read3.w1.flibusta.life Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://read3.w1.flibusta.life/
Submission Tags: falconsandbox
Submission: On January 27 via api (January 27th 2022, 1:50:23 am UTC) from US — Scanned from DE

Summary HTTP 133 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 23 IPs in 8 countries across 33 domains to perform 133 HTTP transactions. The main IP is 2a06:98c1:3121::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is read3.w1.flibusta.life.

This is the only time read3.w1.flibusta.life was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:6b8:a::a 2a02:6b8:a::a	208722 (YNDX) (YNDX)
9	2a02:6b8:20::215 2a02:6b8:20::215	208722 (YNDX) (YNDX)
12 55	2a02:6b8::90 2a02:6b8::90	208722 (YNDX) (YNDX)
2 3	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
3 12	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
10	2a02:6b8::184 2a02:6b8::184	208722 (YNDX) (YNDX)
11	2a02:6b8::36 2a02:6b8::36	208722 (YNDX) (YNDX)
1	2a02:6b8::5:114 2a02:6b8::5:114	208722 (YNDX) (YNDX)
2 3	95.217.86.150 95.217.86.150	24940 (HETZNER-AS) (HETZNER-AS)
2 2	95.217.109.66 95.217.109.66	24940 (HETZNER-AS) (HETZNER-AS)
3 3	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
2	81.222.128.214 81.222.128.214	20597 (ELTEL-AS) (ELTEL-AS)
2 2	185.15.175.130 185.15.175.130	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1 1	80.64.106.152 80.64.106.152	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
1 1	80.64.106.151 80.64.106.151	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
2 2	89.108.120.76 89.108.120.76	197695 (AS-REG) (AS-REG)
2 2	88.99.149.88 88.99.149.88	24940 (HETZNER-AS) (HETZNER-AS)
1 1	91.192.149.14 91.192.149.14	42481 (BEGUN-AS) (BEGUN-AS)
1 2	54.228.253.216 54.228.253.216	16509 (AMAZON-02) (AMAZON-02)
2	37.18.16.22 37.18.16.22	205675 (HYBRID-AS) (HYBRID-AS)
1 1	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
2 2	78.46.16.13 78.46.16.13	24940 (HETZNER-AS) (HETZNER-AS)
1 1	176.9.8.252 176.9.8.252	24940 (HETZNER-AS) (HETZNER-AS)
6 6	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
3 4	188.42.29.166 188.42.29.166	7979 (SERVERS-COM) (SERVERS-COM)
3 3	195.201.243.71 195.201.243.71	24940 (HETZNER-AS) (HETZNER-AS)
1 1	159.69.74.8 159.69.74.8	24940 (HETZNER-AS) (HETZNER-AS)
1 1	81.163.17.245 81.163.17.245	49505 (SELECTEL) (SELECTEL)
2 2	217.66.147.168 217.66.147.168	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
1 1	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
1	31.172.81.160 31.172.81.160	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1 1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2 2	194.190.76.45 194.190.76.45	48061 (UMA-TECH-AS) (UMA-TECH-AS)
2	2a02:6b8::158 2a02:6b8::158	208722 (YNDX) (YNDX)
1 1	2a02:6b8::2:94 2a02:6b8::2:94	208722 (YNDX) (YNDX)
1	2001:978:7401... 2001:978:7401:1::37	174 (COGENT-174) (COGENT-174)
2 3	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
133	23

20 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

read3.w1.flibusta.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 2a02:6b8::90 (Moscow, Russian Federation) 12 redirects

ASN208722 (YNDX, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jstracer.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.212.201.198 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::184 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6b8::36 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

favicon.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::5:114 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

ysa-static.passport.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.217.86.150 (Helsinki, Finland) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.150.86.217.95.clients.your-server.de

sonar.semantiqo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.217.109.66 (Helsinki, Finland) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.66.109.217.95.clients.your-server.de

cdn3.caltat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.magnitent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.16.14 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.214 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad14.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.130 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.152 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr7.rutarget.ru

yandex-dmp-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.151 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr6.rutarget.ru

yandex-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.120.76 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51804.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.149.88 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: dmc-test-dn3

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.192.149.14 (Russian Federation) 1 redirects

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru

profile.ssp.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.228.253.216 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-253-216.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.18.16.22 (Russian Federation)

ASN205675 (HYBRID-AS, RU)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

cm.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.16.13 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-2.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.9.8.252 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-21.community.moscow

96252c97-5794-4a37-8098-47d7545774d9.sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.66 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.42.29.166 (Luxembourg) 3 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 195.201.243.71 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: ingolstadt.aucourant.info

acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.69.74.8 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1290149.sapientru.net

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.163.17.245 (Russian Federation) 1 redirects

ASN49505 (SELECTEL, RU)

mitdmp.whiteboxdigital.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.66.147.168 (St Petersburg, Russian Federation) 2 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-168-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.87.44.187 (Moscow, Russian Federation) 1 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.172.81.160 (Muehlheim am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.190.76.45 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: hosting.adhigh.net

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::158 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

storage.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::2:94 (Moscow, Russian Federation) 1 redirects

ASN208722 (YNDX, FI)

strm.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:978:7401:1::37 (United States)

ASN174 (COGENT-174, US)

ext-strm-cogent17.strm.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	yandex.ru 14 redirects yandex.ru — Cisco Umbrella Rank: 1452 an.yandex.ru — Cisco Umbrella Rank: 3286 mc.yandex.ru — Cisco Umbrella Rank: 2853 ysa-static.passport.yandex.ru — Cisco Umbrella Rank: 26784 jstracer.yandex.ru — Cisco Umbrella Rank: 25901 strm.yandex.ru — Cisco Umbrella Rank: 20203	313 KB
24	yandex.net avatars.mds.yandex.net — Cisco Umbrella Rank: 7868 favicon.yandex.net — Cisco Umbrella Rank: 11537 storage.mds.yandex.net — Cisco Umbrella Rank: 23679 ext-strm-cogent17.strm.yandex.net — Cisco Umbrella Rank: 296978	1 MB
20	flibusta.life read3.w1.flibusta.life	168 KB
12	doubleclick.net 8 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 197 googleads.g.doubleclick.net — Cisco Umbrella Rank: 46	7 KB
9	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 25627	3 KB
9	yastatic.net yastatic.net — Cisco Umbrella Rank: 6518	359 KB
6	google.se www.google.se — Cisco Umbrella Rank: 20475	1000 B
6	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 13	1 KB
4	betweendigital.com 3 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1818	3 KB
3	googleadservices.com 2 redirects www.googleadservices.com — Cisco Umbrella Rank: 106	16 KB
3	mts.ru 3 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 34403 tech.rtb.mts.ru — Cisco Umbrella Rank: 35053	2 KB
3	acint.net 3 redirects acint.net — Cisco Umbrella Rank: 28552	1 KB
3	upravel.com 3 redirects sync.upravel.com — Cisco Umbrella Rank: 33494 96252c97-5794-4a37-8098-47d7545774d9.sync.upravel.com	2 KB
3	weborama.fr 3 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 10065	593 B
3	semantiqo.com 2 redirects sonar.semantiqo.com — Cisco Umbrella Rank: 60595	1 KB
3	yadro.ru 2 redirects counter.yadro.ru — Cisco Umbrella Rank: 8294	2 KB
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 10726	811 B
2	hybrid.ai dm.hybrid.ai — Cisco Umbrella Rank: 6197	475 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 205	2 KB
2	1dmp.io 2 redirects sync.1dmp.io — Cisco Umbrella Rank: 12235	1018 B
2	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 13701	1 KB
2	rutarget.ru 2 redirects yandex-dmp-sync.rutarget.ru — Cisco Umbrella Rank: 77092 yandex-sync.rutarget.ru — Cisco Umbrella Rank: 77216	847 B
2	digitaltarget.ru 2 redirects dmg.digitaltarget.ru — Cisco Umbrella Rank: 24900	1 KB
2	adriver.ru ssp.adriver.ru — Cisco Umbrella Rank: 13446	402 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 11367	203 B
1	bumlam.com sync.bumlam.com — Cisco Umbrella Rank: 2736	390 B
1	whiteboxdigital.ru 1 redirects mitdmp.whiteboxdigital.ru — Cisco Umbrella Rank: 30411	785 B
1	sape.ru 1 redirects ssp-rtb.sape.ru — Cisco Umbrella Rank: 37547	631 B
1	opera.com t.adx.opera.com — Cisco Umbrella Rank: 5658	410 B
1	tns-counter.ru 1 redirects cm.tns-counter.ru — Cisco Umbrella Rank: 81631	387 B
1	rambler.ru 1 redirects profile.ssp.rambler.ru — Cisco Umbrella Rank: 17609	244 B
1	magnitent.com 1 redirects sync.magnitent.com — Cisco Umbrella Rank: 213434	780 B
1	caltat.com 1 redirects cdn3.caltat.com — Cisco Umbrella Rank: 144908	335 B
133	33

	Domain	Requested by
54	an.yandex.ru	12 redirects yandex.ru read3.w1.flibusta.life
20	read3.w1.flibusta.life	read3.w1.flibusta.life
11	favicon.yandex.net
10	avatars.mds.yandex.net
9	mc.yandex.com	2 redirects mc.yandex.ru
9	yastatic.net	yandex.ru yastatic.net read3.w1.flibusta.life
6	www.google.se
6	www.google.com	2 redirects
6	googleads.g.doubleclick.net	2 redirects www.googleadservices.com
6	cm.g.doubleclick.net	6 redirects
4	ads.betweendigital.com	3 redirects
3	www.googleadservices.com	2 redirects yastatic.net
3	acint.net	3 redirects
3	redirect.frontend.weborama.fr	3 redirects
3	sonar.semantiqo.com	2 redirects
3	mc.yandex.ru	1 redirects yandex.ru yastatic.net
3	counter.yadro.ru	2 redirects read3.w1.flibusta.life
2	storage.mds.yandex.net	yastatic.net
2	px.adhigh.net	2 redirects
2	sm.rtb.mts.ru	2 redirects
2	sync.upravel.com	2 redirects
2	dm.hybrid.ai
2	dpm.demdex.net	1 redirects
2	sync.1dmp.io	2 redirects
2	x01.aidata.io	2 redirects
2	dmg.digitaltarget.ru	2 redirects
2	ssp.adriver.ru
2	yandex.ru	read3.w1.flibusta.life yastatic.net
1	ext-strm-cogent17.strm.yandex.net
1	strm.yandex.ru	1 redirects
1	jstracer.yandex.ru	yastatic.net
1	s.uuidksinc.net	1 redirects
1	sync.bumlam.com
1	tech.rtb.mts.ru	1 redirects
1	mitdmp.whiteboxdigital.ru	1 redirects
1	ssp-rtb.sape.ru	1 redirects
1	t.adx.opera.com
1	96252c97-5794-4a37-8098-47d7545774d9.sync.upravel.com	1 redirects
1	cm.tns-counter.ru	1 redirects
1	profile.ssp.rambler.ru	1 redirects
1	yandex-sync.rutarget.ru	1 redirects
1	yandex-dmp-sync.rutarget.ru	1 redirects
1	sync.magnitent.com	1 redirects
1	cdn3.caltat.com	1 redirects
1	ysa-static.passport.yandex.ru
133	45

This site contains links to these domains. Also see Links.

Domain
booktracker.org
www.torproject.org
flibustahezeous3.onion
geti2p.net
flibusta.i2p
zmw2cyw2vj7f6obx3msmdvdepdhnw2ctc4okza2zjxlukkdfckhq.b32.i2p
emercoin.com
www.opennicproject.org
rublacklist.net
flisland.net
librusec.ucoz.de
twitter.com
www.rba.ru
play.google.com
fbsearch.ru
openid.net
libgen.lc
sci-hub.se
z-lib.org
cyberleninka.ru
magzdb.org
www.liveinternet.ru

Subject Issuer	Validity	Valid
yandex.ru Yandex CA	`2021-08-30` - `2022-02-28`	6 months	crt.sh
*.yastatic.net Yandex CA	`2021-08-18` - `2022-02-16`	6 months	crt.sh
bs.yandex.ru Yandex CA	`2021-11-17` - `2022-05-18`	6 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
avatars.mds.yandex.net Yandex CA	`2021-08-31` - `2022-03-01`	6 months	crt.sh
favicon.yandex.net Yandex CA	`2021-11-23` - `2022-04-24`	5 months	crt.sh
ysa-static.passport.yandex.net Yandex CA	`2021-08-21` - `2022-02-19`	6 months	crt.sh
*.adriver.ru RapidSSL RSA CA 2018	`2020-04-03` - `2022-04-24`	2 years	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
*.bumlam.com R3	`2021-12-08` - `2022-03-08`	3 months	crt.sh
storage.yandex.net Yandex CA	`2021-08-31` - `2022-03-01`	6 months	crt.sh
jstracer.yandex.ru Yandex CA	`2021-11-17` - `2022-05-18`	6 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.se GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh

This page contains 4 frames:

Primary Page: http://read3.w1.flibusta.life/
Frame ID: 48DA0FE5725CF63A5B7864C16C5F86AB
Requests: 72 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: ED9D6ED4711B73DFFBFDCC16DF2CADAA
Requests: 53 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/protected/render.html
Frame ID: 1420EE0A09A7A84D30CF4BB9474EE568
Requests: 2 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/protected/render.html
Frame ID: F4F94523570D0285B02BE59FC6FF7335
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Флибуста | Книжное братство

Detected technologies

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

133
Requests

64 %
HTTPS

36 %
IPv6

33
Domains

45
Subdomains

23
IPs

8
Countries

2026 kB
Transfer

4005 kB
Size

56
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: http://booktracker.org/
Title: [Книжный торрент]

Search URL Search Domain Scan URL

URL: https://www.torproject.org/projects/torbrowser.html.en
Title: TOR

Search URL Search Domain Scan URL

URL: http://flibustahezeous3.onion/
Title: http://flibustahezeous3.onion

Search URL Search Domain Scan URL

URL: https://geti2p.net/download_ru.html
Title: I2P

Search URL Search Domain Scan URL

URL: http://flibusta.i2p/
Title: http://flibusta.i2p

Search URL Search Domain Scan URL

URL: http://zmw2cyw2vj7f6obx3msmdvdepdhnw2ctc4okza2zjxlukkdfckhq.b32.i2p/
Title: http://zmw2cyw2vj7f6obx3msmdvdepdhnw2ctc4okza2zjxlukkdfckhq.b32.i2p

Search URL Search Domain Scan URL

URL: http://emercoin.com/
Title: EmerCoin

Search URL Search Domain Scan URL

URL: https://www.opennicproject.org/
Title: OpenNIC

Search URL Search Domain Scan URL

URL: https://rublacklist.net/12118/
Title: описание

Search URL Search Domain Scan URL

URL: http://flisland.net/
Title: http://flisland.net

Search URL Search Domain Scan URL

URL: http://librusec.ucoz.de/forum/26
Title: http://librusec.ucoz.de/forum/26

Search URL Search Domain Scan URL

URL: https://twitter.com/flibusta
Title: https://twitter.com/flibusta

Search URL Search Domain Scan URL

URL: http://www.rba.ru/content/about/doc/codex.php
Title: в отношениях с коллегами библиотекарь – способствует профессиональному становлению молодых кадров; (из Кодекса этики российского библиотекаря)

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.eddypcz.dnschanger
Title: https://play.google.com/store/apps/details?id=com.eddypcz.dnschanger

Search URL Search Domain Scan URL

URL: http://fbsearch.ru/
Title: Полнотекстовый поиск по книгам

Search URL Search Domain Scan URL

URL: https://openid.net/
Title: Что такое OpenID?

