read11.w1.flibusta.life Open in urlscan Pro
2606:4700:3033::ac43:d185 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://read11.w1.flibusta.life/b/625322
Submission: On January 28 via manual (January 28th 2022, 10:59:49 am UTC) from IN — Scanned from DE

Summary HTTP 126 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 22 IPs in 7 countries across 33 domains to perform 126 HTTP transactions. The main IP is 2606:4700:3033::ac43:d185, located in United States and belongs to CLOUDFLARENET, US. The main domain is read11.w1.flibusta.life.

This is the only time read11.w1.flibusta.life was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	2606:4700:303... 2606:4700:3033::ac43:d185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12 26	2a02:6b8:a::a 2a02:6b8:a::a	208722 (YNDX) (YNDX)
2 3	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
9	2a02:6b8:20::215 2a02:6b8:20::215	208722 (YNDX) (YNDX)
30	2a02:6b8::90 2a02:6b8::90	208722 (YNDX) (YNDX)
3 12	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
11	2a02:6b8::184 2a02:6b8::184	208722 (YNDX) (YNDX)
11	2a02:6b8::36 2a02:6b8::36	208722 (YNDX) (YNDX)
1	2a02:6b8::5:114 2a02:6b8::5:114	208722 (YNDX) (YNDX)
3 4	95.217.86.150 95.217.86.150	24940 (HETZNER-AS) (HETZNER-AS)
1 1	95.217.109.66 95.217.109.66	24940 (HETZNER-AS) (HETZNER-AS)
3 3	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
2	81.222.128.216 81.222.128.216	20597 (ELTEL-AS) (ELTEL-AS)
2 2	185.15.175.130 185.15.175.130	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1 1	80.64.106.152 80.64.106.152	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
1 1	80.64.106.151 80.64.106.151	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
2 2	89.108.119.28 89.108.119.28	197695 (AS-REG) (AS-REG)
2 2	88.99.214.77 88.99.214.77	24940 (HETZNER-AS) (HETZNER-AS)
1 1	91.192.148.14 91.192.148.14	42481 (BEGUN-AS) (BEGUN-AS)
1 2	34.255.232.227 34.255.232.227	16509 (AMAZON-02) (AMAZON-02)
2	37.18.16.22 37.18.16.22	205675 (HYBRID-AS) (HYBRID-AS)
1 1	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
2 2	148.251.237.106 148.251.237.106	24940 (HETZNER-AS) (HETZNER-AS)
1 1	144.76.138.28 144.76.138.28	24940 (HETZNER-AS) (HETZNER-AS)
6 6	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
3 4	96.46.186.57 96.46.186.57	7979 (SERVERS-COM) (SERVERS-COM)
3 3	195.201.243.72 195.201.243.72	24940 (HETZNER-AS) (HETZNER-AS)
1 1	116.202.51.238 116.202.51.238	24940 (HETZNER-AS) (HETZNER-AS)
1 1	81.163.17.245 81.163.17.245	50340 (SELECTEL-MSK) (SELECTEL-MSK)
2 2	217.66.147.161 217.66.147.161	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
1 1	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
1	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1 1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2 2	193.232.150.60 193.232.150.60	48061 (UMA-TECH-AS) (UMA-TECH-AS)
2	2a02:6b8::158 2a02:6b8::158	208722 (YNDX) (YNDX)
2 3	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
126	22

14 2606:4700:3033::ac43:d185 (United States)

ASN13335 (CLOUDFLARENET, US)

read11.w1.flibusta.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a02:6b8:a::a (Moscow, Russian Federation) 12 redirects

ASN208722 (YNDX, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.212.201.198 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6b8::184 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6b8::36 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

favicon.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::5:114 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

ysa-static.passport.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.217.86.150 (Helsinki, Finland) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.150.86.217.95.clients.your-server.de

sonar.semantiqo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn3.caltat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.217.109.66 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.66.109.217.95.clients.your-server.de

sync.magnitent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.16.14 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.216 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad16.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.130 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.152 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr7.rutarget.ru

yandex-dmp-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.151 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr6.rutarget.ru

yandex-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.119.28 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51802.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.214.77 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88-99-214-77.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.192.148.14 (Russian Federation) 1 redirects

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru

profile.ssp.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.255.232.227 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-232-227.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.18.16.22 (Russian Federation)

ASN205675 (HYBRID-AS, RU)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

cm.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.251.237.106 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-1.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.76.138.28 (Thale, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-3.community.moscow

f7babe48-44fc-41e4-9568-1403b65b3c42.sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.130 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 96.46.186.57 (United States) 3 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 195.201.243.72 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: regensburg.aucourant.info

acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.51.238 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1397156.sapientru.net

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.163.17.245 (Russian Federation) 1 redirects

ASN50340 (SELECTEL-MSK, RU)

mitdmp.whiteboxdigital.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.66.147.161 (St Petersburg, Russian Federation) 2 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-161-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.87.44.187 (Moscow, Russian Federation) 1 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.172.81.158 (Muehlheim am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.150.60 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp20.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::158 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

storage.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	yandex.ru 13 redirects yandex.ru — Cisco Umbrella Rank: 1452 an.yandex.ru — Cisco Umbrella Rank: 3286 mc.yandex.ru — Cisco Umbrella Rank: 2853 ysa-static.passport.yandex.ru — Cisco Umbrella Rank: 26784	664 KB
24	yandex.net avatars.mds.yandex.net — Cisco Umbrella Rank: 7868 favicon.yandex.net — Cisco Umbrella Rank: 11537 storage.mds.yandex.net — Cisco Umbrella Rank: 23679	397 KB
14	flibusta.life read11.w1.flibusta.life	212 KB
12	doubleclick.net 8 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 197 googleads.g.doubleclick.net — Cisco Umbrella Rank: 46	7 KB
9	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 25627	3 KB
9	yastatic.net yastatic.net — Cisco Umbrella Rank: 6518	359 KB
6	google.se www.google.se — Cisco Umbrella Rank: 20475	1000 B
6	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 13	1 KB
4	betweendigital.com 3 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1818	3 KB
3	googleadservices.com 2 redirects www.googleadservices.com — Cisco Umbrella Rank: 106	16 KB
3	mts.ru 3 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 34403 tech.rtb.mts.ru — Cisco Umbrella Rank: 35053	2 KB
3	acint.net 3 redirects acint.net — Cisco Umbrella Rank: 28552	1 KB
3	upravel.com 3 redirects sync.upravel.com — Cisco Umbrella Rank: 33494 f7babe48-44fc-41e4-9568-1403b65b3c42.sync.upravel.com	2 KB
3	weborama.fr 3 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 10065	592 B
3	semantiqo.com 2 redirects sonar.semantiqo.com — Cisco Umbrella Rank: 60595	1 KB
3	yadro.ru 2 redirects counter.yadro.ru — Cisco Umbrella Rank: 8294	2 KB
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 10726	811 B
2	hybrid.ai dm.hybrid.ai — Cisco Umbrella Rank: 6197	475 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 205	2 KB
2	1dmp.io 2 redirects sync.1dmp.io — Cisco Umbrella Rank: 12235	1023 B
2	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 13701	1 KB
2	rutarget.ru 2 redirects yandex-dmp-sync.rutarget.ru — Cisco Umbrella Rank: 77092 yandex-sync.rutarget.ru — Cisco Umbrella Rank: 77216	847 B
2	digitaltarget.ru 2 redirects dmg.digitaltarget.ru — Cisco Umbrella Rank: 24900	1 KB
2	adriver.ru ssp.adriver.ru — Cisco Umbrella Rank: 13446	402 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 11367	204 B
1	bumlam.com sync.bumlam.com — Cisco Umbrella Rank: 2736	390 B
1	whiteboxdigital.ru 1 redirects mitdmp.whiteboxdigital.ru — Cisco Umbrella Rank: 30411	785 B
1	sape.ru 1 redirects ssp-rtb.sape.ru — Cisco Umbrella Rank: 37547	631 B
1	opera.com t.adx.opera.com — Cisco Umbrella Rank: 5658	410 B
1	tns-counter.ru 1 redirects cm.tns-counter.ru — Cisco Umbrella Rank: 81631	387 B
1	rambler.ru 1 redirects profile.ssp.rambler.ru — Cisco Umbrella Rank: 17609	244 B
1	magnitent.com 1 redirects sync.magnitent.com — Cisco Umbrella Rank: 213434	780 B
1	caltat.com 1 redirects cdn3.caltat.com — Cisco Umbrella Rank: 144908	335 B
126	33

	Domain	Requested by
30	an.yandex.ru	yandex.ru
26	yandex.ru	12 redirects read11.w1.flibusta.life yandex.ru yastatic.net
14	read11.w1.flibusta.life	read11.w1.flibusta.life
11	favicon.yandex.net
11	avatars.mds.yandex.net
9	mc.yandex.com	2 redirects mc.yandex.ru
9	yastatic.net	yandex.ru yastatic.net read11.w1.flibusta.life
6	www.google.se
6	www.google.com	2 redirects
6	googleads.g.doubleclick.net	2 redirects www.googleadservices.com
6	cm.g.doubleclick.net	6 redirects
4	ads.betweendigital.com	3 redirects
3	www.googleadservices.com	2 redirects yastatic.net
3	acint.net	3 redirects
3	redirect.frontend.weborama.fr	3 redirects
3	sonar.semantiqo.com	2 redirects
3	mc.yandex.ru	1 redirects yandex.ru yastatic.net
3	counter.yadro.ru	2 redirects read11.w1.flibusta.life
2	storage.mds.yandex.net	yastatic.net
2	px.adhigh.net	2 redirects
2	sm.rtb.mts.ru	2 redirects
2	sync.upravel.com	2 redirects
2	dm.hybrid.ai
2	dpm.demdex.net	1 redirects
2	sync.1dmp.io	2 redirects
2	x01.aidata.io	2 redirects
2	dmg.digitaltarget.ru	2 redirects
2	ssp.adriver.ru
1	s.uuidksinc.net	1 redirects
1	sync.bumlam.com
1	tech.rtb.mts.ru	1 redirects
1	mitdmp.whiteboxdigital.ru	1 redirects
1	ssp-rtb.sape.ru	1 redirects
1	t.adx.opera.com
1	f7babe48-44fc-41e4-9568-1403b65b3c42.sync.upravel.com	1 redirects
1	cm.tns-counter.ru	1 redirects
1	profile.ssp.rambler.ru	1 redirects
1	yandex-sync.rutarget.ru	1 redirects
1	yandex-dmp-sync.rutarget.ru	1 redirects
1	sync.magnitent.com	1 redirects
1	cdn3.caltat.com	1 redirects
1	ysa-static.passport.yandex.ru
126	42

This site contains links to these domains. Also see Links.

Domain
booktracker.org
fbsearch.ru
openid.net
libgen.lc
sci-hub.se
z-lib.org
cyberleninka.ru
magzdb.org
www.liveinternet.ru

Subject Issuer	Validity	Valid
yandex.ru Yandex CA	`2021-08-30` - `2022-02-28`	6 months	crt.sh
*.yastatic.net Yandex CA	`2021-08-18` - `2022-02-16`	6 months	crt.sh
bs.yandex.ru Yandex CA	`2021-11-17` - `2022-05-18`	6 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
avatars.mds.yandex.net Yandex CA	`2021-08-31` - `2022-03-01`	6 months	crt.sh
favicon.yandex.net Yandex CA	`2021-11-23` - `2022-04-24`	5 months	crt.sh
ysa-static.passport.yandex.net Yandex CA	`2021-08-21` - `2022-02-19`	6 months	crt.sh
*.adriver.ru RapidSSL RSA CA 2018	`2020-04-03` - `2022-04-24`	2 years	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
*.bumlam.com R3	`2021-12-08` - `2022-03-08`	3 months	crt.sh
storage.yandex.net Yandex CA	`2021-08-31` - `2022-03-01`	6 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.se GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh

This page contains 4 frames:

Primary Page: http://read11.w1.flibusta.life/b/625322
Frame ID: E738A3789A4B22196F3CC2E5F65D5B45
Requests: 65 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: 35E4825A4E728EF7AA60EF2D6413B48E
Requests: 53 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/protected/render.html
Frame ID: 414E8B1C1F506AD49D64B0539B9CC46B
Requests: 2 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/protected/render.html
Frame ID: 4FBB75DCD284AF20FA49496716CFA74A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Я сделаю вам предложение, от которого нельзя отказаться (fb2) | Флибуста

Detected technologies

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

126
Requests

67 %
HTTPS

33 %
IPv6

33
Domains

42
Subdomains

22
IPs

7
Countries

1656 kB
Transfer

3277 kB
Size

55
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: http://booktracker.org/
Title: [Книжный торрент]

Search URL Search Domain Scan URL

URL: http://fbsearch.ru/
Title: Полнотекстовый поиск по книгам

Search URL Search Domain Scan URL

URL: https://openid.net/
Title: Что такое OpenID?

Search URL Search Domain Scan URL

URL: http://libgen.lc/
Title: Научная литература

Search URL Search Domain Scan URL

URL: http://sci-hub.se/
Title: Научные статьи

Search URL Search Domain Scan URL

URL: http://libgen.lc/foreignfiction/
Title: Иностранная литература

Search URL Search Domain Scan URL

URL: https://z-lib.org/
Title: Z-Library

Search URL Search Domain Scan URL

URL: https://cyberleninka.ru/
Title: Киберленинка

Search URL Search Domain Scan URL

URL: http://libgen.lc/comics/
Title: Архив комиксов

Search URL Search Domain Scan URL

URL: http://magzdb.org/
Title: Вся периодика мира

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click;flibusta_life

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://counter.yadro.ru/hit;flibusta_life?t45.1;r;s1600*1200*24;uhttp%3A//read11.w1.flibusta.life/b/625322;h%u042F%20%u0441%u0434%u0435%u043B%u0430%u044E%20%u0432%u0430%u043C%20%u043F%u0440%u0435%u0434%u043B%u043E%u0436%u0435%u043D%u0438%u0435%2C%20%u043E%u0442%20%u043A%u043E%u0442%u043E%u0440%u043E%u0433%u043E%20%u043D%u0435%u043B%u044C%u0437%u044F%20%u043E%u0442%u043A%u0430%u0437%u0430%u0442%u044C%u0441%u044F%20%28fb2%29%20%7C%20%u0424%u043B%u0438%u0431%u0443%u0441%u0442%u0430;0.19969817107574594 HTTP 302
https://counter.yadro.ru/hit;flibusta_life?q;t45.1;r;s1600*1200*24;uhttp%3A//read11.w1.flibusta.life/b/625322;h%u042F%20%u0441%u0434%u0435%u043B%u0430%u044E%20%u0432%u0430%u043C%20%u043F%u0440%u0435%u0434%u043B%u043E%u0436%u0435%u043D%u0438%u0435%2C%20%u043E%u0442%20%u043A%u043E%u0442%u043E%u0440%u043E%u0433%u043E%20%u043D%u0435%u043B%u044C%u0437%u044F%20%u043E%u0442%u043A%u0430%u0437%u0430%u0442%u044C%u0441%u044F%20%28fb2%29%20%7C%20%u0424%u043B%u0438%u0431%u0443%u0441%u0442%u0430;0.19969817107574594

Request Chain 41

https://sonar.semantiqo.com/dmp/scr.php HTTP 302
https://counter.yadro.ru/id127/reff-id.gif?sid=eb50b372e191433e9a173bb0df104183 HTTP 302
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=5AD7676E918B0B25&sid=eb50b372e191433e9a173bb0df104183 HTTP 302
https://cdn3.caltat.com/fbfc504c-89b0-4a80-bef4-c8e39daeee6f/sess.php?sid=eb50b372e191433e9a173bb0df104183&spid=5AD7676E918B0B25&v= HTTP 302
https://sync.magnitent.com/fbfli/ct_sync.php?ct=32283a54aaab49db8d0af90e34d58ac7&sonar=eb50b372e191433e9a173bb0df104183&spid=5AD7676E918B0B25&v= HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fsonar.semantiqo.com%2F983we%2Fspixel.php%3Fsid%3Deb50b372e191433e9a173bb0df104183%26c%3D32283a54aaab49db8d0af90e34d58ac7%26w%3D={WEBO_CID} HTTP 302
https://sonar.semantiqo.com/983we/spixel.php?sid=eb50b372e191433e9a173bb0df104183&c=32283a54aaab49db8d0af90e34d58ac7&w==1JSUV/qu7ccoFI6oib5PbO

Request Chain 43

https://dmg.digitaltarget.ru/1/119/i/i?i=1643367583 HTTP 307
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&i=1643367583 HTTP 307
https://an.yandex.ru/mapuid/dmpamberdata/2Q6MQIr5888UGDb7WptD

Request Chain 44

https://yandex-dmp-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/dmpsegmento/wsCMV3F7YCOi?sign=2182030194

Request Chain 45

https://yandex-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/rutargetis/tXIUbMQSi8B_

Request Chain 46

https://x01.aidata.io/0.gif?pid=YANDEX HTTP 302
https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1 HTTP 302
https://an.yandex.ru/mapuid/dmpaidatame/tB37C5JEj%2BswJc2ZHR1tWg?sign=2951223894

Request Chain 47

https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au HTTP 302
https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au&cs=1 HTTP 302
https://an.yandex.ru/mapuid/dmpcleverdata/665677c0-8029-11ec-9752-901b0e8d9836?sign=2659481549

Request Chain 48

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID} HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=2195859358 HTTP 302
https://an.yandex.ru/mapuid/dmpweborama/1JSUV/qu7ccoFI6oib5PbO

Request Chain 49

https://profile.ssp.rambler.ru/sync3.302?pid=188 HTTP 302
https://an.yandex.ru/mapuid/ramblerssp/

Request Chain 50

https://yandex.ru/an/mapuid/adobedmp/ HTTP 302
https://yandex.ru/an/mapuid/adobedmp/?redir-setuniq=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=E6FF3EAB4404F481 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=E6FF3EAB4404F481

Request Chain 52

https://cm.tns-counter.ru/yacm HTTP 302
https://an.yandex.ru/mapuid/mediascope/a2fd64b273e4b42e28ffe0e9f3a3e7f7ab55adb8a5f9deb619408d4783151131

Request Chain 53

https://sync.upravel.com/yandex/sync HTTP 302
https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
https://f7babe48-44fc-41e4-9568-1403b65b3c42.sync.upravel.com/yandex/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIiwiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
https://an.yandex.ru/mapuid/upravelis/f7babe48-44fc-41e4-9568-1403b65b3c42

Request Chain 54

https://yandex.ru/an/mapuid/google/?partner-tag=yandex_llc HTTP 302
https://yandex.ru/an/mapuid/google/?redir-setuniq=1&partner-tag=yandex_llc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=CAD39592BE5C1904&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=CAD39592BE5C1904&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc= HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 55

https://yandex.ru/an/mapuid/google/?partner-tag=yandexcom HTTP 302
https://yandex.ru/an/mapuid/google/?redir-setuniq=1&partner-tag=yandexcom HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=CAD39592BE5C1904&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=CAD39592BE5C1904&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc= HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 56

https://yandex.ru/an/mapuid/google/?partner-tag=yandexru HTTP 302
https://yandex.ru/an/mapuid/google/?redir-setuniq=1&partner-tag=yandexru HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=34F6D63EF2017396&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=34F6D63EF2017396&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc= HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 57

https://yandex.ru/an/mapuid/operacom/ HTTP 302
https://yandex.ru/an/mapuid/operacom/?redir-setuniq=1 HTTP 302
https://t.adx.opera.com/sync?vendor=60143&uid=F52A957A3EC5543F

Request Chain 58

https://yandex.ru/an/mapuid/betweenx/ HTTP 302
https://yandex.ru/an/mapuid/betweenx/?redir-setuniq=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=F4E0FB0898EAD1EB HTTP 302
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=F4E0FB0898EAD1EB&crf=1

