital.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
x-ads-service-name
yabs-server.partner.meta
x-ads-queuetime
0.070000
x-ads-degradation
0.000000
expires
Fri, 28 Nov 2025 20:13:23 GMT
x-ads-loadaverage
0.333333
x-ads-loadaverageonarrival
0.388889
x-xss-protection
1; mode=block
last-modified
Fri, 28 Nov 2025 20:13:23 GMT
date
Fri, 28 Nov 2025 20:13:23 GMT
content-type
image/gif; charset=utf-8

Redirect headers

Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Location
https://an.yandex.ru/mapuid/adsniperis/b0974266-cc96-11f0-b60c-002590c82436
Connection
keep-alive
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Fri, 28 Nov 2025 20:13:23 GMT
Content-Type
text/html; charset=utf-8
Server
nginx
v2
yandex.ru/ads/adfox/689817/getBulk/ 		171 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/adfox/689817/getBulk/v2?pr=1522408671&pr1=2978389445&dl=https%3A%2F%2Fthelib.net&prr=&extid_loader=MTc2NDM2MDgwMjcyNjQ3NzMzOA%3D%3D&extid_tag_loader=thelib.net&fa=&date=2025-11-28T21%3A13%3A23.262%2B01%3A00&pd=28&pw=5&pv=21&pdw=1600&pdh=1200&ylv=0.1303043&ybv=0.1303043&ytt=283124245200901&is-turbo=0&skip-token=&ad-session-id=5015441764360801897&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A336%2C%22h%22%3A300%2C%22width%22%3A336%2C%22height%22%3A300%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A1264%2C%22top%22%3A1231%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&pcode-version=1303043&yaru=true&p2=jijk&pp=chlz&ps=lhtz&ld=https%3A%2F%2Fthelib.net&slotNumber=2&bids=W3siYmlkZGVyTmFtZSI6Im90bSIsImNhbXBhaWduX2lkIjoxOTEwOTg2LCJyZXNwb25zZV90aW1lIjozMjMsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMjU0NTYifSx7ImJpZGRlck5hbWUiOiJzYXBlIiwiY2FtcGFpZ25faWQiOjE5NzkxOTAsInJlc3BvbnNlX3RpbWUiOjU5MiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEwNDQzNDkifSx7ImJpZGRlck5hbWUiOiJzb2x0YSIsImNhbXBhaWduX2lkIjoyNzI0MTU4LCJyZXNwb25zZV90aW1lIjoyMzgsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI2Ny1IaTlUaSJ9LHsiYmlkZGVyTmFtZSI6ImFkcml2ZXIiLCJjYW1wYWlnbl9pZCI6MTkxMDk1MywicmVzcG9uc2VfdGltZSI6MjMwLCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiOTk6dGhlbGliLm5ldF8zMzZ4MjgwX0RfT3ZlcmxheSJ9LHsiYmlkZGVyTmFtZSI6ImFsZmFzZW5zZSIsImNhbXBhaWduX2lkIjozMTcwNTMyLCJyZXNwb25zZV90aW1lIjo4OSwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6Ijk0NjMyIn0seyJiaWRkZXJOYW1lIjoiYXN0cmFsYWIiLCJjYW1wYWlnbl9pZCI6MjI5MzA3NiwicmVzcG9uc2VfdGltZSI6MjA2LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiNjkxMzQ4NzVlODgxY2MxN2FkMjBjMGE1In0seyJiaWRkZXJOYW1lIjoiYnV6em9vbGEiLCJjYW1wYWlnbl9pZCI6MTkxMDk4NCwicmVzcG9uc2VfdGltZSI6NDI5LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTMwMzA5MSJ9LHsiYmlkZGVyTmFtZSI6Im15dGFyZ2V0IiwiY2FtcGFpZ25faWQiOjE5MTA5NzYsInJlc3BvbnNlX3RpbWUiOjEyMDQsImVycm9yIjp7ImNvZGUiOjN9LCJwbGFjZW1lbnRfaWQiOiIxOTMzNzc5In0seyJiaWRkZXJOYW1lIjoibWVkaWFzbmlwZXIiLCJjYW1wYWlnbl9pZCI6MjgzODkxMiwicmVzcG9uc2VfdGltZSI6MTIxLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMzY1MjAifSx7ImJpZGRlck5hbWUiOiJiZXR3ZWVuZGlnaXRhbCIsImNhbXBhaWduX2lkIjoxOTEwOTYxLCJyZXNwb25zZV90aW1lIjoxODcsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI0ODY3ODc1In1d&utf8=%E2%9C%93&duid=MTc2NDM2MDgwMjcyNjQ3NzMzOA%3D%3D&pcode-test-ids=1387855%2C0%2C29%3B1411934%2C0%2C17%3B1409129%2C0%2C43%3B1403047%2C0%2C22%3B1353316%2C0%2C0%3B1415640%2C0%2C28%3B1409109%2C0%2C10%3B1426951%2C0%2C10%3B1360193%2C0%2C17%3B1425422%2C0%2C5&csrf-token=f7acb60f6d9c576d7670b30b6331f8ea9b5e71bc%3A1764360801&pcode-uid=3104099221764360801&pcode-flags-map=eJylk1Fv2yAUhf8Lz30wxmA7bwRuMhQHPMC02TRdTVseNnXapGXTpKr%2FfbLdtbHbJqvKEzx8h8s5hxuiTZDLBlA1Rm1QObsyfiujcZYs3t%2BQ3x%2Bvf%2B3Jguz%2F%2FCAX5LD%2FeTCfyYLUOWcVI7cfLkiSAUMcNBL4MAcpy6ioxDFMWVEWvLqnuwBobIge5BbDxrQY3QYsrpxHFdOpOWiRcZ7n91JPycTYTCRY1q%2BXqijZSmXibiLFn1MBOxjSelga3T%2FQY9hZNYE%2FHa6neC6q8sGVxq37OCLYiLrzQyTYgldg49Thqbd5mYlxiFY5DWeyYVkpZlPUtOID%2F68aGkL0bodwFcFb2aDyIKNJgPLubapxARDSfLTHadU0rwdxC5dH9p6hWFaUk5E8dONG6vC%2FrNQrd4VvO%2Bh6XncKjkn6DPVGtq2xEAKGzifYoVHzr%2FHt%2B9cv0ww4Y1QMeN%2Ft5QYvzTtUrnF%2BKLVM6%2FF0ug%2BUiyJ7MgmpX5dBNmbgYesSoIXOu17brM8EkYua0zG%2B8fJkNDi8a3vjXHuSZyKjNXvoZgL%2FuI8Fm93Ji%2BFT3f4FwdhXvA%3D%3D&pcode-active-testids=1403047%2C0%2C22&pcode-icookie=vdgDqSjW93bkQVRfN2wN%2F%2FkIPsuMNRm6l9LN%2BfgiYwClX7D4f2eWuk%2B2FgrGOGeyYBNwoRM%2FFE%2FARe3EpkkiA3Zlbco%3D&disable-base64=1&top-ancestor=https%3A%2F%2Fthelib.net&top-ancestor-undetermined=0&grab-orig-len=3504&grab=eyJncmFiX3ZlcnNpb24iOjJ9ChKlonDkSOqCEFCfC23pL5fAbUsxvakeClESSxQrT2zphluZ13bpeONv41Jq2FiWZP2yHDmC1nX9AoXQEyvR6UmIAui5AFcYjbklLlFLaazkzy2CT4l5vCGEhoeGEEZbJPxgVbGE34ctloQWaheDy-8TWc6B18JEm2Ivo5JOougMs89R7EnEHbHlMluZ4aKIR-JNNDmVnuLMQi-JlBNDt6Y7SVqtk6Qaxe7lUHYmKDUP24sV5czb3qYtnDnN9OxnLrWVPoWHEKbeJZRathKrhzHLsDo6ud2jk5oZnr18OrmEXgI6OdD5rXqOvcTmPLFRObHFyR9xmilzXyHkKTrzJ3dUY4gupBVuj6EJRmjcfjC5shgrbL3ay2YnW6YRepqxO0ZqgSObRmi1gdWK4LVDc5nVQnf4Jdcs4Exr8Hqcf9DMMbat-iLWaCUc4NN3nnAKM5s9jWX4qE8jB35-rWVFR3y22t2eF9-yHWWzL_s9J34T8N3Y5ZSMX_M6hyAnOyrv3odkE2rSmYyR0mRMWpOdHYiDzNOgbClt06TUAlaUbc506ogRnRxJlIslduOyIAjSMLFIu3vt9LDOmd6TXAuyU78qVIUUInZTJljAVrPt2i9wsESf8vMsWS0fzVE2WCSUHpawibysQoxr5y0kF0tLD6pACeVgTDH2kRy-u722FPnbnFYtuoJFGfFBUR78gTSxKrSWAyNnJ9eoMnkZH5vdmR0PIxqJ4dqV2_KPVtfKIrrgglyMPJtGHckTzqiWwCrQUXzpZU2Np9uWCDFzxcZPIdRdEuf_XuCzeQGLeiDovUCXlyckrM_oJMcooBVhplKYPcLDnQJ4UgoyKRkFGUSsAzSgARmzRAcMGwwdng5fx9NxdZB1ODrcA8TT8XU40ol-6rB1WDp8NphsMKl4WAc4G5EOhw0UHd4BwWcDbRtNHRSpDnjpAR8SLhvhi18SoFId0JfEn5dFJKXiKTL0UgpyyOQpFBxUaVjWSIRDNEnIKUnIJtoSCe7IgdU5VJyGOtfOmSjW2aEc94HEbZQOIr1VR_AIBWXDElfHY4PuQxD3oQ5ILRAfwA9eNmiHRSibbNB9wMJjA3HqANbxFzy0xxkgzv3dXh0WG7SpA24DTMej4jJyiCEHEoNiONZN2000KmP9xi0B0e1NtpoTJ7h9OPyeIImT5K6Gih-RjRYib3DGJGyhjVsYh58edxNpMEYK0BxwENAKOAUEtJhkZP3D1vJrmpZRZpkTS-Smbn3_yqFXi0bJr_ypVQtxSoaY2zrBPPFSspqeSVTK1eUwkUR3AWEHuztVk8VuVSzLrT34pQ0MminUnZvbZxifiyvstqI2-p64qoECgZT8VA0hrX67T2d74L6G8P9_K47Cm5xs-EnHGi2QTuX61UKNtX1RZfvhEXsknSh2MqbWmQsRdbda2S1C3LgHjGnIA1BngkfNmeA9uqHenyRGWgLM4dVevlu-eYa5C7d9k8UG1g_k8Oaf_wIMI1lSGrd9-wj20W8WXv8kQNJig2JvElHzJhFX0EtDQuNKMmi6EuxspGvP9a74HvTaNGcKcta0a1EX7KNX7Qn4ecZgfBYgM64SjyKdxCzN8Prnao6Yh5nK2Tcj2uqrzEOxv1BS8xfKYZqc1T5jLrSuooAYpJAhSPcfSNIVT2uswob5tUiHk67xoer5rEsc0kncnWbeZq_mtWQHTbahFDHSEVDzpI5gt9R3E74O8-YAEY14Qy8lp4DWF3VAfczj-qmN-8mN8Jsdb2F3zvgRDRAdd74EPhtIl_VQX82A_U4G6nkiesLw2UA-KFDn4XC_nvFWANxdy08H5A9thDuWpw5DLQ3nsDt3tdIwVgjMb5Tvky0GX-WFpwrBp0F_OsB8gvD8SIDt6jD8Boa9fA8Ehg5Ta8EGwsXDfQowLgGLDSpW2mKwJGsnxRKvzaiVPIyqrirMn9m7fa0NR9UZYmBquNJXeNI4Mbl6czhN_xliqIiRD0I1pc_q5lSmksSCaoKSU3djr90JDLkIGbQcBWgt4BllmyWYB-gS_GwaK12YmoAfqJyFD5ng0sCR55MzCFMMP6I1OKRQ8TsJJZ-c7k6GbnZkNLLTMLrRerJEysIMH2IF3rAWgnwyVhmjMnSsLS7V16b2BLsPZtdJRkFOJqFckEwQyA3Red-VKgsCO5evbpJH_HrlSfjuN1ECrQojFyK7LaYmTn3sIAhHERhD0JU9iIpg6zH09Kz2wk1byMQT1iJ6QVAalf43HlMS2zsKH6tsRMFqxQBJmwa3jd8WHxjAxT4wMBNDvWAKWj5cQdi9YxIatboe9iRtxCRsHyAAkFhVWsqzF25LuayGLp1o7WwGLc_5uZ_yVcezePzNwc0nVnvjtFt0ao5G6jLPKMNc22hPpNdyl1hoMbRsoO_rf1qPXmleXlaOYQ7H6RrT3rBZvf7c9eb74ol115j0iNhuzEudbCxelnX6e9pR-pqnUo8v4QXE90h7pPm5KFtWCFIfS-12NwN_s1imFc78kYsZZaS3CZUzB3e0uhQkneCXaef9O2afkGYHNndBX-anbAj4GrONxONM0XB4q2N2DtNVgr-p3SrL5j2-bW_P6v3M37U24fav_TkbliEN7cH3fse7lUd_Toexs2Ms1fbFhVlr7YUrpJ5n8_gdLB53k0wwUk_nV1q057SnWXR-OmzFqcb12Mk_UQiZdLp3J9cUHn8nmSeU3cIh7C7qZMRndUoe37KWuTSWZ-p7RH-wfs_0n8XZqbIbVaOxEtKJt5Vto76uS9yFp-9fzl1i69xmXit6vmYu7-2C8_hJ1hqSfe4xt6G9SVjXZ286cFJGke0m5MxoiKKG5tz8GaP6VIUf_NeH42LPJ8uT6JXZXtkIHu_FJXqWvTwm1HTsTXdpJrQTG_upCs7Tl-iIT4p977M_3lj4oGobVZamVHhS5jxES3_6Z_j9QuDPsorEiZ6hKVz_8TFN37ue5d6GysXEWFFvoSKCKgslFjuKK5aEk7dGdDFdhFfUOKeaMETR42NH-kM5pErXoigFex7fusxZrQqK17CCakOYu0IjW4vPPWxGK8w6lZb5Fd57MtpORaOPhTuiReleDFXrT9Jo7D0tY9shRp7yHboVgYOpnq0d6-nN_YtOn9zmPSG9jyJ_JPoTUXwKO_F46HqaXI-dNc9pd25zOumkO_s27rBQsTPuQF01JgnHvc7i0T4iaKNaawJUpEiGrpmguh7M0ttCL6W_7cLZdyJy6NoZqrND1qu3y9RlSLPq-lvoFUXDwo0EAQXw6U_w81GWxYrEOWzbxansigQMZYfjtvKlr1wDOPSjECcSuf0GPycaLH7Tu3OrbeIiI4RcWElIKFUIhhcYkRZVFVVTrw-745wls3MdB81NhcSE0GhizwqTg6OCy3fekEHkHhhCpRK6eGYbNMMJE5xIB8eM2dBQ0beYjF8JLGQcAwkPAwkPAwkPAwkPAwkPAwkPRIWEpwItGv7ipi4AlgTQ&tga-with-creatives=1&banner-lang=en
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.88.55.88 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
yandex.ru
Software
/
Resource Hash
840c06475e22d0bc38b1f13ba59021eb082e413c4a179a8f3cd3bf37887070e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://thelib.net/