Search URL Search Domain Scan URL

URL: http://libgen.lc/
Title: Научная литература

Search URL Search Domain Scan URL

URL: http://sci-hub.se/
Title: Научные статьи

Search URL Search Domain Scan URL

URL: http://libgen.lc/foreignfiction/
Title: Иностранная литература

Search URL Search Domain Scan URL

URL: https://z-lib.org/
Title: Z-Library

Search URL Search Domain Scan URL

URL: https://cyberleninka.ru/
Title: Киберленинка

Search URL Search Domain Scan URL

URL: http://libgen.lc/comics/
Title: Архив комиксов

Search URL Search Domain Scan URL

URL: http://magzdb.org/
Title: Вся периодика мира

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click;flibusta_life

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://counter.yadro.ru/hit;flibusta_life?t45.1;r;s1600*1200*24;uhttp%3A//read3.w1.flibusta.life/;h%u0424%u043B%u0438%u0431%u0443%u0441%u0442%u0430%20%7C%20%u041A%u043D%u0438%u0436%u043D%u043E%u0435%20%u0431%u0440%u0430%u0442%u0441%u0442%u0432%u043E;0.7428744501743791 HTTP 302
https://counter.yadro.ru/hit;flibusta_life?q;t45.1;r;s1600*1200*24;uhttp%3A//read3.w1.flibusta.life/;h%u0424%u043B%u0438%u0431%u0443%u0441%u0442%u0430%20%7C%20%u041A%u043D%u0438%u0436%u043D%u043E%u0435%20%u0431%u0440%u0430%u0442%u0441%u0442%u0432%u043E;0.7428744501743791

Request Chain 47

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9530.mEaHxlXcfhn_U6c4Nx6YBNRValiNdo7JD0vL56_MRY-nmn-_QB0_ap4Chq_ejvad.9fF6tJ-PUO9mcJTg3A8RJD9011E%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9530.7eEjKRKWyn7G_XT8c8OmZV-_UQarCkguQHPzTo5x5e37zVtyqNSnYfMMyGfknII6n-8AkLqHopKeKjEvqdHLNDXPZ_4wDBaNCxgXVIO5SP0%2C.L-O0_Sk4VMUp7Ly8dB7HTvOG_Tk%2C

Request Chain 50

https://sonar.semantiqo.com/dmp/scr.php HTTP 302
https://counter.yadro.ru/id127/reff-id.gif?sid=9977ac5191f4407ab2465bed7ed1eb63 HTTP 302
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=5A9FBD0828BFC1D1&sid=9977ac5191f4407ab2465bed7ed1eb63 HTTP 302
https://cdn3.caltat.com/fbfc504c-89b0-4a80-bef4-c8e39daeee6f/sess.php?sid=9977ac5191f4407ab2465bed7ed1eb63&spid=5A9FBD0828BFC1D1&v= HTTP 302
https://sync.magnitent.com/fbfli/ct_sync.php?ct=5da1de2981a449e59c8f71f24346907a&sonar=9977ac5191f4407ab2465bed7ed1eb63&spid=5A9FBD0828BFC1D1&v= HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fsonar.semantiqo.com%2F983we%2Fspixel.php%3Fsid%3D9977ac5191f4407ab2465bed7ed1eb63%26c%3D5da1de2981a449e59c8f71f24346907a%26w%3D={WEBO_CID} HTTP 302
https://sonar.semantiqo.com/983we/spixel.php?sid=9977ac5191f4407ab2465bed7ed1eb63&c=5da1de2981a449e59c8f71f24346907a&w==u8R2I8h/fhfS6vUc5ABTye

Request Chain 52

https://dmg.digitaltarget.ru/1/119/i/i?i=1643248216 HTTP 307
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&i=1643248216 HTTP 307
https://an.yandex.ru/mapuid/dmpamberdata/1dTPjKr5qGwuFMb755JD

Request Chain 53

https://yandex-dmp-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/dmpsegmento/B8JBZkt4Kr8T?sign=1257837134

Request Chain 54

https://yandex-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/rutargetis/nYaXkaJcue09

Request Chain 55

https://x01.aidata.io/0.gif?pid=YANDEX HTTP 302
https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1 HTTP 302
https://an.yandex.ru/mapuid/dmpaidatame/dnzWAzZHsDJ8vL69Lf5iww?sign=91824381

Request Chain 56

https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au HTTP 302
https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au&cs=1 HTTP 302
https://an.yandex.ru/mapuid/dmpcleverdata/7a585c00-7f13-11ec-a15e-901b0e8d6a9d?sign=3604832273

Request Chain 57

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID} HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=1128147264 HTTP 302
https://an.yandex.ru/mapuid/dmpweborama/u8R2I8h/fhfS6vUc5ABTye

Request Chain 58

https://profile.ssp.rambler.ru/sync3.302?pid=188 HTTP 302
https://an.yandex.ru/mapuid/ramblerssp/

Request Chain 59

https://an.yandex.ru/mapuid/adobedmp/ HTTP 302
https://an.yandex.ru/mapuid/adobedmp/?redir-setuniq=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=38547ABD34D4B69E HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=38547ABD34D4B69E

Request Chain 61

https://cm.tns-counter.ru/yacm HTTP 302
https://an.yandex.ru/mapuid/mediascope/30ae9a103dc781bb34e2984cd90990e4d6a5db77f2f1165243276bbdc524cb84

Request Chain 62

https://sync.upravel.com/yandex/sync HTTP 302
https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
https://96252c97-5794-4a37-8098-47d7545774d9.sync.upravel.com/yandex/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIiwiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
https://an.yandex.ru/mapuid/upravelis/96252c97-5794-4a37-8098-47d7545774d9

Request Chain 63

https://an.yandex.ru/mapuid/google/?partner-tag=yandex_llc HTTP 302
https://an.yandex.ru/mapuid/google/?redir-setuniq=1&partner-tag=yandex_llc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=32D44C1A4DBC48C0&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=32D44C1A4DBC48C0&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc= HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 64

https://an.yandex.ru/mapuid/google/?partner-tag=yandexcom HTTP 302
https://an.yandex.ru/mapuid/google/?redir-setuniq=1&partner-tag=yandexcom HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=3E1F99CE95FF99DD&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=3E1F99CE95FF99DD&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc= HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 65

https://an.yandex.ru/mapuid/google/?partner-tag=yandexru HTTP 302
https://an.yandex.ru/mapuid/google/?redir-setuniq=1&partner-tag=yandexru HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=32D44C1A4DBC48C0&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=32D44C1A4DBC48C0&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc= HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 66

https://an.yandex.ru/mapuid/operacom/ HTTP 302
https://an.yandex.ru/mapuid/operacom/?redir-setuniq=1 HTTP 302
https://t.adx.opera.com/sync?vendor=60143&uid=5A515CFCAB646F96

Request Chain 67

https://an.yandex.ru/mapuid/betweenx/ HTTP 302
https://an.yandex.ru/mapuid/betweenx/?redir-setuniq=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=EA2E74BA1E646FE9 HTTP 302
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=EA2E74BA1E646FE9&crf=1

Request Chain 68

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F%24%7BUSER_ID%7D HTTP 302
https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F$%7BUSER_ID%7D&dp=151&tc=1 HTTP 302
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252FSAPEis%252F$%257BUSER_ID%257D&dp=14 HTTP 302
https://acint.net/rmatch?dp=14&euid=0100007F59FAF1612200D0BD02D08628&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F$%7BUSER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/SAPEis/0100007F59FAF1618E06025A023357C9

Request Chain 69

https://mitdmp.whiteboxdigital.ru/pixel?id=a&source=yandex&redirect=false&href=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fqbitis%2F%7Bmiid%7D HTTP 302
https://an.yandex.ru/mapuid/qbitis/ff1d463c-fe03-4b6f-8432-b0c29db2f699

Request Chain 70

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1 HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/1c824dfd-16a9-511b-8cc8-0065ed39fa3c

Request Chain 71

https://sm.rtb.mts.ru/p?ssp=yandex&id=map HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=55&exu=map HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=73b99467-ce5b-465a-b257-23699a99dc5a&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2F73b99467-ce5b-465a-b257-23699a99dc5a HTTP 302
https://an.yandex.ru/mapuid/mtsdspis/73b99467-ce5b-465a-b257-23699a99dc5a

Request Chain 75

https://s.uuidksinc.net/match/501 HTTP 302
https://an.yandex.ru/mapuid/kadamis/sKiUQbO8RBoSg03J71S8

Request Chain 76

https://px.adhigh.net/p/cm/yandexssp HTTP 302
https://px.adhigh.net/p/cm/yandexssp?bounced=1 HTTP 302
https://an.yandex.ru/mapuid/getintentis/5nUqkegvElc.AikABlF-mTnwIw

Request Chain 80

https://mc.yandex.com/watch/1382009?wmode=7&page-url=http%3A%2F%2Fread3.w1.flibusta.life%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf3qo6c2s0fzz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A1348501032325%3Ahid%3A43829942%3Az%3A0%3Ai%3A20220127015017%3Aet%3A1643248217%3Ac%3A1%3Arn%3A296339024%3Au%3A1643248217364115213%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1643248216283%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643248218%3At%3A%D0%A4%D0%BB%D0%B8%D0%B1%D1%83%D1%81%D1%82%D0%B0%20%7C%20%D0%9A%D0%BD%D0%B8%D0%B6%D0%BD%D0%BE%D0%B5%20%D0%B1%D1%80%D0%B0%D1%82%D1%81%D1%82%D0%B2%D0%BE&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/1382009/1?wmode=7&page-url=http%3A%2F%2Fread3.w1.flibusta.life%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf3qo6c2s0fzz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A1348501032325%3Ahid%3A43829942%3Az%3A0%3Ai%3A20220127015017%3Aet%3A1643248217%3Ac%3A1%3Arn%3A296339024%3Au%3A1643248217364115213%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1643248216283%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643248218%3At%3A%D0%A4%D0%BB%D0%B8%D0%B1%D1%83%D1%81%D1%82%D0%B0%20%7C%20%D0%9A%D0%BD%D0%B8%D0%B6%D0%BD%D0%BE%D0%B5%20%D0%B1%D1%80%D0%B0%D1%82%D1%81%D1%82%D0%B2%D0%BE&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 101

https://strm.yandex.ru/vh-canvas-converted/vod-content/2863854409032195545/b3274d4f-2f258e59-bf6d7b00-1ebb2875/webm/VP9_240_426_400.webm?sid=94f538eb3e8a51494c261520cdb5d67db3847ffe654608ce56d136df1b0221ab&vsid=9d12087882c41eeddea529f7667ee2b76403b98bce45xVASx0NaNx1643248217 HTTP 302
https://ext-strm-cogent17.strm.yandex.net/vh-canvas-converted/vod-content/2863854409032195545/b3274d4f-2f258e59-bf6d7b00-1ebb2875/webm/VP9_240_426_400.webm?sid=94f538eb3e8a51494c261520cdb5d67db3847ffe654608ce56d136df1b0221ab&vsid=9d12087882c41eeddea529f7667ee2b76403b98bce45xVASx0NaNx1643248217&noredir=1&lid=1503

Request Chain 113

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=W_rxYY3eHa6rx_AP1aqo2Ak&random=858669340&sscte=1&crd=CNPgGw HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=858669340&crd=CNPgGw&is_vtc=1&random=83950293 HTTP 302
https://www.google.se/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=858669340&crd=CNPgGw&is_vtc=1&random=83950293&ipr=y

Request Chain 114

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=W_rxYeHgHeGy-gaUybjoCA&random=430365479&sscte=1&crd=CNPgGw HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=430365479&crd=CNPgGw&is_vtc=1&random=1709372091 HTTP 302
https://www.google.se/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=430365479&crd=CNPgGw&is_vtc=1&random=1709372091&ipr=y

133 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
read3.w1.flibusta.life/ 46 KB
14 KB 57ms
29ms Document
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://read3.w1.flibusta.life/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 44c548ce886d60087d56dd617387840c8eadbcf7778d2e0f0cf90056202ca998

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Thu, 27 Jan 2022 01:50:16 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.1.33
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: max-age=86400, must-revalidate
pragma: no-cache
CF-Cache-Status: HIT
Age: 1486230
Last-Modified: Sun, 09 Jan 2022 20:59:46 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c819R03hdsGk0zROBrJ6ILCRYeVi%2FrEDQ5nyGC8zHaL5pB14mQQQSBPxDC0fYgpP8t6WDi7XMqM%2BZydMpLVRB%2FebqyqMcJVL1MgGRO6aoEf8N5TalaR6dT8zBtRbPrU7pUzvlXacGDOXg%2F8H64o9RfmgzfQG"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6d3e54480d215c50-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK css_541b6da58ae4dff17f932324504056f9.css
read3.w1.flibusta.life/sites/default/files/css/ 25 KB
7 KB 25ms
25ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 361840fbee3b0726b5f0f5bbfe37e13bdab8c3c873d643a45b56c5e37c8d2a86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 01:50:16 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 56939
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
Last-Modified: Wed, 26 Jan 2022 10:01:17 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2NGwiVqJPjTqV3MvZTPMitbEkX41%2BCjnn3M0Zx%2B7zG2ZiRMIAfSGQbXFY64STeDShb2MwlwoUVmpzxxkqMOmUDprwNCadvQezE7QTgCPr42QYFLYAqrsWcJoAXCa1r68k0WYWC7lWLsViD2xL1iiJGYom3h"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css;charset=UTF-8
cache-control: max-age=86400, must-revalidate
CF-RAY: 6d3e54484d805c50-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK js_65bd89c41ff1e065c43cc27e23c28553.js Show response
read3.w1.flibusta.life/sites/default/files/js/ 127 KB
44 KB 327ms
307ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://read3.w1.flibusta.life/sites/default/files/js/js_65bd89c41ff1e065c43cc27e23c28553.js
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: fca8ff51021749135f2cc6ba7a37015baa645de15908d1d318a1e376a3d376de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 01:50:16 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
Last-Modified: Thu, 27 Jan 2022 01:50:16 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzwIFwDivQhEQXQ8Fnup%2Bi8HD0j87gzmzCx5qaT3N%2FFPxoucItdeMsPO5e8KJzN9pMUei8rcw0Wp%2BT8SURlDQq%2Ftlu6Z8a5OCXi6YhTVA2RG517QwTkSrpsyPN%2FnXODiVmqscWaITpJAxDlQ9hKLgJ866sY4"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
cache-control: max-age=86400, must-revalidate
CF-RAY: 6d3e54486fbb6943-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 274 KB
75 KB 152ms
51ms Script
text/javascript 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

07be557a3a676be33ac207afef9c11e7bee39cb5721214d0d608f2de6630f6ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1643248216510029-13595112292966730269-man1-2699-cc0-man-l7-balancer-8080-BAL-563
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 27 Jan 2022 02:50:16 GMT

GET
H/1.1 200
OK bluebreeze_logo.png
read3.w1.flibusta.life/sites/default/files/ 13 KB
14 KB 24ms
24ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read3.w1.flibusta.life/sites/default/files/bluebreeze_logo.png
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 6ebb99f44b593382de6cfbf5a66e1e4eb5f56c4061dcbb889c4e741bda853cb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 01:50:16 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 56938
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
Last-Modified: Wed, 26 Jan 2022 10:01:18 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G2JJ8bY%2B%2B3NrD3vG%2BJiMBUbgmRJKc7HNqNHDM35xDKfFlYPlNkhnVwwICuhjDmv8jYdQjHqS0Wm%2BgH53sZOFjw290haNKfS3T5pjTmPggt1wYnnEHn9%2B7ut%2FcWmiwIK9YsB62HeWeZJPd8xZ2jdZmjRAfnS9"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
cache-control: max-age=86400, must-revalidate
CF-RAY: 6d3e544a185c5c50-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK picture-4.png
read3.w1.flibusta.life/sites/default/files/pictures/ 12 KB
13 KB 176ms
176ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read3.w1.flibusta.life/sites/default/files/pictures/picture-4.png
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: f7844bcc00975226e4717968b1e3b6ac0ba2b6b5010fb73fa0872caf46e03a1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 01:50:16 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
Last-Modified: Thu, 27 Jan 2022 01:50:16 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2FuHT9TtCxz2wxK4FRc1Tq1wAVzQCDWeSTLSqWXGOrBqqDc44InJ0aXLAq9sSMSnayseU%2Brt0Y4ojR07VmEos%2B1%2Bbi7Azd5bV06N6VUC61%2Br4pWXtahvrt2elSgRegFGN2oBWTJ3qunWN4FHFMjP3MDAdCKZ"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
cache-control: max-age=86400, must-revalidate
CF-RAY: 6d3e544a488d5c50-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK picture-8052.jpg
read3.w1.flibusta.life/sites/default/files/pictures/ 2 KB
3 KB 190ms
190ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read3.w1.flibusta.life/sites/default/files/pictures/picture-8052.jpg
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: a16c80c7292600c1a4b6d6bd3b855f260d288a969b2fed1b604d8dd11cbdd2c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 01:50:16 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
Last-Modified: Thu, 27 Jan 2022 01:50:16 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eVOPtiSu%2B615l66kR6MmPE8Fx9bZVo7LgxKeFua9V07DyOShxXbD2L1uuY8fAEwA091er8WEgjxhcXyUbJPVrGCJ3GJCgF2CAxdA%2Fs%2FIDH%2BiW9cnONWEHUPreI2HDBFyQgzKM%2FDiAH4mvzcAI1dfcwuuRVog"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
cache-control: max-age=86400, must-revalidate
CF-RAY: 6d3e544a7a936943-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK picture-2215.png
read3.w1.flibusta.life/sites/default/files/pictures/ 10 KB
10 KB 197ms
179ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read3.w1.flibusta.life/sites/default/files/pictures/picture-2215.png
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 21df33fec94d7aeb3a5eea73af3f7400d4490ac3600e815b3fd4f7e140293c48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 01:50:16 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
Last-Modified: Thu, 27 Jan 2022 01:50:16 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OaIbdiAfJiiKDup6JAVqEsuGdw%2BeZ3MtqMBlFltBwNOB22RdA%2FIvAZG4oOyR66ARBb48FgQyc94%2FTZCq7jb4YSRSzOuvA18Wxcxm84Fb%2FqFYEdFxD9ZBaQgSDLRxogG9K0cDTHrM8vxnGwyscp7UhqP3i5Ln"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
cache-control: max-age=86400, must-revalidate
CF-RAY: 6d3e544a99e15c26-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK picture-37400.jpg
read3.w1.flibusta.life/sites/default/files/pictures/ 3 KB
4 KB 223ms
204ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read3.w1.flibusta.life/sites/default/files/pictures/picture-37400.jpg
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 1ee1d4d5e0181085e4c9dc650aa13998647fd50518bb1ec829020af4836aacc2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 01:50:16 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
Last-Modified: Thu, 27 Jan 2022 01:50:16 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9xpIHkqGKIQE%2B1AOQd9hQVyxdPaPzr%2FtX3eFslT3FcBN9zU7gWBVFzjW7ChHu92mwA257c1MDE8OCf%2FeJvGPfR%2Bo%2BxeuA6DmRKpX595k6yllOOiuEfIgZiw1PPq1TVMY7EmuVI3PiP3lzL5UkzX7GCen%2FokH"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
cache-control: max-age=86400, must-revalidate
CF-RAY: 6d3e544a9ca66919-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK picture-7176.jpg
read3.w1.flibusta.life/sites/default/files/pictures/ 2 KB
3 KB 366ms
217ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read3.w1.flibusta.life/sites/default/files/pictures/picture-7176.jpg
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: e6c8d2640f24dd5bb4966e5b9d5d5164059cde1c3144f8489970fe5a4c0a1b70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 01:50:17 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
Last-Modified: Thu, 27 Jan 2022 01:50:17 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRV4IXflf2Tn6%2F0Zibo4Y13pAb6IP0yBNCTbqzvefNTQM6bLa%2B3rTJVrA7onfeOqMj5O2761yGrKR%2BojgFfhh2zIMmgacrmCXz5RucsmD0ekdqFZ%2BsqfpLJiZ1tQqqFAbcTGYJHJY8oaq7W82F3DAhbMxCrK"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
cache-control: max-age=86400, must-revalidate
CF-RAY: 6d3e544b7a915c50-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK picture-124185.gif
read3.w1.flibusta.life/sites/default/files/pictures/ 4 KB
5 KB 350ms
191ms Image
image/gif 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read3.w1.flibusta.life/sites/default/files/pictures/picture-124185.gif
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: c6798c82e7e67e7733858912d2a7f6a6bb46edfbc5fb274d4b7202156bd9f489