Request Chain 59

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F%24%7BUSER_ID%7D HTTP 302
https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F$%7BUSER_ID%7D&dp=151&tc=1 HTTP 302
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252FSAPEis%252F$%257BUSER_ID%257D&dp=14 HTTP 302
https://acint.net/rmatch?dp=14&euid=0100007FA0CCF3612300E74902954779&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F$%7BUSER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/SAPEis/0100007FA0CCF361E600424802F528E0

Request Chain 60

https://mitdmp.whiteboxdigital.ru/pixel?id=a&source=yandex&redirect=false&href=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fqbitis%2F%7Bmiid%7D HTTP 302
https://an.yandex.ru/mapuid/qbitis/e415a13f-c01a-45c9-8504-31010fe01046

Request Chain 61

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1 HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/5e15e960-5489-531c-bdb8-09c9dc4bc569

Request Chain 62

https://sm.rtb.mts.ru/p?ssp=yandex&id=map HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=55&exu=map HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=93e72576-8660-4b45-aa22-5c241a801974&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2F93e72576-8660-4b45-aa22-5c241a801974 HTTP 302
https://an.yandex.ru/mapuid/mtsdspis/93e72576-8660-4b45-aa22-5c241a801974

Request Chain 66

https://s.uuidksinc.net/match/501 HTTP 302
https://an.yandex.ru/mapuid/kadamis/Doj6hv1uGjqArjUeYyDd

Request Chain 67

https://px.adhigh.net/p/cm/yandexssp HTTP 302
https://px.adhigh.net/p/cm/yandexssp?bounced=1 HTTP 302
https://an.yandex.ru/mapuid/getintentis/xeG9Hj5V34d.AikABlF-oFdTbQ

Request Chain 70

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9532.TkKw--M62TJCEr-rbuDX-IeLfEno2WCrQ_XMkiBAWmAuY9avwsrkBclzpMUXDZBD.gP2Gb_6UDa3zIouSdqBLm-NT0B0%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9532.d68Y2flRrw1MbO1ORfQ_4PIgBsEQBteH0NMYmk31LMGlfQviNyRB67oEuH4BGVm15JckJhVNLNdwvER7Xl49N27wkTEVvO-hVs9K55gApyk%2C.xggITyePpan64rJokdrk9ibBZfA%2C

Request Chain 74

https://mc.yandex.com/watch/1382009?wmode=7&page-url=http%3A%2F%2Fread11.w1.flibusta.life%2Fb%2F625322&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf3qo6c2s0fzz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A1119055298342%3Ahid%3A299742832%3Az%3A0%3Ai%3A20220128105944%3Aet%3A1643367584%3Ac%3A1%3Arn%3A15255670%3Au%3A1643367584933229005%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1643367582696%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643367584%3At%3A%D0%AF%20%D1%81%D0%B4%D0%B5%D0%BB%D0%B0%D1%8E%20%D0%B2%D0%B0%D0%BC%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D0%B5%2C%20%D0%BE%D1%82%20%D0%BA%D0%BE%D1%82%D0%BE%D1%80%D0%BE%D0%B3%D0%BE%20%D0%BD%D0%B5%D0%BB%D1%8C%D0%B7%D1%8F%20%D0%BE%D1%82%D0%BA%D0%B0%D0%B7%D0%B0%D1%82%D1%8C%D1%81%D1%8F%20(fb2)%20%7C%20%D0%A4%D0%BB%D0%B8%D0%B1%D1%83%D1%81%D1%82%D0%B0&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/1382009/1?wmode=7&page-url=http%3A%2F%2Fread11.w1.flibusta.life%2Fb%2F625322&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf3qo6c2s0fzz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A1119055298342%3Ahid%3A299742832%3Az%3A0%3Ai%3A20220128105944%3Aet%3A1643367584%3Ac%3A1%3Arn%3A15255670%3Au%3A1643367584933229005%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1643367582696%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643367584%3At%3A%D0%AF%20%D1%81%D0%B4%D0%B5%D0%BB%D0%B0%D1%8E%20%D0%B2%D0%B0%D0%BC%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D0%B5%2C%20%D0%BE%D1%82%20%D0%BA%D0%BE%D1%82%D0%BE%D1%80%D0%BE%D0%B3%D0%BE%20%D0%BD%D0%B5%D0%BB%D1%8C%D0%B7%D1%8F%20%D0%BE%D1%82%D0%BA%D0%B0%D0%B7%D0%B0%D1%82%D1%8C%D1%81%D1%8F%20%28fb2%29%20%7C%20%D0%A4%D0%BB%D0%B8%D0%B1%D1%83%D1%81%D1%82%D0%B0&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 106

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=oczzYZ75O5a9x_APuaauqA4&random=644783735&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=644783735&crd=&is_vtc=1&random=1348349554 HTTP 302
https://www.google.se/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=644783735&crd=&is_vtc=1&random=1348349554&ipr=y

Request Chain 107

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=oczzYaP6O8vjgQeCz72wDw&random=593728132&sscte=1&crd=CNPgGw HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=593728132&crd=CNPgGw&is_vtc=1&random=1440036791 HTTP 302
https://www.google.se/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=593728132&crd=CNPgGw&is_vtc=1&random=1440036791&ipr=y

126 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 625322 Show response
read11.w1.flibusta.life/b/ 29 KB
11 KB 339ms
222ms Document
text/html 2606:4700:3033::ac43:d185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://read11.w1.flibusta.life/b/625322
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:d185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: c6e333facbaf22913170c8a93cac913800a2ff32a11b66fbab4c735a006358d4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Fri, 28 Jan 2022 10:59:43 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.1.33
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: max-age=86400, must-revalidate
pragma: no-cache
CF-Cache-Status: MISS
Last-Modified: Fri, 28 Jan 2022 10:59:43 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=urWeSv0e6FBXTVunJ88r2IsvkTUjrlxgHgL3lQfrSXgZLjrZRiu8je1FLIrcBw6SSsShTQqdeLhU%2Fhk%2BayAPrKIvdh4sYenAGpLV1Bmpa9wPG0H7AVzCgpJuzz9bJ6OiaG%2FoFKV3%2FsC52v61Qt0GfColq8sDzw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6d49b680afd091fb-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK css_541b6da58ae4dff17f932324504056f9.css
read11.w1.flibusta.life/sites/default/files/css/ 25 KB
7 KB 32ms
32ms Stylesheet
text/css 2606:4700:3033::ac43:d185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://read11.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
Requested by: Host: read11.w1.flibusta.life
URL: http://read11.w1.flibusta.life/b/625322
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:d185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 361840fbee3b0726b5f0f5bbfe37e13bdab8c3c873d643a45b56c5e37c8d2a86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/b/625322
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 28 Jan 2022 10:59:43 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 255436
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
Last-Modified: Tue, 25 Jan 2022 12:02:27 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a5eNagBle1uXJ%2BSU5aZEuhlMAy0owkbUh%2BmQd57ZvFQaeiwNyIsODbAes3amAcGKWn%2FrnTrWRlUxi2%2FWAB4hT2o6%2FyonL96nI6e8Ybvo8IOSTtmH%2FZfJBDf0ESuVn%2Bg%2B1ffjkT3hqnndQK9iuH2sf29dhFV30Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css;charset=UTF-8
cache-control: max-age=86400, must-revalidate
CF-RAY: 6d49b6822aa691fb-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK js_38da4b3058a476fa69101d044220c361.js Show response
read11.w1.flibusta.life/sites/default/files/js/ 130 KB
45 KB 67ms
51ms Script
application/javascript 2606:4700:3033::ac43:d185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://read11.w1.flibusta.life/sites/default/files/js/js_38da4b3058a476fa69101d044220c361.js
Requested by: Host: read11.w1.flibusta.life
URL: http://read11.w1.flibusta.life/b/625322
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:d185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 0ce15a8f257959b2f4e39c9d2eaa5e7ca98ac78d9740851aa1b1d9d0c56f3009

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/b/625322
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 28 Jan 2022 10:59:43 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 249468
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
Last-Modified: Tue, 25 Jan 2022 13:41:55 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jOlz%2FTKTysOI93BYWPGTXvTnKydFMZqPVsyj56aDkCGze%2F0gS%2B2XJHB1Cquw%2BmRr7z78JXmn1fQFb5CytPyatthX2ZiDF1z7c%2BSA4SyhaWjmm%2BxRS1O0d%2Brtf%2Fr3zYCuVIeHGuvv7mULFWY7aH5QI06UkaFS4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
cache-control: max-age=86400, must-revalidate
CF-RAY: 6d49b68239259277-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 274 KB
75 KB 145ms
50ms Script
text/javascript 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: read11.w1.flibusta.life
URL: http://read11.w1.flibusta.life/b/625322

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

28f961f46cc443e85fe1d0f7480cd09cac504645039bfd6bbfbc594c3acdb134

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1643367583203832-6047402734542318111-man1-0044-man-l7-balancer-8080-BAL-8743
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 28 Jan 2022 11:59:43 GMT

GET
H/1.1 200
OK bluebreeze_logo.png
read11.w1.flibusta.life/sites/default/files/ 13 KB
14 KB 31ms
30ms Image
image/png 2606:4700:3033::ac43:d185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read11.w1.flibusta.life/sites/default/files/bluebreeze_logo.png
Requested by: Host: read11.w1.flibusta.life
URL: http://read11.w1.flibusta.life/b/625322
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:d185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 6ebb99f44b593382de6cfbf5a66e1e4eb5f56c4061dcbb889c4e741bda853cb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/b/625322
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 28 Jan 2022 10:59:43 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 255679
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
Last-Modified: Tue, 25 Jan 2022 11:58:24 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=azTtCLky9Dyx6mZb9Z%2FR1UIZHRObin3Je4vHcX10hUboy9Z%2FzoGdN%2BUk%2B5KEerSpEy%2FCNzJC%2F6beR5AjcCLq8fz%2FLi9DHMF3WGKzIVRY0hBz4uA5n9n1bzFKdmHZj8HF1IE%2FExef%2FMUXzc8HDkb9arYyPSpccw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
cache-control: max-age=86400, must-revalidate
CF-RAY: 6d49b682aa229277-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK znak.gif
read11.w1.flibusta.life/img/ 924 B
2 KB 37ms
36ms Image
image/gif 2606:4700:3033::ac43:d185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read11.w1.flibusta.life/img/znak.gif
Requested by: Host: read11.w1.flibusta.life
URL: http://read11.w1.flibusta.life/b/625322
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:d185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 2dd383c5239714ef03d7c008981db637b769e016c8ea943ba1a0dc5b8487942d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/b/625322
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 28 Jan 2022 10:59:43 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 254246
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
Last-Modified: Tue, 25 Jan 2022 12:22:17 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ie%2BGHE8zduyki6Vxt1ArXlLuJ0PtYHhrV87SF%2Fc6iEEQZHxoFKeHBr4yG%2BAbRAeYvPVQINZCoj1lnjOSEfoa7njd3RLVUFlxuHB5735ul7PrvaTMo3BJHMI%2FPB%2BlQ9eEquMLbpkm4rby%2FuKmKtouN1iAjn2YgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
cache-control: max-age=86400, must-revalidate
CF-RAY: 6d49b682bbf791fb-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK cover.jpg
read11.w1.flibusta.life/i/22/625322/ 86 KB
86 KB 268ms
252ms Image
image/jpeg 2606:4700:3033::ac43:d185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read11.w1.flibusta.life/i/22/625322/cover.jpg
Requested by: Host: read11.w1.flibusta.life
URL: http://read11.w1.flibusta.life/b/625322
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:d185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: af9b9983193cebb28d81e93aa76a04b0c6569954811fbab35f7c5389ad629fc7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/b/625322
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 28 Jan 2022 10:59:43 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
Last-Modified: Fri, 28 Jan 2022 10:59:43 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o9GXSg%2B8vnZEkPVE6%2FtAviEFBySFTLfhITDkP7%2Bf8FzWxDT1%2FzYhd05n4IKcs0nA9wvA6UvVbsasGcQsaoqbhJApVzIAbhSF5LP%2BkRxunyD8w82TTqhJ9rVaqBpof4XLMqwVOdhEaS0%2FiHSF3ltZCiTyOQ7r6A%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
cache-control: max-age=86400, must-revalidate
CF-RAY: 6d49b682cd0c9229-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK bg-header.gif
read11.w1.flibusta.life/themes/bluebreeze/images/ 40 KB
41 KB 62ms
46ms Image
image/gif 2606:4700:3033::ac43:d185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read11.w1.flibusta.life/themes/bluebreeze/images/bg-header.gif
Requested by: Host: read11.w1.flibusta.life
URL: http://read11.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:d185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: d5382a54699a1e6984f8d16c12b2874c57d7da68e7dc4999a2423cbe1f56a419

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 28 Jan 2022 10:59:43 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 273244
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
Last-Modified: Tue, 25 Jan 2022 07:05:39 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=16ndEb2off2dfe103RrMDtUgCX9caCmkJFNeW31RCwWfUKBuqScb%2BvyoKStGgzhWWHuBLcDXMK8ARWhv4Ei%2BAhHqy5xnpubtK0tVNe0vKCUI3AuSVzzBFi0uJzf17YBmhMts6arZkU19%2FXyHyrUZ4bncZqjFyw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
cache-control: max-age=86400, must-revalidate
CF-RAY: 6d49b682c8159177-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK bg-primary.gif
read11.w1.flibusta.life/themes/bluebreeze/images/ 146 B
988 B 61ms
45ms Image
image/gif 2606:4700:3033::ac43:d185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read11.w1.flibusta.life/themes/bluebreeze/images/bg-primary.gif
Requested by: Host: read11.w1.flibusta.life
URL: http://read11.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:d185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: dfcea52ba20178b53f04aa15dd3ac627061def92702459e3afdf5dc2910138a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 28 Jan 2022 10:59:43 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 254528
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
Last-Modified: Tue, 25 Jan 2022 12:17:35 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mcy0zSKuPYzLteYt3NRdtBUeIrkAaVLliRlkGbywQFSm%2BLW1SYjqdfUcQOUPqCp%2BDzlk8GdIt1LPv0RxxpkuCI%2Fp%2FfxXa3NA9zHLTLhcHjCl3MATn6PFRknNYcbNLhqh0o5G43abmNIbyuSnTefxQ4%2Fcjrw17Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
cache-control: max-age=86400, must-revalidate
CF-RAY: 6d49b682cdbd690f-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1

200
OK

hit;flibusta_life
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit;flibusta_life?t45.1;r;s1600*1200*24;uhttp%3A//read11.w1.flibusta.life/b/625322;h%u042F%20%u0441%u0434%u0435%u043B%u0430%u044E%20%u0432%u0430%u043C%20%u043F%u0440%u0435%...
https://counter.yadro.ru/hit;flibusta_life?q;t45.1;r;s1600*1200*24;uhttp%3A//read11.w1.flibusta.life/b/625322;h%u042F%20%u0441%u0434%u0435%u043B%u0430%u044E%20%u0432%u0430%u043C%20%u043F%u0440%u043...

112 B
598 B

57ms
57ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;flibusta_life?q;t45.1;r;s1600*1200*24;uhttp%3A//read11.w1.flibusta.life/b/625322;h%u042F%20%u0441%u0434%u0435%u043B%u0430%u044E%20%u0432%u0430%u043C%20%u043F%u0440%u0435%u0434%u043B%u043E%u0436%u0435%u043D%u0438%u0435%2C%20%u043E%u0442%20%u043A%u043E%u0442%u043E%u0440%u043E%u0433%u043E%20%u043D%u0435%u043B%u044C%u0437%u044F%20%u043E%u0442%u043A%u0430%u0437%u0430%u0442%u044C%u0441%u044F%20%28fb2%29%20%7C%20%u0424%u043B%u0438%u0431%u0443%u0441%u0442%u0430;0.19969817107574594

Requested by

Host: read11.w1.flibusta.life
URL: http://read11.w1.flibusta.life/b/625322

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

bb51b9caddb8a0e55d70c819b8a8903fbf2f94b7ad453653ec6aa0e823524276

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 10:59:56 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 112
Expires: Wed, 27 Jan 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 10:59:56 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit;flibusta_life?q;t45.1;r;s1600*1200*24;uhttp%3A//read11.w1.flibusta.life/b/625322;h%u042F%20%u0441%u0434%u0435%u043B%u0430%u044E%20%u0432%u0430%u043C%20%u043F%u0440%u0435%u0434%u043B%u043E%u0436%u0435%u043D%u0438%u0435%2C%20%u043E%u0442%20%u043A%u043E%u0442%u043E%u0440%u043E%u0433%u043E%20%u043D%u0435%u043B%u044C%u0437%u044F%20%u043E%u0442%u043A%u0430%u0437%u0430%u0442%u044C%u0441%u044F%20%28fb2%29%20%7C%20%u0424%u043B%u0438%u0431%u0443%u0441%u0442%u0430;0.19969817107574594
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Wed, 27 Jan 2021 21:00:00 GMT

GET
H/1.1 200
OK open.gif
read11.w1.flibusta.life/img/ 67 B
913 B 52ms
49ms Image
image/gif 2606:4700:3033::ac43:d185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read11.w1.flibusta.life/img/open.gif
Requested by: Host: read11.w1.flibusta.life
URL: http://read11.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:d185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 1d4c1410507cbfa6fa4e3594f092ddf8ba0688dd58eec01bcc501f60250803fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 28 Jan 2022 10:59:43 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 249435
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
Last-Modified: Tue, 25 Jan 2022 13:42:28 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FXYUhSxeUxoOf1c%2B%2BfMTw0XlvnSW%2BHU2iuFQl89TXEsroX72oZ4Dq4hqkqwXmzws7gFr4VIffZAn2vHXX3G1V9Bh%2Fskplg1WDc0tPbOdPpZCon7W4Duu9ZFinVAttfJn%2BJfrYu0GV1xOnouD6qVuV%2B7TcJbokA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
cache-control: max-age=86400, must-revalidate
CF-RAY: 6d49b682da939277-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK menu-leaf.gif
read11.w1.flibusta.life/themes/bluebreeze/images/ 175 B
1019 B 71ms
28ms Image
image/gif 2606:4700:3033::ac43:d185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read11.w1.flibusta.life/themes/bluebreeze/images/menu-leaf.gif
Requested by: Host: read11.w1.flibusta.life
URL: http://read11.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:d185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 913e0bff2ebdfd8aa46e82e8282910638f68fdb9f56f447f1f6b259f3fe5e539

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 28 Jan 2022 10:59:43 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 273228
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
Last-Modified: Tue, 25 Jan 2022 07:05:55 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4mq2Yzh%2BqgMvanXUzJMnDTh2pTuSv6UB2Bjvtm73rU5KXBg8ACM%2BVFjdjJQMnzZzDdxEKd2jG5JrHSgOz67HN%2FWX3rH7RW%2Bm1CveoeMQ5Jo%2FxT6qqrDTUzd3EXYn7UMTCwCB83yua7T7VpyjWnBG%2F5EdtW7SuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
cache-control: max-age=86400, must-revalidate
CF-RAY: 6d49b6831ea9690f-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
DATA 200
OK truncated
/ 484 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef9ed4adcba4950bf4be0556283131eedd7c629de1821c8c3967c7f70d971596