Response headers

x-yandex-req-id
1764360803342318-4421052407749011995-balancer-l7leveler-kubr-yp-sas-98-BAL
content-encoding
gzip
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-content-type-options
nosniff
x-ads-queuetime
0.130000
expires
Mon, 04 Dec 1999 21:29:02 GMT
p3p
policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
x-ads-loadaverageonarrival
0.333333
content-type
application/json
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-Viewport-Width, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width, Sec-Ch-Viewport-Height
pragma
no-cache
x-yt-request-id
cc5ebb9d-f5168918-b33e804e-3a3b253f
access-control-allow-credentials
true
x-ads-degradation
0.000000
x-adfox-request-id
15368290430573460866
x-ads-loadaverage
0.266667
access-control-allow-origin
https://thelib.net
x-yt-trace-id
e1f66ea9-face491-ee1edb81-c095831d
x-xss-protection
1; mode=block
favicon.ico
thelib.net/ 		15 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://thelib.net/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
d199509d82400438f2756fcbd16d2bdacd90a13906275e798e8b302150364512

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"68192b75-3aee"
Connection
keep-alive
Date
Fri, 28 Nov 2025 20:13:23 GMT
Content-Type
image/x-icon
Last-Modified
Mon, 05 May 2025 21:19:49 GMT
Server
nginx/1.28.0
adsdk.js
yandex.ru/ads/system/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/adsdk.js
Requested by
Host: cdn.adfinity.pro
URL: https://cdn.adfinity.pro/code/thelib.net/adfinity.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.88.55.88 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
yandex.ru
Software
/
Resource Hash
b0b7bdcfce46836d4df9bc4fbdf34166820398b124e1562d79e8b3be3b7bd528
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

x-robots-tag
noindex, noarchive, nofollow
x-yandex-req-id
1764360803445120-12609067795832248445-balancer-l7leveler-kubr-yp-sas-98-BAL
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
cache-control
private, max-age=3600
content-encoding
br
timing-allow-origin
*
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-Viewport-Width, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width, Sec-Ch-Viewport-Height
etag
"d007d01a1aeda86aff76dc3b99cbef00-1303043"
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 21:13:23 GMT
access-control-allow-origin
*
content-type
text/javascript; charset=utf-8
loader.bundle.js
yastatic.net/partner-code-bundles/1303043/vas-bundles/bundles-es2017/ 		869 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/1303043/vas-bundles/bundles-es2017/loader.bundle.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/adsdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.9.64.225 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
cloud.cdn.yandex.net
Software
nginx /
Resource Hash
09865de7e701f5d3f6fbe68bf45f4283fdc87ad61f862b3a3744538076c45b1b
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://thelib.net/

Response headers

x-robots-tag
noindex, noarchive, nofollow
x-request-id
ce9bbd3e68ec5c05
content-encoding
br
etag
"f60f5fa6bff5e0b4bdc89869ec97c576"
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires
Mon, 29 Nov 2055 02:45:18 GMT
date
Fri, 28 Nov 2025 20:13:23 GMT
content-type
text/javascript; charset=utf-8
last-modified
Tue, 25 Nov 2025 14:29:25 GMT
vary
Accept-Encoding
cache-host
cloudcdn-m9-12.cdn.yandex.net
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
access-control-allow-origin
*
content-length
207447
x-strm-log-split
1
cache-status
HIT
server
nginx
log
log.strm.yandex.ru/ 		0
233 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.strm.yandex.ru/log?VAS=1303043&event=CreateLoader
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/adsdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.15 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
log.strm.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://thelib.net/

Response headers

x-request-id
1764360803664968-17695900165361132419
access-control-expose-headers
Date
timing-allow-origin
https://thelib.net
access-control-allow-credentials
true
x-trace-id
00000000000000000000000000000000
access-control-allow-origin
https://thelib.net
content-length
0
date
Fri, 28 Nov 2025 20:13:23 GMT
155907
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 33C0
Redirect Chain
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/155907
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/155907
43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/155907
Protocol
H2
Server
194.226.130.226 , Russian Federation, ASN52016 (ADFACT JSC ADFACT, RU),
Reverse DNS
Software
ms-counter-4.4.3/1.22.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://cache.betweendigital.com/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:01 GMT
content-length
43
date
Fri, 28 Nov 2025 20:13:23 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-4.4.3/1.22.1

Redirect headers

strict-transport-security
max-age=2678400
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
location
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/155907
timing-allow-origin
*
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:01 GMT
content-length
0
date
Fri, 28 Nov 2025 20:13:23 GMT
content-type
image/gif
server
ms-counter-4.4.3/1.22.1
vast
ad.moe.video/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.moe.video/vast?pid=12054&vpt=sticky&advertCount=3&vt=vpaid&vl=0&referer=https%3A%2F%2Fthelib.net%2F1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Requested by
Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/1303043/vas-bundles/bundles-es2017/loader.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.228.3.219 St Petersburg, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),
Reverse DNS
Software
/
Resource Hash
d1306cb0613e69e6a631ac055c13168a90a4a1debe5bf3c3a549c46aa7ff5a4f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-origin
https://thelib.net
content-length
1102
date
Fri, 28 Nov 2025 20:13:23 GMT
content-type
application/xml; charset=UTF-8
version
v1.32.136
access-control-allow-credentials
true
855789
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 30B7
Redirect Chain
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/855789
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/855789
43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/855789
Protocol
H2
Server
194.226.130.226 , Russian Federation, ASN52016 (ADFACT JSC ADFACT, RU),
Reverse DNS
Software
ms-counter-4.4.3/1.22.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://cache.betweendigital.com/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:01 GMT
content-length
43
date
Fri, 28 Nov 2025 20:13:23 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-4.4.3/1.22.1

Redirect headers

strict-transport-security
max-age=2678400
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
location
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/855789
timing-allow-origin
*
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:01 GMT
content-length
0
date
Fri, 28 Nov 2025 20:13:23 GMT
content-type
image/gif
server
ms-counter-4.4.3/1.22.1
sync
x.bidswitch.net/ Frame 33C0 		43 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=429&user_id=e63864be-ec9b-524c-af76-335ac65c3138&expires=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.136.108 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS
108.136.214.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://cache.betweendigital.com/

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Fri, 28 Nov 2025 20:13:23 GMT
content-type
image/gif
mvplayer.min.js
cdn1.moe.video/player/ Frame 94CE 		419 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.moe.video/player/mvplayer.min.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/1303043/vas-bundles/bundles-es2017/loader.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.101.37.37 Yerevan, Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
c64fa84951151a588f1e769122d70af7de87d166fefd9c36c946d75d633c8a65

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

x-cached-since
2025-11-28T20:10:57+00:00
cache
HIT
cache-control
max-age=43200
content-encoding
gzip
expires
Sat, 29 Nov 2025 08:13:24 GMT
date
Fri, 28 Nov 2025 20:13:24 GMT
content-type
application/x-javascript
vary
Accept-Encoding, Accept-Encoding
server
nginx
last-modified
Friday, 28-Nov-2025 20:10:57 GMT
x-node
am4-up-gc94
/
onetag-sys.com/usync/ Frame C750 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5d1628750185ace
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=e63864be-ec9b-524c-af76-335ac65c3138&CACHEBUSTER=155907
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cache.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
date
Fri, 28 Nov 2025 20:13:23 GMT
strict-transport-security
max-age=15552000
sync
x.bidswitch.net/ Frame 30B7 		43 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=429&user_id=f3d59642-41d3-524c-80c4-956be9ee9709&expires=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.136.108 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS
108.136.214.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://cache.betweendigital.com/

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Fri, 28 Nov 2025 20:13:23 GMT
content-type
image/gif
/
onetag-sys.com/usync/ Frame B345 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5d1628750185ace
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=f3d59642-41d3-524c-80c4-956be9ee9709&CACHEBUSTER=855789
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cache.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
date
Fri, 28 Nov 2025 20:13:23 GMT
strict-transport-security
max-age=15552000
log
log.strm.yandex.ru/ 		0
71 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.strm.yandex.ru/log?VAS=1303043&event=LegalInfoMissing
Requested by
Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/1303043/vas-bundles/bundles-es2017/loader.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.15 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
log.strm.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://thelib.net/

Response headers

x-request-id
1764360804492553-6287769785634732284
access-control-expose-headers
Date
timing-allow-origin
https://thelib.net
access-control-allow-credentials
true
x-trace-id
00000000000000000000000000000000
access-control-allow-origin
https://thelib.net
content-length
0
date
Fri, 28 Nov 2025 20:13:24 GMT
AdRiverFPS.js
content.adriver.ru/ Frame 94CE 		47 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.adriver.ru/AdRiverFPS.js
Requested by
Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
83.222.5.43 , Russian Federation, ASN25532 (MASTERHOST-AS LLC "MASTERHOST", RU),
Reverse DNS
Software
nginx /
Resource Hash
5fd14f33a2c307289f12ce35deb488d575607d3f7914d35bd7c19944d5a58a06

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

cache-control
max-age=3600
content-encoding
gzip
etag
W/"6925aead-bbff"
expires
Fri, 28 Nov 2025 21:13:24 GMT
access-control-allow-origin
https://cs1.ottgoods.ru
date
Fri, 28 Nov 2025 20:13:24 GMT
content-type
application/x-javascript
last-modified
Tue, 25 Nov 2025 13:27:09 GMT
server
nginx
vary
Accept-Encoding
sync-loader.js
privacy-cs.mail.ru/static/ Frame 94CE 		0
0
0.gif
x01.aidata.io/ Frame 94CE
Redirect Chain
  • https://sync.upravel.com/pbd/sync
  • https://sync.upravel.com/pbd/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly90aGVsaWIubmV0LyJdfX0=
  • https://1026--84ebe470-afab-409f-b923-db5a63e7b0d8.stbid.ru/?r=https%3A%2F%2Fsync.upravel.com%2Fimage%3Fsource%3Dpbd
  • https://sync.upravel.com/image?source=pbd
  • https://sync.upravel.com/gpmdata/sync
  • https://tms.gpmdata.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=4a608d62-b43e-464c-ba40-a2d2ff300693&dsp_id=84ebe470-afab-409f-b923-db5a63e7b0d8&ru=https%3A%2F%2Fsync.upravel.co...
  • https://sync.upravel.com/image?source=gpmdata
  • https://sync.upravel.com/aidata/sync
  • https://x01.aidata.io/0.gif?pid=MGCOM&id=84ebe470-afab-409f-b923-db5a63e7b0d8&back=
0
0
cs
rtb.moe.video/ Frame 94CE
Redirect Chain
  • https://moevideo-sync.rutarget.ru/sync
  • https://rtb.moe.video/cs?b=-HwAnkii1UFE&d=1
0
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.moe.video/cs?b=-HwAnkii1UFE&d=1
Protocol
H2
Server
188.124.47.12 Moscow, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

date
Fri, 28 Nov 2025 20:13:24 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0

Redirect headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Location
https://rtb.moe.video/cs?b=-HwAnkii1UFE&d=1
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://segmento.ru/p3p/ to get more information."
Date
Fri, 28 Nov 2025 20:13:24 GMT
Server
nginx
Connection
close
rle.cgi
ad.adriver.ru/cgi-bin/ Frame 94CE
Redirect Chain
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=719570&bt=21&bn=719570
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=719570&bt=21&bn=719570&tuid=-5814673562
42 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=719570&bt=21&bn=719570&tuid=-5814673562
Protocol
HTTP/1.1
Server
195.209.109.11 , Russian Federation, ASN52007 (ADRIVER LLC AdRiver, RU),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

Transfer-Encoding
chunked
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
P3P
policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Date
Fri, 28 Nov 2025 20:13:24 GMT
Content-Type
image/gif

Redirect headers

Transfer-Encoding
chunked
Cache-control
no-cache, max-age=0, must-revalidate, no-store
Location
/cgi-bin/rle.cgi?sid=1&ad=719570&bt=21&bn=719570&tuid=-5814673562
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Origin
*
P3P
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Date
Fri, 28 Nov 2025 20:13:24 GMT
Content-Type
text/html
cs
rtb.moe.video/ Frame 94CE
Redirect Chain
  • https://sync.bumlam.com/?src=mvn&uid=[user_uid]
  • https://rtb.moe.video/cs?b=b0974266-cc96-11f0-b60c-002590c82436&d=3
0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.moe.video/cs?b=b0974266-cc96-11f0-b60c-002590c82436&d=3
Protocol
H2
Server
188.124.47.12 Moscow, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

date
Fri, 28 Nov 2025 20:13:24 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0

Redirect headers

Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Location
https://rtb.moe.video/cs?b=b0974266-cc96-11f0-b60c-002590c82436&d=3
Connection
keep-alive
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Fri, 28 Nov 2025 20:13:24 GMT
Content-Type
text/html; charset=utf-8
Server
nginx
match
dm.hybrid.ai/ Frame 94CE
Redirect Chain
  • https://kimberlite.io/rtb/sync/moevideo
  • https://kimberlite.io/rtb/sync/moevideo?rc=1
  • https://exchange.buzzoola.com/cookiesync/redirect?redirect_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbuzzoola%3Fu%3D%24%7BUUID%7D%26f%3Dhttps%253A%252F%252Frtb.moe.video%252Fcs%253Fd%253D4%252...
  • https://kimberlite.io/rtb/sync/buzzoola?u=d234d4f2-7a50-45f8-59d4-e8d69ea5cb44&f=https%3A%2F%2Frtb.moe.video%2Fcs%3Fd%3D4%26b%3DaSoCZMFWpqg&n=1
  • https://dm.hybrid.ai/match?id=414
0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=414
Protocol
H2
Server
37.230.131.22 Amsterdam, Netherlands, ASN200197 (HYBRID-Poland HYBRID ADTECH SP.Z.O.O., PL),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store
pragma
no-cache
expires
-1
access-control-allow-origin
*
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode
5051
date
Fri, 28 Nov 2025 20:08:32 GMT
x-xss-protection
1; mode=block
server
Hybrid Web Server

Redirect headers

cache-control
no-store
location
https://dm.hybrid.ai/match?id=414
Connection
keep-alive
access-control-allow-credentials
true
referrer-policy
no-referrer
access-control-allow-origin
*
server-timing
app;srv=s4;dur=0.0017
Content-Length
0
Date
Fri, 28 Nov 2025 20:13:24 GMT
Server
nginx
cs
rtb.moe.video/ Frame 94CE
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/moevideo?redirect_url=https%3A%2F%2Frtb.moe.video%2Fcs%3Fd%3D6%26b%3D%24%7BUUID%7D
  • https://rtb.moe.video/cs?d=6&b=d234d4f2-7a50-45f8-59d4-e8d69ea5cb44
0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.moe.video/cs?d=6&b=d234d4f2-7a50-45f8-59d4-e8d69ea5cb44
Protocol
H2
Server
188.124.47.12 Moscow, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

date
Fri, 28 Nov 2025 20:13:24 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0

Redirect headers

location
https://rtb.moe.video/cs?d=6&b=d234d4f2-7a50-45f8-59d4-e8d69ea5cb44
content-length
94
date
Fri, 28 Nov 2025 20:13:24 GMT
content-type
text/html; charset=utf-8
server
nginx
serverid
TODO
cs
rtb.moe.video/ Frame 94CE
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=42837&callback_url=https%3A%2F%2Frtb.moe.video%2Fcs%3Fd%3D7%26b%3D%24%7BUSER_ID%7D
  • https://rtb.moe.video/cs?d=7&b=f3d59642-41d3-524c-80c4-956be9ee9709
0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.moe.video/cs?d=7&b=f3d59642-41d3-524c-80c4-956be9ee9709
Protocol
H2
Server
188.124.47.12 Moscow, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

date
Fri, 28 Nov 2025 20:13:24 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
location
https://rtb.moe.video/cs?d=7&b=f3d59642-41d3-524c-80c4-956be9ee9709
content-length
0
match
dm-eu.hybrid.ai/ Frame 94CE 		0
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm-eu.hybrid.ai/match?id=117
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.230.131.22 Amsterdam, Netherlands, ASN200197 (HYBRID-Poland HYBRID ADTECH SP.Z.O.O., PL),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

cache-control
no-cache, no-store
pragma
no-cache
access-control-allow-credentials
true
expires
-1
access-control-allow-origin
https://thelib.net
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode
5003
date
Fri, 28 Nov 2025 20:08:31 GMT
x-xss-protection
1; mode=block
server
Hybrid Web Server
cs
rtb.moe.video/ Frame 94CE
Redirect Chain
  • https://px.adhigh.net/p/cm/moevideo
  • https://rtb.moe.video/cs?d=9&b=e9ly6XIxESA.AikABlGazBlRDQ
0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.moe.video/cs?d=9&b=e9ly6XIxESA.AikABlGazBlRDQ
Protocol
H2
Server
188.124.47.12 Moscow, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

date
Fri, 28 Nov 2025 20:13:24 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0