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 01:50:17 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
Last-Modified: Thu, 27 Jan 2022 01:50:17 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EwShU3bkS%2BrvB4G0MvJ6uy%2BFfepIngiIiL8Y%2BSYbHS%2FwQmt1NG37bXDUGR7lBGXPY22H7yR3uOTxUIlq7gx88cjCzy8pktQcsYE1Bg4%2FyEojhpAPjx9IpQOzwog2mEFkSWZWUnCprVl%2FXyOItKx9I02S6E%2FI"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
cache-control: max-age=86400, must-revalidate
CF-RAY: 6d3e544b89e06969-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK bg-header.gif
read3.w1.flibusta.life/themes/bluebreeze/images/ 40 KB
41 KB 38ms
34ms Image
image/gif 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read3.w1.flibusta.life/themes/bluebreeze/images/bg-header.gif
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: d5382a54699a1e6984f8d16c12b2874c57d7da68e7dc4999a2423cbe1f56a419

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 01:50:16 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 717534
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
Last-Modified: Tue, 18 Jan 2022 18:31:22 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sY3YHHey28zGWsQO1s%2FpdjsKXLsNbYOgezpbluH49ZKFBorQfahQTN5IyuHKfjMHjyWab8ghRSiohAkdO3%2Fy4fUZ1AluvmZHNatyrRmX8FU6eq5tZCtHHPALB1WYbIk3sPkEp5XkaIE5aBezSIFL4p6RS%2Fw9"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
cache-control: max-age=86400, must-revalidate
CF-RAY: 6d3e544a98606969-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK bg-primary.gif
read3.w1.flibusta.life/themes/bluebreeze/images/ 146 B
987 B 34ms
29ms Image
image/gif 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read3.w1.flibusta.life/themes/bluebreeze/images/bg-primary.gif
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: dfcea52ba20178b53f04aa15dd3ac627061def92702459e3afdf5dc2910138a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 01:50:16 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 36895
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
Last-Modified: Wed, 26 Jan 2022 15:35:21 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZCavi7dC0INNn5IwMiPNazD%2BTWuNyvILn%2B2Bm9%2FalaD0haoNvKoHZLRultN%2FVQEdXwyVPguQvVxJMIaYD%2F%2FPqCGCns3G7z3TjKTX3evSWjsZRIkGpsgGJZqMfcd%2B0BWP3FEuNi05T%2BdiW1R7KK6JLJAVI9%2BU"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
cache-control: max-age=86400, must-revalidate
CF-RAY: 6d3e544a9a2a5c44-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 a2afe70273a8dbcb9f25.js Show response
yastatic.net/partner-code-bundles/53193/ 13 KB
5 KB 133ms
42ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/53193/a2afe70273a8dbcb9f25.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

1006cd4ad1bf8d42c932551ed187ef709087d51d87bcac6cf76ed5699d0a3b7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://read3.w1.flibusta.life/
Origin: http://read3.w1.flibusta.life
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 01:50:16 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4460
last-modified: Wed, 26 Jan 2022 20:52:08 GMT
server: nginx/1.17.9
etag: "debfa2a6690900ecdcadec53627b36b9"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2052 08:26:11 GMT

GET
H2 200 7f9289f2d1d0be471e13.js Show response
yastatic.net/partner-code-bundles/53193/ 80 KB
17 KB 178ms
88ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/53193/7f9289f2d1d0be471e13.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

eb1844fcc4bf1d62b69602a2b0b49b3b1e4628aaeecb4b571dce11ed044f922c

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://read3.w1.flibusta.life/
Origin: http://read3.w1.flibusta.life
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 01:50:16 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 17022
last-modified: Wed, 26 Jan 2022 20:52:08 GMT
server: nginx/1.17.9
etag: "4dbefc342177d8194c5581ef6c33d940"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2052 08:26:12 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 243ms
154ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://read3.w1.flibusta.life/
Origin: http://read3.w1.flibusta.life
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 01:50:16 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2052 08:24:57 GMT

GET
H2 200 7f018a2f010d0d47a0e0.js Show response
yastatic.net/partner-code-bundles/53193/ 588 KB
121 KB 196ms
110ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/53193/7f018a2f010d0d47a0e0.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e0c7f5b629e296373b39fb59394961426f3d4f1cdfc967d2254ba342d507eb97

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://read3.w1.flibusta.life/
Origin: http://read3.w1.flibusta.life
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 01:50:16 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 123009
last-modified: Wed, 26 Jan 2022 20:52:08 GMT
server: nginx/1.17.9
etag: "1f07e836bec7ce5aceb3ca3b060242d8"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2052 08:26:12 GMT

GET
H/1.1 200
OK bg-mission.gif
read3.w1.flibusta.life/themes/bluebreeze/images/ 336 B
1 KB 207ms
203ms Image
image/gif 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read3.w1.flibusta.life/themes/bluebreeze/images/bg-mission.gif
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 1a86cb3bd758183ce508342c916aa1320293d578fb6d7f327393bd6470c6fc86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 01:50:16 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
Last-Modified: Thu, 27 Jan 2022 01:50:16 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3kRAGqQpymU6eiElQFfXEMQsNgw08mIPPKGqPw9dRo27vLi7zOf27exiTcdvy6kTTZt%2FbrE1M3fB86LzRsChZniQN1v45jFyHBx3eBvj8ce0WGHX7SVptofbUnrhmGIzRfK3IYTWx9QadU%2FSMbNTOBWS4iMv"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
cache-control: max-age=86400, must-revalidate
CF-RAY: 6d3e544aca6e5c44-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK menu-leaf.gif
read3.w1.flibusta.life/themes/bluebreeze/images/ 175 B
1004 B 60ms
47ms Image
image/gif 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read3.w1.flibusta.life/themes/bluebreeze/images/menu-leaf.gif
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 913e0bff2ebdfd8aa46e82e8282910638f68fdb9f56f447f1f6b259f3fe5e539

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 01:50:16 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 21810
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
Last-Modified: Wed, 26 Jan 2022 19:46:46 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QNgVtE58DNJMlbLRmSWYJT6ujA2VP3NBdt1XkdM13zOE8o2VDSSyyyNA1wlypHG0rUPSyB3BSTXcTvUYBKE%2B%2FSyEmY66fgcwHGu%2BRacVbudQxAuMExhxbqHFbm62Vr1YmdttNsIR3pBInJ1C0TzKKzudjj7W"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
cache-control: max-age=86400, must-revalidate
CF-RAY: 6d3e544ad8a86969-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK mini-comment.png
read3.w1.flibusta.life/themes/bluebreeze/images/ 217 B
1 KB 181ms
180ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read3.w1.flibusta.life/themes/bluebreeze/images/mini-comment.png
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: d9c38ae14826741460e5075d62c883671e6d3ce12fdfaf8c0398b9cde962ddbd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 01:50:17 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
Last-Modified: Thu, 27 Jan 2022 01:50:17 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JxDNsyz6ecpXhvfQVcSxINCtfff8trLfuCI9echmdcUfflw3D76xdcF1pitJ5VjswdawPEPurXQzIY1svni06jjVzIcuIEZ69e2Hn5kHHi8WdoDU%2FDy45IhswgvUOBwLsyL742Z0Y53rnXOhuIMff28PdVqI"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
cache-control: max-age=86400, must-revalidate
CF-RAY: 6d3e544b9c6e6943-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK mini-readmore.png
read3.w1.flibusta.life/themes/bluebreeze/images/ 993 B
2 KB 189ms
189ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read3.w1.flibusta.life/themes/bluebreeze/images/mini-readmore.png
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 927d4a032e4576a8cca81944a5d1dc2983bb7f51bf771a4f16644970dadd084a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 01:50:17 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
Last-Modified: Thu, 27 Jan 2022 01:50:17 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5u0Wu7Ma3d3CpNVjDQKIQbp%2BsPbRCmkzJOqlV1e1XcPdp4fzj%2FNXRgd8K9swKZq0iQRRremG5QKfoStzbw1wTRBSaMlIc5Y9sbQjsskJiQ54buep%2Buk2nQC%2B3jcVuT4EWazmKSESvpi%2BY6wc%2Fviuxj4yRMOl"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
cache-control: max-age=86400, must-revalidate
CF-RAY: 6d3e544bbb525c26-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
DATA 200
OK truncated
/ 484 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef9ed4adcba4950bf4be0556283131eedd7c629de1821c8c3967c7f70d971596

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 1382009 Show response
an.yandex.ru/meta/ 148 KB
43 KB 345ms
243ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/1382009?target-ref=http%3A%2F%2Fread3.w1.flibusta.life%2F&charset=utf-8&pcode-test-ids=493330%2C0%2C23%3B496140%2C0%2C93%3B497320%2C0%2C12%3B487926%2C0%2C82%3B492918%2C0%2C37%3B488525%2C0%2C54%3B406668%2C0%2C20%3B497862%2C0%2C35%3B498788%2C0%2C-1%3B204314%2C0%2C11&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22VAS_LONG_EXP_FLAG_ENABLE_MEDIA_FILE_TYPE_PRIORITY_FACTOR_FOR_DESIRED_BITRATE%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22473613%22%7D%5D%2C%22VAS_LONG_EXP_FLAG_MEDIA_FILE_TYPE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%221%22%2C%22testId%22%3A%22473626%22%7D%5D%2C%22IGNORE_DESIRED_BITRATE_INAPP%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22479145%22%7D%5D%2C%22PCODE_DISABLE_VIDEO_IN_COMBO_BUTTON_DUPLICATION%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22483906%22%7D%5D%2C%22ENABLE_ACTION_PANEL_WITH_ARROW%22%3A%5B%7B%22value%22%3A%22EVERYWHERE%22%2C%22testId%22%3A%22483906%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22494893%22%2C%22testId%22%3A%22496031%22%7D%5D%2C%22VAS_ENABLE_AD_LABEL_OF_YANDEX_DIRECT%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22496222%22%7D%5D%2C%22VAS_OPEN_AD_INSTEAD_OF_AD_SYSTEM_BY_LABEL_CLICK%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22496222%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%2C257448%5D%2C%22testId%22%3A%22479101%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22472957%22%7D%5D%2C%22SHADOW_ROOT_OPEN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22476923%22%7D%5D%2C%22NEW_ADBLOCK_LOG%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22487621%22%7D%5D%2C%22COUNT_TO_XHR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22487824%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22487852%22%7D%5D%2C%22HTTPS_FOR_ADAPTERS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22496411%22%7D%5D%2C%22HIDE_VIDEO_IN_COMBO_ACTION_BUTTON_IF_THERE_ARE_CLICKABLE_ASSETS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22497916%22%7D%5D%2C%22ADSDKVER%22%3A%5B%7B%22value%22%3A%22497320%22%2C%22testId%22%3A%22497320%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22487926%22%7D%5D%2C%22INTERSTITIAL_TO_ADAPTIVE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22492918%22%7D%5D%2C%22PP_INTENT_URL%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22488525%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2253124%22%2C%22testId%22%3A%22497862%22%7D%2C%7B%22value%22%3A%2253178%22%2C%22testId%22%3A%22498788%22%7D%5D%7D&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=gULXMpI%2FvOOkmM0EiKxXx33BqpSecIhOQcbORP9HnSvKYSoP7wSWowJNKSFmIRDIPpDHv10dYKxZJQIItWQBl8JcKdQ%3D&imp-id=5&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=532764923265026&ad-session-id=4375621643248216738&target-id=63907890&tga-with-creatives=1&top-ancestor=http%3A%2F%2Fread3.w1.flibusta.life&top-ancestor-undetermined=0&pcode-version=53193&pcodever=53193&flash-ver=0&available-width=1600&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A99%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=1024&grab=dNCk0LvQuNCx0YPRgdGC0LAgfCDQmtC90LjQttC90L7QtSDQsdGA0LDRgtGB0YLQstC-CjEg0KTQu9C40LHRg9GB0YLQsCAKMiDQntCx0YnQsNGPINC40L3RhNC-0YDQvNCw0YbQuNGPIAoyINCb0Y7QtNC4INC60L7QtNCwIAoyICEhISDQotGA0LXQsdGD0Y7RgtGB0Y8gISEhICjRgtC10YXQvdC40YfQtdGB0LrQsNGPINGC0LXQvNCwKSAKMiBFUFVCL01PQkkgLSDQstGB0LUsINGH0YLQviDQstGLINGF0L7RgtC10LvQuCDQviDQvdC40YUg0LfQvdCw0YLRjC4gCjIg0J7QsdGF0L7QtCDQsdC70L7QutC40YDQvtCy0LrQuCDQtNC70Y8g0YPRgdGC0YDQvtC50YHRgtCyINC90LAgQW5kcm9pZCAKMiDQl9Cw0LTQsNGH0LAg0YLRgNC10YUg0YLQtdC7IAoyINCf0L7Qu9C90L7RgtC10LrRgdGC0L7QstGL0Lkg0L_QvtC40YHQuiAKMiDQotC10LwsINC60YLQviDQttC00LXRgiDQt9Cw0LLQtdGA0YjQsNGO0YnQuNC5INGA0L7QvNCw0L0g0YHQtdGA0LjQuCDQnS4g0KjRg9GB0YLQtdGA0LzQsNC90LAgItCe0LHRgNC10YfQtdC90L3Ri9C1INC90LAg0YDQsNGB0L_Qu9C10YLQtdC90LjQtSIsINC-0L3QuCDQttC1ICLQkdC10LPQu9C10YbRiyIsINC-0L3QuCDQttC1IFVud2luZCAKMiDQodCw0LzRi9C1INC30LDQv9C-0LzQuNC90LDRjtGJ0LXQtdGB0Y8g0LrQvdC40LPQuCAyMDE0INCz0L7QtNCwINCyINC20LDQvdGA0LUg0KTQsNC90YLQsNGB0YLQuNC60LAg0Lgg0KTQtdC90YLQtdC30LguIAoyINCg0Y3QvdCz0LAgCjIg0J_QvtC40YHQuiDQutC90LjQsyAK&uniformat=true&callback=Ya%5B6976349078994%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

2f69c88069fbb6487564bd7b9ecfd25e7c23165017f611aeaff47cf87b2b8b89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read3.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 27 Jan 2022 01:50:17 GMT
content-encoding: gzip
ssr: true
x-yandex-req-id: 1643248216911215-67356313901812755800258-production-app-host-sas-pcode-185
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 27 Jan 2022 01:50:17 GMT
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: http://read3.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
uniformat: true
expires: Thu, 27 Jan 2022 01:50:17 GMT