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK login-bg.png
read11.w1.flibusta.life/modules/openid/ 223 B
1 KB 26ms
26ms Image
image/png 2606:4700:3033::ac43:d185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read11.w1.flibusta.life/modules/openid/login-bg.png
Requested by: Host: read11.w1.flibusta.life
URL: http://read11.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:d185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: d4247ed30734f69d609692cc4278b576470108373acc75ae3a5e4dba20457cf1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 28 Jan 2022 10:59:43 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 254528
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
Last-Modified: Tue, 25 Jan 2022 12:17:35 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EBxv0QvdRF76C5Rkg9oy6iEU1zaBsbsjUOtuCnd0AhupruqKxqsGnrjXKZxdMlZXzwFHbC6D5HLo2NiuNbqcyURVQfjWNhl%2BKYf8kc%2Bkw8oHCwyEtIV%2BY7HiykxdZEt5uzk1U08B5vasL6C0EMCnNqQTAxfAHw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
cache-control: max-age=86400, must-revalidate
CF-RAY: 6d49b68319119177-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK menu-expanded.gif
read11.w1.flibusta.life/themes/bluebreeze/images/ 183 B
1023 B 61ms
55ms Image
image/gif 2606:4700:3033::ac43:d185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read11.w1.flibusta.life/themes/bluebreeze/images/menu-expanded.gif
Requested by: Host: read11.w1.flibusta.life
URL: http://read11.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:d185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: aa76185f417cf85d7029b35e3a6544d4495402e17f76a32633b5ba80a81faa26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 28 Jan 2022 10:59:43 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 254246
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
Last-Modified: Tue, 25 Jan 2022 12:22:17 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eyt0HARbXos%2FyiN%2FcorjANfNo1u0mZL8jXYrXCrSkm1BIPAPG6SPJp9iOml5GzM7XzQhCzdflhB%2Fxhea%2BUAFsFkreRtJhSoOPdqEbDwRx7cxksTRD8JnRx1AWCmxYsn0kvn2GHVGHS0YegRZH4ZaENOPq2rE5A%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
cache-control: max-age=86400, must-revalidate
CF-RAY: 6d49b682ec0791d5-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK menu-collapsed.gif
read11.w1.flibusta.life/themes/bluebreeze/images/ 176 B
1012 B 44ms
35ms Image
image/gif 2606:4700:3033::ac43:d185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read11.w1.flibusta.life/themes/bluebreeze/images/menu-collapsed.gif
Requested by: Host: read11.w1.flibusta.life
URL: http://read11.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:d185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: b4e545d7af5622814ef6da2f4aca4f1ce46077bb9c1641761c2398eaf661d8c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 28 Jan 2022 10:59:43 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 253730
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
Last-Modified: Tue, 25 Jan 2022 12:30:53 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NTNiq6tgrRoWfXK0PWOBj6XvKTsPRBOBTaqwY1mNFErEtLRIVL%2FMP4bmUlFLh%2FLsVmUw8YCtMXMr6jrvHYwOfe3xEagh8EsbbtOS7DPfbY8cJMgvNykS5B6ih6HNBNxrGlVbtaomZC4SaPnQUqtXiaCaLbkzLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
cache-control: max-age=86400, must-revalidate
CF-RAY: 6d49b682ec6191fb-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK bg-footer.gif
read11.w1.flibusta.life/themes/bluebreeze/images/ 187 B
1 KB 42ms
42ms Image
image/gif 2606:4700:3033::ac43:d185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read11.w1.flibusta.life/themes/bluebreeze/images/bg-footer.gif
Requested by: Host: read11.w1.flibusta.life
URL: http://read11.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:d185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: f739d2729f1fd478c855bef64b16d83ab8524e6068651ca4325e47ccca7aa1bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 28 Jan 2022 10:59:43 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 255246
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
Last-Modified: Tue, 25 Jan 2022 12:05:37 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V5u2%2B9uZvNq%2BumTeCBihXK6XHQ3pUYjommF5Dn6PF5IIEu%2B0uxkT5CW%2BIzhmtQXg87mvUWYJ9jhW8hK7WkOeqaDFhbWgZG6scIzmYeQd5k0zVODGVw%2B8f%2F3E510W1PnKdIoMGpW8jxIILztrr90JEEdd3%2Bc%2BBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
cache-control: max-age=86400, must-revalidate
CF-RAY: 6d49b6831b4d9277-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 a04d50c06557d6f48e78.js Show response
yastatic.net/partner-code-bundles/53297/ 13 KB
5 KB 131ms
45ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/53297/a04d50c06557d6f48e78.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

dea121340e3421fdf215feb6f193f0c6904fa1a7de6b08ea4530b1b3f66ea73e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://read11.w1.flibusta.life/
Origin: http://read11.w1.flibusta.life
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 10:59:43 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4462
last-modified: Fri, 28 Jan 2022 09:29:11 GMT
server: nginx/1.17.9
etag: "ad37af3b86a7bbef065089ef33e913f1"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2052 17:33:46 GMT

GET
H2 200 5866c8777b95f4c9ab23.js Show response
yastatic.net/partner-code-bundles/53297/ 80 KB
17 KB 169ms
85ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/53297/5866c8777b95f4c9ab23.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

741a082659fee5924e441274537175f5386e9e72c0ac29c3e66d30e7075f38ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://read11.w1.flibusta.life/
Origin: http://read11.w1.flibusta.life
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 10:59:43 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 17020
last-modified: Fri, 28 Jan 2022 09:29:11 GMT
server: nginx/1.17.9
etag: "6d7d309d9e79c7c236b27e1c2446ce5d"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2052 17:33:46 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 230ms
147ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://read11.w1.flibusta.life/
Origin: http://read11.w1.flibusta.life
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 10:59:43 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2052 17:33:41 GMT

GET
H2 200 1382009 Show response
yandex.ru/ads/meta/ 176 KB
176 KB 313ms
313ms XHR
application/json 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/1382009?target-ref=http%3A%2F%2Fread11.w1.flibusta.life%2Fb%2F625322&charset=utf-8&pcode-test-ids=496140%2C0%2C3%3B487925%2C0%2C34%3B492125%2C0%2C64%3B493918%2C0%2C52%3B488525%2C0%2C60%3B406668%2C0%2C31%3B466679%2C0%2C38%3B494996%2C0%2C78&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22VAS_LONG_EXP_FLAG_ENABLE_MEDIA_FILE_TYPE_PRIORITY_FACTOR_FOR_DESIRED_BITRATE%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22473613%22%7D%5D%2C%22VAS_LONG_EXP_FLAG_MEDIA_FILE_TYPE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%221%22%2C%22testId%22%3A%22473626%22%7D%5D%2C%22IGNORE_DESIRED_BITRATE_INAPP%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22479145%22%7D%5D%2C%22PCODE_DISABLE_VIDEO_IN_COMBO_BUTTON_DUPLICATION%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22483906%22%7D%5D%2C%22ENABLE_ACTION_PANEL_WITH_ARROW%22%3A%5B%7B%22value%22%3A%22EVERYWHERE%22%2C%22testId%22%3A%22483906%22%7D%5D%2C%22VAS_ENABLE_AD_LABEL_OF_YANDEX_DIRECT%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22496222%22%7D%5D%2C%22VAS_OPEN_AD_INSTEAD_OF_AD_SYSTEM_BY_LABEL_CLICK%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22496222%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22497320%22%2C%22testId%22%3A%22500595%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%2C257448%5D%2C%22testId%22%3A%22479101%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22472957%22%7D%5D%2C%22SHADOW_ROOT_OPEN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22476923%22%7D%5D%2C%22NEW_ADBLOCK_LOG%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22487621%22%7D%5D%2C%22COUNT_TO_XHR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22487824%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22487852%22%7D%5D%2C%22HTTPS_FOR_ADAPTERS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22496411%22%7D%5D%2C%22HIDE_VIDEO_IN_COMBO_ACTION_BUTTON_IF_THERE_ARE_CLICKABLE_ASSETS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22497916%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22487925%22%7D%5D%2C%22SMART_BANNER_ANIMATION%22%3A%5B%7B%22value%22%3A%22disabled%22%2C%22testId%22%3A%22492125%22%7D%5D%2C%22YANDEX_RU_DOMAIN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22493918%22%7D%5D%2C%22PP_INTENT_URL%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22488525%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22YANDEX_RU_DOMAIN_DISTRIB%22%3A%5B%7B%22value%22%3A%22ctrl%22%2C%22testId%22%3A%22466679%22%7D%5D%7D&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=1TQK9iuFN%2BmWzq%2BrrwmguNouajVIiZNvrhAuj1TbSYRMm5%2FM1ReS1scuO6FFe6MESciBpdMR2qhxvOM3o05W3idQGK8%3D&imp-id=5&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=26989574488066&ad-session-id=4627971643367583342&target-id=77508746&tga-with-creatives=1&top-ancestor=http%3A%2F%2Fread11.w1.flibusta.life&top-ancestor-undetermined=0&pcode-version=53297&pcodever=53297&flash-ver=0&available-width=1600&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A99%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=656&grab=dNCvINGB0LTQtdC70LDRjiDQstCw0Lwg0L_RgNC10LTQu9C-0LbQtdC90LjQtSwg0L7RgiDQutC-0YLQvtGA0L7Qs9C-INC90LXQu9GM0LfRjyDQvtGC0LrQsNC30LDRgtGM0YHRjyAoZmIyKSB8INCk0LvQuNCx0YPRgdGC0LAKMSDQpNC70LjQsdGD0YHRgtCwIAox0K8g0YHQtNC10LvQsNGOINCy0LDQvCDQv9GA0LXQtNC70L7QttC10L3QuNC1LCDQvtGCINC60L7RgtC-0YDQvtCz0L4g0L3QtdC70YzQt9GPINC-0YLQutCw0LfQsNGC0YzRgdGPIChmYjIpIAoy0JDQvdC90L7RgtCw0YbQuNGPIAoy0KDQtdC60L7QvNC10L3QtNCw0YbQuNC4OiAKMiDQn9C-0LjRgdC6INC60L3QuNCzIAoyINCS0YXQvtC0INCyINGB0LjRgdGC0LXQvNGDIAoyINCd0LDQstC40LPQsNGG0LjRjyAKMiDQn9C-0YHQu9C10LTQvdC40LUg0LrQvtC80LzQtdC90YLQsNGA0LjQuCAKMiDQktC_0LXRh9Cw0YLQu9C10L3QuNGPINC-INC60L3QuNCz0LDRhSAKMiDQoNGO0LrQt9Cw0YfQvtC6IAo%3D&uniformat=true&callback=Ya%5B9655532820733%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

d846b1bdadef4bfab59b098962337373b02b8ed036d7b78af393c80b5704dcd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read11.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 28 Jan 2022 10:59:43 GMT
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr: true
x-yandex-req-id: 1643367583383653-12491401834158005366-man1-0044-man-l7-balancer-8080-BAL-9023
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 28 Jan 2022 10:59:43 GMT
uniformat: true
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: http://read11.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 28 Jan 2022 10:59:43 GMT

GET
H2 200 68df1dbbe0673aa7052f.js Show response
yastatic.net/partner-code-bundles/53297/ 587 KB
121 KB 163ms
104ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/53297/68df1dbbe0673aa7052f.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

8bf6d72ea819fec97cf03cbd0a53e699ea577fd81e5f72792f27c437d5e7a681

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://read11.w1.flibusta.life/
Origin: http://read11.w1.flibusta.life
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 10:59:43 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 122824
last-modified: Fri, 28 Jan 2022 09:29:11 GMT
server: nginx/1.17.9
etag: "ee3f8e6de43e69723139d72480630ba3"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2052 17:33:46 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 148ms
60ms Preflight 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://read11.w1.flibusta.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
date: Fri, 28 Jan 2022 10:59:43 GMT
access-control-max-age: 1728000
access-control-allow-headers: content-type
access-control-allow-origin: http://read11.w1.flibusta.life
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-encoding: gzip
strict-transport-security: max-age=31536000

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
400 B 123ms
41ms XHR
text/plain 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read11.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
content-encoding: gzip
last-modified: Fri, 28 Jan 2022 10:59:44 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://read11.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 28 Jan 2022 10:59:44 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 137 KB
49 KB 175ms
84ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

2f3ee8524a05db8a30e14cfbe98175341508f92759804299364e97848f4a0148

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://read11.w1.flibusta.life/
Origin: http://read11.w1.flibusta.life
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 10:59:43 GMT
content-encoding: br
last-modified: Wed, 26 Jan 2022 15:48:14 GMT
etag: "61f1430e-c1c4"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 49604
expires: Fri, 28 Jan 2022 11:59:43 GMT

GET
H2 200 1382009 Show response
yandex.ru/ads/meta/ 15 KB
15 KB 208ms
207ms XHR
application/json 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/1382009?target-ref=http%3A%2F%2Fread11.w1.flibusta.life%2Fb%2F625322&charset=utf-8&pcode-test-ids=496140%2C0%2C3%3B487925%2C0%2C34%3B492125%2C0%2C64%3B493918%2C0%2C52%3B488525%2C0%2C60%3B406668%2C0%2C31%3B466679%2C0%2C38%3B494996%2C0%2C78&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22VAS_LONG_EXP_FLAG_ENABLE_MEDIA_FILE_TYPE_PRIORITY_FACTOR_FOR_DESIRED_BITRATE%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22473613%22%7D%5D%2C%22VAS_LONG_EXP_FLAG_MEDIA_FILE_TYPE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%221%22%2C%22testId%22%3A%22473626%22%7D%5D%2C%22IGNORE_DESIRED_BITRATE_INAPP%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22479145%22%7D%5D%2C%22PCODE_DISABLE_VIDEO_IN_COMBO_BUTTON_DUPLICATION%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22483906%22%7D%5D%2C%22ENABLE_ACTION_PANEL_WITH_ARROW%22%3A%5B%7B%22value%22%3A%22EVERYWHERE%22%2C%22testId%22%3A%22483906%22%7D%5D%2C%22VAS_ENABLE_AD_LABEL_OF_YANDEX_DIRECT%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22496222%22%7D%5D%2C%22VAS_OPEN_AD_INSTEAD_OF_AD_SYSTEM_BY_LABEL_CLICK%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22496222%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22497320%22%2C%22testId%22%3A%22500595%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%2C257448%5D%2C%22testId%22%3A%22479101%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22472957%22%7D%5D%2C%22SHADOW_ROOT_OPEN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22476923%22%7D%5D%2C%22NEW_ADBLOCK_LOG%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22487621%22%7D%5D%2C%22COUNT_TO_XHR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22487824%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22487852%22%7D%5D%2C%22HTTPS_FOR_ADAPTERS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22496411%22%7D%5D%2C%22HIDE_VIDEO_IN_COMBO_ACTION_BUTTON_IF_THERE_ARE_CLICKABLE_ASSETS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22497916%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22487925%22%7D%5D%2C%22SMART_BANNER_ANIMATION%22%3A%5B%7B%22value%22%3A%22disabled%22%2C%22testId%22%3A%22492125%22%7D%5D%2C%22YANDEX_RU_DOMAIN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22493918%22%7D%5D%2C%22PP_INTENT_URL%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22488525%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22YANDEX_RU_DOMAIN_DISTRIB%22%3A%5B%7B%22value%22%3A%22ctrl%22%2C%22testId%22%3A%22466679%22%7D%5D%7D&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=1TQK9iuFN%2BmWzq%2BrrwmguNouajVIiZNvrhAuj1TbSYRMm5%2FM1ReS1scuO6FFe6MESciBpdMR2qhxvOM3o05W3idQGK8%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=26989574488066&ad-session-id=4627971643367583342&target-id=36580597&tga-with-creatives=1&top-ancestor=http%3A%2F%2Fread11.w1.flibusta.life&top-ancestor-undetermined=0&pcode-version=53297&pcodever=53297&flash-ver=0&available-width=270&skip-token=yabs.NzIwNTc2MDU2Mjk5OTUwOTEKNzIwNTc2MDQ0NjExMDcwNzEKNzIwNTc2MDQ2MTk5NTQ2NzgKNzIwNTc2MDUwMDQxMDM5Nzc%3D&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A270%2C%22h%22%3A0%2C%22width%22%3A270%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1322%2C%22top%22%3A283%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A4%2C%22req_no%22%3A1%7D&grab-orig-len=656&grab=dNCvINGB0LTQtdC70LDRjiDQstCw0Lwg0L_RgNC10LTQu9C-0LbQtdC90LjQtSwg0L7RgiDQutC-0YLQvtGA0L7Qs9C-INC90LXQu9GM0LfRjyDQvtGC0LrQsNC30LDRgtGM0YHRjyAoZmIyKSB8INCk0LvQuNCx0YPRgdGC0LAKMSDQpNC70LjQsdGD0YHRgtCwIAox0K8g0YHQtNC10LvQsNGOINCy0LDQvCDQv9GA0LXQtNC70L7QttC10L3QuNC1LCDQvtGCINC60L7RgtC-0YDQvtCz0L4g0L3QtdC70YzQt9GPINC-0YLQutCw0LfQsNGC0YzRgdGPIChmYjIpIAoy0JDQvdC90L7RgtCw0YbQuNGPIAoy0KDQtdC60L7QvNC10L3QtNCw0YbQuNC4OiAKMiDQn9C-0LjRgdC6INC60L3QuNCzIAoyINCS0YXQvtC0INCyINGB0LjRgdGC0LXQvNGDIAoyINCd0LDQstC40LPQsNGG0LjRjyAKMiDQn9C-0YHQu9C10LTQvdC40LUg0LrQvtC80LzQtdC90YLQsNGA0LjQuCAKMiDQktC_0LXRh9Cw0YLQu9C10L3QuNGPINC-INC60L3QuNCz0LDRhSAKMiDQoNGO0LrQt9Cw0YfQvtC6IAo%3D&uniformat=true&callback=Ya%5B7887779963381%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

f35fad4587c4a421d0579ca5b8f223b80147beebba83606897aeccf90b8c2148

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read11.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:43 GMT
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1643367583792483-7296827940686436640-man1-0044-man-l7-balancer-8080-BAL-6200
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: http://read11.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Fri, 28 Jan 2022 10:59:43 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 28 Jan 2022 10:59:43 GMT

GET
H2 200 y300
avatars.mds.yandex.net/get-direct/5248008/La4QkLClQgbYRYexRfltuA/ 22 KB
22 KB 172ms
78ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5248008/La4QkLClQgbYRYexRfltuA/y300
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 30253bda2ffc57484bf0c4cdbaafbaebece53d514cda40cedd22ade2b858c666

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 10:59:43 GMT
last-modified: Fri, 14 Jan 2022 12:49:54 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 22126
x-request-id: 5362730dceededfa

GET
H/1.1 200
Ok kovallzovcourse.live
favicon.yandex.net/favicon/ 478 B
691 B 135ms
42ms Image
image/png 2a02:6b8::36
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/kovallzovcourse.live?size=32&stub=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

c5a74ae578a75fed96e8b51cd01a2ac509b4ad168b3d8770202e217a53782ce8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 x450
avatars.mds.yandex.net/get-direct/4581176/fVsgt8E5Pb4E0SZ2j47NoA/ 37 KB
37 KB 172ms
79ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4581176/fVsgt8E5Pb4E0SZ2j47NoA/x450
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: ea8998447eef9575b6f7c1b27a068516935246f8060f943a647f8f92bcfd6d0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 10:59:43 GMT
last-modified: Wed, 10 Mar 2021 03:07:15 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 37636
x-request-id: cca7659ed3e2a60b

GET
H/1.1 200
Ok fw-rebirth.com
favicon.yandex.net/favicon/ 1 KB
2 KB 135ms
43ms Image
image/png 2a02:6b8::36
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/fw-rebirth.com?size=32&stub=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

3864f2d9403734422027d63b9abe2cf862126ee55adb3f735ef2f4572acef28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 wy300
avatars.mds.yandex.net/get-direct/4408665/jyh-EM5JFgMpxLhL9TWnHg/ 16 KB
17 KB 172ms
79ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4408665/jyh-EM5JFgMpxLhL9TWnHg/wy300
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 5afdaafa2a6eae8997def98a3feeb11ac6b3afa82d4ec45c24a702fc892a277a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 10:59:43 GMT
last-modified: Mon, 03 May 2021 13:12:46 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 16594
x-request-id: 2d920bf8fe75c7be

GET
H/1.1 200
Ok wowfit.ru
favicon.yandex.net/favicon/ 2 KB
2 KB 154ms
61ms Image
image/png 2a02:6b8::36
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/wowfit.ru?size=32&stub=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

a9e2c21fea32dc63142707b7904f8a962f77bb77f81fdd6a8bbb700a1f94657b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 x450
avatars.mds.yandex.net/get-direct/4380796/2RC5FbY2iFKhbp1gxPGjRA/ 34 KB
35 KB 172ms
79ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4380796/2RC5FbY2iFKhbp1gxPGjRA/x450
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: cd638262e1ce17a7aca8fc4ef90e4642d33123446a32e78a11f1be885bddebc3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 10:59:43 GMT
last-modified: Thu, 29 Jul 2021 17:15:52 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 35148
x-request-id: 8bb5a9bdd26ec348