Redirect headers

x-backend-id
f3-ru
cache-control
no-cache, no-store
location
https://rtb.moe.video/cs?d=9&b=e9ly6XIxESA.AikABlGazBlRDQ
pragma
no-cache
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
*
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Fri, 28 Nov 2025 20:13:24 GMT
server
nginx
cs
rtb.moe.video/ Frame 94CE
Redirect Chain
  • https://sync.upravel.com/moevideo/sync
  • https://sync.upravel.com/moevideo/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly90aGVsaWIubmV0LyJdfX0=
  • https://rtb.moe.video/cs?d=10&b=4909e26d-1f58-469e-b213-5d932a4f3d68
0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.moe.video/cs?d=10&b=4909e26d-1f58-469e-b213-5d932a4f3d68
Protocol
H2
Server
188.124.47.12 Moscow, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

date
Fri, 28 Nov 2025 20:13:24 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0

Redirect headers

access-control-expose-headers
Content-Length,Content-Range
location
https://rtb.moe.video/cs?d=10&b=4909e26d-1f58-469e-b213-5d932a4f3d68
access-control-allow-credentials
false
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
0
date
Fri, 28 Nov 2025 20:13:24 GMT
server
Angie
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cs
rtb.moe.video/ Frame 94CE
Redirect Chain
  • https://sm.rtb.mts.ru/p?ssp=moevideo&id=[user_uid]
  • https://vma.mts.ru/match/second?ssp=22&exu=%5Buser_uid%5D
  • https://cm.a.mts.ru/cm/tech?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=4fd06abf-7c69-4ed0-bacd-e48b4a63d1e4&redirect_return_url=https%3A%2F%2Fan.yandex.ru%2Fsetu...
  • https://9685075341764360804899.cm.a.mts.ru/cm/match?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=4fd06abf-7c69-4ed0-bacd-e48b4a63d1e4&redirect_return_url=https://a...
  • https://an.yandex.ru/setud/mts_banner/T9Bqv3xpTtC6zeSLSmPR5A?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D22%26em%3D0&sign=1709703429
  • https://vma.mts.ru/em?next=22&em=0
  • https://rtb.moe.video/cs?d=11&b=749442e5-9852-467c-a7b9-e7a5ba91a06f
0
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.moe.video/cs?d=11&b=749442e5-9852-467c-a7b9-e7a5ba91a06f
Protocol
H2
Server
188.124.47.12 Moscow, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

date
Fri, 28 Nov 2025 20:13:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Location
https://rtb.moe.video/cs?d=11&b=749442e5-9852-467c-a7b9-e7a5ba91a06f
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Fri, 28 Nov 2025 20:13:25 GMT
Vary
Origin
Server
Angie
Access-Control-Allow-Headers
Origin
cs
rtb.moe.video/ Frame 94CE
Redirect Chain
  • https://sync.dmp.otm-r.com/match/moevideo
  • https://rtb.moe.video/cs?d=12&b=NjkyYTAyNjIwYTY0NWI0MA%3D%3D
0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.moe.video/cs?d=12&b=NjkyYTAyNjIwYTY0NWI0MA%3D%3D
Protocol
H2
Server
188.124.47.12 Moscow, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

date
Fri, 28 Nov 2025 20:13:24 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0

Redirect headers

access-control-allow-origin
*
location
https://rtb.moe.video/cs?d=12&b=NjkyYTAyNjIwYTY0NWI0MA%3D%3D
content-length
0
date
Fri, 28 Nov 2025 20:13:24 GMT
server
nginx/1.27.5
check
sync.adspend.space/ Frame 94CE
Redirect Chain
  • https://sync.adspend.space/moevideo?uid=[user_uid]
  • https://sync.adspend.space/check?uid=[user_uid]&ssp=%2Fmoevideo
0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adspend.space/check?uid=[user_uid]&ssp=%2Fmoevideo
Protocol
H2
Server
5.189.234.227 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

date
Fri, 28 Nov 2025 20:13:24 GMT
strict-transport-security
max-age=15724800; includeSubDomains
server
nginx/1.26.2

Redirect headers

strict-transport-security
max-age=15724800; includeSubDomains
access-control-max-age
1728000
location
/check?uid=[user_uid]&ssp=%2Fmoevideo
access-control-allow-credentials
true
access-control-allow-methods
PUT, GET, POST, OPTIONS
access-control-allow-origin
*
content-length
64
date
Fri, 28 Nov 2025 20:13:24 GMT
content-type
text/html; charset=utf-8
server
nginx/1.26.2
access-control-allow-headers
Content-Type, authorization
cs
rtb.moe.video/ Frame 94CE
Redirect Chain
  • https://ssp.al-adtech.com/api/sync/myvideo
  • https://rtb.moe.video/cs?d=14&b=b9d85563-b1c5-4669-8b02-e6d77761ed56
0
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.moe.video/cs?d=14&b=b9d85563-b1c5-4669-8b02-e6d77761ed56
Protocol
H2
Server
188.124.47.12 Moscow, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

date
Fri, 28 Nov 2025 20:13:24 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0

Redirect headers

Location
https://rtb.moe.video/cs?d=14&b=b9d85563-b1c5-4669-8b02-e6d77761ed56
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
Content-Length
0
Date
Fri, 28 Nov 2025 20:13:24 GMT
Vary
Origin
Server
nginx/1.20.1
userbind
match.qtarget.tech/ Frame 94CE 		0
0
sync
a.atraffic.ru/ Frame 94CE
Redirect Chain
  • https://sync.programmatica.com/match/MoeVideo?id=[user_uid]
  • https://a.atraffic.ru/sync?ssp=12
0
0
userbind
match.new-programmatic.com/ Frame 94CE 		0
0
cs
rtb.moe.video/ Frame 94CE
Redirect Chain
  • https://www.acint.net/rmatch?dp=115&r=https%3A%2F%2Frtb.moe.video%2Fcs%3Fd%3D20%26b%3D%24%7BUSER_ID%7D
  • https://rtb.moe.video/cs?d=20&b=0800007F62022A69BC0C7195029A7373
0
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.moe.video/cs?d=20&b=0800007F62022A69BC0C7195029A7373
Protocol
H2
Server
188.124.47.12 Moscow, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

date
Fri, 28 Nov 2025 20:13:24 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0

Redirect headers

cache-control
private, no-cache, no-store, must-revalidate, max-age=0
location
https://rtb.moe.video/cs?d=20&b=0800007F62022A69BC0C7195029A7373
expires
Wed, 19 Apr 2000 11:43:00 GMT
content-length
154
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
date
Fri, 28 Nov 2025 20:13:24 GMT
content-type
text/html
server
openresty
cr
cr-frontend.weborama-tech.ru/ Frame 94CE
Redirect Chain
  • https://acint.net/cmatch?dp=115
  • https://sm.rtb.mts.ru/p?ssp=sape&id=0800007F62022A69BC0C7195029A7373
  • https://vma.mts.ru/match/second?ssp=30&exu=0800007F62022A69BC0C7195029A7373
  • https://cm.a.mts.ru/cm/tech?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=7814d011-dd22-429a-bffe-24d4944a0fa8&redirect_return_url=https%3A%2F%2Fcr-frontend.weboram...
  • https://7256799441764360804901.cm.a.mts.ru/cm/match?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=7814d011-dd22-429a-bffe-24d4944a0fa8&redirect_return_url=https://c...
  • https://cr-frontend.weborama-tech.ru/cr?key=mts&url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D30%26em%3D5%26ssp%3Dweborama%26id%3D%7BWEBO_CID%7D
  • https://cr-frontend.weborama-tech.ru/cr?key=mts&url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D30%26em%3D5%26ssp%3Dweborama%26id%3D%7BWEBO_CID%7D&bounce=1&random=4108921865
0
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr-frontend.weborama-tech.ru/cr?key=mts&url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D30%26em%3D5%26ssp%3Dweborama%26id%3D%7BWEBO_CID%7D&bounce=1&random=4108921865
Protocol
H2
Server
130.193.54.247 , Russian Federation, ASN200350 (YandexCloud Yandex.Cloud LLC, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma
no-cache
expires
Tue, 03 Jul 2001 06:00:00 GMT
access-control-allow-origin
*
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
date
Fri, 28 Nov 2025 20:13:25 GMT
last-modified
Fri, 28 Nov 2025 20:13:25 GMT
vary
Origin

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
location
https://cr-frontend.weborama-tech.ru/cr?key=mts&url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D30%26em%3D5%26ssp%3Dweborama%26id%3D%7BWEBO_CID%7D&bounce=1&random=4108921865
pragma
no-cache
expires
Tue, 03 Jul 2001 06:00:00 GMT
access-control-allow-origin
*
content-length
0
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
date
Fri, 28 Nov 2025 20:13:25 GMT
last-modified
Fri, 28 Nov 2025 20:13:25 GMT
vary
Origin
set
sync.rambler.ru/ Frame 94CE 		0
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.rambler.ru/set?partner_id=f14de6f1-fb82-4373-9a57-bf8347061ce2&id=[user_uid]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.242.95.157 , Russian Federation, ASN208677 (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-sca-elb
dmz-identix-ssp
content-length
0
date
Fri, 28 Nov 2025 20:13:24 GMT
cs
rtb.moe.video/ Frame 94CE
Redirect Chain
  • https://sync.upravel.com/moevideo_outstream/sync
  • https://rtb.moe.video/cs?d=22&b=84ebe470-afab-409f-b923-db5a63e7b0d8
0
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.moe.video/cs?d=22&b=84ebe470-afab-409f-b923-db5a63e7b0d8
Protocol
H2
Server
188.124.47.12 Moscow, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

date
Fri, 28 Nov 2025 20:13:24 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0

Redirect headers

access-control-expose-headers
Content-Length,Content-Range
location
https://rtb.moe.video/cs?d=22&b=84ebe470-afab-409f-b923-db5a63e7b0d8
access-control-allow-credentials
false
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
0
date
Fri, 28 Nov 2025 20:13:24 GMT
server
Angie
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
open_ssp
sync.dmp.otm-r.com/match/ Frame 94CE
Redirect Chain
  • https://sync.opendsp.ru/match/Moevideo?id=[user_uid]
  • https://sync.opendsp.ru/match/Moevideo?id=%5Buser_uid%5D&chk=1
  • https://sm.rtb.mts.ru/p?ssp=tradingdesk&id=NGU5YjE3NDcyYjc0Y2YyYg
  • https://vma.mts.ru/match/second?ssp=67&exu=NGU5YjE3NDcyYjc0Y2YyYg
  • https://cm.a.mts.ru/cm/tech?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=7814d011-dd22-429a-bffe-24d4944a0fa8&redirect_return_url=https%3A%2F%2Fan.yandex.ru%2Fsetu...
  • https://an.yandex.ru/setud/mts_banner/eBTQEd0iQpq__iTUlEoPqA?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D67%26em%3D0&sign=4057469462
  • https://vma.mts.ru/em?next=67&em=0
  • https://sync.opendsp.ru/match/mts_dsp?id=749442e5-9852-467c-a7b9-e7a5ba91a06f
  • https://sync.dmp.otm-r.com/match/open_ssp?id=NGU5YjE3NDcyYjc0Y2YyYg
  • https://sync.dmp.otm-r.com/match/open_ssp?id=NGU5YjE3NDcyYjc0Y2YyYg&otcm_check=1764360805
0
0
sync
a.adspector.io/ Frame 94CE 		0
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.adspector.io/sync?ssp=22
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.15.59 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

access-control-expose-headers
Content-Length,Content-Range
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=p0lIRHret7WjWrtbstyL130jN%2BGBQHHVDnynEfxj1Os%2Bk%2Fl3FZbZlRErrlhaLNF42EvelcXkjZKbBJpm2fhZYS9Xn%2FbSCkUqYSWlzrRy"}]}
cf-ray
9a5c8696bc4935e8-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 28 Nov 2025 20:13:24 GMT
content-type
text/plain
vary
Origin
server
cloudflare
priority
u=3,i
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cs
rtb.moe.video/ Frame 94CE
Redirect Chain
  • https://otclick-adv.ru/core/match.gif?s=54&reference=https%3A%2F%2Frtb.moe.video%2Fcs%3Fd%3D26%26b%3D%23%7BUID%7D
  • https://rtb.moe.video/cs?d=26&b=VUibTjb8FF50LNw
0
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.moe.video/cs?d=26&b=VUibTjb8FF50LNw
Protocol
H2
Server
188.124.47.12 Moscow, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

date
Fri, 28 Nov 2025 20:13:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0

Redirect headers

Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Location
https://rtb.moe.video/cs?d=26&b=VUibTjb8FF50LNw
Pragma
no-cache
Connection
keep-alive
Expires
Thursday, 01-Jan-1970 00:00:00 GMT
Content-Length
124
Keep-Alive
timeout=90
Date
Fri, 28 Nov 2025 20:13:25 GMT
P3P
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Server
nginx
cs
rtb.moe.video/ Frame 94CE
Redirect Chain
  • https://sync.techdsp.ru/sync?src=mvn&uid=[user_uid]
  • https://x01.aidata.io/0.gif?pid=0914828&id=5X7mPX-ITiWZIRvZskUksw&dest=https%3A%2F%2Frtb.moe.video%2Fcs%3Fd%3D27%26b%3D5X7mPX-ITiWZIRvZskUksw
  • https://rtb.moe.video/cs?d=27&b=5X7mPX-ITiWZIRvZskUksw
0
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.moe.video/cs?d=27&b=5X7mPX-ITiWZIRvZskUksw
Protocol
H2
Server
188.124.47.12 Moscow, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

date
Fri, 28 Nov 2025 20:13:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0

Redirect headers

cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
location
https://rtb.moe.video/cs?d=27&b=5X7mPX-ITiWZIRvZskUksw
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
expires
Fri, 28 Nov 2025 20:13:24 GMT
content-length
0
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
date
Fri, 28 Nov 2025 20:13:25 GMT
last-modified
Fri, 28 Nov 2025 20:13:24 GMT
server
nginx
cs
rtb.moe.video/ Frame 94CE
Redirect Chain
  • https://sync.upravel.com/moevideo_nord/sync
  • https://rtb.moe.video/cs?d=28&b=84ebe470-afab-409f-b923-db5a63e7b0d8
0
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.moe.video/cs?d=28&b=84ebe470-afab-409f-b923-db5a63e7b0d8
Protocol
H2
Server
188.124.47.12 Moscow, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

date
Fri, 28 Nov 2025 20:13:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0

Redirect headers

access-control-expose-headers
Content-Length,Content-Range
location
https://rtb.moe.video/cs?d=28&b=84ebe470-afab-409f-b923-db5a63e7b0d8
access-control-allow-credentials
false
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
0
date
Fri, 28 Nov 2025 20:13:25 GMT
server
Angie
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cm.gif
ad.mail.ru/ Frame 94CE 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mail.ru/cm.gif?p=170&id=[user_uid]
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
r.myadx.net
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

cache-control
max-age=21600
timing-allow-origin
*
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
expires
Sat, 29 Nov 2025 02:13:24 GMT
cross-origin-embedder-policy
require-corp
content-length
43
date
Fri, 28 Nov 2025 20:13:24 GMT
content-type
image/gif
last-modified
Fri, 28 Nov 2025 20:13:24 GMT
server
nginx
cm.gif
ad.mail.ru/ Frame 94CE 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mail.ru/cm.gif?p=173&id=[user_uid]
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
r.myadx.net
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

cache-control
max-age=21600
timing-allow-origin
*
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
expires
Sat, 29 Nov 2025 02:13:24 GMT
cross-origin-embedder-policy
require-corp
content-length
43
date
Fri, 28 Nov 2025 20:13:24 GMT
content-type
image/gif
last-modified
Fri, 28 Nov 2025 20:13:24 GMT
server
nginx
cs
rtb.moe.video/ Frame 94CE
Redirect Chain
  • https://match.ohmy.bid/cm?ssp=mvvideo
  • https://rtb.moe.video/cs?d=31&b=78db0940-cb8d-4b3a-9be1-934edd631231
0
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.moe.video/cs?d=31&b=78db0940-cb8d-4b3a-9be1-934edd631231
Protocol
H2
Server
188.124.47.12 Moscow, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

date
Fri, 28 Nov 2025 20:13:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0