GET
H/1.1 200
OK login-bg.png
read3.w1.flibusta.life/modules/openid/ 223 B
1 KB 29ms
29ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read3.w1.flibusta.life/modules/openid/login-bg.png
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: d4247ed30734f69d609692cc4278b576470108373acc75ae3a5e4dba20457cf1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 01:50:16 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 21810
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
Last-Modified: Wed, 26 Jan 2022 19:46:46 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pf6SkXVKceeUdD5K0lhaCXPd77kMJLsPiiVbrh1ZWs5cBzEhYVDdzDIQZexPJtnGbIpK5EQnaPt%2BgoPnMFiZFFg8%2FEGT0fP705xwVkqgOMiHZCVCTP7ncT3TrD7DcK09qvaZIYVzmXtHZqlHL3n9EbPEzbrX"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
cache-control: max-age=86400, must-revalidate
CF-RAY: 6d3e544bee806919-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK menu-expanded.gif
read3.w1.flibusta.life/themes/bluebreeze/images/ 183 B
1012 B 66ms
28ms Image
image/gif 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read3.w1.flibusta.life/themes/bluebreeze/images/menu-expanded.gif
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: aa76185f417cf85d7029b35e3a6544d4495402e17f76a32633b5ba80a81faa26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 01:50:16 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 36865
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
Last-Modified: Wed, 26 Jan 2022 15:35:51 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b9D78HndTkEtc0TN0natHyRxb2Rz6rhcGZt5rVofy0UKFjZHYdDt662%2FmlpztrRzDUS9btXWHF8m8Znhw1jEblGliNOjgOe7wMnOpQhGTaLvL8xEVRQxbV1OD56v2FM%2BhBVri2JNtI9%2FYgumJ8fJtoL6hOtB"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
cache-control: max-age=86400, must-revalidate
CF-RAY: 6d3e544b29556969-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK menu-collapsed.gif
read3.w1.flibusta.life/themes/bluebreeze/images/ 176 B
1009 B 92ms
25ms Image
image/gif 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read3.w1.flibusta.life/themes/bluebreeze/images/menu-collapsed.gif
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: b4e545d7af5622814ef6da2f4aca4f1ce46077bb9c1641761c2398eaf661d8c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 01:50:16 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 36871
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
Last-Modified: Wed, 26 Jan 2022 15:35:45 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pWuqd5Om5%2FcgAyvuIL9Dg%2FssMLeCQlnbz0MVq5nMRzhmxdyGnu%2Bo01hQlc%2FCPxSNLlfcvwDLUysocIW6vdv05gdzzw7GYJJgXsrUfykIq4XdG4t6cUMn8Ln0BKMPq95lXQ8yX0qalQvWKt1u1%2BbFiP8U8pYi"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
cache-control: max-age=86400, must-revalidate
CF-RAY: 6d3e544b59b06969-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1

200
OK

hit;flibusta_life
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit;flibusta_life?t45.1;r;s1600*1200*24;uhttp%3A//read3.w1.flibusta.life/;h%u0424%u043B%u0438%u0431%u0443%u0441%u0442%u0430%20%7C%20%u041A%u043D%u0438%u0436%u043D%u043E%u04...
https://counter.yadro.ru/hit;flibusta_life?q;t45.1;r;s1600*1200*24;uhttp%3A//read3.w1.flibusta.life/;h%u0424%u043B%u0438%u0431%u0443%u0441%u0442%u0430%20%7C%20%u041A%u043D%u0438%u0436%u043D%u043E%u...

112 B
598 B

63ms
63ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;flibusta_life?q;t45.1;r;s1600*1200*24;uhttp%3A//read3.w1.flibusta.life/;h%u0424%u043B%u0438%u0431%u0443%u0441%u0442%u0430%20%7C%20%u041A%u043D%u0438%u0436%u043D%u043E%u0435%20%u0431%u0440%u0430%u0442%u0441%u0442%u0432%u043E;0.7428744501743791

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

bb51b9caddb8a0e55d70c819b8a8903fbf2f94b7ad453653ec6aa0e823524276

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 01:50:30 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 112
Expires: Tue, 26 Jan 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 01:50:30 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit;flibusta_life?q;t45.1;r;s1600*1200*24;uhttp%3A//read3.w1.flibusta.life/;h%u0424%u043B%u0438%u0431%u0443%u0441%u0442%u0430%20%7C%20%u041A%u043D%u0438%u0436%u043D%u043E%u0435%20%u0431%u0440%u0430%u0442%u0441%u0442%u0432%u043E;0.7428744501743791
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Tue, 26 Jan 2021 21:00:00 GMT

GET
H/1.1 200
OK bg-footer.gif
read3.w1.flibusta.life/themes/bluebreeze/images/ 187 B
1014 B 29ms
29ms Image
image/gif 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read3.w1.flibusta.life/themes/bluebreeze/images/bg-footer.gif
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: f739d2729f1fd478c855bef64b16d83ab8524e6068651ca4325e47ccca7aa1bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 01:50:16 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 36895
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
Last-Modified: Wed, 26 Jan 2022 15:35:21 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWbrgxaTGedlNVid8OzR4VsbFnlIvNag88fYbF0ZqCSNZOvHUx82DQD%2B2NoPC9i3FMrrDwuE4SBvdIqiZpN6AI2297fj9YKydUnsXdaM7kqAfwX3VhnkD4TMIAL8wYWdrlXGXRJwwlQ4Ucz9%2FEHevCSvBxgh"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
cache-control: max-age=86400, must-revalidate
CF-RAY: 6d3e544c1c7e5c44-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 158ms
67ms Preflight 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://read3.w1.flibusta.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
date: Thu, 27 Jan 2022 01:50:17 GMT
access-control-max-age: 1728000
access-control-allow-headers: content-type
access-control-allow-origin: http://read3.w1.flibusta.life
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-encoding: gzip
strict-transport-security: max-age=31536000

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
379 B 88ms
87ms XHR
text/plain 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read3.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:17 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 01:50:17 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://read3.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 01:50:17 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 137 KB
49 KB 174ms
85ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

2f3ee8524a05db8a30e14cfbe98175341508f92759804299364e97848f4a0148

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://read3.w1.flibusta.life/
Origin: http://read3.w1.flibusta.life
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 01:50:17 GMT
content-encoding: br
last-modified: Wed, 26 Jan 2022 15:48:14 GMT
etag: "61f1430e-c1c4"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 49604
expires: Thu, 27 Jan 2022 02:50:17 GMT

GET
H2 200 1382009 Show response
an.yandex.ru/meta/ 15 KB
8 KB 177ms
177ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/1382009?target-ref=http%3A%2F%2Fread3.w1.flibusta.life%2F&charset=utf-8&pcode-test-ids=493330%2C0%2C23%3B496140%2C0%2C93%3B497320%2C0%2C12%3B487926%2C0%2C82%3B492918%2C0%2C37%3B488525%2C0%2C54%3B406668%2C0%2C20%3B497862%2C0%2C35%3B498788%2C0%2C-1%3B204314%2C0%2C11&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22VAS_LONG_EXP_FLAG_ENABLE_MEDIA_FILE_TYPE_PRIORITY_FACTOR_FOR_DESIRED_BITRATE%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22473613%22%7D%5D%2C%22VAS_LONG_EXP_FLAG_MEDIA_FILE_TYPE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%221%22%2C%22testId%22%3A%22473626%22%7D%5D%2C%22IGNORE_DESIRED_BITRATE_INAPP%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22479145%22%7D%5D%2C%22PCODE_DISABLE_VIDEO_IN_COMBO_BUTTON_DUPLICATION%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22483906%22%7D%5D%2C%22ENABLE_ACTION_PANEL_WITH_ARROW%22%3A%5B%7B%22value%22%3A%22EVERYWHERE%22%2C%22testId%22%3A%22483906%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22494893%22%2C%22testId%22%3A%22496031%22%7D%5D%2C%22VAS_ENABLE_AD_LABEL_OF_YANDEX_DIRECT%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22496222%22%7D%5D%2C%22VAS_OPEN_AD_INSTEAD_OF_AD_SYSTEM_BY_LABEL_CLICK%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22496222%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%2C257448%5D%2C%22testId%22%3A%22479101%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22472957%22%7D%5D%2C%22SHADOW_ROOT_OPEN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22476923%22%7D%5D%2C%22NEW_ADBLOCK_LOG%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22487621%22%7D%5D%2C%22COUNT_TO_XHR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22487824%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22487852%22%7D%5D%2C%22HTTPS_FOR_ADAPTERS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22496411%22%7D%5D%2C%22HIDE_VIDEO_IN_COMBO_ACTION_BUTTON_IF_THERE_ARE_CLICKABLE_ASSETS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22497916%22%7D%5D%2C%22ADSDKVER%22%3A%5B%7B%22value%22%3A%22497320%22%2C%22testId%22%3A%22497320%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22487926%22%7D%5D%2C%22INTERSTITIAL_TO_ADAPTIVE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22492918%22%7D%5D%2C%22PP_INTENT_URL%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22488525%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2253124%22%2C%22testId%22%3A%22497862%22%7D%2C%7B%22value%22%3A%2253178%22%2C%22testId%22%3A%22498788%22%7D%5D%7D&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=gULXMpI%2FvOOkmM0EiKxXx33BqpSecIhOQcbORP9HnSvKYSoP7wSWowJNKSFmIRDIPpDHv10dYKxZJQIItWQBl8JcKdQ%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=532764923265026&ad-session-id=4375621643248216738&target-id=11089429&tga-with-creatives=1&top-ancestor=http%3A%2F%2Fread3.w1.flibusta.life&top-ancestor-undetermined=0&pcode-version=53193&pcodever=53193&flash-ver=0&available-width=270&skip-token=yabs.NzIwNTc2MDMyMTI2NzQxODEKNzIwNTc2MDMxNTU0OTgzNDEKNzIwNTc2MDU2MzUwMjYyMDIKNzIwNTc2MDQwNzQ2ODM5OTc%3D&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22w%22%3A270%2C%22h%22%3A0%2C%22width%22%3A270%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1322%2C%22top%22%3A283%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A4%2C%22req_no%22%3A1%7D&grab-orig-len=1236&grab=dNCk0LvQuNCx0YPRgdGC0LAgfCDQmtC90LjQttC90L7QtSDQsdGA0LDRgtGB0YLQstC-CjEg0KTQu9C40LHRg9GB0YLQsCAKMiDQntCx0YnQsNGPINC40L3RhNC-0YDQvNCw0YbQuNGPIAoyINCb0Y7QtNC4INC60L7QtNCwIAoyICEhISDQotGA0LXQsdGD0Y7RgtGB0Y8gISEhICjRgtC10YXQvdC40YfQtdGB0LrQsNGPINGC0LXQvNCwKSAKMiBFUFVCL01PQkkgLSDQstGB0LUsINGH0YLQviDQstGLINGF0L7RgtC10LvQuCDQviDQvdC40YUg0LfQvdCw0YLRjC4gCjIg0J7QsdGF0L7QtCDQsdC70L7QutC40YDQvtCy0LrQuCDQtNC70Y8g0YPRgdGC0YDQvtC50YHRgtCyINC90LAgQW5kcm9pZCAKMiDQl9Cw0LTQsNGH0LAg0YLRgNC10YUg0YLQtdC7IAoyINCf0L7Qu9C90L7RgtC10LrRgdGC0L7QstGL0Lkg0L_QvtC40YHQuiAKMiDQotC10LwsINC60YLQviDQttC00LXRgiDQt9Cw0LLQtdGA0YjQsNGO0YnQuNC5INGA0L7QvNCw0L0g0YHQtdGA0LjQuCDQnS4g0KjRg9GB0YLQtdGA0LzQsNC90LAgItCe0LHRgNC10YfQtdC90L3Ri9C1INC90LAg0YDQsNGB0L_Qu9C10YLQtdC90LjQtSIsINC-0L3QuCDQttC1ICLQkdC10LPQu9C10YbRiyIsINC-0L3QuCDQttC1IFVud2luZCAKMiDQodCw0LzRi9C1INC30LDQv9C-0LzQuNC90LDRjtGJ0LXQtdGB0Y8g0LrQvdC40LPQuCAyMDE0INCz0L7QtNCwINCyINC20LDQvdGA0LUg0KTQsNC90YLQsNGB0YLQuNC60LAg0Lgg0KTQtdC90YLQtdC30LguIAoyINCg0Y3QvdCz0LAgCjIg0J_QvtC40YHQuiDQutC90LjQsyAKMiDQktGF0L7QtCDQsiDRgdC40YHRgtC10LzRgyAKMiDQndCw0LLQuNCz0LDRhtC40Y8gCjIg0J_QvtGB0LvQtdC00L3QuNC1INC60L7QvNC80LXQvdGC0LDRgNC40LggCjIg0JLQv9C10YfQsNGC0LvQtdC90LjRjyDQviDQutC90LjQs9Cw0YUgCjIg0KDRjtC60LfQsNGH0L7QuiAK&uniformat=true&callback=Ya%5B7782298627900%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

b885a94b7ae74bfe47ba0679f970a9c69d0c3664e934feb41dea1c51b02eba56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read3.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:17 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 01:50:17 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1643248217247507-441804247271759428700297-production-app-host-man-pcode-11
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: http://read3.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 01:50:17 GMT

GET
H2 200 wy300
avatars.mds.yandex.net/get-direct/245587/Eg5AuoD-tJQcecE59_6A5g/ 36 KB
36 KB 233ms
85ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/245587/Eg5AuoD-tJQcecE59_6A5g/wy300
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 409090daef0622387caaa569ebfe555b0c6550502f4606c55572fcf0bdb17c6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 01:50:17 GMT
last-modified: Sun, 01 Dec 2019 11:08:59 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 36684
x-request-id: a5b4d860b82b7714

GET
H/1.1 200
Ok xcraft.ru
favicon.yandex.net/favicon/ 531 B
744 B 168ms
70ms Image
image/png 2a02:6b8::36
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/xcraft.ru?size=32&stub=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

4489654fed8c9c74673842a01b843721f90f284f177ec777830a1896b67594e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 wy300
avatars.mds.yandex.net/get-direct/2799451/yszKuYh-KsIDkVTe4ID2AQ/ 15 KB
16 KB 233ms
85ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/2799451/yszKuYh-KsIDkVTe4ID2AQ/wy300
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: d5371d9ddb244450343609db48f4651b44fae78d12c2ddfbce47ebfe23a12726

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 01:50:17 GMT
last-modified: Mon, 18 May 2020 12:39:27 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 15548
x-request-id: 1cd4139cbd19db09

GET
H/1.1 200
Ok 100track.org
favicon.yandex.net/favicon/ 1 KB
2 KB 143ms
45ms Image
image/png 2a02:6b8::36
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/100track.org?size=32&stub=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

4948b20f4bac9585a0ab498e6bcc7d41a91a31896a8b51f95081fae909fad54e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 x410
avatars.mds.yandex.net/get-direct/4593589/vdTSjZ2Y7c7AJF7Zq5iZtw/ 14 KB
15 KB 233ms
86ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4593589/vdTSjZ2Y7c7AJF7Zq5iZtw/x410
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: e324a888469e9546d8a58d792c28ceb56b2b7162d9f11f030482c931ba8c27e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 01:50:17 GMT
last-modified: Mon, 17 Jan 2022 15:36:10 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 14708
x-request-id: bd43c73e5f507d7d

GET
H/1.1 200
Ok 7power-pulse.ru
favicon.yandex.net/favicon/ 653 B
866 B 145ms
47ms Image
image/png 2a02:6b8::36
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/7power-pulse.ru?size=32&stub=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

ff81169d729307757ece6b7c0afa316a7bdd0f7bb3178dd93c9f42771076c1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 x450
avatars.mds.yandex.net/get-direct/2760966/7geSZfLU9_aqD8q28Ivyqw/ 35 KB
36 KB 233ms
86ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/2760966/7geSZfLU9_aqD8q28Ivyqw/x450
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 23cfda178a76b8e7a63025e52b46d678138381aedc4daf4bd1d65c7680baff03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 01:50:17 GMT
last-modified: Tue, 15 Dec 2020 11:23:17 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 36198
x-request-id: af7de547614a982e

GET
H/1.1 200
Ok rusdate.de
favicon.yandex.net/favicon/ 1 KB
1 KB 144ms
47ms Image
image/png 2a02:6b8::36
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/rusdate.de?size=32&stub=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

2e3e80ad8c654d0bd2f81345400ff44866cf029b2726de5add67e25667f5c657

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame ED9D 24 KB
7 KB 130ms
44ms Document
text/html 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/

Response headers

server: nginx/1.17.9
date: Thu, 27 Jan 2022 01:50:17 GMT
content-type: text/html
content-length: 6262
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Sat, 27 Jan 2052 08:21:21 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 46ms
44ms XHR
text/plain 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read3.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:17 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 01:50:17 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://read3.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 01:50:17 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 94ms
94ms Preflight 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://read3.w1.flibusta.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
date: Thu, 27 Jan 2022 01:50:17 GMT
access-control-max-age: 1728000
access-control-allow-headers: content-type
access-control-allow-origin: http://read3.w1.flibusta.life
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-encoding: gzip
strict-transport-security: max-age=31536000