GET
H/1.1 200
Ok yandex.com
favicon.yandex.net/favicon/ 756 B
969 B 135ms
43ms Image
image/png 2a02:6b8::36
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/yandex.com?size=32&stub=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

dd321da9fbfb2751ef37064414b32f455ae4e64bfdcfc7c89f9681b163dca0fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame 35E4 24 KB
7 KB 122ms
41ms Document
text/html 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/

Response headers

server: nginx/1.17.9
date: Fri, 28 Jan 2022 10:59:43 GMT
content-type: text/html
content-length: 6262
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Sun, 28 Jan 2052 17:31:36 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 61ms
60ms Preflight 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://read11.w1.flibusta.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
date: Fri, 28 Jan 2022 10:59:43 GMT
access-control-max-age: 1728000
access-control-allow-headers: content-type
access-control-allow-origin: http://read11.w1.flibusta.life
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-encoding: gzip
strict-transport-security: max-age=31536000

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 64ms
63ms XHR
text/plain 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read11.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
content-encoding: gzip
last-modified: Fri, 28 Jan 2022 10:59:44 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://read11.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 28 Jan 2022 10:59:44 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 42ms
41ms Preflight 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://read11.w1.flibusta.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
date: Fri, 28 Jan 2022 10:59:44 GMT
access-control-max-age: 1728000
access-control-allow-headers: content-type
access-control-allow-origin: http://read11.w1.flibusta.life
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-encoding: gzip
strict-transport-security: max-age=31536000

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 58ms
58ms XHR
text/plain 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read11.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
content-encoding: gzip
last-modified: Fri, 28 Jan 2022 10:59:44 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://read11.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 28 Jan 2022 10:59:44 GMT

GET
H2 200 1382009 Show response
yandex.ru/ads/meta/ 275 KB
276 KB 344ms
344ms XHR
application/json 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/1382009?target-ref=http%3A%2F%2Fread11.w1.flibusta.life%2Fb%2F625322&charset=utf-8&pcode-test-ids=496140%2C0%2C3%3B487925%2C0%2C34%3B492125%2C0%2C64%3B493918%2C0%2C52%3B488525%2C0%2C60%3B406668%2C0%2C31%3B466679%2C0%2C38%3B494996%2C0%2C78&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22VAS_LONG_EXP_FLAG_ENABLE_MEDIA_FILE_TYPE_PRIORITY_FACTOR_FOR_DESIRED_BITRATE%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22473613%22%7D%5D%2C%22VAS_LONG_EXP_FLAG_MEDIA_FILE_TYPE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%221%22%2C%22testId%22%3A%22473626%22%7D%5D%2C%22IGNORE_DESIRED_BITRATE_INAPP%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22479145%22%7D%5D%2C%22PCODE_DISABLE_VIDEO_IN_COMBO_BUTTON_DUPLICATION%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22483906%22%7D%5D%2C%22ENABLE_ACTION_PANEL_WITH_ARROW%22%3A%5B%7B%22value%22%3A%22EVERYWHERE%22%2C%22testId%22%3A%22483906%22%7D%5D%2C%22VAS_ENABLE_AD_LABEL_OF_YANDEX_DIRECT%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22496222%22%7D%5D%2C%22VAS_OPEN_AD_INSTEAD_OF_AD_SYSTEM_BY_LABEL_CLICK%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22496222%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22497320%22%2C%22testId%22%3A%22500595%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%2C257448%5D%2C%22testId%22%3A%22479101%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22472957%22%7D%5D%2C%22SHADOW_ROOT_OPEN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22476923%22%7D%5D%2C%22NEW_ADBLOCK_LOG%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22487621%22%7D%5D%2C%22COUNT_TO_XHR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22487824%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22487852%22%7D%5D%2C%22HTTPS_FOR_ADAPTERS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22496411%22%7D%5D%2C%22HIDE_VIDEO_IN_COMBO_ACTION_BUTTON_IF_THERE_ARE_CLICKABLE_ASSETS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22497916%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22487925%22%7D%5D%2C%22SMART_BANNER_ANIMATION%22%3A%5B%7B%22value%22%3A%22disabled%22%2C%22testId%22%3A%22492125%22%7D%5D%2C%22YANDEX_RU_DOMAIN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22493918%22%7D%5D%2C%22PP_INTENT_URL%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22488525%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22YANDEX_RU_DOMAIN_DISTRIB%22%3A%5B%7B%22value%22%3A%22ctrl%22%2C%22testId%22%3A%22466679%22%7D%5D%7D&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=1TQK9iuFN%2BmWzq%2BrrwmguNouajVIiZNvrhAuj1TbSYRMm5%2FM1ReS1scuO6FFe6MESciBpdMR2qhxvOM3o05W3idQGK8%3D&imp-id=3&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=26989574488066&ad-session-id=4627971643367583342&target-id=18864291&tga-with-creatives=1&top-ancestor=http%3A%2F%2Fread11.w1.flibusta.life&top-ancestor-undetermined=0&pcode-version=53297&pcodever=53297&flash-ver=0&available-width=270&skip-token=yabs.NzIwNTc2MDU0MzEwODczNzUKNzIwNTc2MDU2Mjk5OTUwOTEKNzIwNTc2MDQ0NjExMDcwNzEKNzIwNTc2MDQ2MTk5NTQ2NzgKNzIwNTc2MDUwMDQxMDM5Nzc%3D&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A270%2C%22h%22%3A0%2C%22width%22%3A270%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A1322%2C%22top%22%3A2227%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A4%2C%22req_no%22%3A2%7D&grab-orig-len=656&grab=dNCvINGB0LTQtdC70LDRjiDQstCw0Lwg0L_RgNC10LTQu9C-0LbQtdC90LjQtSwg0L7RgiDQutC-0YLQvtGA0L7Qs9C-INC90LXQu9GM0LfRjyDQvtGC0LrQsNC30LDRgtGM0YHRjyAoZmIyKSB8INCk0LvQuNCx0YPRgdGC0LAKMSDQpNC70LjQsdGD0YHRgtCwIAox0K8g0YHQtNC10LvQsNGOINCy0LDQvCDQv9GA0LXQtNC70L7QttC10L3QuNC1LCDQvtGCINC60L7RgtC-0YDQvtCz0L4g0L3QtdC70YzQt9GPINC-0YLQutCw0LfQsNGC0YzRgdGPIChmYjIpIAoy0JDQvdC90L7RgtCw0YbQuNGPIAoy0KDQtdC60L7QvNC10L3QtNCw0YbQuNC4OiAKMiDQn9C-0LjRgdC6INC60L3QuNCzIAoyINCS0YXQvtC0INCyINGB0LjRgdGC0LXQvNGDIAoyINCd0LDQstC40LPQsNGG0LjRjyAKMiDQn9C-0YHQu9C10LTQvdC40LUg0LrQvtC80LzQtdC90YLQsNGA0LjQuCAKMiDQktC_0LXRh9Cw0YLQu9C10L3QuNGPINC-INC60L3QuNCz0LDRhSAKMiDQoNGO0LrQt9Cw0YfQvtC6IAo%3D&uniformat=true&callback=Ya%5B9017303855785%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

ee94ee5787533b981fafeb1a213e5bbff6b5c9e4421ec3ff02d5c3726ceb9fdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read11.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 28 Jan 2022 10:59:44 GMT
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr: true
x-yandex-req-id: 1643367584019898-16592300132403498064-man1-0044-man-l7-balancer-8080-BAL-6186
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 28 Jan 2022 10:59:44 GMT
uniformat: true
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: http://read11.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 28 Jan 2022 10:59:44 GMT

GET
H/1.1 200
Ok d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame 35E4 95 B
400 B 123ms
40ms Image
image/png 2a02:6b8::5:114
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 28 Jan 2022 10:59:44 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=315360000; includeSubDomains
X-RT-IH: 0.0001
Content-Type: image/png
Cache-Control: private
Connection: close
X-RT-IQ: 0.0001
Content-Length: 95
Expires: Sat, 29 Jan 2022 10:59:44 GMT

GET
H2

200

spixel.php
sonar.semantiqo.com/983we/ Frame 35E4
Redirect Chain

https://sonar.semantiqo.com/dmp/scr.php
https://counter.yadro.ru/id127/reff-id.gif?sid=eb50b372e191433e9a173bb0df104183
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=5AD7676E918B0B25&sid=eb50b372e191433e9a173bb0df104183
https://cdn3.caltat.com/fbfc504c-89b0-4a80-bef4-c8e39daeee6f/sess.php?sid=eb50b372e191433e9a173bb0df104183&spid=5AD7676E918B0B25&v=
https://sync.magnitent.com/fbfli/ct_sync.php?ct=32283a54aaab49db8d0af90e34d58ac7&sonar=eb50b372e191433e9a173bb0df104183&spid=5AD7676E918B0B25&v=
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fsonar.semantiqo.com%2F983we%2Fspixel.php%3Fsid%3Deb50b372e191433e9a173bb0df104183%26c%3D32283a54aaab49db8d0af90e34d58ac7%26w%3D={WEBO_CID}
https://sonar.semantiqo.com/983we/spixel.php?sid=eb50b372e191433e9a173bb0df104183&c=32283a54aaab49db8d0af90e34d58ac7&w==1JSUV/qu7ccoFI6oib5PbO

0
355 B

43ms
43ms

Image
text/html

95.217.86.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sonar.semantiqo.com/983we/spixel.php?sid=eb50b372e191433e9a173bb0df104183&c=32283a54aaab49db8d0af90e34d58ac7&w==1JSUV/qu7ccoFI6oib5PbO
Protocol: H2
Server: 95.217.86.150 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.86.217.95.clients.your-server.de
Software: nginx/1.20.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 10:59:44 GMT
content-encoding: gzip
server: nginx/1.20.2
mode: no-cors
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
via: 1.1 google
last-modified: Fri, 28 Jan 2022 10:59:44 GMT
server: nginx/1.12.0
location: https://sonar.semantiqo.com/983we/spixel.php?sid=eb50b372e191433e9a173bb0df104183&c=32283a54aaab49db8d0af90e34d58ac7&w==1JSUV/qu7ccoFI6oib5PbO
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 35E4 42 B
201 B 592ms
335ms Image
image/gif 81.222.128.216
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=109
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.216 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad16.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 28 Jan 2022 10:59:44 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

2Q6MQIr5888UGDb7WptD
an.yandex.ru/mapuid/dmpamberdata/ Frame 35E4
Redirect Chain

https://dmg.digitaltarget.ru/1/119/i/i?i=1643367583
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&i=1643367583
https://an.yandex.ru/mapuid/dmpamberdata/2Q6MQIr5888UGDb7WptD

43 B
80 B

73ms
73ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpamberdata/2Q6MQIr5888UGDb7WptD

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
content-encoding: gzip
last-modified: Fri, 28 Jan 2022 10:59:44 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 28 Jan 2022 10:59:44 GMT

Redirect headers

Date: Fri, 28 Jan 2022 10:59:44 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://an.yandex.ru/mapuid/dmpamberdata/2Q6MQIr5888UGDb7WptD
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 8
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H2

200

wsCMV3F7YCOi
an.yandex.ru/mapuid/dmpsegmento/ Frame 35E4
Redirect Chain

https://yandex-dmp-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/dmpsegmento/wsCMV3F7YCOi?sign=2182030194

43 B
80 B

61ms
61ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpsegmento/wsCMV3F7YCOi?sign=2182030194

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
content-encoding: gzip
last-modified: Fri, 28 Jan 2022 10:59:44 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 28 Jan 2022 10:59:44 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/dmpsegmento/wsCMV3F7YCOi?sign=2182030194
Date: Fri, 28 Jan 2022 10:59:44 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

tXIUbMQSi8B_
an.yandex.ru/mapuid/rutargetis/ Frame 35E4
Redirect Chain

https://yandex-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/rutargetis/tXIUbMQSi8B_

43 B
80 B

62ms
61ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/rutargetis/tXIUbMQSi8B_

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
content-encoding: gzip
last-modified: Fri, 28 Jan 2022 10:59:44 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 28 Jan 2022 10:59:44 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/rutargetis/tXIUbMQSi8B_
Date: Fri, 28 Jan 2022 10:59:44 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

tB37C5JEj%2BswJc2ZHR1tWg
an.yandex.ru/mapuid/dmpaidatame/ Frame 35E4
Redirect Chain

https://x01.aidata.io/0.gif?pid=YANDEX
https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1
https://an.yandex.ru/mapuid/dmpaidatame/tB37C5JEj%2BswJc2ZHR1tWg?sign=2951223894

43 B
80 B

61ms
61ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpaidatame/tB37C5JEj%2BswJc2ZHR1tWg?sign=2951223894

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
content-encoding: gzip
last-modified: Fri, 28 Jan 2022 10:59:44 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 28 Jan 2022 10:59:44 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
last-modified: Fri, 28 Jan 2022 10:59:43 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location: https://an.yandex.ru/mapuid/dmpaidatame/tB37C5JEj%2BswJc2ZHR1tWg?sign=2951223894
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Fri, 28 Jan 2022 10:59:43 GMT

GET
H2

200

665677c0-8029-11ec-9752-901b0e8d9836
an.yandex.ru/mapuid/dmpcleverdata/ Frame 35E4
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au
https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au&cs=1
https://an.yandex.ru/mapuid/dmpcleverdata/665677c0-8029-11ec-9752-901b0e8d9836?sign=2659481549

43 B
82 B

80ms
80ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpcleverdata/665677c0-8029-11ec-9752-901b0e8d9836?sign=2659481549

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
content-encoding: gzip
last-modified: Fri, 28 Jan 2022 10:59:44 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 28 Jan 2022 10:59:44 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/dmpcleverdata/665677c0-8029-11ec-9752-901b0e8d9836?sign=2659481549
date: Fri, 28 Jan 2022 10:59:44 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate, private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0, 0

GET
H2

200

qu7ccoFI6oib5PbO
an.yandex.ru/mapuid/dmpweborama/1JSUV/ Frame 35E4
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID}
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=2195859358
https://an.yandex.ru/mapuid/dmpweborama/1JSUV/qu7ccoFI6oib5PbO

43 B
294 B

75ms
74ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpweborama/1JSUV/qu7ccoFI6oib5PbO

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
content-encoding: gzip
last-modified: Fri, 28 Jan 2022 10:59:44 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 28 Jan 2022 10:59:44 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
via: 1.1 google
last-modified: Fri, 28 Jan 2022 10:59:44 GMT
server: nginx/1.12.0
location: https://an.yandex.ru/mapuid/dmpweborama/1JSUV/qu7ccoFI6oib5PbO
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

/
an.yandex.ru/mapuid/ramblerssp/ Frame 35E4
Redirect Chain

https://profile.ssp.rambler.ru/sync3.302?pid=188
https://an.yandex.ru/mapuid/ramblerssp/

43 B
82 B

81ms
81ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/ramblerssp/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
content-encoding: gzip
last-modified: Fri, 28 Jan 2022 10:59:44 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 28 Jan 2022 10:59:44 GMT

Redirect headers

date: Fri, 28 Jan 2022 10:59:44 GMT
server: nginx
strict-transport-security: max-age=0
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
location: //an.yandex.ru/mapuid/ramblerssp/
x-passed: 2bal1
content-type: application/x-javascript; charset=Windows-1251
content-length: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 35E4
Redirect Chain

https://yandex.ru/an/mapuid/adobedmp/
https://yandex.ru/an/mapuid/adobedmp/?redir-setuniq=1
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=E6FF3EAB4404F481
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=E6FF3EAB4404F481

42 B
945 B

43ms
43ms

Image
image/gif

34.255.232.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=E6FF3EAB4404F481

Protocol

HTTP/1.1

Server

34.255.232.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-255-232-227.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v027-0a4dca2b0.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: rDgM2iEnQXs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v027-096e6021a.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: VFN4kA/tR1w=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=E6FF3EAB4404F481
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 yandexdmp-match
dm.hybrid.ai/ Frame 35E4 0
238 B 181ms
57ms Image
text/plain 37.18.16.22
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/yandexdmp-match

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.22 , Russian Federation, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 112
x-xss-protection: 1; mode=block
expires: -1

GET
H2

200

a2fd64b273e4b42e28ffe0e9f3a3e7f7ab55adb8a5f9deb619408d4783151131
an.yandex.ru/mapuid/mediascope/ Frame 35E4
Redirect Chain

https://cm.tns-counter.ru/yacm
https://an.yandex.ru/mapuid/mediascope/a2fd64b273e4b42e28ffe0e9f3a3e7f7ab55adb8a5f9deb619408d4783151131

43 B
80 B

79ms
78ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mediascope/a2fd64b273e4b42e28ffe0e9f3a3e7f7ab55adb8a5f9deb619408d4783151131

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
content-encoding: gzip
last-modified: Fri, 28 Jan 2022 10:59:44 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 28 Jan 2022 10:59:44 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
server: ms-counter-3.2.15/1.20.1
content-type: text/html
location: https://an.yandex.ru/mapuid/mediascope/a2fd64b273e4b42e28ffe0e9f3a3e7f7ab55adb8a5f9deb619408d4783151131
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

f7babe48-44fc-41e4-9568-1403b65b3c42
an.yandex.ru/mapuid/upravelis/ Frame 35E4
Redirect Chain

https://sync.upravel.com/yandex/sync
https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ
https://f7babe48-44fc-41e4-9568-1403b65b3c42.sync.upravel.com/yandex/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIiwiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ
https://an.yandex.ru/mapuid/upravelis/f7babe48-44fc-41e4-9568-1403b65b3c42

43 B
80 B

61ms
61ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/upravelis/f7babe48-44fc-41e4-9568-1403b65b3c42

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
content-encoding: gzip
last-modified: Fri, 28 Jan 2022 10:59:44 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 28 Jan 2022 10:59:44 GMT

Redirect headers

date: Fri, 28 Jan 2022 10:59:44 GMT
server: nginx
location: https://an.yandex.ru/mapuid/upravelis/f7babe48-44fc-41e4-9568-1403b65b3c42
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
content-type: image/png
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 35E4
Redirect Chain

https://yandex.ru/an/mapuid/google/?partner-tag=yandex_llc
https://yandex.ru/an/mapuid/google/?redir-setuniq=1&partner-tag=yandex_llc
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=CAD39592BE5C1904&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=CAD39592BE5C1904&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc=
https://an.yandex.ru/resource/spacer.gif

43 B
78 B

80ms
80ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 10:59:44 GMT
content-encoding: gzip
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif
x-xss-protection: 1; mode=block
expires: Fri, 13 Jan 2023 10:59:44 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://an.yandex.ru/resource/spacer.gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 35E4
Redirect Chain

https://yandex.ru/an/mapuid/google/?partner-tag=yandexcom
https://yandex.ru/an/mapuid/google/?redir-setuniq=1&partner-tag=yandexcom
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=CAD39592BE5C1904&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=CAD39592BE5C1904&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc=
https://an.yandex.ru/resource/spacer.gif

43 B
78 B

91ms
91ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 10:59:44 GMT
content-encoding: gzip
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif
x-xss-protection: 1; mode=block
expires: Fri, 13 Jan 2023 10:59:44 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://an.yandex.ru/resource/spacer.gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 35E4
Redirect Chain

https://yandex.ru/an/mapuid/google/?partner-tag=yandexru
https://yandex.ru/an/mapuid/google/?redir-setuniq=1&partner-tag=yandexru
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=34F6D63EF2017396&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=34F6D63EF2017396&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc=
https://an.yandex.ru/resource/spacer.gif

43 B
135 B

63ms
62ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 10:59:44 GMT
content-encoding: gzip
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif
x-xss-protection: 1; mode=block
expires: Fri, 13 Jan 2023 10:59:44 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://an.yandex.ru/resource/spacer.gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
t.adx.opera.com/ Frame 35E4
Redirect Chain

https://yandex.ru/an/mapuid/operacom/
https://yandex.ru/an/mapuid/operacom/?redir-setuniq=1
https://t.adx.opera.com/sync?vendor=60143&uid=F52A957A3EC5543F