Redirect headers

Location
https://rtb.moe.video/cs?d=31&b=78db0940-cb8d-4b3a-9be1-934edd631231
Content-Length
0
Bidder
bid-07 1.2215.af91edd8
Date
Fri, 28 Nov 2025 20:13:25 GMT
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
cs
rtb.moe.video/ Frame 94CE
Redirect Chain
  • https://match.ohmy.bid/cm?ssp=mvban
  • https://rtb.moe.video/cs?d=32&b=6ac18505-930c-494e-b125-16b287f5ed20
0
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.moe.video/cs?d=32&b=6ac18505-930c-494e-b125-16b287f5ed20
Protocol
H2
Server
188.124.47.12 Moscow, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

date
Fri, 28 Nov 2025 20:13:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0

Redirect headers

Location
https://rtb.moe.video/cs?d=32&b=6ac18505-930c-494e-b125-16b287f5ed20
Content-Length
0
Bidder
bid-14 1.2215.af91edd8
Date
Fri, 28 Nov 2025 20:13:25 GMT
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
Moevideo-Banner-ortb
adx.com.ru/sync/init/ Frame 94CE 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adx.com.ru/sync/init/Moevideo-Banner-ortb?uid=[user_uid]
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
83.222.105.118 , Russian Federation, ASN42632 (MNOGOBYTE-AS MnogoByte LLC, RU),
Reverse DNS
Software
nginx/1.26.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

date
Fri, 28 Nov 2025 20:13:25 GMT
server
nginx/1.26.3
usersync
ssp.bidvol.com/ Frame 94CE 		28 B
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.bidvol.com/usersync?pubid=189
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.85.16.27 , Russian Federation, ASN8985 (MSK-IX_Services Join-stock company "Internet Exchange"MSK-IX", RU),
Reverse DNS
Software
nginx /
Resource Hash
b200deb0e5fa0ee902f75b814af140875668a1c3f8aebb6cbc87181681601da2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

surrogate-control
no-store
x-request-id
0bd61264-1e22-43d0-b6b8-13ac5a67dada
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
*
date
Fri, 28 Nov 2025 20:13:25 GMT
content-type
text/html; charset=utf-8
vary
Origin
server
nginx
/
fcgi4.gnezdo.ru/cookie_matching/moevideo_instream/ Frame 94CE 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching/moevideo_instream/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
93.95.102.105 , Russian Federation, ASN48347 (MTW-AS JSC Mediasoft ekspert, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

date
Fri, 28 Nov 2025 20:13:25 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cs
rtb.moe.video/ Frame 94CE
Redirect Chain
  • https://sync.dmp.otm-r.com/match/moevideo_banner?id=[user_uid]
  • https://sync.dmp.otm-r.com/match/moevideo_banner?id=%5Buser_uid%5D&otcm_check=1764360804
  • https://rtb.moe.video/cs?d=36&b=NjkyYTAyNjIwYTY0NWI0MA%3D%3D
0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.moe.video/cs?d=36&b=NjkyYTAyNjIwYTY0NWI0MA%3D%3D
Protocol
H2
Server
188.124.47.12 Moscow, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

date
Fri, 28 Nov 2025 20:13:24 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0

Redirect headers

access-control-allow-origin
*
location
https://rtb.moe.video/cs?d=36&b=NjkyYTAyNjIwYTY0NWI0MA%3D%3D
content-length
0
date
Fri, 28 Nov 2025 20:13:24 GMT
server
nginx/1.27.5
cs
rtb.moe.video/ Frame 94CE
Redirect Chain
  • https://sp.linkssp.ru/cm?key=e8d8a1a328ed80f9397920c45c69b1b4&location=https%3A%2F%2Frtb.moe.video%2Fcs%3Fd%3D37%26b%3D%7Buid%7D
  • https://rtb.moe.video/cs?d=37&b=542d86bf-7df7-493c-9a85-86d7acc00f50
0
0
cs
rtb.moe.video/ Frame 94CE
Redirect Chain
  • https://sp.linkssp.ru/cm?key=af2153fbaa913034dfb5e17a6bd035af&location=https%3A%2F%2Frtb.moe.video%2Fcs%3Fd%3D38%26b%3D%7Buid%7D
  • https://rtb.moe.video/cs?d=38&b=6ffb5dc4-28da-49fe-8f52-cc6bc2209181
0
0
sync
pixel.dsp.onetarget.ru/moevideo/ Frame 94CE 		0
0
sync.gif
smi2.ru/counter/ Frame 94CE 		0
0
sync
a.bringads.ru/ Frame 94CE 		0
0
MoeVideo
sync.dvgroup.com/match/ Frame 94CE 		0
0
moevideo-web
bid.sspnet.tech/sync/ Frame 94CE 		0
0
rle.cgi
ad.adriver.ru/cgi-bin/ Frame 51D3 		383 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=780801&bt=21&pid=3915086&bid=10043329&bn=10043329&rnd=527366301&tuid=1&cfa=1
Requested by
Host: content.adriver.ru
URL: https://content.adriver.ru/AdRiverFPS.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.209.109.16 , Russian Federation, ASN52007 (ADRIVER LLC AdRiver, RU),
Reverse DNS
Software
/
Resource Hash
2afe0daf25744998b71af1bec9a30ad4e345860ff3ab14c347547a868d40d668

Request headers

Referer
https://thelib.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

Cache-control
max-age=157680000,
Connection
keep-alive
Content-Length
383
Content-Type
text/html ; charset=windows-1251
Date
Fri, 28 Nov 2025 20:13:24 GMT
ETag
"AQY_JivNFrPS3cUkYfLtgig"
Expires
Thu, 01 Jan 1970 00:00:00 GMT
P3P
policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
1434682
ad.mail.ru/vast/ Frame 94CE 		60 B
259 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/1434682?dl=thelib.net&content_id=188396655133348
Requested by
Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
r.myadx.net
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

cache-control
private, no-cache, no-store
timing-allow-origin
*
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://thelib.net
date
Fri, 28 Nov 2025 20:13:24 GMT
content-type
text/xml
server
nginx
1722074
ad.mail.ru/vast/ Frame 94CE 		59 B
258 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/1722074?dl=thelib.net&dd=1
Requested by
Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
r.myadx.net
Software
nginx /
Resource Hash
a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

cache-control
private, no-cache, no-store
timing-allow-origin
*
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://thelib.net
date
Fri, 28 Nov 2025 20:13:24 GMT
content-type
text/xml
server
nginx
1434682
ad.mail.ru/vast/ Frame 94CE 		59 B
258 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/1434682?dl=thelib.net&content_id=188396655133348
Requested by
Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
r.myadx.net
Software
nginx /
Resource Hash
a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

cache-control
private, no-cache, no-store
timing-allow-origin
*
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://thelib.net
date
Fri, 28 Nov 2025 20:13:24 GMT
content-type
text/xml
server
nginx
code.xml
catsnetwork.ru/core/ Frame 94CE 		12 B
723 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://catsnetwork.ru/core/code.xml?pid=9898&vr=1&rid=3765047&dl=thelib.net
Requested by
Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
194.186.91.198 , Russian Federation, ASN3216 (SOVAM-AS PJSC "Vimpelcom", RU),
Reverse DNS
serv33.mt.viaprog.eu
Software
nginx /
Resource Hash
21b398232e73bcfb7e782233055a6fbc1dbb3faf8736e512c216329555da2529

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

cache-control
no-cache, max-age=0, must-revalidate, no-store
pragma
no-cache
access-control-allow-credentials
true
referrer-policy
origin-when-cross-origin
expires
Tue, 11 Sep 2001 12:46:00 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
access-control-allow-origin
https://thelib.net
content-length
12
date
Fri, 28 Nov 2025 20:13:24 GMT
content-type
application/xml
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server
nginx
1055655
ad.mail.ru/vast/ Frame 94CE 		59 B
258 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/1055655?pr=7730588&sc=5133348&dl=thelib.net&dd=1
Requested by
Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
r.myadx.net
Software
nginx /
Resource Hash
a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

cache-control
private, no-cache, no-store
timing-allow-origin
*
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://thelib.net
date
Fri, 28 Nov 2025 20:13:24 GMT
content-type
text/xml
server
nginx
moevideo-lowprice-bid
bid.adx.com.ru/ Frame 94CE 		0
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bid.adx.com.ru/moevideo-lowprice-bid?vpaid=true&referer=thelib.net
Requested by
Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
83.222.105.118 , Russian Federation, ASN42632 (MNOGOBYTE-AS MnogoByte LLC, RU),
Reverse DNS
Software
nginx/1.26.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

access-control-allow-origin
https://thelib.net
date
Fri, 28 Nov 2025 20:13:24 GMT
server
nginx/1.26.3
access-control-allow-credentials
true
moevideo-vast-midprice-bid
bid.adx.com.ru/ Frame 94CE 		0
109 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bid.adx.com.ru/moevideo-vast-midprice-bid?vpaid=true&referer=thelib.net
Requested by
Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
83.222.105.118 , Russian Federation, ASN42632 (MNOGOBYTE-AS MnogoByte LLC, RU),
Reverse DNS
Software
nginx/1.26.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

access-control-allow-origin
https://thelib.net
date
Fri, 28 Nov 2025 20:13:24 GMT
server
nginx/1.26.3
access-control-allow-credentials
true
1799333
ad.mail.ru/vast/ Frame 94CE 		59 B
258 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/1799333?dl=thelib.net&dd=1&pr=5913288
Requested by
Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
r.myadx.net
Software
nginx /
Resource Hash
a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

cache-control
private, no-cache, no-store
timing-allow-origin
*
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://thelib.net
date
Fri, 28 Nov 2025 20:13:24 GMT
content-type
text/xml
server
nginx
moevideo_vast_new
kimberlite.io/rtb/bid/vast/ Frame 94CE 		123 B
504 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://kimberlite.io/rtb/bid/vast/moevideo_vast_new
Requested by
Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
37.0.127.87 Moscow, Russian Federation, ASN61400 (NETRACK-AS Start2 LLC, RU),
Reverse DNS
s18.kimberlie.io
Software
nginx /
Resource Hash
7be888fe96032d9c836dc482383d6fe897ebbbec7b19a5c67671d74cdf13281f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

Connection
keep-alive
access-control-allow-credentials
true
access-control-allow-origin
https://thelib.net
server-timing
app;srv=s11;dur=0.0005
Content-Length
123
Date
Fri, 28 Nov 2025 20:13:24 GMT
Content-Type
text/xml
Server
nginx
1061630
ad.mail.ru/vast/ Frame 94CE 		59 B
258 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/1061630?pr=7527734&sc=5133348&dl=thelib.net&content_id=129923945133348
Requested by
Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
r.myadx.net
Software
nginx /
Resource Hash
a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

cache-control
private, no-cache, no-store
timing-allow-origin
*
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://thelib.net
date
Fri, 28 Nov 2025 20:13:24 GMT
content-type
text/xml
server
nginx
1078843
ad.mail.ru/vast/ Frame 94CE 		59 B
258 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/1078843?pr=1640740&sc=5133348&dl=thelib.net&content_id=134183085133348
Requested by
Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
r.myadx.net
Software
nginx /
Resource Hash
a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

cache-control
private, no-cache, no-store
timing-allow-origin
*
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://thelib.net
date
Fri, 28 Nov 2025 20:13:24 GMT
content-type
text/xml
server
nginx
json.cgi
ad.adriver.ru/cgi-bin/ Frame 94CE 		503 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.adriver.ru/cgi-bin/json.cgi?sid=1&ad=719473&bt=55&pid=4425169&bid=12604289&bn=12604289&tuid=1&cfa=1&rnd=985911&loc=https%3A%2F%2Fthelib.net%2F1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html&custom=127%3D1%3B129%3D2.10.4%3B308%3D1764360802726477338%3B309%3D0%3B310%3D0
Requested by
Host: content.adriver.ru
URL: https://content.adriver.ru/AdRiverFPS.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.209.109.11 , Russian Federation, ASN52007 (ADRIVER LLC AdRiver, RU),
Reverse DNS
Software
/
Resource Hash
0f8fae2116f63aab9fae2fa0d6c633bbf20304a1aa110c1951e5079e98609a01

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

Transfer-Encoding
chunked
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Origin
https://thelib.net
P3P
policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Date
Fri, 28 Nov 2025 20:13:24 GMT
Content-Type
application/json
rle.cgi
ev.adriver.ru/cgi-bin/ Frame 94CE 		0
0
rle.cgi
ev.adriver.ru/cgi-bin/ Frame 94CE 		0
0
/
ru.viadata.store/instream/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ru.viadata.store/instream/?sid=109011&zone=7766&pageurl=%5BENCODED_URL%5D&gdpr=%5BGDPR_CONSENT%5D
Requested by
Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/1303043/vas-bundles/bundles-es2017/loader.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.211.20 , Russian Federation, ASN39134 (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY, RU),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
1f52f4c3dd584ab0deb9f1925b53c2979c9e974a5ae6ba72089cd7f8c1077b76

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-encoding
br
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://thelib.net
date
Fri, 28 Nov 2025 20:13:25 GMT
content-type
application/xml; charset=utf-8
vary
Accept-Encoding
server
nginx/1.19.5
main.js
rucdn.viadata.store/js/vpaid/250731_dc654336/ Frame 4340 		391 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rucdn.viadata.store/js/vpaid/250731_dc654336/main.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/1303043/vas-bundles/bundles-es2017/loader.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.114.100 , Russian Federation, ASN39134 (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY, RU),
Reverse DNS
Software
nginx /
Resource Hash
dca0d3265a5a1c9946992984ccdd6c69daac20f447526f785aaf57b0e64289a8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-robots-tag
noindex
content-encoding
gzip
etag
W/"688b9e62-61bba"
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
date
Fri, 28 Nov 2025 20:13:25 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 31 Jul 2025 16:48:34 GMT
server
nginx
vary
Accept-Encoding
log
log.strm.yandex.ru/ 		0
70 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.strm.yandex.ru/log?VAS=1303043&event=LegalInfoMissing
Requested by
Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/1303043/vas-bundles/bundles-es2017/loader.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.15 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
log.strm.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://thelib.net/