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 63ms
63ms Preflight 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://read3.w1.flibusta.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
date: Thu, 27 Jan 2022 01:50:17 GMT
access-control-max-age: 1728000
access-control-allow-headers: content-type
access-control-allow-origin: http://read3.w1.flibusta.life
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-encoding: gzip
strict-transport-security: max-age=31536000

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 46ms
45ms XHR
text/plain 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read3.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:17 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 01:50:17 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://read3.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 01:50:17 GMT

GET
H2 200 1382009 Show response
an.yandex.ru/meta/ 304 KB
73 KB 309ms
308ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/1382009?target-ref=http%3A%2F%2Fread3.w1.flibusta.life%2F&charset=utf-8&pcode-test-ids=493330%2C0%2C23%3B496140%2C0%2C93%3B497320%2C0%2C12%3B487926%2C0%2C82%3B492918%2C0%2C37%3B488525%2C0%2C54%3B406668%2C0%2C20%3B497862%2C0%2C35%3B498788%2C0%2C-1%3B204314%2C0%2C11&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22VAS_LONG_EXP_FLAG_ENABLE_MEDIA_FILE_TYPE_PRIORITY_FACTOR_FOR_DESIRED_BITRATE%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22473613%22%7D%5D%2C%22VAS_LONG_EXP_FLAG_MEDIA_FILE_TYPE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%221%22%2C%22testId%22%3A%22473626%22%7D%5D%2C%22IGNORE_DESIRED_BITRATE_INAPP%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22479145%22%7D%5D%2C%22PCODE_DISABLE_VIDEO_IN_COMBO_BUTTON_DUPLICATION%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22483906%22%7D%5D%2C%22ENABLE_ACTION_PANEL_WITH_ARROW%22%3A%5B%7B%22value%22%3A%22EVERYWHERE%22%2C%22testId%22%3A%22483906%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22494893%22%2C%22testId%22%3A%22496031%22%7D%5D%2C%22VAS_ENABLE_AD_LABEL_OF_YANDEX_DIRECT%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22496222%22%7D%5D%2C%22VAS_OPEN_AD_INSTEAD_OF_AD_SYSTEM_BY_LABEL_CLICK%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22496222%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%2C257448%5D%2C%22testId%22%3A%22479101%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22472957%22%7D%5D%2C%22SHADOW_ROOT_OPEN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22476923%22%7D%5D%2C%22NEW_ADBLOCK_LOG%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22487621%22%7D%5D%2C%22COUNT_TO_XHR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22487824%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22487852%22%7D%5D%2C%22HTTPS_FOR_ADAPTERS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22496411%22%7D%5D%2C%22HIDE_VIDEO_IN_COMBO_ACTION_BUTTON_IF_THERE_ARE_CLICKABLE_ASSETS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22497916%22%7D%5D%2C%22ADSDKVER%22%3A%5B%7B%22value%22%3A%22497320%22%2C%22testId%22%3A%22497320%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22487926%22%7D%5D%2C%22INTERSTITIAL_TO_ADAPTIVE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22492918%22%7D%5D%2C%22PP_INTENT_URL%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22488525%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2253124%22%2C%22testId%22%3A%22497862%22%7D%2C%7B%22value%22%3A%2253178%22%2C%22testId%22%3A%22498788%22%7D%5D%7D&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=gULXMpI%2FvOOkmM0EiKxXx33BqpSecIhOQcbORP9HnSvKYSoP7wSWowJNKSFmIRDIPpDHv10dYKxZJQIItWQBl8JcKdQ%3D&imp-id=3&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=532764923265026&ad-session-id=4375621643248216738&target-id=70668330&tga-with-creatives=1&top-ancestor=http%3A%2F%2Fread3.w1.flibusta.life&top-ancestor-undetermined=0&pcode-version=53193&pcodever=53193&flash-ver=0&available-width=270&skip-token=yabs.NzIwNTc2MDU0MzEwODczNzUKNzIwNTc2MDMyMTI2NzQxODEKNzIwNTc2MDMxNTU0OTgzNDEKNzIwNTc2MDU2MzUwMjYyMDIKNzIwNTc2MDQwNzQ2ODM5OTc%3D&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22w%22%3A270%2C%22h%22%3A0%2C%22width%22%3A270%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A1322%2C%22top%22%3A2227%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A4%2C%22req_no%22%3A2%7D&grab-orig-len=1236&grab=dNCk0LvQuNCx0YPRgdGC0LAgfCDQmtC90LjQttC90L7QtSDQsdGA0LDRgtGB0YLQstC-CjEg0KTQu9C40LHRg9GB0YLQsCAKMiDQntCx0YnQsNGPINC40L3RhNC-0YDQvNCw0YbQuNGPIAoyINCb0Y7QtNC4INC60L7QtNCwIAoyICEhISDQotGA0LXQsdGD0Y7RgtGB0Y8gISEhICjRgtC10YXQvdC40YfQtdGB0LrQsNGPINGC0LXQvNCwKSAKMiBFUFVCL01PQkkgLSDQstGB0LUsINGH0YLQviDQstGLINGF0L7RgtC10LvQuCDQviDQvdC40YUg0LfQvdCw0YLRjC4gCjIg0J7QsdGF0L7QtCDQsdC70L7QutC40YDQvtCy0LrQuCDQtNC70Y8g0YPRgdGC0YDQvtC50YHRgtCyINC90LAgQW5kcm9pZCAKMiDQl9Cw0LTQsNGH0LAg0YLRgNC10YUg0YLQtdC7IAoyINCf0L7Qu9C90L7RgtC10LrRgdGC0L7QstGL0Lkg0L_QvtC40YHQuiAKMiDQotC10LwsINC60YLQviDQttC00LXRgiDQt9Cw0LLQtdGA0YjQsNGO0YnQuNC5INGA0L7QvNCw0L0g0YHQtdGA0LjQuCDQnS4g0KjRg9GB0YLQtdGA0LzQsNC90LAgItCe0LHRgNC10YfQtdC90L3Ri9C1INC90LAg0YDQsNGB0L_Qu9C10YLQtdC90LjQtSIsINC-0L3QuCDQttC1ICLQkdC10LPQu9C10YbRiyIsINC-0L3QuCDQttC1IFVud2luZCAKMiDQodCw0LzRi9C1INC30LDQv9C-0LzQuNC90LDRjtGJ0LXQtdGB0Y8g0LrQvdC40LPQuCAyMDE0INCz0L7QtNCwINCyINC20LDQvdGA0LUg0KTQsNC90YLQsNGB0YLQuNC60LAg0Lgg0KTQtdC90YLQtdC30LguIAoyINCg0Y3QvdCz0LAgCjIg0J_QvtC40YHQuiDQutC90LjQsyAKMiDQktGF0L7QtCDQsiDRgdC40YHRgtC10LzRgyAKMiDQndCw0LLQuNCz0LDRhtC40Y8gCjIg0J_QvtGB0LvQtdC00L3QuNC1INC60L7QvNC80LXQvdGC0LDRgNC40LggCjIg0JLQv9C10YfQsNGC0LvQtdC90LjRjyDQviDQutC90LjQs9Cw0YUgCjIg0KDRjtC60LfQsNGH0L7QuiAK&uniformat=true&callback=Ya%5B9790052384145%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

41effc4984c276f2021cd80388c9d4c290d1f04637f5d9166a0e3cf18a2b6fc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read3.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 27 Jan 2022 01:50:17 GMT
content-encoding: gzip
ssr: true
x-yandex-req-id: 1643248217472998-902551583409866858800253-production-app-host-vla-pcode-54
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 27 Jan 2022 01:50:17 GMT
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: http://read3.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
uniformat: true
expires: Thu, 27 Jan 2022 01:50:17 GMT

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/protected/ Frame 1420 24 KB
7 KB 53ms
52ms Document
text/html 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/protected/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name

Value

Content-Security-Policy

default-src 'none'; media-src storage.mds.yandex.net storage.mdst.yandex.net; img-src 'self' yandex.ru yandex.ua yandex.by yandex.kz yandex.com yandex.com.tr *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net mc.yandex.ru an.yandex.ru data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' yandex.ru yandex.ua yandex.by yandex.kz yandex.com yandex.com.tr *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net an.yandex.ru mc.yandex.ru yastatic.net; child-src 'none'; frame-src https://yandex.ru https://an.yandex.ru; connect-src storage.mds.yandex.net storage.mdst.yandex.net mc.yandex.ru yandex.ru; style-src 'unsafe-inline' 'self' *.yandex.ru *.yandex.kz *.yandex.ua mc.yandex.ru storage.mds.yandex.net storage.mdst.yandex.net; font-src 'self' *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net data:;

Strict-Transport-Security

max-age=43200000; includeSubDomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/

Response headers

server: nginx/1.17.9
date: Thu, 27 Jan 2022 01:50:17 GMT
content-type: text/html
content-length: 6262
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
content-security-policy: default-src 'none'; media-src storage.mds.yandex.net storage.mdst.yandex.net; img-src 'self' yandex.ru yandex.ua yandex.by yandex.kz yandex.com yandex.com.tr *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net mc.yandex.ru an.yandex.ru data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' yandex.ru yandex.ua yandex.by yandex.kz yandex.com yandex.com.tr *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net an.yandex.ru mc.yandex.ru yastatic.net; child-src 'none'; frame-src https://yandex.ru https://an.yandex.ru; connect-src storage.mds.yandex.net storage.mdst.yandex.net mc.yandex.ru yandex.ru; style-src 'unsafe-inline' 'self' *.yandex.ru *.yandex.kz *.yandex.ua mc.yandex.ru storage.mds.yandex.net storage.mdst.yandex.net; font-src 'self' *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net data:;
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Sat, 27 Jan 2052 08:23:01 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9530.mEaHxlXcfhn_U6c4Nx6YBNRValiNdo7JD0vL56_MRY-nmn-_QB0_ap4Chq_ejvad.9fF6tJ-PUO9mcJTg3A8RJD9011E%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9530.7eEjKRKWyn7G_XT8c8OmZV-_UQarCkguQHPzTo5x5e37zVtyqNSnYfMMyGfknII6n-8AkLqHopKeKjEvqdHLNDXPZ_4wDBaNCxgXVIO5SP0%2C.L-O0_Sk4VMUp7Ly8dB7HTvOG_Tk%2C

43 B
353 B

47ms
46ms

Image
image/gif

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9530.7eEjKRKWyn7G_XT8c8OmZV-_UQarCkguQHPzTo5x5e37zVtyqNSnYfMMyGfknII6n-8AkLqHopKeKjEvqdHLNDXPZ_4wDBaNCxgXVIO5SP0%2C.L-O0_Sk4VMUp7Ly8dB7HTvOG_Tk%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 01:50:17 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9530.7eEjKRKWyn7G_XT8c8OmZV-_UQarCkguQHPzTo5x5e37zVtyqNSnYfMMyGfknII6n-8AkLqHopKeKjEvqdHLNDXPZ_4wDBaNCxgXVIO5SP0%2C.L-O0_Sk4VMUp7Ly8dB7HTvOG_Tk%2C
date: Thu, 27 Jan 2022 01:50:17 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 WQyejI_zOEi0BGq0j1S00000qx94iWK0wm4nMVhnOG00000uyjce0M2C66W4W07JtPa4Y06BZEmDa06UnAxnr820W0AO0Px4hl5Ki06Qbjsi2BW1eFM-hYFO0VxSrvy1u06-k-wU0Q02XDcB6S2HUUW4enw81Uu1a0Nc1B05HBW5hm701OK5o0Mu0U05Tg06uWAe1... Show response
an.yandex.ru/tracking/ Frame ED9D 0
67 B 69ms
68ms XHR
text/plain 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/tracking/WQyejI_zOEi0BGq0j1S00000qx94iWK0wm4nMVhnOG00000uyjce0M2C66W4W07JtPa4Y06BZEmDa06UnAxnr820W0AO0Px4hl5Ki06Qbjsi2BW1eFM-hYFO0VxSrvy1u06-k-wU0Q02XDcB6S2HUUW4enw81Uu1a0Nc1B05HBW5hm701OK5o0Mu0U05Tg06uWAe1k82oGPPJWsqXR0L5ga7jztyuZjjEGAu1v0oq0S4u0Ua3yAGWGRm2U03-0cm2O0A2Asa-e6ttG00AtT4YeRM1G3m2mRW3OA0W06G3i24FPWEs8pJpUVYw-O-e0x0X3se3xUxy_c-fzkS0e0GujlV7v7489WHWV4TeH5Ik1w5wr78Fu0K8AWKvWJGsu-D1k0K0TWLmOhsxAEFlFnZs1QOlhg3lwFuyfK1WHS00F0_c1UXmTGjq1WX-1Y06O8S3LD2GZeqLqLdUabZLpVf780TVw4Tm1P5oPbHap-e7G7O7gs57w0VlwoK8CWVl-xhJz8V1JKpCJap30098vZRaE1IsgQg1WGanC-yIPTS-7SgzqiGhqBbNH6-SucF5WCy0m00~1?action-id=11

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:17 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 01:50:17 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 01:50:17 GMT

GET
H/1.1 200
Ok d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame ED9D 95 B
400 B 204ms
46ms Image
image/png 2a02:6b8::5:114
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 01:50:17 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=315360000; includeSubDomains
X-RT-IH: 0.0002
Content-Type: image/png
Cache-Control: private
Connection: close
X-RT-IQ: 0.0002
Content-Length: 95
Expires: Fri, 28 Jan 2022 01:50:17 GMT

GET
H2

200

spixel.php
sonar.semantiqo.com/983we/ Frame ED9D
Redirect Chain

https://sonar.semantiqo.com/dmp/scr.php
https://counter.yadro.ru/id127/reff-id.gif?sid=9977ac5191f4407ab2465bed7ed1eb63
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=5A9FBD0828BFC1D1&sid=9977ac5191f4407ab2465bed7ed1eb63
https://cdn3.caltat.com/fbfc504c-89b0-4a80-bef4-c8e39daeee6f/sess.php?sid=9977ac5191f4407ab2465bed7ed1eb63&spid=5A9FBD0828BFC1D1&v=
https://sync.magnitent.com/fbfli/ct_sync.php?ct=5da1de2981a449e59c8f71f24346907a&sonar=9977ac5191f4407ab2465bed7ed1eb63&spid=5A9FBD0828BFC1D1&v=
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fsonar.semantiqo.com%2F983we%2Fspixel.php%3Fsid%3D9977ac5191f4407ab2465bed7ed1eb63%26c%3D5da1de2981a449e59c8f71f24346907a%26w%3D={WEBO_CID}
https://sonar.semantiqo.com/983we/spixel.php?sid=9977ac5191f4407ab2465bed7ed1eb63&c=5da1de2981a449e59c8f71f24346907a&w==u8R2I8h/fhfS6vUc5ABTye

0
355 B

44ms
44ms

Image
text/html

95.217.86.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sonar.semantiqo.com/983we/spixel.php?sid=9977ac5191f4407ab2465bed7ed1eb63&c=5da1de2981a449e59c8f71f24346907a&w==u8R2I8h/fhfS6vUc5ABTye
Protocol: H2
Server: 95.217.86.150 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.86.217.95.clients.your-server.de
Software: nginx/1.20.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 01:50:18 GMT
content-encoding: gzip
server: nginx/1.20.2
mode: no-cors
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:18 GMT
via: 1.1 google
last-modified: Thu, 27 Jan 2022 01:50:18 GMT
server: nginx/1.12.0
location: https://sonar.semantiqo.com/983we/spixel.php?sid=9977ac5191f4407ab2465bed7ed1eb63&c=5da1de2981a449e59c8f71f24346907a&w==u8R2I8h/fhfS6vUc5ABTye
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame ED9D 42 B
201 B 289ms
70ms Image
image/gif 81.222.128.214
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=109
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.214 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad14.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 01:50:17 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

1dTPjKr5qGwuFMb755JD
an.yandex.ru/mapuid/dmpamberdata/ Frame ED9D
Redirect Chain

https://dmg.digitaltarget.ru/1/119/i/i?i=1643248216
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&i=1643248216
https://an.yandex.ru/mapuid/dmpamberdata/1dTPjKr5qGwuFMb755JD

43 B
80 B

92ms
92ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpamberdata/1dTPjKr5qGwuFMb755JD

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:17 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 01:50:17 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 01:50:17 GMT

Redirect headers

Date: Thu, 27 Jan 2022 01:50:17 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://an.yandex.ru/mapuid/dmpamberdata/1dTPjKr5qGwuFMb755JD
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 7
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H2

200

B8JBZkt4Kr8T
an.yandex.ru/mapuid/dmpsegmento/ Frame ED9D
Redirect Chain

https://yandex-dmp-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/dmpsegmento/B8JBZkt4Kr8T?sign=1257837134