0
410 B

87ms
30ms

Image
text/plain

82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60143&uid=F52A957A3EC5543F
Protocol: H2
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
server: Tengine
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://t.adx.opera.com/sync?vendor=60143&uid=F52A957A3EC5543F
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Fri, 28 Jan 2022 10:59:44 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 28 Jan 2022 10:59:44 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame 35E4
Redirect Chain

https://yandex.ru/an/mapuid/betweenx/
https://yandex.ru/an/mapuid/betweenx/?redir-setuniq=1
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=F4E0FB0898EAD1EB
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=F4E0FB0898EAD1EB&crf=1

68 B
607 B

107ms
107ms

Image
image/png

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=161&external_user_id=F4E0FB0898EAD1EB&crf=1
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=161&external_user_id=F4E0FB0898EAD1EB&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

404

0100007FA0CCF361E600424802F528E0
an.yandex.ru/mapuid/SAPEis/ Frame 35E4
Redirect Chain

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F%24%7BUSER_ID%7D
https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F$%7BUSER_ID%7D&dp=151&tc=1
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252FSAPEis%252F$%257BUSER_ID%257D&dp=14
https://acint.net/rmatch?dp=14&euid=0100007FA0CCF3612300E74902954779&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F$%7BUSER_ID%7D
https://an.yandex.ru/mapuid/SAPEis/0100007FA0CCF361E600424802F528E0

43 B
80 B

60ms
60ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/SAPEis/0100007FA0CCF361E600424802F528E0

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
content-encoding: gzip
last-modified: Fri, 28 Jan 2022 10:59:44 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 28 Jan 2022 10:59:44 GMT

Redirect headers

date: Fri, 28 Jan 2022 10:59:44 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://an.yandex.ru/mapuid/SAPEis/0100007FA0CCF361E600424802F528E0
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: text/html
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

e415a13f-c01a-45c9-8504-31010fe01046
an.yandex.ru/mapuid/qbitis/ Frame 35E4
Redirect Chain

https://mitdmp.whiteboxdigital.ru/pixel?id=a&source=yandex&redirect=false&href=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fqbitis%2F%7Bmiid%7D
https://an.yandex.ru/mapuid/qbitis/e415a13f-c01a-45c9-8504-31010fe01046

43 B
80 B

88ms
87ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/qbitis/e415a13f-c01a-45c9-8504-31010fe01046

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
content-encoding: gzip
last-modified: Fri, 28 Jan 2022 10:59:44 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 28 Jan 2022 10:59:44 GMT

Redirect headers

Date: Fri, 28 Jan 2022 10:59:44 GMT
Server: nginx/1.21.0
Location: https://an.yandex.ru/mapuid/qbitis/e415a13f-c01a-45c9-8504-31010fe01046
Access-Control-Max-Age: 3628800
Access-Control-Allow-Methods: GET, DELETE, OPTIONS, POST, PUT
Access-Control-Allow-Origin
Access-Control-Expose-Headers: Content-Length,Content-Range
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
Content-Length: 0

GET
H2

200

5e15e960-5489-531c-bdb8-09c9dc4bc569
an.yandex.ru/mapuid/betweendigitalis/ Frame 35E4
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1
https://an.yandex.ru/mapuid/betweendigitalis/5e15e960-5489-531c-bdb8-09c9dc4bc569

43 B
80 B

62ms
61ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/betweendigitalis/5e15e960-5489-531c-bdb8-09c9dc4bc569

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
content-encoding: gzip
last-modified: Fri, 28 Jan 2022 10:59:44 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 28 Jan 2022 10:59:44 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/betweendigitalis/5e15e960-5489-531c-bdb8-09c9dc4bc569
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

93e72576-8660-4b45-aa22-5c241a801974
an.yandex.ru/mapuid/mtsdspis/ Frame 35E4
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=yandex&id=map
https://sm.rtb.mts.ru/match/second?ssp=55&exu=map
https://tech.rtb.mts.ru/?dsp_uid=93e72576-8660-4b45-aa22-5c241a801974&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2F93e72576-8660-4b45-aa22-5c241a801974
https://an.yandex.ru/mapuid/mtsdspis/93e72576-8660-4b45-aa22-5c241a801974

43 B
80 B

61ms
61ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mtsdspis/93e72576-8660-4b45-aa22-5c241a801974

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
content-encoding: gzip
last-modified: Fri, 28 Jan 2022 10:59:44 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 28 Jan 2022 10:59:44 GMT

Redirect headers

Date: Fri, 28 Jan 2022 10:59:44 GMT
Server: nginx/1.13.12
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/mapuid/mtsdspis/93e72576-8660-4b45-aa22-5c241a801974
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H/1.1 200
OK /
sync.bumlam.com/ Frame 35E4 43 B
390 B 74ms
17ms Image
image/gif 31.172.81.158
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=yandex
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.158 Muehlheim am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 28 Jan 2022 10:59:44 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 204 match
dm.hybrid.ai/ Frame 35E4 0
237 B 58ms
57ms Image
text/plain 37.18.16.22
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=182

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.22 , Russian Federation, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 121
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 35E4 42 B
201 B 214ms
71ms Image
image/gif 81.222.128.216
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.216 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad16.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 28 Jan 2022 10:59:44 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

Doj6hv1uGjqArjUeYyDd
an.yandex.ru/mapuid/kadamis/ Frame 35E4
Redirect Chain

https://s.uuidksinc.net/match/501
https://an.yandex.ru/mapuid/kadamis/Doj6hv1uGjqArjUeYyDd

43 B
80 B

63ms
63ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/kadamis/Doj6hv1uGjqArjUeYyDd

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
content-encoding: gzip
last-modified: Fri, 28 Jan 2022 10:59:44 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 28 Jan 2022 10:59:44 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/kadamis/Doj6hv1uGjqArjUeYyDd
date: Fri, 28 Jan 2022 10:59:44 GMT
server: nginx/1.19.0
content-length: 0

GET
H2

200

xeG9Hj5V34d.AikABlF-oFdTbQ
an.yandex.ru/mapuid/getintentis/ Frame 35E4
Redirect Chain

https://px.adhigh.net/p/cm/yandexssp
https://px.adhigh.net/p/cm/yandexssp?bounced=1
https://an.yandex.ru/mapuid/getintentis/xeG9Hj5V34d.AikABlF-oFdTbQ

43 B
80 B

61ms
61ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/getintentis/xeG9Hj5V34d.AikABlF-oFdTbQ

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
content-encoding: gzip
last-modified: Fri, 28 Jan 2022 10:59:44 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 28 Jan 2022 10:59:44 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f20-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://an.yandex.ru/mapuid/getintentis/xeG9Hj5V34d.AikABlF-oFdTbQ
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 WROejI_zOEe0PGq011W00000-_5X_GK0wW4ndyppOG00000uyjce0M2C66W4W07JtPa4Y06BZEmDa06UnAxnr820W0AO0Px4hl5Ki06Qbjsi2BW1eFM-hYFO0VxSrvy1u06-k-wU0Q02XDcB6S2H1kW4eY281Oy1a0NT1B05ARW5hW701Q05o0N10U05Tg06uWAe1... Show response
yandex.ru/an/tracking/ Frame 35E4 0
115 B 96ms
95ms XHR
text/plain 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/tracking/WROejI_zOEe0PGq011W00000-_5X_GK0wW4ndyppOG00000uyjce0M2C66W4W07JtPa4Y06BZEmDa06UnAxnr820W0AO0Px4hl5Ki06Qbjsi2BW1eFM-hYFO0VxSrvy1u06-k-wU0Q02XDcB6S2H1kW4eY281Oy1a0NT1B05ARW5hW701Q05o0N10U05Tg06uWAe1k82oGQVC8l2TuNnIwa7DF9eTd2Og0Au1v0oq0S4u0Ua3yAGWGRm2U03-0cm2O0A2C4A0F0_o_8JI3Jo003Sd15LejO50F0B1k0DWe200P_nxDdTzytkLQ0Em8Gzg0-qvDFKXuwcr0A04EBRtn-Hn22O4O3n7Q4HKhWUXUjHo3_04____m60522e5Dq4qDkFZGRW507O5S6AzkoZZxpyOzWMjBkDzOc9W8juWHS0y3-O5w71r2tG627u680PWXmDSrX3EcnCENL8K6LND-aSy3-07Vz_eHtpSYRG1SMHFwWT0TWUhOKVe1-_h9GWo1-_xkjFqXy5DJCoEJSD00QJ2QnY19VICbKAu7eXVjCpNXYxZYnTeNBS-1945pI0y9rrVBGOu1a0~1?action-id=11

Requested by

Host: read11.w1.flibusta.life
URL: http://read11.w1.flibusta.life/b/625322

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Fri, 28 Jan 2022 10:59:44 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 28 Jan 2022 10:59:44 GMT

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/protected/ Frame 414E 24 KB
7 KB 50ms
49ms Document
text/html 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/protected/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name

Value

Content-Security-Policy

default-src 'none'; media-src storage.mds.yandex.net storage.mdst.yandex.net; img-src 'self' yandex.ru yandex.ua yandex.by yandex.kz yandex.com yandex.com.tr *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net mc.yandex.ru an.yandex.ru data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' yandex.ru yandex.ua yandex.by yandex.kz yandex.com yandex.com.tr *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net an.yandex.ru mc.yandex.ru yastatic.net; child-src 'none'; frame-src https://yandex.ru https://an.yandex.ru; connect-src storage.mds.yandex.net storage.mdst.yandex.net mc.yandex.ru yandex.ru; style-src 'unsafe-inline' 'self' *.yandex.ru *.yandex.kz *.yandex.ua mc.yandex.ru storage.mds.yandex.net storage.mdst.yandex.net; font-src 'self' *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net data:;

Strict-Transport-Security

max-age=43200000; includeSubDomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/

Response headers

server: nginx/1.17.9
date: Fri, 28 Jan 2022 10:59:44 GMT
content-type: text/html
content-length: 6262
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
content-security-policy: default-src 'none'; media-src storage.mds.yandex.net storage.mdst.yandex.net; img-src 'self' yandex.ru yandex.ua yandex.by yandex.kz yandex.com yandex.com.tr *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net mc.yandex.ru an.yandex.ru data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' yandex.ru yandex.ua yandex.by yandex.kz yandex.com yandex.com.tr *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net an.yandex.ru mc.yandex.ru yastatic.net; child-src 'none'; frame-src https://yandex.ru https://an.yandex.ru; connect-src storage.mds.yandex.net storage.mdst.yandex.net mc.yandex.ru yandex.ru; style-src 'unsafe-inline' 'self' *.yandex.ru *.yandex.kz *.yandex.ua mc.yandex.ru storage.mds.yandex.net storage.mdst.yandex.net; font-src 'self' *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net data:;
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Sun, 28 Jan 2052 17:35:17 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9532.TkKw--M62TJCEr-rbuDX-IeLfEno2WCrQ_XMkiBAWmAuY9avwsrkBclzpMUXDZBD.gP2Gb_6UDa3zIouSdqBLm-NT0B0%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9532.d68Y2flRrw1MbO1ORfQ_4PIgBsEQBteH0NMYmk31LMGlfQviNyRB67oEuH4BGVm15JckJhVNLNdwvER7Xl49N27wkTEVvO-hVs9K55gApyk%2C.xggITyePpan64rJokdrk9ibBZfA%2C

43 B
356 B

43ms
43ms

Image
image/gif

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9532.d68Y2flRrw1MbO1ORfQ_4PIgBsEQBteH0NMYmk31LMGlfQviNyRB67oEuH4BGVm15JckJhVNLNdwvER7Xl49N27wkTEVvO-hVs9K55gApyk%2C.xggITyePpan64rJokdrk9ibBZfA%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 10:59:44 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9532.d68Y2flRrw1MbO1ORfQ_4PIgBsEQBteH0NMYmk31LMGlfQviNyRB67oEuH4BGVm15JckJhVNLNdwvER7Xl49N27wkTEVvO-hVs9K55gApyk%2C.xggITyePpan64rJokdrk9ibBZfA%2C
date: Fri, 28 Jan 2022 10:59:44 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 image.jpg
storage.mds.yandex.net/get-canvas-html5/1003119/7d70759c-f779-4e71-8d73-d738ea5ab229/ Frame 414E 33 KB
33 KB 175ms
81ms Image
image/jpeg 2a02:6b8::158
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.mds.yandex.net/get-canvas-html5/1003119/7d70759c-f779-4e71-8d73-d738ea5ab229/image.jpg
Requested by: Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/1-1-0/protected/render.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::158 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 0e498acee76811d27d3fd6fa85050262110a471d29f2e221bae9e4b2a583b154

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 10:59:44 GMT
last-modified: Tue, 23 Nov 2021 06:44:33 GMT
server: nginx
etag: "d2435ae7beb3a5773b7ad0ecc8f9882c"
x-cache-status: hit
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-data-size: 33470
x-mds-request-id: bfd42f6438a09d70
x-robots-tag: noindex, noarchive, nofollow
content-length: 33470

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 41ms
40ms Preflight 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://read11.w1.flibusta.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
date: Fri, 28 Jan 2022 10:59:44 GMT
access-control-max-age: 1728000
access-control-allow-headers: content-type
access-control-allow-origin: http://read11.w1.flibusta.life
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-encoding: gzip
strict-transport-security: max-age=31536000

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 59ms
59ms XHR
text/plain 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read11.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
content-encoding: gzip
last-modified: Fri, 28 Jan 2022 10:59:44 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://read11.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 28 Jan 2022 10:59:44 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/1382009/
Redirect Chain

https://mc.yandex.com/watch/1382009?wmode=7&page-url=http%3A%2F%2Fread11.w1.flibusta.life%2Fb%2F625322&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf3qo6c2s0fzz%3A...
https://mc.yandex.com/watch/1382009/1?wmode=7&page-url=http%3A%2F%2Fread11.w1.flibusta.life%2Fb%2F625322&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf3qo6c2s0fzz%...

295 B
671 B

43ms
42ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1382009/1?wmode=7&page-url=http%3A%2F%2Fread11.w1.flibusta.life%2Fb%2F625322&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf3qo6c2s0fzz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A1119055298342%3Ahid%3A299742832%3Az%3A0%3Ai%3A20220128105944%3Aet%3A1643367584%3Ac%3A1%3Arn%3A15255670%3Au%3A1643367584933229005%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1643367582696%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643367584%3At%3A%D0%AF%20%D1%81%D0%B4%D0%B5%D0%BB%D0%B0%D1%8E%20%D0%B2%D0%B0%D0%BC%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D0%B5%2C%20%D0%BE%D1%82%20%D0%BA%D0%BE%D1%82%D0%BE%D1%80%D0%BE%D0%B3%D0%BE%20%D0%BD%D0%B5%D0%BB%D1%8C%D0%B7%D1%8F%20%D0%BE%D1%82%D0%BA%D0%B0%D0%B7%D0%B0%D1%82%D1%8C%D1%81%D1%8F%20%28fb2%29%20%7C%20%D0%A4%D0%BB%D0%B8%D0%B1%D1%83%D1%81%D1%82%D0%B0&t=gdpr%2814%29aw%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

204446f45785e5de98a0fc1497457d205380f76d8d4dc0dcdb4f5936552e7256

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
x-content-type-options: nosniff
last-modified: Fri, 28-Jan-2022 10:59:44 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://read11.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 295
x-xss-protection: 1; mode=block
expires: Fri, 28-Jan-2022 10:59:44 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
last-modified: Fri, 28-Jan-2022 10:59:44 GMT
location: /watch/1382009/1?wmode=7&page-url=http%3A%2F%2Fread11.w1.flibusta.life%2Fb%2F625322&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf3qo6c2s0fzz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A1119055298342%3Ahid%3A299742832%3Az%3A0%3Ai%3A20220128105944%3Aet%3A1643367584%3Ac%3A1%3Arn%3A15255670%3Au%3A1643367584933229005%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1643367582696%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643367584%3At%3A%D0%AF%20%D1%81%D0%B4%D0%B5%D0%BB%D0%B0%D1%8E%20%D0%B2%D0%B0%D0%BC%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D0%B5%2C%20%D0%BE%D1%82%20%D0%BA%D0%BE%D1%82%D0%BE%D1%80%D0%BE%D0%B3%D0%BE%20%D0%BD%D0%B5%D0%BB%D1%8C%D0%B7%D1%8F%20%D0%BE%D1%82%D0%BA%D0%B0%D0%B7%D0%B0%D1%82%D1%8C%D1%81%D1%8F%20%28fb2%29%20%7C%20%D0%A4%D0%BB%D0%B8%D0%B1%D1%83%D1%81%D1%82%D0%B0&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: http://read11.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 28-Jan-2022 10:59:44 GMT

POST
H2 200 1
mc.yandex.com/watch/1382009/ 43 B
100 B 43ms
42ms Ping
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1382009/1?page-url=http%3A%2F%2Fread11.w1.flibusta.life%2Fb%2F625322&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Agqny5kf3qo6c2s0fzz%3Afp%3A458%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A1%3Als%3A1119055298342%3Ahid%3A299742832%3Az%3A0%3Ai%3A20220128105944%3Aet%3A1643367584%3Ac%3A1%3Arn%3A570517659%3Arqn%3A1%3Au%3A1643367584933229005%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Aeu%3A1%3Ans%3A1643367582696%3Ads%3A100%2C16%2C221%2C1%2C0%2C0%2C%2C122%2C16%2C919%2C919%2C0%2C462%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643367584&t=gdpr(14)mc(p-1-h-1)lt(6800)aw(1)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22adSessionID%22%3A%224627971643367583342%22%7D%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read11.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
last-modified: Fri, 28-Jan-2022 10:59:44 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://read11.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 28-Jan-2022 10:59:44 GMT

GET
H2 200 1382009 Show response
mc.yandex.com/watch/ 43 B
73 B 43ms
42ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1382009?page-url=http%3A%2F%2Fread11.w1.flibusta.life%2Fb%2F625322&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Agqny5kf3qo6c2s0fzz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A1%3Als%3A1119055298342%3Ahid%3A299742832%3Az%3A0%3Ai%3A20220128105944%3Aet%3A1643367584%3Ac%3A1%3Arn%3A281098251%3Arqn%3A2%3Au%3A1643367584933229005%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Aeu%3A1%3Ans%3A1643367582696%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643367584%3At%3A%D0%AF%20%D1%81%D0%B4%D0%B5%D0%BB%D0%B0%D1%8E%20%D0%B2%D0%B0%D0%BC%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D0%B5%2C%20%D0%BE%D1%82%20%D0%BA%D0%BE%D1%82%D0%BE%D1%80%D0%BE%D0%B3%D0%BE%20%D0%BD%D0%B5%D0%BB%D1%8C%D0%B7%D1%8F%20%D0%BE%D1%82%D0%BA%D0%B0%D0%B7%D0%B0%D1%82%D1%8C%D1%81%D1%8F%20(fb2)%20%7C%20%D0%A4%D0%BB%D0%B8%D0%B1%D1%83%D1%81%D1%82%D0%B0&t=gdpr(14)mc(p-1-h-1)lt(6800)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
last-modified: Fri, 28-Jan-2022 10:59:44 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://read11.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 28-Jan-2022 10:59:44 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 60ms
60ms Preflight 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://read11.w1.flibusta.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
date: Fri, 28 Jan 2022 10:59:44 GMT
access-control-max-age: 1728000
access-control-allow-headers: content-type
access-control-allow-origin: http://read11.w1.flibusta.life
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-encoding: gzip
strict-transport-security: max-age=31536000

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 80ms
80ms XHR
text/plain 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read11.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
content-encoding: gzip
last-modified: Fri, 28 Jan 2022 10:59:44 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://read11.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 28 Jan 2022 10:59:44 GMT