Response headers

x-request-id
1764360806187142-5576689796935456759
access-control-expose-headers
Date
timing-allow-origin
https://thelib.net
access-control-allow-credentials
true
x-trace-id
00000000000000000000000000000000
access-control-allow-origin
https://thelib.net
content-length
0
date
Fri, 28 Nov 2025 20:13:26 GMT
bsync.js
ru.viadata.store/tag/ Frame 4340 		2 KB
969 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ru.viadata.store/tag/bsync.js?type=vpaid&sid=109011&zone=7766&gdpr=(gdpr)&consent=(gdpr_consent)&u=&v=4143&cb=1764360805
Requested by
Host: rucdn.viadata.store
URL: https://rucdn.viadata.store/js/vpaid/250731_dc654336/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.211.20 , Russian Federation, ASN39134 (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY, RU),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
71a3e1b7650369ff451585aef3576695cc014b40ced0dea66c808009542b688e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-encoding
br
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-origin
*
date
Fri, 28 Nov 2025 20:13:26 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
server
nginx/1.19.5
context.js
an.yandex.ru/system/ Frame 6081 		430 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/system/context.js
Requested by
Host: rucdn.viadata.store
URL: https://rucdn.viadata.store/js/vpaid/250731_dc654336/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.90 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
e0d5e65fa79cc8e2876c556d13c06e1cd9faacb28c31490081914867b6fb3bca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

strict-transport-security
max-age=31536000
x-robots-tag
noindex, noarchive, nofollow
x-yandex-req-id
1764360806213361-878826728652628649000398-production-app-host-klg-pcode-509.klg.yp-c.yandex.net
cache-control
private, max-age=3600
timing-allow-origin
*
content-encoding
br
etag
"bc8f98b96a0ec2c85c6888c9f78e2ffb-1303043"
expires
Fri, 28 Nov 2025 21:13:26 GMT
access-control-allow-origin
*
content-type
text/javascript; charset=utf-8
vk-adman.js
ad.mail.ru/static/ Frame 87AF 		268 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/static/vk-adman.js
Requested by
Host: rucdn.viadata.store
URL: https://rucdn.viadata.store/js/vpaid/250731_dc654336/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
r.myadx.net
Software
nginx /
Resource Hash
48789704aa98b535b0e376e00d59dc62117bc4004faec7bd36da575ffd99c549

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

cache-control
max-age=600
timing-allow-origin
*
content-encoding
gzip
expires
Fri, 28 Nov 2025 20:23:26 GMT
access-control-allow-origin
*
date
Fri, 28 Nov 2025 20:13:26 GMT
content-type
application/javascript;charset=UTF-8
server
nginx
/
dev.viadata.store/get/109011/ Frame 4340 		367 B
719 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dev.viadata.store/get/109011/?zone=7766&w=336&h=189&v=4143&rc=1&page=https%3A%2F%2Fthelib.net%2F1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Requested by
Host: rucdn.viadata.store
URL: https://rucdn.viadata.store/js/vpaid/250731_dc654336/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.114.196 , Russian Federation, ASN39134 (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY, RU),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
74a420e2b0709d5748dbf96f601a1ace2d51218fbd0d7ea5baac3ff26ab25a30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

strict-transport-security
max-age=31536000
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
x-content-type-options
nosniff
expires
Wed, 11 Nov 1998 11:11:11 GMT
access-control-allow-origin
https://thelib.net
date
Fri, 28 Nov 2025 20:13:26 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
nginx/1.19.5
last-modified
Fri, 28 Nov 2025 20:13:26 GMT
access-control-allow-headers
Content-Type, Accept
tech
ad.mail.ru/adman3/stats/ Frame 87AF 		0
0
tech
ad.mail.ru/adman3/stats/ Frame 87AF 		0
0
sync-loader.js
privacy-cs.mail.ru/static/ Frame 4340 		0
0
sync
sync.viadata.store/tools/ Frame 4340
Redirect Chain
  • https://px.adhigh.net/p/cm/viads
  • https://sync.viadata.store/tools/sync?dsp=5&uid=e9ly6XIxESA.AikABlGazBlRDQ
43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.viadata.store/tools/sync?dsp=5&uid=e9ly6XIxESA.AikABlGazBlRDQ
Protocol
H2
Server
23.111.114.196 , Russian Federation, ASN39134 (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY, RU),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

strict-transport-security
max-age=31536000
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
x-content-type-options
nosniff
expires
Wed, 11 Nov 1998 11:11:11 GMT
access-control-allow-origin
*
content-length
43
date
Fri, 28 Nov 2025 20:13:26 GMT
content-type
image/gif
last-modified
Fri, 28 Nov 2025 20:13:26 GMT
server
nginx/1.19.5
access-control-allow-headers
Content-Type, Accept

Redirect headers

x-backend-id
f3-ru
cache-control
no-cache, no-store
location
https://sync.viadata.store/tools/sync?dsp=5&uid=e9ly6XIxESA.AikABlGazBlRDQ
pragma
no-cache
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
*
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Fri, 28 Nov 2025 20:13:26 GMT
server
nginx
i
dmg.digitaltarget.ru/awg/custom/7205/i/ Frame 4340
Redirect Chain
  • https://dmg.digitaltarget.ru/1/7205/i/i?a=945&e=653f8278-3fc3-4044-8252-4f3800e42a49&i=1764360806
  • https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&ts=1764360806552&a=945&e=653f8278-3fc3-4044-8252-4f3800e42a49&i=1764360806
49 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&ts=1764360806552&a=945&e=653f8278-3fc3-4044-8252-4f3800e42a49&i=1764360806
Protocol
H2
Server
185.15.175.132 , Russian Federation, ASN43226 (SAFEDATA Data Storage Center JSC, RU),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

access-control-allow-headers
Content-Type, Origin, Accept, Authorization, X-Requested-With, DNT, Referer, Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, User-Agent
access-control-max-age
86400
x-permitted-cross-domain-policies
master-only
access-control-allow-credentials
true
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-length
49
date
Fri, 28 Nov 2025 20:13:26 GMT
x-xss-protection
1; mode=block
content-type
image/gif
server
nginx
x-frame-options
DENY

Redirect headers

access-control-allow-headers
Content-Type, Origin, Accept, Authorization, X-Requested-With, DNT, Referer, Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, User-Agent
access-control-max-age
86400
location
https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&ts=1764360806552&a=945&e=653f8278-3fc3-4044-8252-4f3800e42a49&i=1764360806
x-permitted-cross-domain-policies
master-only
access-control-allow-credentials
true
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-length
0
date
Fri, 28 Nov 2025 20:13:26 GMT
x-xss-protection
1; mode=block
server
nginx
x-frame-options
DENY
req
ll.viadata.store/event/ Frame 4340 		43 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ll.viadata.store/event/req?sid=109011&uid=653f8278-3fc3-4044-8252-4f3800e42a49&zid=7766&v=4143&cb=1764360806389
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.72.109.13 , Russian Federation, ASN208677 (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
expires
Wed, 11 Nov 1998 11:11:11 GMT
content-length
43
date
Fri, 28 Nov 2025 20:13:27 GMT
content-type
image/gif
last-modified
Fri, 28 Nov 2025 20:13:27 GMT
server
nginx
text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ Frame 6081 		25 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.9.64.225 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
cloud.cdn.yandex.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://thelib.net/

Response headers

x-request-id
18d70630215d3401
etag
"7f0cdaf91230f9789ca4162aedff612e"
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires
Sun, 29 Nov 2026 02:02:31 GMT
date
Fri, 28 Nov 2025 20:13:21 GMT
content-type
font/woff2
last-modified
Mon, 25 Apr 2022 14:02:39 GMT
vary
Accept-Encoding
cache-host
cloudcdn-m9-12.cdn.yandex.net
strict-transport-security
max-age=43200000; includeSubDomains;
cache-control
public, max-age=31556952
timing-allow-origin
*
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
x-amz-meta-owner
{"role":"admin","login":"4eb0da"}
x-nginx-request-id
5f76564dcbfb861c
accept-ranges
bytes
access-control-allow-origin
*
content-length
26004
x-strm-log-split
1
cache-status
HIT
server
nginx
433205139a5541120751.js
yastatic.net/partner-code-bundles/1303043/ Frame 6081 		73 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/1303043/433205139a5541120751.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.9.64.225 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
cloud.cdn.yandex.net
Software
nginx /
Resource Hash
9d0646fb9701e43a8c08ee41ac452e05f30a62dfe419dc96cf7a3776bdce2572
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://thelib.net/

Response headers

x-robots-tag
noindex, noarchive, nofollow
x-request-id
3745b7478f9b0e30
content-encoding
br
etag
"5c37483788622e5981f4881b4f0e56e2"
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires
Mon, 29 Nov 2055 02:44:07 GMT
date
Fri, 28 Nov 2025 20:13:21 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Tue, 25 Nov 2025 14:29:21 GMT
cache-host
cloudcdn-m9-12.cdn.yandex.net
strict-transport-security
max-age=43200000; includeSubDomains;
cache-control
public, max-age=946708560
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin
*
accept-ranges
bytes
access-control-allow-origin
*
content-length
17537
x-strm-log-split
7
cache-status
HIT
server
nginx
ef456837425d0a5d18cd.js
yastatic.net/partner-code-bundles/1303043/ Frame 6081 		16 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/1303043/ef456837425d0a5d18cd.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.9.64.225 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
cloud.cdn.yandex.net
Software
nginx /
Resource Hash
c19e365c7aa378aaa551bd8e6707ef34a93aa198c2398cda3c9998ee045189b8
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://thelib.net/

Response headers

x-robots-tag
noindex, noarchive, nofollow
x-request-id
1abfa40ca75132bb
content-encoding
br
etag
"94848eb732648efa64e349ecd59798c3"
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires
Mon, 29 Nov 2055 02:44:09 GMT
date
Fri, 28 Nov 2025 20:13:21 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Tue, 25 Nov 2025 14:29:23 GMT
cache-host
cloudcdn-m9-12.cdn.yandex.net
strict-transport-security
max-age=43200000; includeSubDomains;
cache-control
public, max-age=946708560
timing-allow-origin
*
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
accept-ranges
bytes
access-control-allow-origin
*
content-length
5745
x-strm-log-split
9
cache-status
HIT
server
nginx
803c8f0430266dff4d25.js
yastatic.net/partner-code-bundles/1303043/ Frame 6081 		686 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/1303043/803c8f0430266dff4d25.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.9.64.225 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
cloud.cdn.yandex.net
Software
nginx /
Resource Hash
eb96d4f91eb17bf2c0bf2a87979e9c318e5b360a57eb1c9e73a76b044436a577
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://thelib.net/

Response headers

x-robots-tag
noindex, noarchive, nofollow
x-request-id
0f46eab61a90db71
content-encoding
br
etag
"c22fb7dad3e5b622f45edc45eaef7430"
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires
Mon, 29 Nov 2055 02:44:01 GMT
date
Fri, 28 Nov 2025 20:13:21 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Tue, 25 Nov 2025 14:29:22 GMT
cache-host
cloudcdn-m9-12.cdn.yandex.net
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
access-control-allow-origin
*
content-length
135107
x-strm-log-split
2
cache-status
HIT
server
nginx
host.js
yastatic.net/safeframe-bundles/0.83/ Frame 6081 		33 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.9.64.225 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
cloud.cdn.yandex.net
Software
nginx /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://thelib.net/

Response headers

x-robots-tag
noindex, noarchive, nofollow
x-request-id
59c9c8ff319eede1
content-encoding
br
etag
"f80882bf67cf261aa08d636da095149a"
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires
Mon, 29 Nov 2055 02:42:25 GMT
date
Fri, 28 Nov 2025 20:13:21 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
cache-host
cloudcdn-m9-12.cdn.yandex.net
strict-transport-security
max-age=43200000; includeSubDomains;
cache-control
public, max-age=946708560
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin
*
accept-ranges
bytes
access-control-allow-origin
*
content-length
8878
x-strm-log-split
1
cache-status
HIT
server
nginx
8ce05b70a5b8b3e9b965.js
yastatic.net/partner-code-bundles/1303043/ Frame 6081 		15 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/1303043/8ce05b70a5b8b3e9b965.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.9.64.225 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
cloud.cdn.yandex.net
Software
nginx /
Resource Hash
e3f66c791ace3e381a2eb9ffda109028d8d5aea8a4b0a8e3a3ce8d058695fb6b
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://thelib.net/

Response headers

x-robots-tag
noindex, noarchive, nofollow
x-request-id
88b3523c6c4e9f2e
content-encoding
br
etag
"2f42400ee05420ffc6d9de87bcd2f3e7"
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires
Mon, 29 Nov 2055 02:44:14 GMT
date
Fri, 28 Nov 2025 20:13:21 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Tue, 25 Nov 2025 14:29:22 GMT
cache-host
cloudcdn-m9-12.cdn.yandex.net
strict-transport-security
max-age=43200000; includeSubDomains;
cache-control
public, max-age=946708560
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin
*
accept-ranges
bytes
access-control-allow-origin
*
content-length
5042
x-strm-log-split
8
cache-status
HIT
server
nginx
b75cd6e8da3d53975b63.js
yastatic.net/partner-code-bundles/1303043/ Frame 6081 		124 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/1303043/b75cd6e8da3d53975b63.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.9.64.225 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
cloud.cdn.yandex.net
Software
nginx /
Resource Hash
af5ceda4287dbb55765f583c3a405505854622b484590b76852375f3a621758a
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://thelib.net
Referer
https://thelib.net/

Response headers

x-robots-tag
noindex, noarchive, nofollow
x-request-id
7ba06de7cd70687a
content-encoding
br
etag
"56982ca38f89ed758c275078cc5808ed"
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires
Mon, 29 Nov 2055 02:44:06 GMT
date
Fri, 28 Nov 2025 20:13:21 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Tue, 25 Nov 2025 14:29:23 GMT
cache-host
cloudcdn-m9-12.cdn.yandex.net
strict-transport-security
max-age=43200000; includeSubDomains;
cache-control
public, max-age=946708560
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin
*
accept-ranges
bytes
access-control-allow-origin
*
content-length
25223
x-strm-log-split
6
cache-status
HIT
server
nginx
controller.php
thelib.net/engine/ajax/ 		2 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://thelib.net/engine/ajax/controller.php?mod=adminfunction&id=1095923&action=newsread&user_hash=dd0d75f32bb74c58d95a882a9755cc80d704fa71
Requested by
Host: thelib.net
URL: https://thelib.net/engine/classes/min/index.php?g=general3&v=f4j64
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.11.141 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.141.11.130.94.clients.your-server.de
Software
nginx/1.28.0 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Accept
*/*

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Content-Length
2
Date
Fri, 28 Nov 2025 20:13:26 GMT
Content-Type
text/html; charset=utf-8
Server
nginx/1.28.0
cs
rurtb.viadata.store/vast/ Frame 4340 		108 B
470 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rurtb.viadata.store/vast/cs?zone=7766&sid=109011&w=336&h=189&site=https%3A%2F%2Fthelib.net%2F1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html&vp=2&cbb=1764360806498
Requested by
Host: rucdn.viadata.store
URL: https://rucdn.viadata.store/js/vpaid/250731_dc654336/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.236 , Russian Federation, ASN39134 (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY, RU),
Reverse DNS
Software
nginx /
Resource Hash
d8cc3a277e02e71ed057089630f71e8a258c7a8ca5b2bce6acf898e5f2e8c0f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

x-openrtb-version
2.5
strict-transport-security
max-age=31536000
cache-control
no-store
content-encoding
gzip
pragma
no-cache
age
0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
x-content-type-options
nosniff
access-control-allow-origin
https://thelib.net
date
Fri, 28 Nov 2025 20:13:26 GMT
content-type
application/xml; charset=utf-8
vary
Accept-Encoding
server
nginx
access-control-allow-headers
Content-Type, Accept
log
log.strm.yandex.ru/ 		0
70 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.strm.yandex.ru/log?VAS=1303043&event=STOP_AD_ERROR
Requested by
Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/1303043/vas-bundles/bundles-es2017/loader.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.15 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
log.strm.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://thelib.net/

Response headers

x-request-id
1764360807376980-6490988580987499137
access-control-expose-headers
Date
timing-allow-origin
https://thelib.net
access-control-allow-credentials
true
x-trace-id
00000000000000000000000000000000
access-control-allow-origin
https://thelib.net
content-length
0
date
Fri, 28 Nov 2025 20:13:27 GMT
l
traffaret.com/c/v/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://traffaret.com/c/v/l?pid=1445&vr=1&rid=%7Brandom_158%7D
Requested by
Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/1303043/vas-bundles/bundles-es2017/loader.bundle.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
194.186.91.197 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
4ed84ae849de835556b15759be28c1b976ba7f9077a431bcaae603f657fcdd2a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

cache-control
no-cache, max-age=0, must-revalidate, no-store
pragma
no-cache
access-control-allow-credentials
true
expires
Tue, 11 Sep 2001 12:46:00 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
access-control-allow-origin
https://thelib.net
content-length
2077
date
Fri, 28 Nov 2025 20:13:27 GMT
content-type
application/xml
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server
nginx
click
yandex.ru/clck/ 		43 B
431 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/clck/click
Requested by
Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/1303043/vas-bundles/bundles-es2017/loader.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.88.55.88 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
yandex.ru
Software
/
Resource Hash
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://thelib.net/