43 B
80 B

75ms
75ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpsegmento/B8JBZkt4Kr8T?sign=1257837134

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:17 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 01:50:17 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 01:50:17 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/dmpsegmento/B8JBZkt4Kr8T?sign=1257837134
Date: Thu, 27 Jan 2022 01:50:17 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

nYaXkaJcue09
an.yandex.ru/mapuid/rutargetis/ Frame ED9D
Redirect Chain

https://yandex-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/rutargetis/nYaXkaJcue09

43 B
80 B

69ms
69ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/rutargetis/nYaXkaJcue09

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:17 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 01:50:17 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 01:50:17 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/rutargetis/nYaXkaJcue09
Date: Thu, 27 Jan 2022 01:50:17 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

dnzWAzZHsDJ8vL69Lf5iww
an.yandex.ru/mapuid/dmpaidatame/ Frame ED9D
Redirect Chain

https://x01.aidata.io/0.gif?pid=YANDEX
https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1
https://an.yandex.ru/mapuid/dmpaidatame/dnzWAzZHsDJ8vL69Lf5iww?sign=91824381

43 B
80 B

93ms
93ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpaidatame/dnzWAzZHsDJ8vL69Lf5iww?sign=91824381

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:17 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 01:50:17 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 01:50:17 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:17 GMT
last-modified: Thu, 27 Jan 2022 01:50:16 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location: https://an.yandex.ru/mapuid/dmpaidatame/dnzWAzZHsDJ8vL69Lf5iww?sign=91824381
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Thu, 27 Jan 2022 01:50:16 GMT

GET
H2

200

7a585c00-7f13-11ec-a15e-901b0e8d6a9d
an.yandex.ru/mapuid/dmpcleverdata/ Frame ED9D
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au
https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au&cs=1
https://an.yandex.ru/mapuid/dmpcleverdata/7a585c00-7f13-11ec-a15e-901b0e8d6a9d?sign=3604832273

43 B
108 B

76ms
76ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpcleverdata/7a585c00-7f13-11ec-a15e-901b0e8d6a9d?sign=3604832273

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:17 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 01:50:17 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 01:50:17 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/dmpcleverdata/7a585c00-7f13-11ec-a15e-901b0e8d6a9d?sign=3604832273
date: Thu, 27 Jan 2022 01:50:17 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate, private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0, 0

GET
H2

200

fhfS6vUc5ABTye
an.yandex.ru/mapuid/dmpweborama/u8R2I8h/ Frame ED9D
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID}
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=1128147264
https://an.yandex.ru/mapuid/dmpweborama/u8R2I8h/fhfS6vUc5ABTye

43 B
80 B

71ms
70ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpweborama/u8R2I8h/fhfS6vUc5ABTye

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:17 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 01:50:17 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 01:50:17 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:17 GMT
via: 1.1 google
last-modified: Thu, 27 Jan 2022 01:50:17 GMT
server: nginx/1.12.0
location: https://an.yandex.ru/mapuid/dmpweborama/u8R2I8h/fhfS6vUc5ABTye
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

/
an.yandex.ru/mapuid/ramblerssp/ Frame ED9D
Redirect Chain

https://profile.ssp.rambler.ru/sync3.302?pid=188
https://an.yandex.ru/mapuid/ramblerssp/

43 B
80 B

63ms
63ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/ramblerssp/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:17 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 01:50:17 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 01:50:17 GMT

Redirect headers

date: Thu, 27 Jan 2022 01:50:17 GMT
server: nginx
strict-transport-security: max-age=0
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
location: //an.yandex.ru/mapuid/ramblerssp/
x-passed: 1bal1
content-type: application/x-javascript; charset=Windows-1251
content-length: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame ED9D
Redirect Chain

https://an.yandex.ru/mapuid/adobedmp/
https://an.yandex.ru/mapuid/adobedmp/?redir-setuniq=1
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=38547ABD34D4B69E
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=38547ABD34D4B69E

42 B
945 B

42ms
41ms

Image
image/gif

54.228.253.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=38547ABD34D4B69E

Protocol

HTTP/1.1

Server

54.228.253.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-253-216.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v027-09de5dfea.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: wB1iDw7URnQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v027-0ee796a4c.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Amwtx0taRyU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=38547ABD34D4B69E
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 yandexdmp-match
dm.hybrid.ai/ Frame ED9D 0
238 B 225ms
75ms Image
text/plain 37.18.16.22
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/yandexdmp-match

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.22 , Russian Federation, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:17 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 126
x-xss-protection: 1; mode=block
expires: -1

GET
H2

200

30ae9a103dc781bb34e2984cd90990e4d6a5db77f2f1165243276bbdc524cb84
an.yandex.ru/mapuid/mediascope/ Frame ED9D
Redirect Chain

https://cm.tns-counter.ru/yacm
https://an.yandex.ru/mapuid/mediascope/30ae9a103dc781bb34e2984cd90990e4d6a5db77f2f1165243276bbdc524cb84

43 B
80 B

68ms
68ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mediascope/30ae9a103dc781bb34e2984cd90990e4d6a5db77f2f1165243276bbdc524cb84

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:17 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 01:50:17 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 01:50:17 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:17 GMT
server: ms-counter-3.2.15/1.20.1
content-type: text/html
location: https://an.yandex.ru/mapuid/mediascope/30ae9a103dc781bb34e2984cd90990e4d6a5db77f2f1165243276bbdc524cb84
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

96252c97-5794-4a37-8098-47d7545774d9
an.yandex.ru/mapuid/upravelis/ Frame ED9D
Redirect Chain

https://sync.upravel.com/yandex/sync
https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ
https://96252c97-5794-4a37-8098-47d7545774d9.sync.upravel.com/yandex/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIiwiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ
https://an.yandex.ru/mapuid/upravelis/96252c97-5794-4a37-8098-47d7545774d9

43 B
80 B

68ms
67ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/upravelis/96252c97-5794-4a37-8098-47d7545774d9

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:18 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 01:50:18 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 01:50:18 GMT

Redirect headers

date: Thu, 27 Jan 2022 01:50:18 GMT
server: nginx
location: https://an.yandex.ru/mapuid/upravelis/96252c97-5794-4a37-8098-47d7545774d9
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
content-type: image/png
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame ED9D
Redirect Chain

https://an.yandex.ru/mapuid/google/?partner-tag=yandex_llc
https://an.yandex.ru/mapuid/google/?redir-setuniq=1&partner-tag=yandex_llc
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=32D44C1A4DBC48C0&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=32D44C1A4DBC48C0&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc=
https://an.yandex.ru/resource/spacer.gif

43 B
78 B

88ms
88ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 01:50:17 GMT
content-encoding: gzip
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif
x-xss-protection: 1; mode=block
expires: Thu, 12 Jan 2023 01:50:17 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://an.yandex.ru/resource/spacer.gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame ED9D
Redirect Chain

https://an.yandex.ru/mapuid/google/?partner-tag=yandexcom
https://an.yandex.ru/mapuid/google/?redir-setuniq=1&partner-tag=yandexcom
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=3E1F99CE95FF99DD&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=3E1F99CE95FF99DD&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc=
https://an.yandex.ru/resource/spacer.gif

43 B
135 B

87ms
87ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 01:50:17 GMT
content-encoding: gzip
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif
x-xss-protection: 1; mode=block
expires: Thu, 12 Jan 2023 01:50:17 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://an.yandex.ru/resource/spacer.gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame ED9D
Redirect Chain

https://an.yandex.ru/mapuid/google/?partner-tag=yandexru
https://an.yandex.ru/mapuid/google/?redir-setuniq=1&partner-tag=yandexru
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=32D44C1A4DBC48C0&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=32D44C1A4DBC48C0&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc=
https://an.yandex.ru/resource/spacer.gif

43 B
78 B

88ms
87ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 01:50:17 GMT
content-encoding: gzip
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif
x-xss-protection: 1; mode=block
expires: Thu, 12 Jan 2023 01:50:17 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://an.yandex.ru/resource/spacer.gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
t.adx.opera.com/ Frame ED9D
Redirect Chain

https://an.yandex.ru/mapuid/operacom/
https://an.yandex.ru/mapuid/operacom/?redir-setuniq=1
https://t.adx.opera.com/sync?vendor=60143&uid=5A515CFCAB646F96

0
410 B

94ms
28ms

Image
text/plain

82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60143&uid=5A515CFCAB646F96
Protocol: H2
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:17 GMT
server: Tengine
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:17 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 01:50:17 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://t.adx.opera.com/sync?vendor=60143&uid=5A515CFCAB646F96
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 01:50:17 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame ED9D
Redirect Chain

https://an.yandex.ru/mapuid/betweenx/
https://an.yandex.ru/mapuid/betweenx/?redir-setuniq=1
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=EA2E74BA1E646FE9
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=EA2E74BA1E646FE9&crf=1

68 B
607 B

56ms
55ms

Image
image/png

188.42.29.166
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=161&external_user_id=EA2E74BA1E646FE9&crf=1
Protocol: H2
Server: 188.42.29.166 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=161&external_user_id=EA2E74BA1E646FE9&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

404

0100007F59FAF1618E06025A023357C9
an.yandex.ru/mapuid/SAPEis/ Frame ED9D
Redirect Chain

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F%24%7BUSER_ID%7D
https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F$%7BUSER_ID%7D&dp=151&tc=1
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252FSAPEis%252F$%257BUSER_ID%257D&dp=14
https://acint.net/rmatch?dp=14&euid=0100007F59FAF1612200D0BD02D08628&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F$%7BUSER_ID%7D
https://an.yandex.ru/mapuid/SAPEis/0100007F59FAF1618E06025A023357C9

43 B
152 B

60ms
60ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/SAPEis/0100007F59FAF1618E06025A023357C9

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:18 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 01:50:18 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 01:50:18 GMT

Redirect headers

date: Thu, 27 Jan 2022 01:50:18 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://an.yandex.ru/mapuid/SAPEis/0100007F59FAF1618E06025A023357C9
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: text/html
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

ff1d463c-fe03-4b6f-8432-b0c29db2f699
an.yandex.ru/mapuid/qbitis/ Frame ED9D
Redirect Chain

https://mitdmp.whiteboxdigital.ru/pixel?id=a&source=yandex&redirect=false&href=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fqbitis%2F%7Bmiid%7D
https://an.yandex.ru/mapuid/qbitis/ff1d463c-fe03-4b6f-8432-b0c29db2f699

43 B
80 B

72ms
71ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/qbitis/ff1d463c-fe03-4b6f-8432-b0c29db2f699

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:17 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 01:50:17 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 01:50:17 GMT

Redirect headers

Date: Thu, 27 Jan 2022 01:50:17 GMT
Server: nginx/1.21.0
Location: https://an.yandex.ru/mapuid/qbitis/ff1d463c-fe03-4b6f-8432-b0c29db2f699
Access-Control-Max-Age: 3628800
Access-Control-Allow-Methods: GET, DELETE, OPTIONS, POST, PUT
Access-Control-Allow-Origin
Access-Control-Expose-Headers: Content-Length,Content-Range
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
Content-Length: 0

GET
H2

200

1c824dfd-16a9-511b-8cc8-0065ed39fa3c
an.yandex.ru/mapuid/betweendigitalis/ Frame ED9D
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1
https://an.yandex.ru/mapuid/betweendigitalis/1c824dfd-16a9-511b-8cc8-0065ed39fa3c

43 B
80 B

69ms
69ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/betweendigitalis/1c824dfd-16a9-511b-8cc8-0065ed39fa3c

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:17 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 01:50:17 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 01:50:17 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/betweendigitalis/1c824dfd-16a9-511b-8cc8-0065ed39fa3c
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

73b99467-ce5b-465a-b257-23699a99dc5a
an.yandex.ru/mapuid/mtsdspis/ Frame ED9D
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=yandex&id=map
https://sm.rtb.mts.ru/match/second?ssp=55&exu=map
https://tech.rtb.mts.ru/?dsp_uid=73b99467-ce5b-465a-b257-23699a99dc5a&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2F73b99467-ce5b-465a-b257-23699a99dc5a
https://an.yandex.ru/mapuid/mtsdspis/73b99467-ce5b-465a-b257-23699a99dc5a

43 B
80 B

71ms
71ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mtsdspis/73b99467-ce5b-465a-b257-23699a99dc5a

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:18 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 01:50:18 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 01:50:18 GMT

Redirect headers

Date: Thu, 27 Jan 2022 01:50:18 GMT
Server: nginx/1.13.12
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/mapuid/mtsdspis/73b99467-ce5b-465a-b257-23699a99dc5a
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H/1.1 200
OK /
sync.bumlam.com/ Frame ED9D 43 B
390 B 78ms
17ms Image
image/gif 31.172.81.160
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=yandex
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.160 Muehlheim am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 01:50:17 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 204 match
dm.hybrid.ai/ Frame ED9D 0
237 B 70ms
69ms Image
text/plain 37.18.16.22
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=182

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.22 , Russian Federation, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:17 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 103
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame ED9D 42 B
201 B 70ms
70ms Image
image/gif 81.222.128.214
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.214 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad14.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 01:50:17 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

sKiUQbO8RBoSg03J71S8
an.yandex.ru/mapuid/kadamis/ Frame ED9D
Redirect Chain

https://s.uuidksinc.net/match/501
https://an.yandex.ru/mapuid/kadamis/sKiUQbO8RBoSg03J71S8

43 B
80 B

69ms
69ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/kadamis/sKiUQbO8RBoSg03J71S8

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:17 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 01:50:17 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 01:50:17 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/kadamis/sKiUQbO8RBoSg03J71S8
date: Thu, 27 Jan 2022 01:50:17 GMT
server: nginx/1.19.0
content-length: 0

GET
H2

200

5nUqkegvElc.AikABlF-mTnwIw
an.yandex.ru/mapuid/getintentis/ Frame ED9D
Redirect Chain

https://px.adhigh.net/p/cm/yandexssp
https://px.adhigh.net/p/cm/yandexssp?bounced=1
https://an.yandex.ru/mapuid/getintentis/5nUqkegvElc.AikABlF-mTnwIw

43 B
80 B

70ms
70ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/getintentis/5nUqkegvElc.AikABlF-mTnwIw

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:18 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 01:50:18 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 01:50:18 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:18 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f23-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://an.yandex.ru/mapuid/getintentis/5nUqkegvElc.AikABlF-mTnwIw
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 image.jpg
storage.mds.yandex.net/get-canvas-html5/1003119/7d70759c-f779-4e71-8d73-d738ea5ab229/ Frame 1420 33 KB
33 KB 182ms
84ms Image
image/jpeg 2a02:6b8::158
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.mds.yandex.net/get-canvas-html5/1003119/7d70759c-f779-4e71-8d73-d738ea5ab229/image.jpg
Requested by: Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/1-1-0/protected/render.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::158 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 0e498acee76811d27d3fd6fa85050262110a471d29f2e221bae9e4b2a583b154

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 01:50:17 GMT
last-modified: Tue, 23 Nov 2021 06:44:33 GMT
server: nginx
etag: "d2435ae7beb3a5773b7ad0ecc8f9882c"
x-cache-status: hit
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-data-size: 33470
x-mds-request-id: 10eca4294c5d0d1
x-robots-tag: noindex, noarchive, nofollow
content-length: 33470

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 66ms
66ms Preflight 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://read3.w1.flibusta.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
date: Thu, 27 Jan 2022 01:50:17 GMT
access-control-max-age: 1728000
access-control-allow-headers: content-type
access-control-allow-origin: http://read3.w1.flibusta.life
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-encoding: gzip
strict-transport-security: max-age=31536000

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
101 B 62ms
61ms XHR
text/plain 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read3.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:17 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 01:50:17 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://read3.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 01:50:17 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/1382009/
Redirect Chain

https://mc.yandex.com/watch/1382009?wmode=7&page-url=http%3A%2F%2Fread3.w1.flibusta.life%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf3qo6c2s0fzz%3Afu%3A0%3Aen...
https://mc.yandex.com/watch/1382009/1?wmode=7&page-url=http%3A%2F%2Fread3.w1.flibusta.life%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf3qo6c2s0fzz%3Afu%3A0%3A...