GET
H2 200 1382009 Show response
yandex.ru/ads/meta/ 16 KB
16 KB 223ms
220ms XHR
application/json 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/1382009?target-ref=http%3A%2F%2Fread11.w1.flibusta.life%2Fb%2F625322&charset=utf-8&pcode-test-ids=496140%2C0%2C3%3B487925%2C0%2C34%3B492125%2C0%2C64%3B493918%2C0%2C52%3B488525%2C0%2C60%3B406668%2C0%2C31%3B466679%2C0%2C38%3B494996%2C0%2C78&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22VAS_LONG_EXP_FLAG_ENABLE_MEDIA_FILE_TYPE_PRIORITY_FACTOR_FOR_DESIRED_BITRATE%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22473613%22%7D%5D%2C%22VAS_LONG_EXP_FLAG_MEDIA_FILE_TYPE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%221%22%2C%22testId%22%3A%22473626%22%7D%5D%2C%22IGNORE_DESIRED_BITRATE_INAPP%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22479145%22%7D%5D%2C%22PCODE_DISABLE_VIDEO_IN_COMBO_BUTTON_DUPLICATION%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22483906%22%7D%5D%2C%22ENABLE_ACTION_PANEL_WITH_ARROW%22%3A%5B%7B%22value%22%3A%22EVERYWHERE%22%2C%22testId%22%3A%22483906%22%7D%5D%2C%22VAS_ENABLE_AD_LABEL_OF_YANDEX_DIRECT%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22496222%22%7D%5D%2C%22VAS_OPEN_AD_INSTEAD_OF_AD_SYSTEM_BY_LABEL_CLICK%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22496222%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22497320%22%2C%22testId%22%3A%22500595%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%2C257448%5D%2C%22testId%22%3A%22479101%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22472957%22%7D%5D%2C%22SHADOW_ROOT_OPEN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22476923%22%7D%5D%2C%22NEW_ADBLOCK_LOG%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22487621%22%7D%5D%2C%22COUNT_TO_XHR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22487824%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22487852%22%7D%5D%2C%22HTTPS_FOR_ADAPTERS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22496411%22%7D%5D%2C%22HIDE_VIDEO_IN_COMBO_ACTION_BUTTON_IF_THERE_ARE_CLICKABLE_ASSETS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22497916%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22487925%22%7D%5D%2C%22SMART_BANNER_ANIMATION%22%3A%5B%7B%22value%22%3A%22disabled%22%2C%22testId%22%3A%22492125%22%7D%5D%2C%22YANDEX_RU_DOMAIN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22493918%22%7D%5D%2C%22PP_INTENT_URL%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22488525%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22YANDEX_RU_DOMAIN_DISTRIB%22%3A%5B%7B%22value%22%3A%22ctrl%22%2C%22testId%22%3A%22466679%22%7D%5D%7D&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=1TQK9iuFN%2BmWzq%2BrrwmguNouajVIiZNvrhAuj1TbSYRMm5%2FM1ReS1scuO6FFe6MESciBpdMR2qhxvOM3o05W3idQGK8%3D&imp-id=6&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=26989574488066&ad-session-id=4627971643367583342&target-id=39524867&tga-with-creatives=1&top-ancestor=http%3A%2F%2Fread11.w1.flibusta.life&top-ancestor-undetermined=0&pcode-version=53297&pcodever=53297&flash-ver=0&available-width=1600&skip-token=yabs.NzIwNTc2MDU0MzEwODczNzU%3D&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A0%2C%22top%22%3A7670%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A11%2C%22req_no%22%3A3%7D&grab-orig-len=656&grab=dNCvINGB0LTQtdC70LDRjiDQstCw0Lwg0L_RgNC10LTQu9C-0LbQtdC90LjQtSwg0L7RgiDQutC-0YLQvtGA0L7Qs9C-INC90LXQu9GM0LfRjyDQvtGC0LrQsNC30LDRgtGM0YHRjyAoZmIyKSB8INCk0LvQuNCx0YPRgdGC0LAKMSDQpNC70LjQsdGD0YHRgtCwIAox0K8g0YHQtNC10LvQsNGOINCy0LDQvCDQv9GA0LXQtNC70L7QttC10L3QuNC1LCDQvtGCINC60L7RgtC-0YDQvtCz0L4g0L3QtdC70YzQt9GPINC-0YLQutCw0LfQsNGC0YzRgdGPIChmYjIpIAoy0JDQvdC90L7RgtCw0YbQuNGPIAoy0KDQtdC60L7QvNC10L3QtNCw0YbQuNC4OiAKMiDQn9C-0LjRgdC6INC60L3QuNCzIAoyINCS0YXQvtC0INCyINGB0LjRgdGC0LXQvNGDIAoyINCd0LDQstC40LPQsNGG0LjRjyAKMiDQn9C-0YHQu9C10LTQvdC40LUg0LrQvtC80LzQtdC90YLQsNGA0LjQuCAKMiDQktC_0LXRh9Cw0YLQu9C10L3QuNGPINC-INC60L3QuNCz0LDRhSAKMiDQoNGO0LrQt9Cw0YfQvtC6IAo%3D&uniformat=true&callback=Ya%5B7898374341100%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

d7717e2ba472c4bcab1d996b43d86a03b4d8e24ba53fb7c2d90525ff24389861

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read11.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1643367584448360-10148300825376351554-man1-0044-man-l7-balancer-8080-BAL-2108
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: http://read11.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Fri, 28 Jan 2022 10:59:44 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 28 Jan 2022 10:59:44 GMT

GET
H2 200 wy300
avatars.mds.yandex.net/get-direct/5249943/BBtjlX7i5D8pryTr6WX1zQ/ 23 KB
23 KB 44ms
41ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5249943/BBtjlX7i5D8pryTr6WX1zQ/wy300
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 64ea4076938e994c65963f35c8e11cb0cff6b51e63168118047de5f8b13746ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 10:59:44 GMT
last-modified: Tue, 21 Dec 2021 09:53:12 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23370
x-request-id: 2e93030507971f27

GET
H/1.1 200
Ok travelregatta.ru
favicon.yandex.net/favicon/ 2 KB
2 KB 45ms
42ms Image
image/png 2a02:6b8::36
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/travelregatta.ru?size=32&stub=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

6e8570abd0984649eea5949d566cffd4855ea5bfc019f0b59bbc89c3d5e19927

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 wy300
avatars.mds.yandex.net/get-direct/4507634/0X8L1wrh6MseGwG8zG_cgQ/ 41 KB
42 KB 50ms
47ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4507634/0X8L1wrh6MseGwG8zG_cgQ/wy300
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 384558b3087a57ba9e606a6136043c2962cbee9fe2fcca730e8576e5bd8f80df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 10:59:44 GMT
last-modified: Wed, 11 Aug 2021 12:34:40 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 42250
x-request-id: 77f0600d6a900ad5

GET
H/1.1 200
Ok iqenglish.ru
favicon.yandex.net/favicon/ 1 KB
1 KB 63ms
61ms Image
image/png 2a02:6b8::36
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/iqenglish.ru?size=32&stub=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

71d96e45780bffd7caf33c3906f5727a8067f944d45aada4f842824d079d5601

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 y300
avatars.mds.yandex.net/get-direct/5324097/RSIRPwqTd92-buOcHdn4bQ/ 10 KB
11 KB 50ms
47ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5324097/RSIRPwqTd92-buOcHdn4bQ/y300
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: b4b1fe1faad76581a52dbb5fab1e7f48969524a0fcb04c19b4857ba095c30222

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 10:59:44 GMT
last-modified: Mon, 03 Jan 2022 17:05:49 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 10438
x-request-id: 4f996a7cbb34cf3c

GET
H/1.1 200
Ok ru.babyshop.com
favicon.yandex.net/favicon/ 2 KB
2 KB 63ms
61ms Image
image/png 2a02:6b8::36
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/ru.babyshop.com?size=32&stub=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

9a69d7c5d3593ca3cb38e8a8f87de3ce87a4c7e11984457971d9148331e719e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 wy300
avatars.mds.yandex.net/get-direct/2713883/c1qrr0Ibd4tPwDCXjLIIIA/ 10 KB
10 KB 50ms
48ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/2713883/c1qrr0Ibd4tPwDCXjLIIIA/wy300
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 3bfefeae5aecbb35b29086dd3dd63800ac6429a0402f71d7568d1e5ae5398f5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 10:59:44 GMT
last-modified: Sun, 22 Nov 2020 16:05:04 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 10058
x-request-id: 23483007d564ce3

GET
H/1.1 200
Ok international.expert
favicon.yandex.net/favicon/ 1 KB
2 KB 76ms
74ms Image
image/png 2a02:6b8::36
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/international.expert?size=32&stub=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

74817b36cb6d05b66fb3988f61fb64ba887a9c277f38705df65b8d3dcfc43395

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 huge
avatars.mds.yandex.net/get-yabs_performance/1461311/2a0000017dee3c3a369cf76f1c29127f7e3e/ 34 KB
35 KB 50ms
48ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-yabs_performance/1461311/2a0000017dee3c3a369cf76f1c29127f7e3e/huge
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 7e306849ced773c12d8275b26680264548487c996e52234d84baf1e6a3ce119c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 10:59:44 GMT
last-modified: Sun, 26 Dec 2021 01:35:48 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 35266
x-request-id: 622898f8626bbf42

GET
H/1.1 200
Ok www.euroshop-24.eu
favicon.yandex.net/favicon/ 618 B
831 B 85ms
42ms Image
image/png 2a02:6b8::36
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/www.euroshop-24.eu?size=32&stub=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

34c7caada564c38a1301e119694560076b5ff1317ce80132f4a2f896863d0c29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 wy300
avatars.mds.yandex.net/get-direct/5283206/cbbPmqJ5A8VqxGceYLZNoQ/ 31 KB
32 KB 50ms
48ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5283206/cbbPmqJ5A8VqxGceYLZNoQ/wy300
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: d3563af01d7092681c482c0348e498e21afdd85ce44cf9fb31b38a8489fd0b09

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 10:59:44 GMT
last-modified: Mon, 29 Nov 2021 14:04:08 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 32244
x-request-id: ad23d2a264c5439c

GET
H/1.1 200
Ok realty4sale.ru
favicon.yandex.net/favicon/ 1 KB
1 KB 120ms
58ms Image
image/png 2a02:6b8::36
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/realty4sale.ru?size=32&stub=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

93c9229257605979b7b4ffa133becb9878933a71383ef13144ec82926674b5fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 x300
avatars.mds.yandex.net/get-direct/2112407/myLQJlIRxayKwEElGn917A/ 10 KB
10 KB 88ms
44ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/2112407/myLQJlIRxayKwEElGn917A/x300
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 55eda189289a1bf39f4ac323625c6f5b0696552a15a78b2f18d68e759e9162eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 10:59:44 GMT
last-modified: Thu, 17 Dec 2020 14:11:40 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 10280
x-request-id: fb3f4c77de04f570

GET
H/1.1 200
Ok xcraft.ru
favicon.yandex.net/favicon/ 531 B
744 B 63ms
42ms Image
image/png 2a02:6b8::36
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/xcraft.ru?size=32&stub=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

4489654fed8c9c74673842a01b843721f90f284f177ec777830a1896b67594e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 inpage.bundle.js Show response
yastatic.net/awaps-ad-sdk-js-bundles/1.0-497320/bundles-es2017/ 592 KB
149 KB 43ms
43ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-497320/bundles-es2017/inpage.bundle.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/53297/68df1dbbe0673aa7052f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

f0bd09ce14c812196cf9b7fcf90b148bf6121813408ff06c25ad92dce4e4d17e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://read11.w1.flibusta.life/
Origin: http://read11.w1.flibusta.life
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 10:59:44 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 152348
x-nginx-request-id: f032a8cec0fbdbd9
last-modified: Tue, 25 Jan 2022 11:45:53 GMT
server: nginx/1.17.9
etag: "b6f681490fe7542662e37bdd3e3e67b9"
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2052 17:32:29 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 61ms
60ms Preflight 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://read11.w1.flibusta.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
date: Fri, 28 Jan 2022 10:59:44 GMT
access-control-max-age: 1728000
access-control-allow-headers: content-type
access-control-allow-origin: http://read11.w1.flibusta.life
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-encoding: gzip
strict-transport-security: max-age=31536000

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 75ms
73ms XHR
text/plain 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read11.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
content-encoding: gzip
last-modified: Fri, 28 Jan 2022 10:59:44 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://read11.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 28 Jan 2022 10:59:44 GMT

GET
H2 200 WS0ejI_zO0W1jGq0z1S00000Rf_SDmK0208neCppOG00000uyjce0M2C66W4W06WxEu1Y062aOa8a070mFkqnO20W0AO0S30-xH5i06Ie8gc2BW1eg_3pn_O0Qw6cHxW0URZ_GkW0iwph1N0aGRe1A8WY0M40P05xG6m1IQu1KJ01Qy3o0Lyu0Lse0RY0gW6uWB91...
yandex.ru/an/tracking/ Frame 35E4 0
51 B 64ms
64ms Image
text/plain 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yandex.ru/an/tracking/WS0ejI_zO0W1jGq0z1S00000Rf_SDmK0208neCppOG00000uyjce0M2C66W4W06WxEu1Y062aOa8a070mFkqnO20W0AO0S30-xH5i06Ie8gc2BW1eg_3pn_O0Qw6cHxW0URZ_GkW0iwph1N0aGRe1A8WY0M40P05xG6m1IQu1KJ01Qy3o0Lyu0Lse0RY0gW6uWB91g3Kj9kLhGb-gGUSwh37bvYe0hW7a3BG1mJW1wGFmf211lG3W0e8Y0iCgWiG4Xlpdfpg0003SHjLejO50F0B1g2fqztPikk4Vg0Em8Gzg0-SrPFc_9Acr0A04FwUwXEQ41i9003qFnd8494ac161yHsX4LAu7eNhKSW_W1GWg1Jj0S0KWE7hwB3CzmNW507O5S6AzkoZZxpyOzWMjBkDzOc9W8juWHUO5xkul0xG627u680PWXmDQ393EcbsSNT8K6LND-aSW1r_eHtdZuoaP6-aFwWT0T0UYvYjvupVyAjQs1wjXH-W7vgF_nV87vV3Z0_I7mKrCp8vDn003aCmhaXmAOrfcLWQWW3Uwj7VPMvh4lzTDTi6hpe-jiWWJF8OFkNzxlXZf85tBgUJnG2Z~1?action-id=11

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Fri, 28 Jan 2022 10:59:44 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 28 Jan 2022 10:59:44 GMT

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/protected/ Frame 4FBB 24 KB
7 KB 50ms
49ms Document
text/html 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/protected/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=43200000; includeSubDomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://read11.w1.flibusta.life/

Response headers

server: nginx/1.17.9
date: Fri, 28 Jan 2022 10:59:44 GMT
content-type: text/html
content-length: 6262
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
content-security-policy: default-src 'none'; media-src storage.mds.yandex.net storage.mdst.yandex.net; img-src 'self' yandex.ru yandex.ua yandex.by yandex.kz yandex.com yandex.com.tr *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net mc.yandex.ru an.yandex.ru data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' yandex.ru yandex.ua yandex.by yandex.kz yandex.com yandex.com.tr *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net an.yandex.ru mc.yandex.ru yastatic.net; child-src 'none'; frame-src https://yandex.ru https://an.yandex.ru; connect-src storage.mds.yandex.net storage.mdst.yandex.net mc.yandex.ru yandex.ru; style-src 'unsafe-inline' 'self' *.yandex.ru *.yandex.kz *.yandex.ua mc.yandex.ru storage.mds.yandex.net storage.mdst.yandex.net; font-src 'self' *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net data:;
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Sun, 28 Jan 2052 17:35:17 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes

GET
H2 200 image.jpg
storage.mds.yandex.net/get-canvas-html5/3006599/b1189bf4-332b-4d3c-90d8-737abeeff1a2/ Frame 4FBB 74 KB
75 KB 51ms
51ms Image
image/jpeg 2a02:6b8::158
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.mds.yandex.net/get-canvas-html5/3006599/b1189bf4-332b-4d3c-90d8-737abeeff1a2/image.jpg
Requested by: Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/1-1-0/protected/render.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::158 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 81211473e99fae78ef02d3eeade1cccf9c85a248d4af1502613ffce4a244dbcb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 10:59:44 GMT
last-modified: Wed, 24 Jun 2020 09:07:52 GMT
server: nginx
etag: "3df0ecfa53d47298f4ade33dddab051a"
x-cache-status: hit
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-data-size: 76146
x-mds-request-id: 4a9aa0766206973b
x-robots-tag: noindex, noarchive, nofollow
content-length: 76146

GET
H2 200 WMKejI_zOBW0tGe0n14VBrtOsJcTZGK0k04GW8200J6VpFDX000003ZosQW1i06Qbjsi28W20Ra2mr_LbvniO6tm0iRx_AG4m946y0K1e0RY0hW6m0791fymYy9tXV5BgGSqycXsS9Ye0k03-0cm2O0A20Ag2n3ByXD8DF800DoS4LMYrl0B1e0CcfRTh0YO3f_nx... Show response
yandex.ru/an/count/ 0
53 B 65ms
65ms XHR
text/plain 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/count/WMKejI_zOBW0tGe0n14VBrtOsJcTZGK0k04GW8200J6VpFDX000003ZosQW1i06Qbjsi28W20Ra2mr_LbvniO6tm0iRx_AG4m946y0K1e0RY0hW6m0791fymYy9tXV5BgGSqycXsS9Ye0k03-0cm2O0A20Ag2n3ByXD8DF800DoS4LMYrl0B1e0CcfRTh0YO3f_nxDdTzytkLRaEAWt13aG5g0-qvDFKXuwcr0AG4BIxZVM9YO2BUCWHaQttlJFm4WI84-0K0TWLmOhsxAEFlFnZyCaMy3-15wWN3PaOq1WX-1Y06RWP____0S0Pd_7rgkFhwDmpqXaIUM5YSrzpPN9sPN8lSZOnDoqow1cE0l0PWC83WXmDSrX3EcnCENL8K6LND-aSW1t_VnC0KCZuamc1y6jWK71NHSCakaK86GRcibK0ppY4f6Si-SzXHCl8n8XHjSX3jsld15rTSP1guGzEz143t0C0~1=WhGejI_zO2y2LHK0D2Kgi3zmBmD034W2O8mOQ0HmpBli_UYbvBhi0O01qzsP18W1Yupi3P01diIkyTI0W802c06UnAxnLB01cfRTh0Yu0Q3rlguZs07-tDUV0U01lhlkdeYDthu1e0A4sOiPi0EY8FW4Zm681Oy1a0NT1A05AQW5AR05ARW5hW701Q05o0N10T053k05TfW6x8BTbGUe1k82i0U0W90qk0UGCgGFyGS00CAGWGRW2CBinGo02WZ92bSSJtJZiEq_sGiqycXsS9Ye0kWBtGI039gMtQm8Y0pAbzw-0UWCcmQO3UBGE3-W3i24FRaEAWt13aG5W13YszyVaSGWq13bYwzVc160yHsX4LAu7eNhKSZW4QYVnWNe4TNivSdIwko-b046z4RkQ3D3FvWJ0k0JhW60522858Rqvv2f-C-1pm6W5Au1g1JT1D3RZuq6w1IC0j0LqDkFZGRO5S6AzkoZZxpyOvWMhlU4ZmQWg1Re1x0Mw0N95j0MofVUlW7O5hIxZVM9YO2BU84Nc1UXmTGjk1S4m1UsCj0Nq8O3s1U2gple5m6P6A0O3B0OflxEZmQu607u6EI8jVctsjUlL80PYHdYWA0Pm06u6V___m7W6G7e6Ou2y1c0mWE16l__Sw2sSwAxY1h0X3sO6jJ3K_KQ0G000FWQuj0uc1l-zZQm6qYu6mFf6m00083aIMX1y1l3of0L-1k8Zf47wHo07Vz_cHsX7VDo9j05nP4_g1q1u1sXmWMe7W7O7gs57uWV____0Q0VlwoK8B0V1CWVl-xhJz8V1JKpCZat6m10DHmE8IDcb2oFd8OoeE-EhC6KmL4a-o5t-4YVol2CwMS-l8Olt3LhOeMGqEygNBupj2sOv9m3zrv_i9HIvVqTpmLx4OCunXu2fKhf_5Flp26U0G00~1?viewability-undetermined=0