Response headers

x-yandex-req-id
1764360807383648-13373771966358187676-balancer-l7leveler-kubr-yp-sas-98-BAL
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-l7-hostname
jhtlxjgh5sl3omow.sas.yp-c.yandex.net
cache-control
no-cache
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-Viewport-Width, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width, Sec-Ch-Viewport-Height
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-content-type-options
nosniff
content-length
43
content-type
image/gif
linear-vpaid-v1.js
cdn.traffaret.com/s/linear/ Frame B450 		108 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.traffaret.com/s/linear/linear-vpaid-v1.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/1303043/vas-bundles/bundles-es2017/loader.bundle.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
194.186.91.211 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b17ea2268a3a8ee4558d0457eb9a5820b044e91820d9e5831e06b04fc4b9929a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
zstd
etag
W/"686e9a92-1af29"
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
date
Fri, 28 Nov 2025 20:13:27 GMT
content-type
application/javascript; charset=utf-8
vary
accept-encoding
server
nginx
last-modified
Wed, 09 Jul 2025 16:36:34 GMT
log
log.strm.yandex.ru/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.strm.yandex.ru/log?VAS=1303043&event=LegalInfoMissing
Requested by
Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/1303043/vas-bundles/bundles-es2017/loader.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.15 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
log.strm.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://thelib.net/

Response headers

x-request-id
1764360807682586-4259603480897292123
access-control-expose-headers
Date
timing-allow-origin
https://thelib.net
access-control-allow-credentials
true
x-trace-id
00000000000000000000000000000000
access-control-allow-origin
https://thelib.net
content-length
0
date
Fri, 28 Nov 2025 20:13:27 GMT
top100.js
st.top100.ru/top100/ Frame B450 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.top100.ru/top100/top100.js
Requested by
Host: cdn.traffaret.com
URL: https://cdn.traffaret.com/s/linear/linear-vpaid-v1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.238.111.224 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

x-cdn-edge-id
2024
x-cdn-edge-cache
HIT
content-encoding
br
etag
W/"97c5f39e34e25cd4e29d6771bc04071c"
x-reserved-indicator
372
date
Fri, 28 Nov 2025 20:13:27 GMT
content-type
application/javascript
last-modified
Fri, 28 Nov 2025 08:36:46 GMT
server
nginx
x-cdn-request-id
0492e9899c96281925f1821a69d0e4f0
cmf
sp.ohmy.bid/ Frame 5C52 		2 KB
896 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sp.ohmy.bid/cmf?0.039304546163241416
Requested by
Host: cdn.traffaret.com
URL: https://cdn.traffaret.com/s/linear/linear-vpaid-v1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
37.0.127.199 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ee4ee6ba1d1b9bcce5313d40fcc6a560da317265afc4079daffca6dbd28d1af8

Request headers

Referer
https://thelib.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Bidder
bid-20 1.2215.af91edd8
Connection
keep-alive
Content-Encoding
gzip
Content-Length
659
Content-Type
text/html
Date
Fri, 28 Nov 2025 20:13:27 GMT
Server
nginx
sync-loader.js
ad.mail.ru/static/ Frame B450 		83 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/static/sync-loader.js
Requested by
Host: cdn.traffaret.com
URL: https://cdn.traffaret.com/s/linear/linear-vpaid-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
r.myadx.net
Software
nginx /
Resource Hash
546ceae2937e036d3ef74982e56f5c737a99686bcba28519e639d859a44b3dc3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

cache-control
max-age=600
timing-allow-origin
*
content-encoding
gzip
expires
Fri, 28 Nov 2025 20:23:27 GMT
access-control-allow-origin
*
date
Fri, 28 Nov 2025 20:13:27 GMT
content-type
application/javascript;charset=UTF-8
server
nginx
black.jpg
inplayer.ru/video/ Frame EDF4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inplayer.ru/video/black.jpg
Requested by
Host: cdn.traffaret.com
URL: https://cdn.traffaret.com/s/linear/linear-vpaid-v1.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
194.186.91.198 , Russian Federation, ASN3216 (SOVAM-AS PJSC "Vimpelcom", RU),
Reverse DNS
serv33.mt.viaprog.eu
Software
nginx /
Resource Hash
68757ecc2c822ec174f9555b734fa6f139f6db60fcffd26195ac037ffeb0ad2a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

etag
"5af40ea8-787"
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1927
date
Fri, 28 Nov 2025 20:13:27 GMT
content-type
image/jpeg
last-modified
Thu, 10 May 2018 09:19:36 GMT
server
nginx
ads.xml
traffaret.com/c/ Frame B450 		20 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://traffaret.com/c/ads.xml?pid=1445&vr=1&rid=%7Brandom_158%7D&ss=SSXarnyfrDgz&idntfy=VUraWdF4CfAmrG2&pw=336&ph=300&dl=https%3A%2F%2Fthelib.net%2F1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html&dc=https%3A%2F%2Fthelib.net%2F1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Requested by
Host: cdn.traffaret.com
URL: https://cdn.traffaret.com/s/linear/linear-vpaid-v1.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
194.186.91.197 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
23a068e6e932a105df08068ebf013ff898f2058d8de916463694f94840c0b3a4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

cache-control
no-cache, max-age=0, must-revalidate, no-store
pragma
no-cache
access-control-allow-credentials
true
referrer-policy
origin-when-cross-origin
expires
Tue, 11 Sep 2001 12:46:00 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
access-control-allow-origin
https://thelib.net
content-length
20153
date
Fri, 28 Nov 2025 20:13:27 GMT
content-type
application/xml
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server
nginx
/
www.tns-counter.ru/V13a****rambler_ad/ru/UTF-8/tmsec=rambler_cid1100103-posid2155078/ Frame B450 		43 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13a****rambler_ad/ru/UTF-8/tmsec=rambler_cid1100103-posid2155078/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.226.130.227 -, , ASN (),
Reverse DNS
Software
ms-counter-4.4.3/1.22.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=2678400

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

strict-transport-security
max-age=2678400
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:01 GMT
content-length
43
date
Fri, 28 Nov 2025 20:13:27 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-4.4.3/1.22.1
tmsec=rambler_cid1100106-posid2155081
www.tns-counter.ru/V13a****rambler_ad/ru/UTF-8/ Frame B450 		43 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13a****rambler_ad/ru/UTF-8/tmsec=rambler_cid1100106-posid2155081
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.226.130.227 -, , ASN (),
Reverse DNS
Software
ms-counter-4.4.3/1.22.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=2678400

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

strict-transport-security
max-age=2678400
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:01 GMT
content-length
43
date
Fri, 28 Nov 2025 20:13:27 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-4.4.3/1.22.1
/
privacy-cs.mail.ru/fp/ Frame 		0
0
/
privacy-cs.mail.ru/fp/ Frame B450 		0
0
erle.cgi
ad.adriver.ru/cgi-bin/ Frame B450 		142 B
861 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.adriver.ru/cgi-bin/erle.cgi?sid=229672&bn=3&bt=61&tuid=1&pz=0&vp=5&target=blank&vmindn=0&vmaxdn=30&vminbtr=0&vmaxbtr=12000&rnd=1770706003&tail256=https%3A%2F%2Fthelib.net%2F1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Requested by
Host: cdn.traffaret.com
URL: https://cdn.traffaret.com/s/linear/linear-vpaid-v1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.209.109.11 , Russian Federation, ASN52007 (ADRIVER LLC AdRiver, RU),
Reverse DNS
Software
/
Resource Hash
c552f6e085fb5cf5196d9ef32b915c9591a4459ab5b92178a1f49b8ccb96a375

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

Transfer-Encoding
chunked
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Origin
https://thelib.net
P3P
policyref="https://adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Date
Fri, 28 Nov 2025 20:13:27 GMT
Content-Type
text/xml
ssp226.xml
s.tigra.dev/wrap/ Frame B450 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.tigra.dev/wrap/ssp226.xml
Requested by
Host: cdn.traffaret.com
URL: https://cdn.traffaret.com/s/linear/linear-vpaid-v1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
84.38.186.39 -, , ASN (),
Reverse DNS
Software
nginx/1.28.0 /
Resource Hash
b4bead4c2c3ad28a98f689d173c6d9bf52bf495f87c406102d0b381ee2ef326f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

ETag
"6926d1fa-506"
Connection
keep-alive
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Origin
https://thelib.net
Content-Length
1286
Date
Fri, 28 Nov 2025 20:13:27 GMT
Content-Type
text/xml
Last-Modified
Wed, 26 Nov 2025 10:10:02 GMT
Server
nginx/1.28.0
e.gif
traffaret.com/c/ Frame B450 		43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://traffaret.com/c/e.gif?eid=94&bid=39487&pid=1445&ss=SSXarnyfrDgz
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
194.186.91.197 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

cache-control
no-cache, max-age=0, must-revalidate, no-store
pragma
no-cache
expires
Tue, 11 Sep 2001 12:46:00 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
43
date
Fri, 28 Nov 2025 20:13:27 GMT
content-type
image/gif
server
nginx
e.gif
traffaret.com/c/ Frame B450 		43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://traffaret.com/c/e.gif?eid=94&bid=39820&pid=1445&ss=SSXarnyfrDgz
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
194.186.91.197 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://thelib.net/

Response headers

cache-control
no-cache, max-age=0, must-revalidate, no-store
pragma
no-cache
expires
Tue, 11 Sep 2001 12:46:00 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
43
date
Fri, 28 Nov 2025 20:13:27 GMT
content-type
image/gif
server
nginx
ohmybid
bid.sspnet.tech/sync/ Frame 5C52 		0
0
match.gif
otclick-adv.ru/core/ Frame 5C52 		0
0
ohmybid
id.adx.bid/match/ Frame 5C52 		0
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.adx.bid/match/ohmybid
Requested by
Host: sp.ohmy.bid
URL: https://sp.ohmy.bid/cmf?0.039304546163241416
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.26.1.235 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://sp.ohmy.bid/

Response headers

access-control-expose-headers
Content-Length,Content-Range
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
x-error
no_matching
cf-ray
9a5c86a99ad2dcb8-FRA
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=FKoVH7Wu3qJg8TbfFK865y0X2Zo%2FakZhqlWquqxyh4px%2BpmhN8mlA8GSC1BGHT5egCCSUWTzBJRFJKew7OgCXIlGax8fjyAI0w%3D%3D"}]}
access-control-allow-origin
*
date
Fri, 28 Nov 2025 20:13:27 GMT
server
cloudflare
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
rmatch
www.acint.net/ Frame 5C52 		0
0
ohmybids
sync.dmp.otm-r.com/match/ Frame 5C52 		0
0
match.gif
mediatoday.ru/core/ Frame 5C52 		0
0
cm
sp.linkssp.ru/ Frame 5C52 		0
0
redirect
exchange.buzzoola.com/cookiesync/ Frame 5C52 		0
0
cm
sp.ohmy.bid/ Frame 5C52
Redirect Chain
  • https://sync.bumlam.com/?src=ohd1&uid=6ac18505-930c-494e-b125-16b287f5ed20
  • https://sp.ohmy.bid/cm?dsp_id=45&uid=b0974266-cc96-11f0-b60c-002590c82436
44 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.ohmy.bid/cm?dsp_id=45&uid=b0974266-cc96-11f0-b60c-002590c82436
Requested by
Host: sp.ohmy.bid
URL: https://sp.ohmy.bid/cmf?0.039304546163241416
Protocol
HTTP/1.1
Server
37.0.127.199 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://sp.ohmy.bid/