295 B
670 B

44ms
43ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1382009/1?wmode=7&page-url=http%3A%2F%2Fread3.w1.flibusta.life%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf3qo6c2s0fzz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A1348501032325%3Ahid%3A43829942%3Az%3A0%3Ai%3A20220127015017%3Aet%3A1643248217%3Ac%3A1%3Arn%3A296339024%3Au%3A1643248217364115213%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1643248216283%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643248218%3At%3A%D0%A4%D0%BB%D0%B8%D0%B1%D1%83%D1%81%D1%82%D0%B0%20%7C%20%D0%9A%D0%BD%D0%B8%D0%B6%D0%BD%D0%BE%D0%B5%20%D0%B1%D1%80%D0%B0%D1%82%D1%81%D1%82%D0%B2%D0%BE&t=gdpr%2814%29aw%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

51cb1132b2b6c23d934ed2c4854f7b9d7f0c0211beb4e93de10f6e0ea14b9a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 27-Jan-2022 01:50:17 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://read3.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 295
x-xss-protection: 1; mode=block
expires: Thu, 27-Jan-2022 01:50:17 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:17 GMT
last-modified: Thu, 27-Jan-2022 01:50:17 GMT
location: /watch/1382009/1?wmode=7&page-url=http%3A%2F%2Fread3.w1.flibusta.life%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf3qo6c2s0fzz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A1348501032325%3Ahid%3A43829942%3Az%3A0%3Ai%3A20220127015017%3Aet%3A1643248217%3Ac%3A1%3Arn%3A296339024%3Au%3A1643248217364115213%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1643248216283%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643248218%3At%3A%D0%A4%D0%BB%D0%B8%D0%B1%D1%83%D1%81%D1%82%D0%B0%20%7C%20%D0%9A%D0%BD%D0%B8%D0%B6%D0%BD%D0%BE%D0%B5%20%D0%B1%D1%80%D0%B0%D1%82%D1%81%D1%82%D0%B2%D0%BE&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: http://read3.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 27-Jan-2022 01:50:17 GMT

POST
H2 200 1
mc.yandex.com/watch/1382009/ 43 B
73 B 43ms
42ms Ping
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1382009/1?page-url=http%3A%2F%2Fread3.w1.flibusta.life%2F&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Agqny5kf3qo6c2s0fzz%3Afp%3A449%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A1%3Als%3A1348501032325%3Ahid%3A43829942%3Az%3A0%3Ai%3A20220127015017%3Aet%3A1643248218%3Ac%3A1%3Arn%3A794294391%3Arqn%3A1%3Au%3A1643248217364115213%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Aeu%3A1%3Ans%3A1643248216283%3Ads%3A10%2C18%2C29%2C2%2C0%2C0%2C%2C447%2C7%2C818%2C818%2C0%2C507%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643248218&t=gdpr(14)mc(p-1-h-1)lt(6800)aw(1)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22adSessionID%22%3A%224375621643248216738%22%7D%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read3.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:17 GMT
last-modified: Thu, 27-Jan-2022 01:50:17 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://read3.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 27-Jan-2022 01:50:17 GMT

GET
H2 200 1382009 Show response
mc.yandex.com/watch/ 43 B
73 B 43ms
42ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1382009?page-url=http%3A%2F%2Fread3.w1.flibusta.life%2F&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Agqny5kf3qo6c2s0fzz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A1%3Als%3A1348501032325%3Ahid%3A43829942%3Az%3A0%3Ai%3A20220127015017%3Aet%3A1643248218%3Ac%3A1%3Arn%3A735709938%3Arqn%3A2%3Au%3A1643248217364115213%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Aeu%3A1%3Ans%3A1643248216283%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643248218%3At%3A%D0%A4%D0%BB%D0%B8%D0%B1%D1%83%D1%81%D1%82%D0%B0%20%7C%20%D0%9A%D0%BD%D0%B8%D0%B6%D0%BD%D0%BE%D0%B5%20%D0%B1%D1%80%D0%B0%D1%82%D1%81%D1%82%D0%B2%D0%BE&t=gdpr(14)mc(p-1-h-1)lt(6800)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:17 GMT
last-modified: Thu, 27-Jan-2022 01:50:17 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://read3.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 27-Jan-2022 01:50:17 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 64ms
64ms Preflight 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://read3.w1.flibusta.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
date: Thu, 27 Jan 2022 01:50:17 GMT
access-control-max-age: 1728000
access-control-allow-headers: content-type
access-control-allow-origin: http://read3.w1.flibusta.life
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-encoding: gzip
strict-transport-security: max-age=31536000

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 63ms
62ms XHR
text/plain 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read3.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:17 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 01:50:17 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://read3.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 01:50:17 GMT

GET
H2 200 1382009 Show response
an.yandex.ru/meta/ 16 KB
9 KB 256ms
255ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/1382009?target-ref=http%3A%2F%2Fread3.w1.flibusta.life%2F&charset=utf-8&pcode-test-ids=493330%2C0%2C23%3B496140%2C0%2C93%3B497320%2C0%2C12%3B487926%2C0%2C82%3B492918%2C0%2C37%3B488525%2C0%2C54%3B406668%2C0%2C20%3B497862%2C0%2C35%3B498788%2C0%2C-1%3B204314%2C0%2C11&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22VAS_LONG_EXP_FLAG_ENABLE_MEDIA_FILE_TYPE_PRIORITY_FACTOR_FOR_DESIRED_BITRATE%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22473613%22%7D%5D%2C%22VAS_LONG_EXP_FLAG_MEDIA_FILE_TYPE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%221%22%2C%22testId%22%3A%22473626%22%7D%5D%2C%22IGNORE_DESIRED_BITRATE_INAPP%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22479145%22%7D%5D%2C%22PCODE_DISABLE_VIDEO_IN_COMBO_BUTTON_DUPLICATION%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22483906%22%7D%5D%2C%22ENABLE_ACTION_PANEL_WITH_ARROW%22%3A%5B%7B%22value%22%3A%22EVERYWHERE%22%2C%22testId%22%3A%22483906%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22494893%22%2C%22testId%22%3A%22496031%22%7D%5D%2C%22VAS_ENABLE_AD_LABEL_OF_YANDEX_DIRECT%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22496222%22%7D%5D%2C%22VAS_OPEN_AD_INSTEAD_OF_AD_SYSTEM_BY_LABEL_CLICK%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22496222%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%2C257448%5D%2C%22testId%22%3A%22479101%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22472957%22%7D%5D%2C%22SHADOW_ROOT_OPEN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22476923%22%7D%5D%2C%22NEW_ADBLOCK_LOG%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22487621%22%7D%5D%2C%22COUNT_TO_XHR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22487824%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22487852%22%7D%5D%2C%22HTTPS_FOR_ADAPTERS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22496411%22%7D%5D%2C%22HIDE_VIDEO_IN_COMBO_ACTION_BUTTON_IF_THERE_ARE_CLICKABLE_ASSETS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22497916%22%7D%5D%2C%22ADSDKVER%22%3A%5B%7B%22value%22%3A%22497320%22%2C%22testId%22%3A%22497320%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22487926%22%7D%5D%2C%22INTERSTITIAL_TO_ADAPTIVE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22492918%22%7D%5D%2C%22PP_INTENT_URL%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22488525%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2253124%22%2C%22testId%22%3A%22497862%22%7D%2C%7B%22value%22%3A%2253178%22%2C%22testId%22%3A%22498788%22%7D%5D%7D&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=gULXMpI%2FvOOkmM0EiKxXx33BqpSecIhOQcbORP9HnSvKYSoP7wSWowJNKSFmIRDIPpDHv10dYKxZJQIItWQBl8JcKdQ%3D&imp-id=6&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=532764923265026&ad-session-id=4375621643248216738&target-id=4216325&tga-with-creatives=1&top-ancestor=http%3A%2F%2Fread3.w1.flibusta.life&top-ancestor-undetermined=0&pcode-version=53193&pcodever=53193&flash-ver=0&available-width=1600&skip-token=yabs.NzIwNTc2MDU0MzEwODczNzUKNzIwNTc2MDI4Njk2NTg3MjcKNzIwNTc2MDQ2MTk5NTQ2NzgKNzIwNTc2MDQ2MzM5MzcwMzMKNzIwNTc2MDU2ODE4NTMzNzcKNzIwNTc2MDQ2Mjk2Mzg5NjIKNzIwNTc2MDQ2MTk5MTUyMTMKNzIwNTc2MDUyNDU2MDg1NzI%3D&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A0%2C%22top%22%3A6528%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A11%2C%22req_no%22%3A3%7D&grab-orig-len=1236&grab=dNCk0LvQuNCx0YPRgdGC0LAgfCDQmtC90LjQttC90L7QtSDQsdGA0LDRgtGB0YLQstC-CjEg0KTQu9C40LHRg9GB0YLQsCAKMiDQntCx0YnQsNGPINC40L3RhNC-0YDQvNCw0YbQuNGPIAoyINCb0Y7QtNC4INC60L7QtNCwIAoyICEhISDQotGA0LXQsdGD0Y7RgtGB0Y8gISEhICjRgtC10YXQvdC40YfQtdGB0LrQsNGPINGC0LXQvNCwKSAKMiBFUFVCL01PQkkgLSDQstGB0LUsINGH0YLQviDQstGLINGF0L7RgtC10LvQuCDQviDQvdC40YUg0LfQvdCw0YLRjC4gCjIg0J7QsdGF0L7QtCDQsdC70L7QutC40YDQvtCy0LrQuCDQtNC70Y8g0YPRgdGC0YDQvtC50YHRgtCyINC90LAgQW5kcm9pZCAKMiDQl9Cw0LTQsNGH0LAg0YLRgNC10YUg0YLQtdC7IAoyINCf0L7Qu9C90L7RgtC10LrRgdGC0L7QstGL0Lkg0L_QvtC40YHQuiAKMiDQotC10LwsINC60YLQviDQttC00LXRgiDQt9Cw0LLQtdGA0YjQsNGO0YnQuNC5INGA0L7QvNCw0L0g0YHQtdGA0LjQuCDQnS4g0KjRg9GB0YLQtdGA0LzQsNC90LAgItCe0LHRgNC10YfQtdC90L3Ri9C1INC90LAg0YDQsNGB0L_Qu9C10YLQtdC90LjQtSIsINC-0L3QuCDQttC1ICLQkdC10LPQu9C10YbRiyIsINC-0L3QuCDQttC1IFVud2luZCAKMiDQodCw0LzRi9C1INC30LDQv9C-0LzQuNC90LDRjtGJ0LXQtdGB0Y8g0LrQvdC40LPQuCAyMDE0INCz0L7QtNCwINCyINC20LDQvdGA0LUg0KTQsNC90YLQsNGB0YLQuNC60LAg0Lgg0KTQtdC90YLQtdC30LguIAoyINCg0Y3QvdCz0LAgCjIg0J_QvtC40YHQuiDQutC90LjQsyAKMiDQktGF0L7QtCDQsiDRgdC40YHRgtC10LzRgyAKMiDQndCw0LLQuNCz0LDRhtC40Y8gCjIg0J_QvtGB0LvQtdC00L3QuNC1INC60L7QvNC80LXQvdGC0LDRgNC40LggCjIg0JLQv9C10YfQsNGC0LvQtdC90LjRjyDQviDQutC90LjQs9Cw0YUgCjIg0KDRjtC60LfQsNGH0L7QuiAK&uniformat=true&callback=Ya%5B1834154718160%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

a9282480fab841f50fa4e992eaf11fee0a0e5f893d118ab26b07e05022c9a88d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read3.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:18 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 01:50:18 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1643248217897233-480667838903321226900258-production-app-host-sas-pcode-217
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: http://read3.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 01:50:18 GMT

GET
H2 200 x300
avatars.mds.yandex.net/get-direct/241354/Dpe6MjncEZfw5qZASkqd8g/ 18 KB
18 KB 48ms
47ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/241354/Dpe6MjncEZfw5qZASkqd8g/x300
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: f31f3006bf86e7b168f9d8ad03514b5c280e7524fc5e05c53766f62d3e9ba5f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 01:50:17 GMT
last-modified: Fri, 09 Nov 2018 07:42:58 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 18456
x-request-id: 8ad426649860f9b2

GET
H/1.1 200
Ok rustarot.ru
favicon.yandex.net/favicon/ 3 KB
3 KB 69ms
68ms Image
image/png 2a02:6b8::36
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/rustarot.ru?size=32&stub=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

0169fba0235eec2cb5e8511731cb3be0b9fc9b145f93b336e5294516af3511a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 wy300
avatars.mds.yandex.net/get-direct/4408665/jyh-EM5JFgMpxLhL9TWnHg/ 16 KB
17 KB 49ms
47ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4408665/jyh-EM5JFgMpxLhL9TWnHg/wy300
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 5afdaafa2a6eae8997def98a3feeb11ac6b3afa82d4ec45c24a702fc892a277a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 01:50:17 GMT
last-modified: Mon, 03 May 2021 13:12:46 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 16594
x-request-id: b5c00ec371fa9f77

GET
H/1.1 200
Ok wowfit.ru
favicon.yandex.net/favicon/ 2 KB
2 KB 66ms
66ms Image
image/png 2a02:6b8::36
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/wowfit.ru?size=32&stub=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

a9e2c21fea32dc63142707b7904f8a962f77bb77f81fdd6a8bbb700a1f94657b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 x300
avatars.mds.yandex.net/get-direct/4755507/bOrnvItgfYakpN7_m51-6A/ 20 KB
21 KB 57ms
55ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4755507/bOrnvItgfYakpN7_m51-6A/x300
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 3a9a492fbad3a10d0e45765f1eb2b86dac887202edd10d65ea755b0a3ae48e32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 01:50:17 GMT
last-modified: Thu, 13 May 2021 08:14:33 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 20946
x-request-id: 54b51bd33369e4e

GET
H/1.1 200
Ok akbirovaart.ru
favicon.yandex.net/favicon/ 2 KB
3 KB 46ms
45ms Image
image/png 2a02:6b8::36
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/akbirovaart.ru?size=32&stub=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

3f4b01069940693f6b84cc20f869d3d78105be38fca0e812e1ec1fc0e4d1af8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 y300
avatars.mds.yandex.net/get-direct/4012453/OYrJ4SbD0kIFZgXmy4F9vw/ 30 KB
31 KB 62ms
61ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4012453/OYrJ4SbD0kIFZgXmy4F9vw/y300
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 38a3b5f1156ecb916a87d5fdc82f97a659bacda099a984d446b75fa57d81e578

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 01:50:17 GMT
last-modified: Mon, 24 Jan 2022 08:24:39 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 30900
x-request-id: 773a39819f3e647e

GET
H/1.1 200
Ok faberlicworld.ru
favicon.yandex.net/favicon/ 468 B
681 B 46ms
45ms Image
image/png 2a02:6b8::36
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/faberlicworld.ru?size=32&stub=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8cff3b0ee7cd91bd8185932bbf57a0e129b4b9a0291ba08c70cfe0b8a833a27f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 wy300
avatars.mds.yandex.net/get-direct/4384279/e9nudrQsRPw0jHNlzkfsQw/ 13 KB
14 KB 62ms
61ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4384279/e9nudrQsRPw0jHNlzkfsQw/wy300
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 759f36c867bc2a0f057bc98bd860d02e590c3f38442eef46e2067050bf3a73df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 01:50:17 GMT
last-modified: Tue, 12 Jan 2021 14:56:39 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 13804
x-request-id: a7dd551d7a4df3d

GET
H/1.1 200
Ok arsamandi.ru
favicon.yandex.net/favicon/ 2 KB
2 KB 93ms
46ms Image
image/png 2a02:6b8::36
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/arsamandi.ru?size=32&stub=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

63cde3c17fce0e5852a294d0f7c939bca59034a0eb64636920d9b84d6dfc7735

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 x300
avatars.mds.yandex.net/get-direct/4471761/9Ve5qWPAmf0OCvF33sLFkg/ 10 KB
10 KB 67ms
66ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4471761/9Ve5qWPAmf0OCvF33sLFkg/x300
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 440a8f300cba4ec1407ef8bf5d1ea95bea6e7febbb05286bfd38e207e84c0504

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 01:50:17 GMT
last-modified: Sat, 20 Feb 2021 16:30:20 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 9978
x-request-id: dc33b85bd7a4a715

GET
H/1.1 200
Ok supraschool.ru
favicon.yandex.net/favicon/ 2 KB
2 KB 93ms
46ms Image
image/png 2a02:6b8::36
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/supraschool.ru?size=32&stub=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

c7b51ffb4818fb6c3ce0a92d42d42de2101de2cab3ed90880a8778edd324ca58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H/1.1 200
Ok veeam.com
favicon.yandex.net/favicon/ 427 B
640 B 63ms
44ms Image
image/png 2a02:6b8::36
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/veeam.com?size=32&stub=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

7dd34c9eee35f531427bd86eb783c9a5c08f38d69558d4db32eb3b7f8fc706d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 inpage.bundle.js Show response
yastatic.net/awaps-ad-sdk-js-bundles/1.0-497320/bundles-es2017/ 592 KB
149 KB 46ms
45ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-497320/bundles-es2017/inpage.bundle.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/53193/7f018a2f010d0d47a0e0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

f0bd09ce14c812196cf9b7fcf90b148bf6121813408ff06c25ad92dce4e4d17e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://read3.w1.flibusta.life/
Origin: http://read3.w1.flibusta.life
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 01:50:17 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 152348
x-nginx-request-id: 3c9c5e85af834a7f
last-modified: Tue, 25 Jan 2022 11:45:53 GMT
server: nginx/1.17.9
etag: "b6f681490fe7542662e37bdd3e3e67b9"
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2052 08:24:49 GMT

POST
H2 200 jstracer
jstracer.yandex.ru/ 2 B
262 B 239ms
88ms Ping
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://jstracer.yandex.ru/jstracer?AdSDKJS=497320&values=PrioritiseMediaFiles

Requested by

Host: yastatic.net
URL: https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-497320/bundles-es2017/inpage.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read3.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2
x-xss-protection: 1; mode=block

GET
H2

206

VP9_240_426_400.webm
ext-strm-cogent17.strm.yandex.net/vh-canvas-converted/vod-content/2863854409032195545/b3274d4f-2f258e59-bf6d7b00-1ebb2875/webm/
Redirect Chain

https://strm.yandex.ru/vh-canvas-converted/vod-content/2863854409032195545/b3274d4f-2f258e59-bf6d7b00-1ebb2875/webm/VP9_240_426_400.webm?sid=94f538eb3e8a51494c261520cdb5d67db3847ffe654608ce56d136df...
https://ext-strm-cogent17.strm.yandex.net/vh-canvas-converted/vod-content/2863854409032195545/b3274d4f-2f258e59-bf6d7b00-1ebb2875/webm/VP9_240_426_400.webm?sid=94f538eb3e8a51494c261520cdb5d67db3847...