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read11.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://read11.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Fri, 28 Jan 2022 10:59:45 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 28 Jan 2022 10:59:45 GMT

GET
H2 200 WROejI_zOEe0PGq011W00000-_5X_GK0wW4ndyppOG00000uyjce0M2C66W4W07JtPa4Y06BZEmDa06UnAxnr820W0AO0Px4hl5Ki06Qbjsi2BW1eFM-hYFO0VxSrvy1u06-k-wU0Q02XDcB6S2H1kW4eY281Oy1a0NT1B05ARW5hW701Q05o0N10U05Tg06uWAe1... Show response
yandex.ru/an/tracking/ 0
195 B 63ms
63ms XHR
text/plain 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read11.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://read11.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Fri, 28 Jan 2022 10:59:45 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 28 Jan 2022 10:59:45 GMT

GET
H2 200 bundle.js Show response
yastatic.net/q/set/s/rsya-tag-users/ Frame 35E4 105 KB
37 KB 56ms
56ms Script
application/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Requested by

Host: read11.w1.flibusta.life
URL: http://read11.w1.flibusta.life/b/625322

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 10:59:45 GMT
content-encoding: br
last-modified: Fri, 29 Oct 2021 11:19:01 GMT
server: nginx/1.17.9
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Sun, 30 Jan 2022 22:59:02 GMT
cache-control: public, max-age=31556952
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
x-nginx-request-id: e021c143d30110b0

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame 35E4 137 KB
49 KB 84ms
84ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

2f3ee8524a05db8a30e14cfbe98175341508f92759804299364e97848f4a0148

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 10:59:45 GMT
content-encoding: br
last-modified: Wed, 26 Jan 2022 15:48:14 GMT
etag: "61f1430e-c1c4"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 49604
expires: Fri, 28 Jan 2022 11:59:45 GMT

GET
H2 200 data Show response
yandex.ru/set/s/rsya-tag-users/ Frame 35E4 403 B
611 B 59ms
58ms Fetch
application/json 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/set/s/rsya-tag-users/data?referrer=http%3A%2F%2Fread11.w1.flibusta.life%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

04a4f5f71732dfa107abfe7930ecb72ba2b85492207b34e21c53eeb30a94086b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 10:59:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: public,max-age=300
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 35E4 39 KB
15 KB 83ms
43ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

63158f73aa9f4d442cf349762c6beac9fcf35c14c3376888e728164acfde3b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 10:59:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14855
x-xss-protection: 0
server: cafe
etag: 17539559064140624452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Jan 2022 10:59:45 GMT

GET
H3

200

/
www.google.se/pagead/1p-user-list/1014923426/ Frame 35E4
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=oczzYZ75O5a9x_APuaauqA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=644783735&crd=&is_vtc=1&random=1348349554
https://www.google.se/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=644783735&crd=&is_vtc=1&random=1348349554&ipr=y

42 B
64 B

56ms
31ms

Image
image/gif

2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=644783735&crd=&is_vtc=1&random=1348349554&ipr=y

Protocol

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:46 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.se/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=644783735&crd=&is_vtc=1&random=1348349554&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.se/pagead/1p-user-list/1014923426/ Frame 35E4
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=oczzYaP6O8vjgQeCz72wDw...
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=593728132&crd=CNPgGw&is_vtc=1&random=1440036791
https://www.google.se/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=593728132&crd=CNPgGw&is_vtc=1&random=14400367...

42 B
64 B

57ms
31ms

Image
image/gif

2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=593728132&crd=CNPgGw&is_vtc=1&random=1440036791&ipr=y

Protocol

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:46 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.se/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=593728132&crd=CNPgGw&is_vtc=1&random=1440036791&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3 Show response
mc.yandex.com/watch/ Frame 35E4 167 B
314 B 43ms
42ms XHR
application/json 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=http%3A%2F%2Fread11.w1.flibusta.life%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3Agqny5kf3qo6c2s0fzz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A1598806907750%3Ahid%3A796490066%3Az%3A0%3Ai%3A20220128105946%3Aet%3A1643367586%3Ac%3A1%3Arn%3A364193929%3Arqn%3A1%3Au%3A1643367586280307541%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1643367583834%3Ads%3A0%2C81%2C41%2C6%2C0%2C0%2C%2C36%2C0%2C165%2C165%2C0%2C165%3Aco%3A0%3Ast%3A1643367586&t=gdpr()aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

ec703747672399991e66e186dc8a32f0d56d74cd45c1873043abfc6ada168671

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:46 GMT
x-content-type-options: nosniff
last-modified: Fri, 28-Jan-2022 10:59:46 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Fri, 28-Jan-2022 10:59:46 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame 35E4 43 B
136 B 42ms
42ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 10:59:46 GMT
last-modified: Wed, 26 Jan 2022 15:48:14 GMT
etag: "61f1430e-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 28 Jan 2022 11:59:46 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 35E4 3 KB
1 KB 46ms
38ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1643367586028&cv=9&fst=1643367586028&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fread11.w1.flibusta.life%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05f21032c670390c88b2be4412e763cc00d494fb72d25249fdc356766e47d0d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1123
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 35E4 3 KB
1 KB 44ms
37ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1643367586032&cv=9&fst=1643367586032&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fread11.w1.flibusta.life%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb16893d397043e04a1159a4f8e8774891aa6488e6249aab0b8fae6f4370a039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1122
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 35E4 3 KB
1 KB 40ms
36ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1643367586036&cv=9&fst=1643367586036&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fread11.w1.flibusta.life%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4799b7dc2579c8194f24e51648d759284ddfb4ea451e978bc00f0c376179789b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1118
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 35E4 3 KB
1 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1643367586037&cv=9&fst=1643367586037&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fread11.w1.flibusta.life%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

403ad448bf7c58e178237034ee7626892e39e5685315a763015eef554e3f6b1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1122
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1VxMCk1i0QC100000000U9nJd7_7cJqZay72qEJJZCY86IkOBEUV-Pp800IUC97G0nc7M6ChnKGPKXc1ufacdnA2GUAbh41UxKOWqSgO02Id0cKL66OoRYbc08E5Z7QU4DPAHXzP26ilexGB1yDHCFyg8yYukumCCWmCVnbdCJ4mp6K2YInbEiNCmB2MwHUGVPRfF... Show response
yandex.ru/an/rtbcount/ 43 B
294 B 62ms
61ms XHR
image/gif 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1VxMCk1i0QC100000000U9nJd7_7cJqZay72qEJJZCY86IkOBEUV-Pp800IUC97G0nc7M6ChnKGPKXc1ufacdnA2GUAbh41UxKOWqSgO02Id0cKL66OoRYbc08E5Z7QU4DPAHXzP26ilexGB1yDHCFyg8yYukumCCWmCVnbdCJ4mp6K2YInbEiNCmB2MwHUGVPRfFn2yOX98BZlpp-GJ0qF_PExGHTTO6VuoiO0iPWQvePTP4MGzCqZpN6Oca8L0KW5iuKRclBp6pWstBHrECi-tiBwzr_nkw5MmohjWyYUpWnC_nBaiP_itWbahMBOyPzp1mdo0XV4c2yJT7-mViioQ2G8txT-oW5o_W9Nt92k30ZjO-YRh_8fOqxZ5Eus_ie8SF8Fjok7W1MnFddTsx_Yoza7UIZQOvWDi7YVOc1-nyHP7E5lvXuGMUmIaXfk_P8DPyvFjyZOrmGlXd-rdiREQ6XjPcWC0HdnzE000?confirmTime=2100000&confirmRatio=1000000&test-tag=26989574488066&format-type=95&actual-format=7&rnd=4560391672113&pcode-active-testids=493918%2C0%2C52%3B466679%2C0%2C38%3B487925%2C0%2C34&banner-sizes=eyI3MjA1NzYwNTYyOTk5NTA5MSI6IjM5NngyOTAiLCI3MjA1NzYwNDQ2MTEwNzA3MSI6IjM5NngyOTAiLCI3MjA1NzYwNDYxOTk1NDY3OCI6IjM5NngyOTAiLCI3MjA1NzYwNTAwNDEwMzk3NyI6IjM5NngyOTAifQ%3D%3D&width=1600&height=290

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read11.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif
access-control-allow-origin: http://read11.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Fri, 28 Jan 2022 10:59:46 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 28 Jan 2022 10:59:46 GMT

GET
H2 200 37412095 Show response
mc.yandex.com/watch/ Frame 35E4 350 B
385 B 42ms
42ms XHR
application/json 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=http%3A%2F%2Fread11.w1.flibusta.life%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3Agqny5kf3qo6c2s0fzz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A2%3Adp%3A1%3Als%3A14949521333%3Ahid%3A796490066%3Az%3A0%3Ai%3A20220128105946%3Aet%3A1643367586%3Ac%3A1%3Arn%3A382109709%3Arqn%3A1%3Au%3A1643367586280307541%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1643367583834%3Ads%3A0%2C81%2C41%2C6%2C0%2C0%2C%2C36%2C0%2C165%2C165%2C0%2C165%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643367586%3At%3A&t=gdpr(6)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

2bd4ee8a5811389e9636221e3db80e4efc809c7b8b8ba0b78eca38a75968170f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:46 GMT
x-content-type-options: nosniff
last-modified: Fri, 28-Jan-2022 10:59:46 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Fri, 28-Jan-2022 10:59:46 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame 35E4 42 B
108 B 69ms
31ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1643367586037&cv=9&fst=1643364000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fread11.w1.flibusta.life%2F&async=1&fmt=3&is_vtc=1&random=1969594365&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.se/pagead/1p-user-list/693627671/ Frame 35E4 42 B
108 B 73ms
29ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/pagead/1p-user-list/693627671/?random=1643367586037&cv=9&fst=1643364000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fread11.w1.flibusta.life%2F&async=1&fmt=3&is_vtc=1&random=1969594365&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame 35E4 42 B
108 B 69ms
31ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1643367586036&cv=9&fst=1643364000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fread11.w1.flibusta.life%2F&async=1&fmt=3&is_vtc=1&random=521641017&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.se/pagead/1p-user-list/947884341/ Frame 35E4 42 B
108 B 73ms
30ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/pagead/1p-user-list/947884341/?random=1643367586036&cv=9&fst=1643364000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fread11.w1.flibusta.life%2F&async=1&fmt=3&is_vtc=1&random=521641017&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame 35E4 42 B
548 B 66ms
30ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1643367586032&cv=9&fst=1643364000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fread11.w1.flibusta.life%2F&async=1&fmt=3&is_vtc=1&random=1834101499&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.se/pagead/1p-user-list/693627671/ Frame 35E4 42 B
108 B 71ms
29ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/pagead/1p-user-list/693627671/?random=1643367586032&cv=9&fst=1643364000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fread11.w1.flibusta.life%2F&async=1&fmt=3&is_vtc=1&random=1834101499&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame 35E4 42 B
108 B 66ms
30ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1643367586028&cv=9&fst=1643364000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fread11.w1.flibusta.life%2F&async=1&fmt=3&is_vtc=1&random=2220261783&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.se/pagead/1p-user-list/947884341/ Frame 35E4 42 B
548 B 69ms
28ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/pagead/1p-user-list/947884341/?random=1643367586028&cv=9&fst=1643364000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fread11.w1.flibusta.life%2F&async=1&fmt=3&is_vtc=1&random=2220261783&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 WJyejI_zO8u0hGa0n0y5mcZ0UYnah0K0ZW4GW8200J6VpFDX000003ZosQW1Y085kGB3NzMNd6nWRV02nllyf0J0aGRm1G6W1k82k0R00Sa6dzn31sXf03Yf1pJoO5DOcAW22geB46DspFuqyW00ZvCBLQBMy0i6c0wVyUpPtVVDxbMe3xJauyo5YwRK0f0GjBkDz... Show response
yandex.ru/an/count/ 43 B
84 B 64ms
63ms XHR
image/gif 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/count/WJyejI_zO8u0hGa0n0y5mcZ0UYnah0K0ZW4GW8200J6VpFDX000003ZosQW1Y085kGB3NzMNd6nWRV02nllyf0J0aGRm1G6W1k82k0R00Sa6dzn31sXf03Yf1pJoO5DOcAW22geB46DspFuqyW00ZvCBLQBMy0i6c0wVyUpPtVVDxbMe3xJauyo5YwRK0f0GjBkDzOc9W8ju0P6jzxqpy184Y1FW507O5S6AzkoZZxpyO_395l0_WHUe5msP6D0O8VWOW1cu6V___m706P_nzQhZw-ZSCz8P4dbXOdDVSsLoTcLoBt8sCJSjCkWPm0pm6O320u8S3NDOGpfFL5LpI51bLpVf780T_tyH051a_6iGQBm61WLtLJHCebi86IK6vh9Lwyuu_JrgPdb-3aE8o8F3QkVOggvObapuOvD1n03t~1=WfSejI_zO1C2RHG0X2CXsmH34mEwuCsPb9BpWgG1W041Y07cdvB9Wm6G0QQXXw_MW8200fW1fg67hrQW0QAe0QAu0S2ZuC8Zs07gz-IW0U01uE_Jdm7e0Uu3-062izw-0Q02-AEG6S022x030iuCY0MVk1sG1UpXAx05_uiEk0N_Ymx01QMRBCW5lvuEq0NMkGJW1PG1c0Q2jDlq1wW6uWAm1u20a3Iu1u05q0SMs0SGu0UG3V470032WloHo0okr3VmJcZlFydP2pJoO5DOcAW2w0kVk1sR1fWDtPWlFw0Em8GzW13r-TeWm90GeH66wr6u7eNZu17DdyO5w16IkAFKrOZVbCJjt40z9WaaoWFDFvWJ0k0J_uiEY1IDwTItnVhXxJoW5F-B3gWKxE4hi1J0ql0Gk1JWtUu5o1G7q1J0rvnis1IVuCIF1kWKZ0BG5P_Wn8y6s1N1YlRieu-y_6EW5gxtX8y6i1Qo0yaMq1Rop-6-0TWMjBkDzOc9W8juWHUO5_gOwIsu5m705xKoq1VGXWFO5ux7FUWN0PaOe1W3i1ZqxywF1hWO0VWOv8Yr-RVQrwzKW1c96G0We1d00RWP____0U0P0UWPm0pm6O320u4Q___ZmW6a8iE86i24FPWQrCDJzHe10000c1lTc2-m6qYu6mFO6u20W801wHi00030sinvGV0RyxQ7AFWRnPdV9kaSW1t_VvaTg1u1q1xCiixhpk39qt3O7llQ7g0VzVdQ8B0V0SWVzRkoKD8V1JKpCZat6m0uX9IOaS8ySWJAWA8xidieWwD8zaCkoNiatXgI4RHC5gkvI2U4h7nN8S0Ye0B150ZB1aIcfNRG8YifHZ8O-FDSK7aZnc5ihwL1SAf9TB1Dm040~1=WdOejI_zO0G2PHC0526Fezeq10E4mTQJouJFruW1W07SwOC2Y06SyONmQv01_jserCs0W802c07-tQZKJQ01sAW1sBW1u8Aqm27O0TR3kvW1u06stfeLw06ue0AqwDqMe0C4i0C2Y0s81RsR4v05nf8Si0MJY0cu1PE82S05-lCbhku2u0ML0PW6gFhCp0Ie1k82i0U0W90qk0U01T070jW74E07a0tn1m00mfhqhiaAFVX4l2gpxJ_P2pJoO5DOcAW2w0kzcnE838pYthu1gGomeMtZQAd6F-WCcmQO3TsOBx0-a0w0wZ2W3iEH0zaFW13hdyOSeH7W4SsVnWNe4PAuezJLYD-KnEtSG9zaYUCvRyS_c1C2u1EJY0c858tfrBV5-k7jFA0KauW9g1J6aXoXneMB1kWKZ0BG5P-ftOq6s1N1YlRieu-y_6EW5gxtX8y6i1Qo0yaMq1QCujw-0TWMjBkDzOc9W8juWHUO5uA3XXUu5m705xKos1V0X3te5m6P6A0O3x0OflxEZmQu60Bu6EI8jVctsjUlL80PYHa08A0Pm06u6V___m7W6G7e6S0Cy1c0mWE16l__0seyFocnY1h0X3sO6jJ3K_KQ0G0009WRtPWli1j8k1i3s1j0wHo07Vz_cHtW7SUBkWYe7W7G7kkde-2wbls5XG7O7llQ7eWV____0Q0Vwv_67B0V0iWVw-6TJD8V1JKpCZat7G10DHmE8Gjch3ucK9-Cmhc3Q8SoUaK481S-G-XM-fb4r_2ve-K3NFfixN6yc8NqGWM2kuYTve6GW8s2Se2xXN4qHXinoYwYPlmHE6ZrLqc0u5YJw62RW0C0~1=WjOejI_zO4i2PHO0X2T8OInyImFGuU-luxs3zjG1W06klSgiWOMlcqQ80SR5dxvpa07if-Vhpe20W0AO0Uodv-jEe070fQW1mANdwqwu0PRWgU0Xs06knfYP0U01okUW5UW1k0Fu0U2hthu1e0AAuueOe0C6i0E948W5g9uGa0Mcv12m1Ugp1RW5whC5m0MArGt81QAp1D05lDe1u0MK0PW6Ye2C_0oe1k82i0U0W90qk0Uq1j070jW74E07a0tn1m00miMnXGo02W712aXcS7SHHke_oTaBDF9WKrYOg0Be2wYU48WCuAlUlW7e39i6c0tTc2zmFQ0Em8GzW12NuVGScX0R6SWGmB8GeH66wr6u7eNZu17DdyO5w16IkAFKrOZVbCJjt41p0tR7_YpKFvWJ0k0JwhC5Y1IDwTItnVhXxJoW5Egp1QWKfkGGi1JqngSYk1J0yFKBm1I0pQsTqTo6BTWKyUB9ZmRe58m2o1NgxjBc-GBG5V7YoOy6s1N1YlRieu-y_6EW5gxtX8y6i1Qo0xWM0S0MOCaMy3_G5k2hthu1s1QqkutrYOc0YtY15vWNXEUJ5xWN0S0NjJBG5z260zWNhUyyw1S2cHYW60-m6FJlpey6k1WE-1ZaYBNvjzhNhrI06OaP022W6S01k1d___y1u1a7w1d03F0PWC83-1d4aDmZWHh__mEhPZQPKeWQm8Gza1g0G9WQrCDJzHe10000c1lTc2-m6qYu6mFO6u20W801wHi00030p29OGV0RrvMl2VWRmyQY1UaS0F0_W1t_VvaT0F0_g1u1q1x3-9BSsjV2Wfe1s1xxsXwW7vVXz1om7mF87vUZp4pI7mKrCp8vDni0G12G-a23mE6IKWOqtf4Dc38uYcG_H73lZNqve8wTR4XSsJ81VSr5QnBNcsB-ybtT0E-y6ZIy0k4v7LG7a8NekQ0YHumJlL8wRwcPTx1Dm040~1=WhGejI_zO2q2LHK012KBfMiqBGEdkVhvai7Yy0600V6uvWA80P2iaxLxa07In9JQqO20W0AO0TB4bDfHe06ymwW1lCEKsb6u0Q3egiaYs06IzRQS0U01bfMlcG7e0Lpu0TYFthu1e0AE-eK1e0C8i0Ff38W5remIa0MUnHEm1VJx1BW5zFi4m0N9rpx81VBt3z05hlu1u0MKg0RY0h07W82GDBW7W0NG1mBO1n3W1uOAyGS008Y7_KA02W712c3yAGvrEjG_oVWAWBKOsGiqyc1JM9Ye0kWBremIY0pOZzw-0UWCcmQO3TsOBw0Em8GzW139-CCUmB2GWW6X4ORhKRWUXUFW4SsVnWNe4PAuezJLYD-KnEtSG43X6QIbXj4_c1C2u1Fq-mI858tfrBV5-k7jFA0KzFi4g1IUnHEm5Ek1CBWKWDCE0j0KtztM7jWKYi2fYWRe58m2q1MAmAcA1jWLmOhsxAEFlFnZe1QkzuIF1h0MiWF95j0Ms8_UlW7O5hIxZVM9YO2BU84Nc1UNjRGik1S1m1UrCj0Nq8O3s1UocJpe5m6P6A0O1x0OzE_EZmQu60Ru6EI8jVctsjUlL80PYHa08A0Pm06u6V___m7W6GBe6S0Cy1c0mWE16l__dtgHytChY1h0X3sO6jJ3KxWQ1FKQ0G0009WRtPWli1j8k1i3s1k0W8200UaR0000u9soOa7m6z-riHBu6yxK-0lf780T_t-P7U0TYya5g1u1q1wWujhrgVYNW5_O7lhQ7eWV____0Q0VoVZ37h0V1CWVoRgRJj8V1JKpCZat6m0wDGOEoIXcl3QF78GoeEgEx1xAu2YI_P0RmqVsMUUZQ5n3ueQM2TXgBfG98GlVLGYk2AZySze59X3UUq7rfYFfVJlF0zj6Z877WkZ0bT9visRMmGm11m00~1?stat-id=5&test-tag=26989935230529&banner-sizes=eyI3MjA1NzYwNTYyOTk5NTA5MSI6IjM5NngyOTAiLCI3MjA1NzYwNDQ2MTEwNzA3MSI6IjM5NngyOTAiLCI3MjA1NzYwNDYxOTk1NDY3OCI6IjM5NngyOTAiLCI3MjA1NzYwNTAwNDEwMzk3NyI6IjM5NngyOTAifQ%3D%3D&format-type=95&actual-format=7&pcodever=53297&banner-test-tags=eyI3MjA1NzYwNTYyOTk5NTA5MSI6IjU3MzYxIiwiNzIwNTc2MDQ0NjExMDcwNzEiOiI1NzM2MiIsIjcyMDU3NjA0NjE5OTU0Njc4IjoiNDI1MTY2NyIsIjcyMDU3NjA1MDA0MTAzOTc3IjoiNTczNjQifQ%3D%3D&pcode-active-testids=493918%2C0%2C52%3B466679%2C0%2C38%3B487925%2C0%2C34&width=1600&height=290&confirmTime=2100000&confirmRatio=1000000&wmode=0