Response headers

Content-Encoding
gzip
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Length
58
Bidder
bid-19 1.2215.af91edd8
Date
Fri, 28 Nov 2025 20:13:27 GMT
Content-Type
image/gif
Server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Location
https://sp.ohmy.bid/cm?dsp_id=45&uid=b0974266-cc96-11f0-b60c-002590c82436
Connection
keep-alive
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Fri, 28 Nov 2025 20:13:27 GMT
Content-Type
text/html; charset=utf-8
Server
nginx
sync
ohmybidvideo-sync.rutarget.ru/ Frame 5C52 		0
0
ohmybid
kimberlite.io/rtb/sync/ Frame 5C52 		0
0
p
sm.rtb.mts.ru/ Frame 5C52 		0
0
ohmybid
px.adhigh.net/p/cm/ Frame 5C52 		0
0
sync
ohmybid-sync.rutarget.ru/ Frame 5C52 		0
0
match
ads.betweendigital.com/ Frame 5C52 		0
0
rle.cgi
ev.adriver.ru/cgi-bin/ Frame 5C52 		0
0
sync
a.bringads.ru/ Frame 5C52 		0
0
wb-no-controls.css
traffaret.com/s/linear/ Frame EDF4 		0
0
e.gif
traffaret.com/c/ Frame B450 		0
0
e.gif
traffaret.com/c/ Frame B450 		0
0
err.gif
traffaret.com/c/ Frame B450 		0
0
vpaid_ima.js
s.tigra.dev/wrap/ Frame 7C00 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
thelib.net
URL
https://thelib.net/scripts/tools/pdf_viewer/build/pdf.worker.js
Domain
ad.mail.ru
URL
https://ad.mail.ru/hbid_yandex/
Domain
bridgertb.tech
URL
https://bridgertb.tech/ssp/sync/between?sspuid=f3d59642-41d3-524c-80c4-956be9ee9709
Domain
privacy-cs.mail.ru
URL
https://privacy-cs.mail.ru/static/sync-loader.js
Domain
x01.aidata.io
URL
https://x01.aidata.io/0.gif?pid=MGCOM&id=84ebe470-afab-409f-b923-db5a63e7b0d8&back=
Domain
match.qtarget.tech
URL
https://match.qtarget.tech/userbind?src=moevideo&id=[user_uid]
Domain
a.atraffic.ru
URL
https://a.atraffic.ru/sync?ssp=12
Domain
match.new-programmatic.com
URL
https://match.new-programmatic.com/userbind?src=moevideo&id=[user_uid]
Domain
sync.dmp.otm-r.com
URL
https://sync.dmp.otm-r.com/match/open_ssp?id=NGU5YjE3NDcyYjc0Y2YyYg&otcm_check=1764360805
Domain
rtb.moe.video
URL
https://rtb.moe.video/cs?d=37&b=542d86bf-7df7-493c-9a85-86d7acc00f50
Domain
rtb.moe.video
URL
https://rtb.moe.video/cs?d=38&b=6ffb5dc4-28da-49fe-8f52-cc6bc2209181
Domain
pixel.dsp.onetarget.ru
URL
https://pixel.dsp.onetarget.ru/moevideo/sync?id=[user_uid]
Domain
smi2.ru
URL
https://smi2.ru/counter/sync.gif?system=my_video&cb=https%3A%2F%2Frtb.moe.video%2Fcs%3Fd%3D40%26b%3D%24UID
Domain
a.bringads.ru
URL
https://a.bringads.ru/sync?ssp=20
Domain
sync.dvgroup.com
URL
https://sync.dvgroup.com/match/MoeVideo?id=[user_uid]
Domain
bid.sspnet.tech
URL
https://bid.sspnet.tech/sync/moevideo-web?user_id=[user_uid]&redirect=https://rtb.moe.video/cs?d=45&b=${USER_ID}
Domain
ev.adriver.ru
URL
https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=774375&bt=21&cid=AQY_JivNFrPS3cUkYfLtgig&custom=180=1&pass=AQY_JivNFrPS3cUkYfLtgig
Domain
ev.adriver.ru
URL
https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=790715&bt=21&cid=AQY_JivNFrPS3cUkYfLtgig&custom=180=1&pass=ifivsx2knf3e4rtskbjtgy2vnnmwmtdum5uwo---
Domain
ad.mail.ru
URL
https://ad.mail.ru/adman3/stats/tech
Domain
ad.mail.ru
URL
https://ad.mail.ru/adman3/stats/tech
Domain
privacy-cs.mail.ru
URL
https://privacy-cs.mail.ru/static/sync-loader.js
Domain
privacy-cs.mail.ru
URL
https://privacy-cs.mail.ru/fp/?id=g78V6hCh5IJQRc40k0UvH
Domain
privacy-cs.mail.ru
URL
https://privacy-cs.mail.ru/fp/?id=g78V6hCh5IJQRc40k0UvH
Domain
bid.sspnet.tech
URL
https://bid.sspnet.tech/sync/ohmybid?redirect=https%3A%2F%2Fmatch.ohmy.bid%2Fcm%3Fdsp_id%3D128%26uid%3D%24%7BUSER_ID%7D&user_id=6ac18505-930c-494e-b125-16b287f5ed20
Domain
otclick-adv.ru
URL
https://otclick-adv.ru/core/match.gif?s=34&reference=https%3A%2F%2Fmatch.ohmy.bid%2Fcm%3Fdsp_id%3D87%26uid%3D%23%7BUID%7D
Domain
www.acint.net
URL
https://www.acint.net/rmatch?dp=217&r=https%3A%2F%2Fsp.ohmy.bid%2Fcm%3Fdsp_id%3D5%26uid%3D%24%7BUSER_ID%7D
Domain
sync.dmp.otm-r.com
URL
https://sync.dmp.otm-r.com/match/ohmybids?id=6ac18505-930c-494e-b125-16b287f5ed20
Domain
mediatoday.ru
URL
https://mediatoday.ru/core/match.gif?s=34&id={visitor_id}
Domain
sp.linkssp.ru
URL
https://sp.linkssp.ru/cm?key=edc11c69abfc708136ed44d548263e69&location=https%3A%2F%2Fmatch.ohmy.bid%2Fcm%3Fdsp_id%3D127%26uid%3D%7Buid%7D
Domain
exchange.buzzoola.com
URL
https://exchange.buzzoola.com/cookiesync/redirect?redirect_url=https%3A%2F%2Fsp.ohmy.bid%2Fcm%3Fdsp_id%3D8%26uid%3D${UUID}
Domain
ohmybidvideo-sync.rutarget.ru
URL
https://ohmybidvideo-sync.rutarget.ru/sync
Domain
kimberlite.io
URL
https://kimberlite.io/rtb/sync/ohmybid
Domain
sm.rtb.mts.ru
URL
https://sm.rtb.mts.ru/p?ssp=ohmybid&id=6ac18505-930c-494e-b125-16b287f5ed20
Domain
px.adhigh.net
URL
https://px.adhigh.net/p/cm/ohmybid?u=6ac18505-930c-494e-b125-16b287f5ed20
Domain
ohmybid-sync.rutarget.ru
URL
https://ohmybid-sync.rutarget.ru/sync
Domain
ads.betweendigital.com
URL
https://ads.betweendigital.com/match?bidder_id=45296&callback_url=https%3A%2F%2Fmatch.ohmy.bid%2Fcm%3Fdsp_id%3D84%26uid%3D%24%7BUSER_ID%7D
Domain
ev.adriver.ru
URL
https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=11644644&bn=11644644
Domain
a.bringads.ru
URL
https://a.bringads.ru/sync?ssp=22
Domain
traffaret.com
URL
https://traffaret.com/s/linear/wb-no-controls.css
Domain
traffaret.com
URL
https://traffaret.com/c/e.gif?eid=82&bid=39820&pid=1445&ss=SSXarnyfrDgz
Domain
traffaret.com
URL
https://traffaret.com/c/e.gif?eid=95&bid=39820&pid=1445&ss=SSXarnyfrDgz
Domain
traffaret.com
URL
https://traffaret.com/c/err.gif?bid=39820&pid=1445&ss=SSXarnyfrDgz&ssq=[ISV_SSQ]&err=erid&errv=405&errd=
Domain
s.tigra.dev
URL
https://s.tigra.dev/wrap/vpaid_ima.js

Verdicts & Comments Add Verdict or Comment

146 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| yaContextCb function| ym function| $ function| jQuery function| getCookie function| setCookie function| social_share string| dle_root string| dle_login_hash number| dle_group string| dle_skin string| dle_wysiwyg string| quick_wysiwyg string| dle_min_search object| dle_act_lang string| menu_short string| menu_full string| menu_profile string| menu_send string| menu_uedit string| dle_info string| dle_confirm string| dle_prompt object| dle_req_field string| dle_del_agree string| dle_spam_agree string| dle_c_title string| dle_complaint string| dle_mail string| dle_big_text string| dle_orfo_title string| dle_p_send string| dle_p_send_ok string| dle_save_ok string| dle_reply_title string| dle_tree_comm string| dle_del_news string| dle_sub_agree string| dle_unsub_agree string| dle_captcha_type object| dle_share_interesting object| DLEPlayerLang object| DLEGalleryLang number| DLEGalleryMode number| DLELazyMode function| _init function| _open object| c_cache object| dle_poll_voted object| file_uploaders function| reload function| dle_change_sort function| doPoll function| IPMenu function| ajax_save_for_edit function| ajax_prep_for_edit function| ajax_comm_edit function| ajax_cancel_comm_edit function| ajax_save_comm_edit function| DeleteComments function| MarkSpam function| doFavorites function| CheckLogin function| doCalendar function| doRate function| doCommentsRate function| ajax_cancel_reply function| DLESendPM function| ajax_fast_reply function| dle_reply function| doAddComments function| isHistoryApiAvailable function| CommentsPage function| dle_copy_quote function| dle_fastreply function| dle_ins function| ShowOrHide function| ckeck_uncheck_all function| confirmDelete function| setNewField function| dle_news_delete function| MenuNewsBuild function| sendNotice function| AddComplaint function| DLEalert function| DLEconfirm function| DLEprompt function| ShowPopupProfile function| onTwofactoryChange function| ShowProfile function| FastSearch function| dle_do_search function| ShowLoading function| HideLoading function| ShowAllVotes function| fast_vote function| AddIgnorePM function| DelIgnorePM function| DelSocial function| subscribe function| media_upload function| dropdownmenu function| setcookie function| get_local_storage function| set_local_storage function| del_local_storage function| save_last_viewed function| hidemenu function| delayhidemenu function| clearhidemenu function| removeEmptyElements function| find_comment_onpage function| findCommentsPage object| Ya object| yaCounter96273989 function| cnc object| pcode_1303043_default_pza0YqIFNP object| __activeTestIds object| __pcodeAllActiveTestIds object| yaSafeFrameCallbacksStorage string| __loaderType number| pr function| AdFox_getCodeScript object| yaads boolean| isLoadingSafeframeStarted object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| adfinityData object| adfinity object| adfinityAppInstance object| __adfinityHB__ object| YaHeaderBiddingSettings object| $sf object| yaSafeFrameAsyncCallbacks object| ya object| vas_1303043_es2017-adloader function| AdriverCounterImage function| AdriverCounterJS object| adrCounterStorage function| adrCreateCounter boolean| adrCounterOnPage

90 Cookies

Domain/Path Name / Value
kimberlite.io/rtb/sync Name: f
Value: https%3A%2F%2Frtb.moe.video%2Fcs%3Fd%3D4%26b%3DaSoCZMFWpqg
kimberlite.io/rtb/sync Name: n
Value: 2
.catsnetwork.ru/core/ Name: idntfy
Value: VUraWdF4CfAmrG2
.otclick-adv.ru/core/ Name: idntfy
Value: VUibTjb8FF50LNw
kimberlite.io/rtb Name: as
Value: T72MF2kqAmQ
kimberlite.io/rtb Name: da
Value: 2OZrzwAAAAE
.catsnetwork.ru/c/ Name: idntfy
Value: VUraWdF4CfAmrG2
.otclick-adv.ru/c/ Name: idntfy
Value: VUibTjb8FF50LNw
thelib.net/ Name: PHPSESSID
Value: tonso8l2uipgakiqqkcv533gfu
thelib.net/ Name: viewed_ids
Value: 1095923
.yandex.ru/ Name: i
Value: VSAkr6AOFvj9NxRe9o3HpHVbgVGCULNmPfa4K2k7cnJFSBG/6QkYX+DhBFL9qsBoBuDHL5MQukwKMSDQCFnX+1x2c5s=
.yandex.ru/ Name: yandexuid
Value: 7044972391764360801
.yandex.ru/ Name: yashr
Value: 3233354801764360801
.yandex.ru/ Name: bh
Value: YOGEqMkGahncyumIDvKst6UL+/rw5w3r//32D/iczIcI
.thelib.net/ Name: _ym_uid
Value: 1764360802726477338
.thelib.net/ Name: _ym_d
Value: 1764360802
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2854199892fake
.thelib.net/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 2698103275fake
.yandex.com/ Name: yandexuid
Value: 7044972391764360801
.yandex.com/ Name: yuidss
Value: 7044972391764360801
.yandex.com/ Name: i
Value: VSAkr6AOFvj9NxRe9o3HpHVbgVGCULNmPfa4K2k7cnJFSBG/6QkYX+DhBFL9qsBoBuDHL5MQukwKMSDQCFnX+1x2c5s=
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
mc.yandex.com/ Name: yabs-sid
Value: 2338391381764360801
.yandex.com/ Name: ymex
Value: 1795896801.yrts.1764360801
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
.yandex.com/ Name: bh
Value: KgI/MGDhhKjJBmoZ3MrpiA7yrLelC/v68OcN6//99g/4nMyHCA==
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: tuuid
Value: f3d59642-41d3-524c-80c4-956be9ee9709
.betweendigital.com/ Name: unm
Value: 1
.acint.net/ Name: cSyncDp14v6
Value: 1764360802
.acint.net/ Name: aid
Value: fwAACGkqAmKVcQy8c3OaAlYt6dn8QY7YtFZ4QI788ygmYVIt
.buzzoola.com/ Name: uuid
Value: d234d4f2-7a50-45f8-59d4-e8d69ea5cb44
.omnitagjs.com/ Name: ayl_visitor
Value: 7b9898d76830fcc20e5cf57ba03bce3e
.bidswitch.net/ Name: tuuid
Value: 67f52fc2-5eda-4111-a8c7-2cebbe7b7c81
.bidswitch.net/ Name: c
Value: 1764360802
.bidswitch.net/ Name: tuuid_lu
Value: 1764360802
.betweendigital.com/ Name: bug
Value: 1
.otm-r.com/ Name: mpid
Value: NjkyYTAyNjIwYTY0NWI0MA==
.acint.net/ Name: cSyncDp17v3
Value: 1764360802
.nrich.ai/ Name: _nauid
Value: 00e05e2c-0fe0-47ea-ab27-d5d3c2ad99f7
.criteo.com/ Name: cto_bundle
Value: MUHRpV9VZzdVNm1oSjVhSiUyRnBOTlMwS3h5MTM2a0dMMEtFNTFKeEdoVHFndldhczglMkY0JTJCbzdFeVVhaCUyRkpWYUlCRVZVVyUyQmlIWHB2YnUyM0RNOGlybmJQS0NtJTJGU2pZVCUyQmx4anliZ1FlNmxDdHhxN1owJTNE
.criteo.com/ Name: uid
Value: 21f4fe90-4793-4137-994e-2a73658b6fb4
.adhigh.net/ Name: gi_u
Value: e9ly6XIxESA.AikABlGazBlRDQ
.adhigh.net/ Name: btw_sync
Value: Lsip
.ssp-rtb.sape.ru/ Name: sspuid
Value: CkIDPmkqAmKt8wDH2LemAto+ML6MlWSeaxIs3szl/k6FEB34
.adhigh.net/ Name: sape_sync
Value: Lsip
.acint.net/ Name: cSyncDp14v4
Value: 1764360802
.bumlam.com/ Name: suuid3
Value: IiRiMDk3NDI2Ni1jYzk2LTExZjAtYjYwYy0wMDI1OTBjODI0MzY*
.acint.net/ Name: cSyncDp104v3
Value: 1764360802
.rutarget.ru/ Name: userId
Value: -HwAnkii1UFE
.aidata.io/ Name: __upin
Value: iYMOPIBN+F2IIGWmDk/O2w
.aidata.io/ Name: __upints
Value: 1764360803
ad.mail.ru/ Name: PVID
Value: 0EWiDB2QvO2a0029OR0_K2Ya:::0-0-0-e445b23-0-e445b23:CAASEOZC463UgiX4m3Rm92Z8zggaYLjfiMfbpWphlcIOMKBrS8UWlLEvCHZzK0puQxaY7BtJTUJh_Fwp0LN0mFPAxCt3baYHeEGVmC3b7wBUaJWbpkV9jgEi1MX-g2yH4pppipld0IfBMTtP74SbmzTCADRqzQ
.mail.ru/ Name: VID
Value: 0EWiDB2QvO2a0029OR0_K2Ya:::0-0-0-e445b23-0-e445b23:CAASEOZC463UgiX4m3Rm92Z8zggaYLjfiMfbpWphlcIOMKBrS8UWlLEvCHZzK0puQxaY7BtJTUJh_Fwp0LN0mFPAxCt3baYHeEGVmC3b7wBUaJWbpkV9jgEi1MX-g2yH4pppipld0IfBMTtP74SbmzTCADRqzQ
.yandex.ru/ Name: yuidss
Value: 7044972391764360801
.tns-counter.ru/ Name: guid
Value: 12217725692A0263X1764360803
.betweendigital.com/ Name: ut
Value: aSoCZAAHR0gyHuJbxXj3X2FjCddh9mbay90JKA==
.adhigh.net/ Name: moevideo_sync
Value: Lsip
.acint.net/ Name: cSyncDp125v5
Value: 1764360804
kimberlite.io/ Name: u
Value: aSoCZMFWpqg~DkMr5BMvpWWi9T60cNfs3qrLdio
.upravel.com/ Name: session_tptc
Value: 1764360804550
.moe.video/ Name: uid
Value: ba8da4ce444958461e9c
.upravel.com/ Name: user_id
Value: 84ebe470-afab-409f-b923-db5a63e7b0d8
.adriver.ru/ Name: cid
Value: AQY_JivNFrPS3cUkYfLtgig
.thelib.net/ Name: adrdel
Value: 1764360804795
.thelib.net/ Name: adrcid
Value: AQY_JivNFrPS3cUkYfLtgig
.thelib.net/ Name: acs_3
Value: %7B%22hash%22%3A%221aa3f9523ee6c2690cb34fc702d4143056487c0d%22%2C%22nst%22%3A1764447204798%2C%22sl%22%3A%7B%22224%22%3A1764360804798%2C%221228%22%3A1764360804798%7D%7D
sync.adspend.space/ Name: as-user
Value: 2072b79a-41a4-4c05-b5a2-14f99d1abf69
.mts.ru/ Name: ma_id
Value: 7256799441764360804901
sync.adspend.space/ Name: count
Value: 2
.programmatica.com/ Name: pid
Value: NjRhMTM0N2VhYjZkMzlmNQ
.adspector.io/ Name: preadspector
Value: 1
.mts.ru/ Name: ma_last_sync
Value: 1764360805039
sync.opendsp.ru/ Name: chk
Value: 1
sync.techdsp.ru/ Name: uid
Value: 5X7mPX-ITiWZIRvZskUksw
.opendsp.ru/ Name: pid
Value: NGU5YjE3NDcyYjc0Y2YyYg
.weborama-tech.ru/ Name: AFFICHE_W
Value: Oi99krjkMLo649
.mts.ru/ Name: dspid
Value: 749442e5-9852-467c-a7b9-e7a5ba91a06f
.mts.ru/ Name: reset_cookie
Value: 1
.ohmy.bid/ Name: uid
Value: 6ac18505-930c-494e-b125-16b287f5ed20.692a0265.1ad33aaa9b0def1b
.gpmdata.ru/ Name: dmpuid
Value: AZrMGVwDfxi1FmurdIyZbw
.yandex.ru/ Name: yabs-dsp
Value: mts_banner.ZUJUUUVkMGlRcHFfX2lUVWxFb1BxQQ==
.bidvol.com/ Name: bvuid
Value: ftp35ofwgs
.gnezdo.ru/ Name: uid
Value: XV9maWkqAmVXHy31RHwZAg==
.linkssp.ru/ Name: uid
Value: 6ffb5dc4-28da-49fe-8f52-cc6bc2209181.692a0265.a589000ce92810b1
.viadata.store/ Name: viads_uid
Value: 653f8278-3fc3-4044-8252-4f3800e42a49
.adhigh.net/ Name: viads_sync
Value: Lsip
.dmg.digitaltarget.ru/ Name: viuserid
Value: Vk-yUk2.G.SltQF7PpiO