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read11.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif
access-control-allow-origin: http://read11.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Fri, 28 Jan 2022 10:59:46 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 28 Jan 2022 10:59:46 GMT

GET
H2 200 1NOXeKY20Ra100000000U9nJd6_GVQYyzQEteScdALK5CrOmMSu_ypcH0GWyOIAXDsBrvMChnKGPKXc1ufacdpBAGEAb85xjHY3HofW09AS2-GeCCndLdHZ0O26Z5Y-4jPBHXHN2sil8wCBBS1JClye8Ck0k8uCC0yDVnjwbfvtcCZ41HPOoVG2IQvaYW9opJF-1u... Show response
yandex.ru/an/rtbcount/ 43 B
84 B 66ms
65ms XHR
image/gif 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1NOXeKY20Ra100000000U9nJd6_GVQYyzQEteScdALK5CrOmMSu_ypcH0GWyOIAXDsBrvMChnKGPKXc1ufacdpBAGEAb85xjHY3HofW09AS2-GeCCndLdHZ0O26Z5Y-4jPBHXHN2sil8wCBBS1JClye8Ck0k8uCC0yDVnjwbfvtcCZ41HPOoVG2IQvaYW9opJF-1u1MJmEbFmXucdnWOximH35rqZPNXBnCBo69caBczp8eWwvavWEHSPf0HAu6a0WE8lv4vBw-nSyDjIuUJpFCjh6_lDRyRUfKPR36OVCfi__qNvqzc1oT-YADPLlHl1BDsi30VO66yoG9n-0VxXoopPeB0JVktB23dBs3bFSdwg84TB7s1LU4cw_oAMDEunJkDlxA27FsBbTFGpDp4nCZ8sBA1RV-xr_upsAuS3bx0zkHvP_UEBsiVvAraWvbuWCtZ11lp8pRUuWXdgnmVorAFWDHmyvTiCBj_ifc-sz_FelFHVXOxgwcnaQKv01TFXsW0?confirmTime=2100000&confirmRatio=1000000&test-tag=26989574488066&rnd=8423781478076&pcode-active-testids=493918%2C0%2C52%3B466679%2C0%2C38%3B487925%2C0%2C34&width=270&height=600&media-test-tag=822086499

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read11.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif
access-control-allow-origin: http://read11.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Fri, 28 Jan 2022 10:59:46 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 28 Jan 2022 10:59:46 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: read11.w1.flibusta.life
URL: http://read11.w1.flibusta.life/b/625322

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 10:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Fri, 28 Jan 2022 10:59:46 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 28 Jan 2022 10:59:46 GMT

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

55 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 00:30:53	Name: afpix Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 00:38:05	Name: pcssspb Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 00:30:53	Name: pcs3 Value: 1
.yadro.ru/	1970-01-20 09:14:13	Name: FTID Value: 1Xyyoi1CCfOF1Xyyoi001MsG
.yadro.ru/	1970-01-20 09:14:13	Name: VID Value: 2H_PD-3iPw8F1Xyyoi001Mvn
.yandex.ru/	1970-01-23 16:05:27	Name: yandexuid Value: 9081980981643367584
.1dmp.io/	1970-01-20 09:15:03	Name: uid Value: 665677c0-8029-11ec-9752-901b0e8d9836
.weborama.fr/	1970-01-20 10:01:08	Name: AFFICHE_W Value: CivYGQNoq6wK28
.1dmp.io/	1970-01-20 00:29:27	Name: ru-seq Value: null
.sonar.semantiqo.com/	1970-01-21 21:07:51	Name: semantiqo_a Value: eb50b372e191433e9a173bb0df104183
.sonar.semantiqo.com/	1970-01-20 09:25:08	Name: check Value: e56f2b90512347c199904d351f759972
.yandex.ru/	1970-01-20 18:00:39	Name: i Value: DUILfQ1rDAASvS06BrfFL0q9fA5MT8oHpqonbbza3GsgKAALNckwZijanEDc/PCL/OZBDxYKtohHwGJByw+gcwe4m0I=
.mc.yandex.com/	1970-01-20 00:29:28	Name: sync_cookie_csrf Value: 174402046fake
.aidata.io/	1970-01-20 18:00:39	Name: __upin Value: tB37C5JEj+swJc2ZHR1tWg
.aidata.io/	1970-01-20 18:00:39	Name: __upints Value: 1643367584
.yandex.ru/	1970-01-23 16:05:27	Name: yuidss Value: 9081980981643367584
.dmg.digitaltarget.ru/	1970-01-21 02:24:39	Name: viuserid Value: 2Q6MQIr5888UGDb7WptD
.mc.yandex.ru/	1970-01-20 00:29:28	Name: sync_cookie_csrf Value: 1955192538fake
x01.aidata.io/	1970-01-20 00:39:32	Name: yaya Value: 1
.adx.opera.com/	1970-01-20 01:12:39	Name: UID Value: fe61cd057db543de958eb07a56e8d967
.yandex.com/	1970-01-20 09:15:03	Name: yandexuid Value: 9081980981643367584
.yandex.com/	1970-01-20 09:15:03	Name: yuidss Value: 9081980981643367584
.mc.yandex.com/	1970-01-20 00:30:53	Name: sync_cookie_ok Value: synced
.doubleclick.net/	1970-01-20 09:51:03	Name: IDE Value: AHWqTUlJX9DZnNBoOMdcpDY1eoz2lHWleQSgDvDC9CbZtg8q-01cb6Ira73P96A6hAg
.upravel.com/	1970-01-20 00:29:27	Name: session_tptc Value: 1643367584246
.upravel.com/	1970-01-23 16:05:27	Name: user_id Value: f7babe48-44fc-41e4-9568-1403b65b3c42
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1830017311643367584
.yandex.com/	1970-01-23 16:05:27	Name: i Value: ehlVjofmIvVl7UvaLur0IwQXOIo5iYGi5PgRm/KLyh888BH0Wm5JFiCEWktzaKvN+n/RnZA6aY750QOrptu2RD4TUmA=
.demdex.net/	1970-01-20 04:48:39	Name: demdex Value: 02920455711057687061896148269826340877
.acint.net/	1970-01-20 00:29:28	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-25 20:05:16	Name: aid Value: fwAAAWHzzKBIQgDm4Cj1AlzKimTVnLXeUsUtiFZ6UZze3MD6
.yandex.com/	1970-01-20 09:15:03	Name: ymex Value: 1674903584.yrts.1643367584#1674903584.yrtsi.1643367584
.dpm.demdex.net/	1970-01-20 04:48:39	Name: dpm Value: 02920455711057687061896148269826340877
.acint.net/	1970-01-20 01:12:39	Name: cSyncDp14v3 Value: 1643367584
.rutarget.ru/	1970-01-20 04:48:39	Name: userId Value: tXIUbMQSi8B_
.tns-counter.ru/	1970-01-20 09:15:03	Name: guid Value: A7AF681661F3CCA0X1643367584
.caltat.com/	1970-01-21 21:07:51	Name: caltat Value: 32283a54aaab49db8d0af90e34d58ac7
.ssp-rtb.sape.ru/	1970-01-25 20:05:16	Name: sspuid Value: fwAAAWHzzKBJ5wAjeUeVAg8lg8neGy67fz16Vzsh/4i5Iaf3
.whiteboxdigital.ru/	1970-01-20 18:00:00	Name: MiId Value: e415a13f-c01a-45c9-8504-31010fe01046
.betweendigital.com/	1970-01-20 09:15:03	Name: dc Value: was1
.betweendigital.com/	1970-01-20 09:15:03	Name: ss Value: 1
.uuidksinc.net/	1970-01-20 09:15:03	Name: jcsuuid Value: Doj6hv1uGjqArjUeYyDd
.magnitent.com/	1970-01-21 21:07:51	Name: sonar Value: eb50b372e191433e9a173bb0df104183
.magnitent.com/	1970-01-21 21:07:51	Name: ct Value: 32283a54aaab49db8d0af90e34d58ac7
.magnitent.com/	1970-01-21 21:07:51	Name: spid Value: 5AD7676E918B0B25
.magnitent.com/	1970-01-20 01:14:05	Name: 3db Value: 5AD7676E918B0B25
.mts.ru/	1970-01-20 09:02:05	Name: dspid Value: 93e72576-8660-4b45-aa22-5c241a801974
.betweendigital.com/	1970-01-20 09:15:03	Name: tuuid Value: 0e199f1e-1321-531c-b457-7af6d5a4b656
.betweendigital.com/	1970-01-20 09:15:03	Name: ut Value: YfPMoAAH_uBoKirSmIOwg_9wFgMpIZbHhHBd1A==
.adhigh.net/	1970-01-20 09:15:03	Name: gi_u Value: xeG9Hj5V34d.AikABlF-oFdTbQ
.adhigh.net/	1970-01-20 09:15:03	Name: yandexssp_sync Value: j8o
.mts.ru/	1970-01-23 14:53:27	Name: mts_id Value: 587cd1ba-4fa1-4ef7-92b3-119796464a9a
.mts.ru/	1970-01-23 14:53:27	Name: mts_id_last_sync Value: 1643367584
.yandex.ru/	1970-01-20 18:00:39	Name: is_gdpr Value: 1
.yandex.ru/	1970-01-20 18:00:39	Name: is_gdpr_b Value: CLWUVBD9XhgB

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://an.yandex.ru/mapuid/SAPEis/0100007FA0CCF361E600424802F528E0 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acint.net
ads.betweendigital.com
an.yandex.ru
avatars.mds.yandex.net
cdn3.caltat.com
cm.g.doubleclick.net
cm.tns-counter.ru
counter.yadro.ru
dm.hybrid.ai
dmg.digitaltarget.ru
dpm.demdex.net
f7babe48-44fc-41e4-9568-1403b65b3c42.sync.upravel.com
favicon.yandex.net
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
mitdmp.whiteboxdigital.ru
profile.ssp.rambler.ru
px.adhigh.net
read11.w1.flibusta.life
redirect.frontend.weborama.fr
s.uuidksinc.net
sm.rtb.mts.ru
sonar.semantiqo.com
ssp-rtb.sape.ru
ssp.adriver.ru
storage.mds.yandex.net
sync.1dmp.io
sync.bumlam.com
sync.magnitent.com
sync.upravel.com
t.adx.opera.com
tech.rtb.mts.ru
www.google.com
www.google.se
www.googleadservices.com
x01.aidata.io
yandex-dmp-sync.rutarget.ru
yandex-sync.rutarget.ru
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
116.202.51.238
142.250.184.194
142.250.185.130
144.76.138.28
148.251.237.106
185.15.175.130
193.232.150.60
195.201.243.72
2001:6d0:4001::226
213.87.44.187
217.66.147.161
2606:4700:3033::ac43:d185
2a00:1450:4001:810::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a02:6b8:20::215
2a02:6b8::158
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::36
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
31.172.81.158
31.220.27.134
34.255.232.227
35.190.16.14
37.18.16.22
80.64.106.151
80.64.106.152
81.163.17.245
81.222.128.216
82.145.213.8
88.212.201.198
88.99.214.77
89.108.119.28
91.192.148.14
95.217.109.66
95.217.86.150
96.46.186.57
04a4f5f71732dfa107abfe7930ecb72ba2b85492207b34e21c53eeb30a94086b
05f21032c670390c88b2be4412e763cc00d494fb72d25249fdc356766e47d0d9
0ce15a8f257959b2f4e39c9d2eaa5e7ca98ac78d9740851aa1b1d9d0c56f3009
0e498acee76811d27d3fd6fa85050262110a471d29f2e221bae9e4b2a583b154
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
1d4c1410507cbfa6fa4e3594f092ddf8ba0688dd58eec01bcc501f60250803fc
204446f45785e5de98a0fc1497457d205380f76d8d4dc0dcdb4f5936552e7256
28f961f46cc443e85fe1d0f7480cd09cac504645039bfd6bbfbc594c3acdb134
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2bd4ee8a5811389e9636221e3db80e4efc809c7b8b8ba0b78eca38a75968170f
2dd383c5239714ef03d7c008981db637b769e016c8ea943ba1a0dc5b8487942d
2f3ee8524a05db8a30e14cfbe98175341508f92759804299364e97848f4a0148
30253bda2ffc57484bf0c4cdbaafbaebece53d514cda40cedd22ade2b858c666
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
34c7caada564c38a1301e119694560076b5ff1317ce80132f4a2f896863d0c29
361840fbee3b0726b5f0f5bbfe37e13bdab8c3c873d643a45b56c5e37c8d2a86
384558b3087a57ba9e606a6136043c2962cbee9fe2fcca730e8576e5bd8f80df
3864f2d9403734422027d63b9abe2cf862126ee55adb3f735ef2f4572acef28e
3bfefeae5aecbb35b29086dd3dd63800ac6429a0402f71d7568d1e5ae5398f5d
403ad448bf7c58e178237034ee7626892e39e5685315a763015eef554e3f6b1b
4489654fed8c9c74673842a01b843721f90f284f177ec777830a1896b67594e6
4799b7dc2579c8194f24e51648d759284ddfb4ea451e978bc00f0c376179789b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55eda189289a1bf39f4ac323625c6f5b0696552a15a78b2f18d68e759e9162eb
5afdaafa2a6eae8997def98a3feeb11ac6b3afa82d4ec45c24a702fc892a277a
63158f73aa9f4d442cf349762c6beac9fcf35c14c3376888e728164acfde3b86
64ea4076938e994c65963f35c8e11cb0cff6b51e63168118047de5f8b13746ca
6e8570abd0984649eea5949d566cffd4855ea5bfc019f0b59bbc89c3d5e19927
6ebb99f44b593382de6cfbf5a66e1e4eb5f56c4061dcbb889c4e741bda853cb3
71d96e45780bffd7caf33c3906f5727a8067f944d45aada4f842824d079d5601
741a082659fee5924e441274537175f5386e9e72c0ac29c3e66d30e7075f38ca
74817b36cb6d05b66fb3988f61fb64ba887a9c277f38705df65b8d3dcfc43395
7e306849ced773c12d8275b26680264548487c996e52234d84baf1e6a3ce119c
81211473e99fae78ef02d3eeade1cccf9c85a248d4af1502613ffce4a244dbcb
8bf6d72ea819fec97cf03cbd0a53e699ea577fd81e5f72792f27c437d5e7a681
913e0bff2ebdfd8aa46e82e8282910638f68fdb9f56f447f1f6b259f3fe5e539
93c9229257605979b7b4ffa133becb9878933a71383ef13144ec82926674b5fb
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a69d7c5d3593ca3cb38e8a8f87de3ce87a4c7e11984457971d9148331e719e9
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
a9e2c21fea32dc63142707b7904f8a962f77bb77f81fdd6a8bbb700a1f94657b
aa76185f417cf85d7029b35e3a6544d4495402e17f76a32633b5ba80a81faa26
af9b9983193cebb28d81e93aa76a04b0c6569954811fbab35f7c5389ad629fc7
b4b1fe1faad76581a52dbb5fab1e7f48969524a0fcb04c19b4857ba095c30222
b4e545d7af5622814ef6da2f4aca4f1ce46077bb9c1641761c2398eaf661d8c9
bb16893d397043e04a1159a4f8e8774891aa6488e6249aab0b8fae6f4370a039
bb51b9caddb8a0e55d70c819b8a8903fbf2f94b7ad453653ec6aa0e823524276
c5a74ae578a75fed96e8b51cd01a2ac509b4ad168b3d8770202e217a53782ce8
c6e333facbaf22913170c8a93cac913800a2ff32a11b66fbab4c735a006358d4
cd638262e1ce17a7aca8fc4ef90e4642d33123446a32e78a11f1be885bddebc3
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d3563af01d7092681c482c0348e498e21afdd85ce44cf9fb31b38a8489fd0b09
d4247ed30734f69d609692cc4278b576470108373acc75ae3a5e4dba20457cf1
d5382a54699a1e6984f8d16c12b2874c57d7da68e7dc4999a2423cbe1f56a419
d7717e2ba472c4bcab1d996b43d86a03b4d8e24ba53fb7c2d90525ff24389861
d846b1bdadef4bfab59b098962337373b02b8ed036d7b78af393c80b5704dcd8
dd321da9fbfb2751ef37064414b32f455ae4e64bfdcfc7c89f9681b163dca0fb
dea121340e3421fdf215feb6f193f0c6904fa1a7de6b08ea4530b1b3f66ea73e
dfcea52ba20178b53f04aa15dd3ac627061def92702459e3afdf5dc2910138a6
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea8998447eef9575b6f7c1b27a068516935246f8060f943a647f8f92bcfd6d0c
ec703747672399991e66e186dc8a32f0d56d74cd45c1873043abfc6ada168671
ee94ee5787533b981fafeb1a213e5bbff6b5c9e4421ec3ff02d5c3726ceb9fdf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9ed4adcba4950bf4be0556283131eedd7c629de1821c8c3967c7f70d971596
f0bd09ce14c812196cf9b7fcf90b148bf6121813408ff06c25ad92dce4e4d17e
f35fad4587c4a421d0579ca5b8f223b80147beebba83606897aeccf90b8c2148
f739d2729f1fd478c855bef64b16d83ab8524e6068651ca4325e47ccca7aa1bc

read11.w1.flibusta.life Open in urlscan Pro 2606:4700:3033::ac43:d185 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

126 Requests

67 %HTTPS

33 %IPv6

33 Domains

42 Subdomains

22 IPs

7 Countries

1656 kBTransfer

3277 kBSize

55 Cookies

11 Outgoing links

Redirected requests

126 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

read11.w1.flibusta.life Open in urlscan Pro
2606:4700:3033::ac43:d185 Public Scan

Screenshot
Live screenshot

Full Image

126
Requests

67 %
HTTPS

33 %
IPv6

33
Domains

42
Subdomains

22
IPs

7
Countries

1656 kB
Transfer

3277 kB
Size

55
Cookies

126 HTTP transactions
2 data transactions