8 Console Messages

Source Level URL
Text
recommendation verbose URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://thelib.net/scripts/tools/pdf_viewer/web/viewer.html?file=/files/main_repository/1171000/dc0531d7b0cc5ac13eb624201b97bed6#page=1&zoom=page-width
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
network error URL: https://bridgertb.tech/ssp/sync/between?sspuid=f3d59642-41d3-524c-80c4-956be9ee9709
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://a.atraffic.ru/sync?ssp=12
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://ssp.bidvol.com/usersync?pubid=189
Message:
Failed to load resource: the server responded with a status of 404 ()
rendering warning URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0C001033C1D0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A040B2043C1D0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://thelib.net/1095923-the-rootkit-arsenal-escape-and-evasion-in-the-dark-corners-of-the-system.html
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0D0B2043C1D0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7256799441764360804901.cm.a.mts.ru
9685075341764360804899.cm.a.mts.ru
a.adspector.io
a.atraffic.ru
a.bringads.ru
acint.net
ad.adriver.ru
ad.mail.ru
ad.moe.video
ads.betweendigital.com
adx.com.ru
an.yandex.ru
ap.lijit.com
bid.adx.com.ru
bid.sspnet.tech
bridgertb.tech
cache.betweendigital.com
catsnetwork.ru
cdn.adfinity.pro
cdn.traffaret.com
cdn1.moe.video
cm.a.mts.ru
content.adriver.ru
cr-frontend.weborama-tech.ru
dev.viadata.store
dis.criteo.com
dm-eu.hybrid.ai
dm.hybrid.ai
dmg.digitaltarget.ru
dsp.nrich.ai
ev.adriver.ru
exchange.buzzoola.com
fcgi4.gnezdo.ru
fonts.googleapis.com
fonts.gstatic.com
hb.bumlam.com
id.adx.bid
inplayer.ru
kimberlite.io
ll.viadata.store
log.strm.yandex.ru
match.new-programmatic.com
match.ohmy.bid
match.qtarget.tech
matchid.adfox.yandex.ru
mc.acint.net
mc.yandex.com
mc.yandex.ru
mediatoday.ru
moevideo-sync.rutarget.ru
ohmybid-sync.rutarget.ru
ohmybidvideo-sync.rutarget.ru
onetag-sys.com
otclick-adv.ru
pb.adriver.ru
pbs.alfasense.com
pixel.dsp.onetarget.ru
privacy-cs.mail.ru
px.adhigh.net
rtb.moe.video
ru.viadata.store
rucdn.viadata.store
rurtb.viadata.store
rutarget.ru
s.tigra.dev
sm.rtb.mts.ru
smi2.ru
sp.linkssp.ru
sp.ohmy.bid
ssp-rtb.sape.ru
ssp.al-adtech.com
ssp.bidvol.com
st.top100.ru
sync.adspend.space
sync.bumlam.com
sync.dmp.otm-r.com
sync.dvgroup.com
sync.rambler.ru
sync.richaudience.com
sync.techdsp.ru
sync.upravel.com
sync.viadata.store
thelib.net
traffaret.com
visitor-betweenx.omnitagjs.com
vma.mts.ru
www.acint.net
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
yandex.ru
yastatic.net
yhb.p.otm-r.com
a.atraffic.ru
a.bringads.ru
ad.mail.ru
ads.betweendigital.com
bid.sspnet.tech
bridgertb.tech
ev.adriver.ru
exchange.buzzoola.com
kimberlite.io
match.new-programmatic.com
match.qtarget.tech
mediatoday.ru
ohmybid-sync.rutarget.ru
ohmybidvideo-sync.rutarget.ru
otclick-adv.ru
pixel.dsp.onetarget.ru
privacy-cs.mail.ru
px.adhigh.net
rtb.moe.video
s.tigra.dev
sm.rtb.mts.ru
smi2.ru
sp.linkssp.ru
sync.dmp.otm-r.com
sync.dvgroup.com
thelib.net
traffaret.com
www.acint.net
x01.aidata.io
104.21.15.59
104.26.1.235
130.193.54.247
139.45.228.132
142.250.186.106
142.250.186.163
151.236.71.142
157.90.94.85
168.119.72.236
176.114.74.34
178.170.196.247
178.250.1.129
185.15.175.132
185.65.149.228
188.114.97.3
188.124.47.12
188.42.189.198
188.72.107.156
188.72.109.13
193.232.148.142
193.3.184.135
193.3.184.90
194.186.91.197
194.186.91.198
194.186.91.211
194.226.130.226
194.226.130.227
194.55.244.179
194.55.244.186
194.85.16.27
195.209.109.11
195.209.109.16
195.209.109.24
217.66.147.38
217.66.147.42
23.111.114.100
23.111.114.196
23.111.115.236
23.111.211.20
31.172.81.146
31.172.81.170
31.172.81.4
34.1.1.166
35.214.136.108
37.0.127.199
37.0.127.208
37.0.127.87
37.230.131.22
37.48.253.136
37.9.64.225
45.139.25.121
5.101.37.37
5.189.234.227
51.255.68.171
51.89.9.251
52.16.91.40
77.88.21.90
77.88.55.88
83.222.105.118
83.222.5.43
84.38.186.39
87.228.3.219
87.242.95.157
87.250.251.119
87.250.251.15
89.108.120.68
91.238.111.224
93.158.134.118
93.95.102.105
94.130.11.141
95.163.41.56
95.181.182.182
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
06b16db7a969135d48d38c49183be7fb88d4452e2a3011957c7851941f4e4879
081bf99d3c2390036a2d9c7e9485316bcd049f90a74e982f1eebcfd4d9b178e3
096cd94b73d02dc00a069959ce4bf5aea2c17d57d0116e45eea58419304d7aa6
09865de7e701f5d3f6fbe68bf45f4283fdc87ad61f862b3a3744538076c45b1b
09a14cbd902aad9fe40f2351db2ac5593ad897aed8810b9c6aeb0e56389ff100
0f8fae2116f63aab9fae2fa0d6c633bbf20304a1aa110c1951e5079e98609a01
15791520a6ffd0ad248425a084e755a031b34112e85499dfcd4e1b690f10d0cb
15965a13b72908dbe8bb7a09de2955ed3599a35df752d10fc15877e62d8bc9d8
16d997ea5864eff8f404cfda4800ddb93b3c1600fc812203a52028669cf60ce2
19d1a0593e624c02feb17e9057d0bd5be598a6845dff8da1a8f8694ca29b0c23
1d6469c8840232a9af66cbbce1bd9092b6270f9fd4203fdf4134bf96495662ae
1f52f4c3dd584ab0deb9f1925b53c2979c9e974a5ae6ba72089cd7f8c1077b76
1fd0de0802ae22aa0579681b1d806d07eda1a333ee3441bf8020b7a0cd6ba5b9
21b398232e73bcfb7e782233055a6fbc1dbb3faf8736e512c216329555da2529
23a068e6e932a105df08068ebf013ff898f2058d8de916463694f94840c0b3a4
243ace0d4549bb58e76ec3824a72f6ec46f0fc5c7e7cda4f27921b907f4fd0ce
24dec32d7fc65b4f08ead87e6a9674809d69ae1da10655294d9735a76b163671
267745d6c176afe038630c3f7c0fcda78141fc7634f73898ffc6cbb1262c77ab
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
276268c31921565ae87aa141d83896a059fd831d7d6adf33b487bb28d88c7c4f
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2afe0daf25744998b71af1bec9a30ad4e345860ff3ab14c347547a868d40d668
2db41f97615a8c912f676a62c88b12e2b8715f4ed188df325737423501aa4a8a
2dc0e215dc2374fc5cdacf24707fabeabc2e4193e12ec9c0203ac9a52a5daf3e
2f8e65779c4ca85ed080e17b0bfe3763dae265d9ee097d98b67c4488ed548dd4
32889acafd84edeec513db6131252fa97ffff00fee6272d05e35e2d95216e30f
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
366a40c3627e67f97164976d5ff38b5484716e834d08fefe252a6ea37feda895
47b71a702afcbca881d390f6478ebf4acc682871e1891dee7f3bfce898a8dd33
48789704aa98b535b0e376e00d59dc62117bc4004faec7bd36da575ffd99c549
4ed84ae849de835556b15759be28c1b976ba7f9077a431bcaae603f657fcdd2a
524ffecdc80f21c84aced5b2338487a07251124a96806b933d1d65c129d0814e
546ceae2937e036d3ef74982e56f5c737a99686bcba28519e639d859a44b3dc3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57dd6ad4d7d38e4545534d789af1364060b1e8c71c1960047d5e20f022d87654
5843b8f47c35f0826602ef4642e9042aed5882456cddb5e1c5acd8673c3d17c2
5b760c5eec12769c853e4968bfd82350ab2815056019959e0e54211117c6a34c
5f55e209be722b88bb75df5b584e8e9030a85db8b96c806149ab1f5538aedcd0
5fa35769db66b33d6408f378e8aa68fa060331f0cc9dd6ad41fb7366082aad34
5fd14f33a2c307289f12ce35deb488d575607d3f7914d35bd7c19944d5a58a06
630e511d321ab6611e7630bad010b1ac063b88b04f9a4a5b75ea0897bc55a7f7
68757ecc2c822ec174f9555b734fa6f139f6db60fcffd26195ac037ffeb0ad2a
68eb827a2fa6f035eab41392f863522ae5dc0d4c0c31d5245362a7f1a5aed46a
71a3e1b7650369ff451585aef3576695cc014b40ced0dea66c808009542b688e
71fac208daf191fe5bca728fbdbf21a329c4da958b084d41f897b3e9aa188f04
722dfe315686a5841d0a0d00f34df8f706d2c6e24551d46a5ebe971fe4af62d2
74a420e2b0709d5748dbf96f601a1ace2d51218fbd0d7ea5baac3ff26ab25a30
7be888fe96032d9c836dc482383d6fe897ebbbec7b19a5c67671d74cdf13281f
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
840c06475e22d0bc38b1f13ba59021eb082e413c4a179a8f3cd3bf37887070e4
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
88098d3e47fd921122c5263dce50ee67c662c9cb65908be0481891dfe521a6c5
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9923e120a086c0f00be8c5d0d7db9f5dace42442a6df325e16f6fa10c131cf76
9bbfa54801921fca94f84f2cd5aa5a7829b27fa5373b79699ab33123f542ad15
9d0646fb9701e43a8c08ee41ac452e05f30a62dfe419dc96cf7a3776bdce2572
9e2f6c43a9552d14732c39f05d4d58da85b94b0480ae747259df508f27e1465f
a187b077090fe8ae3fd2d7496aabbeae604819c718a282e0afc92df72b450766
a7453e61e8586ceb6493c7cb4e3fcb5f7b7f6de1a3712d8f804b86ff62c76d76
a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9
ada2a09749bedaf31f93491fd466376136b4b6dade5cd7edc5e395e58d8f4cf1
ae98b5aeeaa3f1d82c86b770cc1fd441ae770814633e986ae6eff0526e299d1e
af5ceda4287dbb55765f583c3a405505854622b484590b76852375f3a621758a
afa286c8ea1941eaec589ed6a2103c5a845f3ff76a7423ba985f449465005163
b0b7bdcfce46836d4df9bc4fbdf34166820398b124e1562d79e8b3be3b7bd528
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17ea2268a3a8ee4558d0457eb9a5820b044e91820d9e5831e06b04fc4b9929a
b200deb0e5fa0ee902f75b814af140875668a1c3f8aebb6cbc87181681601da2
b4a2799df7bfba78a7e2861004eb2c767efdb28190f3c53fc5a92263c666a9ea
b4bead4c2c3ad28a98f689d173c6d9bf52bf495f87c406102d0b381ee2ef326f
b76de57afd5ebb709ded2bd10f270608c5fa22705b127d5b0761245dc48eb9fb
bac79138cb730c6bfa63bef02d7e5906aee727bb54df15878823426822badaaa
c07e39124fdbf33eaa289f2e4eac22c5328e6e475101d045270d112e4608ccf4
c19e365c7aa378aaa551bd8e6707ef34a93aa198c2398cda3c9998ee045189b8
c1bdebb23ab90a2b13a4a6548527a733a65144cee2d4309fa56481f30ca7aec8
c552f6e085fb5cf5196d9ef32b915c9591a4459ab5b92178a1f49b8ccb96a375
c64fa84951151a588f1e769122d70af7de87d166fefd9c36c946d75d633c8a65
caecd203f60286176aa48c7930ea683bc88d9c00970da66a12fdcfd9f987e414
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1306cb0613e69e6a631ac055c13168a90a4a1debe5bf3c3a549c46aa7ff5a4f
d199509d82400438f2756fcbd16d2bdacd90a13906275e798e8b302150364512
d242b1b129134f4719798ba2ee59f6cb9521635a72b6d23573e6f39ddb23b94f
d7629ee59240e677b88def782fa09d916958d04cd7e3b09c6eed3f27864fef46
d83766f20a4c31fbce5a29d98789cdfbef781b147441da45be1d1079e8e0f81c
d8cc3a277e02e71ed057089630f71e8a258c7a8ca5b2bce6acf898e5f2e8c0f5
dca0d3265a5a1c9946992984ccdd6c69daac20f447526f785aaf57b0e64289a8
e03fd94ac2cf44546c685ab3c3ecbc4bd4db429c338ec864afd9940c5122b62e
e07fbf17b3c7ca2cda9c4e54cdd66cb0aa63d368232cbb2c9aed5559720bf96c
e0b8a59c272dc9a1d9a07d461363f96c3b3bd3df2db778f8f99743dfffd51d78
e0d5e65fa79cc8e2876c556d13c06e1cd9faacb28c31490081914867b6fb3bca
e3746a77d7de2865368bbc8887a10dd3bf1343f97e804af8a27f46fac9f12c1f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f66c791ace3e381a2eb9ffda109028d8d5aea8a4b0a8e3a3ce8d058695fb6b
e7d93d16d642bb1c7a31fbc11917e0d2181fbb69789b9c8042e8014b7919f896
eb96d4f91eb17bf2c0bf2a87979e9c318e5b360a57eb1c9e73a76b044436a577
ec2e22fd918a8ffef0f54f466fb7edd2c586f39dad794cd25a0a97ce36c404d2
ee4ee6ba1d1b9bcce5313d40fcc6a560da317265afc4079daffca6dbd28d1af8
eeb6cd0ce94dcfea6bd2aca222da7b1583d74800ea9c94640ff8fa06c13fb044
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fe11f388f6f6aa8402c7083667de5558f4e72ad75d31f28c6ea38a7a1e9da91d
ff717321d89309f51bcccc28f347e6a888e73570527845d6560a84f5d70cb3a0