821 KB
823 KB

203ms
96ms

Media
video/webm

2001:978:7401:1::37
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://ext-strm-cogent17.strm.yandex.net/vh-canvas-converted/vod-content/2863854409032195545/b3274d4f-2f258e59-bf6d7b00-1ebb2875/webm/VP9_240_426_400.webm?sid=94f538eb3e8a51494c261520cdb5d67db3847ffe654608ce56d136df1b0221ab&vsid=9d12087882c41eeddea529f7667ee2b76403b98bce45xVASx0NaNx1643248217&noredir=1&lid=1503
Protocol: H2
Server: 2001:978:7401:1::37 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 88fbd38472a996a0f979e26c443c21de09538e570a5e34e1b9f8f1c26926fda7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 01:50:18 GMT
x-estimated-bandwidth: 1088792
nel: {"report_to": "network-errors", "max_age": 1200, "success_fraction": 0.005, "failure_fraction": 0.05, "include_subdomains": true}
x-strm-log-split: 1
Content-Range: bytes 0-841136/841137
x_h: strm-kiv08.strm.yandex.net
x-connection-id: 357618144
Content-Length: 841137
x-request-id: de9f743811416a43
x-estimated-rtt: 47704
x-strm-request-id: de9f743811416a43
last-modified: Fri, 12 Nov 2021 05:30:13 GMT
server: nginx/1.18.0
etag: "2c125fdc4fd59c4a8ee930d74f5b0ff0"
x-robots-tag: noindex, noarchive, nofollow
report-to: {"group": "network-errors", "max_age": 1200, "include_subdomains": true, "endpoints": [ {"url": "https://dr.yandex.net/strm", "priority": 1}, {"url": "https://dr2.yandex.net/strm", "priority": 2} ]}
x-amz-version-id: null
access-control-expose-headers: Date, X-Strm-Session, X-Estimated-RTT, X-Estimated-Bandwidth, X-Connection-ID, Age
cache-control: max-age=300
access-control-allow-credentials: true
content-type: video/webm
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Range, X-Client-Timestamp, X-Strm-Session, X-Estimated-RTT, X-Estimated-Bandwidth, X-Connection-ID
expires: Thu, 27 Jan 2022 01:55:18 GMT

Redirect headers

date: Thu, 27 Jan 2022 01:50:18 GMT
nel: {"report_to": "network-errors", "max_age": 1200, "success_fraction": 0.005, "failure_fraction": 0.05, "include_subdomains": true}
x_h: strm-kiv08.strm.yandex.net
x-strm-log-split: 5
content-length: 0
x-request-id: d44bf4cffe073f51
x-strm-request-id: d44bf4cffe073f51
server: nginx/1.18.0
report-to: {"group": "network-errors", "max_age": 1200, "include_subdomains": true, "endpoints": [ {"url": "https://dr.yandex.net/strm", "priority": 1}, {"url": "https://dr2.yandex.net/strm", "priority": 2} ]}
location: https://ext-strm-cogent17.strm.yandex.net/vh-canvas-converted/vod-content/2863854409032195545/b3274d4f-2f258e59-bf6d7b00-1ebb2875/webm/VP9_240_426_400.webm?sid=94f538eb3e8a51494c261520cdb5d67db3847ffe654608ce56d136df1b0221ab&vsid=9d12087882c41eeddea529f7667ee2b76403b98bce45xVASx0NaNx1643248217&noredir=1&lid=1503
access-control-expose-headers: Date, X-Strm-Session, X-Estimated-RTT, X-Estimated-Bandwidth, X-Connection-ID, Age
cache-control: no-cache
access-control-allow-credentials: true
x-plg: host=strm-plgo-production-85.vla.yp-c.yandex.net; version=9064351
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Range, X-Client-Timestamp, X-Strm-Session, X-Estimated-RTT, X-Estimated-Bandwidth, X-Connection-ID
expires: Thu, 01 Jan 1970 00:00:01 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 63ms
63ms Preflight 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://read3.w1.flibusta.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
date: Thu, 27 Jan 2022 01:50:18 GMT
access-control-max-age: 1728000
access-control-allow-headers: content-type
access-control-allow-origin: http://read3.w1.flibusta.life
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-encoding: gzip
strict-transport-security: max-age=31536000

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 62ms
61ms XHR
text/plain 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read3.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:18 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 01:50:18 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://read3.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 01:50:18 GMT

GET
H2 200 WS8ejI_zO0K1nGq051W00000FF0IM0K01G8nMVhnOG00000uyjce0M2C66W4W06WxEu1Y062aOa8a070mFkqnO20W0AO0S30-xH5i06Ie8gc2BW1eg_3pn_O0Qw6cHxW0URZ_GkW0iwph1N0aNde1AeUY0NM0P05mGEm1Jsu1O01m0Ml0yW5U-05Tg06uWAe1k82o...
an.yandex.ru/tracking/ Frame ED9D 0
49 B 63ms
63ms Image
text/plain 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/tracking/WS8ejI_zO0K1nGq051W00000FF0IM0K01G8nMVhnOG00000uyjce0M2C66W4W06WxEu1Y062aOa8a070mFkqnO20W0AO0S30-xH5i06Ie8gc2BW1eg_3pn_O0Qw6cHxW0URZ_GkW0iwph1N0aNde1AeUY0NM0P05mGEm1Jsu1O01m0Ml0yW5U-05Tg06uWAe1k82oGPPLcJTqlX8Vga7UBAGE6DjEGAu1v0oq0S4u0Ua3yAGWGRq0u0A28WB3AeB45joYUnuiW00wqnEYeRM1G3m2mROZDFDv-BhvZwW3i24FQWF-EJo-REisvm2W13-dkeJcX0R2G00z3yPo12G9A4HXkjHk1w5up-0522e5C43m1I0uUiNwB3CzmNW507O5S6AzkoZZxpyOzWMcBwwWx-Z-FAL0O4N003mFvWNkxYy3j0O8VWOW1c270r8MZ4wLa5tQNf9OrStwHo07N-X7N43VVDE7gK_g1q1q1wBcAtdZD_mgrhO7gs57w0Vce__5yWVbyEC3z8V1JKpCJap400F8nZ08i6bj4rL3GX863_pjrtcgYOPu5KpgF2gusMB3CeaZ_5JtW-FFqOUUUToEbaCC0e0~1?action-id=11

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:18 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 01:50:18 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 01:50:18 GMT

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/protected/ Frame F4F9 24 KB
7 KB 51ms
51ms Document
text/html 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/protected/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=43200000; includeSubDomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/

Response headers

server: nginx/1.17.9
date: Thu, 27 Jan 2022 01:50:18 GMT
content-type: text/html
content-length: 6262
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
content-security-policy: default-src 'none'; media-src storage.mds.yandex.net storage.mdst.yandex.net; img-src 'self' yandex.ru yandex.ua yandex.by yandex.kz yandex.com yandex.com.tr *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net mc.yandex.ru an.yandex.ru data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' yandex.ru yandex.ua yandex.by yandex.kz yandex.com yandex.com.tr *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net an.yandex.ru mc.yandex.ru yastatic.net; child-src 'none'; frame-src https://yandex.ru https://an.yandex.ru; connect-src storage.mds.yandex.net storage.mdst.yandex.net mc.yandex.ru yandex.ru; style-src 'unsafe-inline' 'self' *.yandex.ru *.yandex.kz *.yandex.ua mc.yandex.ru storage.mds.yandex.net storage.mdst.yandex.net; font-src 'self' *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net data:;
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Sat, 27 Jan 2052 08:23:01 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes

GET
H2 200 image.jpg
storage.mds.yandex.net/get-canvas-html5/3006599/b1189bf4-332b-4d3c-90d8-737abeeff1a2/ Frame F4F9 74 KB
75 KB 47ms
47ms Image
image/jpeg 2a02:6b8::158
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.mds.yandex.net/get-canvas-html5/3006599/b1189bf4-332b-4d3c-90d8-737abeeff1a2/image.jpg
Requested by: Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/1-1-0/protected/render.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::158 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 81211473e99fae78ef02d3eeade1cccf9c85a248d4af1502613ffce4a244dbcb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 01:50:18 GMT
last-modified: Wed, 24 Jun 2020 09:07:52 GMT
server: nginx
etag: "3df0ecfa53d47298f4ade33dddab051a"
x-cache-status: hit
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-data-size: 76146
x-mds-request-id: aab26bec517ea1e3
x-robots-tag: noindex, noarchive, nofollow
content-length: 76146

GET
H2 200 WMKejI_zOBm0tGe0b15hjhaffaRoNGK0l04GW8200J5P-l5X000003ZosQW1i06Qbjsi28W20Ra203aoogMBeKRm0lJPwAq8m95vy0K1e0RY0hW6m0791bbE3RI5i1KMgGUttVpYEsqv0k03-0cm2O0A28WAZG6jfFg1jzq002jtH8g6rl0B1e0CcfRTh0YO3jYCq... Show response
an.yandex.ru/count/ 0
51 B 72ms
71ms XHR
text/plain 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/count/WMKejI_zOBm0tGe0b15hjhaffaRoNGK0l04GW8200J5P-l5X000003ZosQW1i06Qbjsi28W20Ra203aoogMBeKRm0lJPwAq8m95vy0K1e0RY0hW6m0791bbE3RI5i1KMgGUttVpYEsqv0k03-0cm2O0A28WAZG6jfFg1jzq002jtH8g6rl0B1e0CcfRTh0YO3jYCqytduklcFhaEEXR13kIe3xUxy_c-fzkS0f0GcBwwWx-Z-FAL0VWG0vcjzxqpu1G1s1N1YlRieu-y_6FmoV0_WHVmFwWN3PaOq1WX-1Y06RWP____0S0PsDoXrTxWZvflqXaIUM5YSrzpPN9sPN8lSZOnDYqnw1cE0l0PWC83WXmDKq92EZHNHMTwIMDND-aSW1t_VnG0K6JyQn18lmO61NTLD4nYO90SykMoLKRE-Yew6iSha9gjvdJAU5irksB4g5haeTkrSvG5mU6hXJ_uqqSC40e0~1=WhCejI_zO302JHK0z2JnM3gcC0D034W2O8mOQ0HmpBli_UYbvBhi0O01qzsP18W1Yupi3P01diIkyTI0W802c06UnAxnLB01cfRTh0Yu0Q3rlguZs07-tDUV0U01lhlkdeYDthu1e0A4sOiPi0EZ7lW4xW681Uu1a0Nc1A05HAW5HB05HBW5hm701OK5o0Mu0T056E05TfW6c8gSYWge1k82k0UGCgGFyGS00CAGWGRW2CBinGo02WZ92YMzUkHVMku_sGkttVpYEsqv0kWBvWI039gMtQm8Y0pAbzw-0UWCcmQO3RJoEOaEkGuw5W313kG8W13YszyVaSGWq13bYwzVc161yHsX4LAu7eNhKSZW4QYVnWNe4TNivSdIwko-b05x6nHuhnf4FvWJ0k0Jhm60522858Rqvv2f-C-1pm6W5Ay1g1Jc1D3RZuq6w1IC0j0LqDkFZGRO5S6AzkoZZxpyOvWMhlU4ZmQWg1Re1x0Mw0N9y3_G5igNthu1s1QOlhg3lwFuyfK1WHS0y3-O5w71r2su5mJ05xOoq1VGXWFO5xM6FUWN0PaOe1WCi1ZmryUF1hWO0VWOv8Yr-RVQrwzKW1c96QDse1d00RWP____0U0P0UWPZWBm6O320u4Q__yBYQmRDqI86i24FPWQrCDJzHe10000-1gqyZcO6_NsEB0RIBWR0-aR0000m3gEEK7m6ucwvWBu6u2Dmm7f780T_t-P7Q4Tm1P5oPbHap-e7G7W7Q721QWU0TWUhOKVY1____y1e1-_h9GWi1y4o1-_xkjFqXy5DJCnEJCS040r70uX8sQKB8ySXpBWxuximSgOO54ELtnDbbCPY37zJ8BNyDcxPat4aYNqkmgNYu2s1GbeUeKg3C7LWwJAy3kUDVOY1i7OGmZLFCU0KgLq_gbtvX3F~1?viewability-undetermined=0

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read3.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:18 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 01:50:18 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://read3.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 01:50:18 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read3.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:18 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 01:50:18 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://read3.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 01:50:18 GMT

GET
H2 200 bundle.js Show response
yastatic.net/q/set/s/rsya-tag-users/ Frame ED9D 105 KB
37 KB 60ms
60ms Script
application/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 01:50:19 GMT
content-encoding: br
last-modified: Fri, 29 Oct 2021 11:19:01 GMT
server: nginx/1.17.9
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Sat, 29 Jan 2022 13:48:31 GMT
cache-control: public, max-age=31556952
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
x-nginx-request-id: 8e762fe8730a9015

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame ED9D 137 KB
49 KB 87ms
86ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

2f3ee8524a05db8a30e14cfbe98175341508f92759804299364e97848f4a0148

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 01:50:19 GMT
content-encoding: br
last-modified: Wed, 26 Jan 2022 15:48:14 GMT
etag: "61f1430e-c1c4"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 49604
expires: Thu, 27 Jan 2022 02:50:19 GMT

GET
H2 200 data Show response
yandex.ru/set/s/rsya-tag-users/ Frame ED9D 403 B
844 B 104ms
103ms Fetch
application/json 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/set/s/rsya-tag-users/data?referrer=http%3A%2F%2Fread3.w1.flibusta.life%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

d978f0015bc749229c5a5250e624eb7948dee8b6ddb1ff119c508f69f091c945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 01:50:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: public,max-age=300
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame ED9D 39 KB
15 KB 82ms
38ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

63158f73aa9f4d442cf349762c6beac9fcf35c14c3376888e728164acfde3b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 01:50:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14855
x-xss-protection: 0
server: cafe
etag: 17539559064140624452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 27 Jan 2022 01:50:19 GMT

GET
H3

200

/
www.google.se/pagead/1p-user-list/1014923426/ Frame ED9D
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=W_rxYY3eHa6rx_AP1aqo2A...
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=858669340&crd=CNPgGw&is_vtc=1&random=83950293
https://www.google.se/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=858669340&crd=CNPgGw&is_vtc=1&random=83950293...

42 B
64 B

56ms
29ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=858669340&crd=CNPgGw&is_vtc=1&random=83950293&ipr=y

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.se/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=858669340&crd=CNPgGw&is_vtc=1&random=83950293&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.se/pagead/1p-user-list/1014923426/ Frame ED9D
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=W_rxYeHgHeGy-gaUybjoCA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=430365479&crd=CNPgGw&is_vtc=1&random=1709372091
https://www.google.se/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=430365479&crd=CNPgGw&is_vtc=1&random=17093720...

42 B
64 B

60ms
33ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=430365479&crd=CNPgGw&is_vtc=1&random=1709372091&ipr=y

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.se/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=430365479&crd=CNPgGw&is_vtc=1&random=1709372091&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3 Show response
mc.yandex.com/watch/ Frame ED9D 167 B
290 B 45ms
44ms XHR
application/json 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=http%3A%2F%2Fread3.w1.flibusta.life%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3Agqny5kf3qo6c2s0fzz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A671999833927%3Ahid%3A479308990%3Az%3A0%3Ai%3A20220127015019%3Aet%3A1643248219%3Ac%3A1%3Arn%3A615797956%3Arqn%3A1%3Au%3A164324821910171762%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1643248217289%3Ads%3A0%2C87%2C43%2C6%2C0%2C0%2C%2C50%2C0%2C187%2C187%2C0%2C187%3Aco%3A0%3Ast%3A1643248219&t=gdpr()aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

b1a4bb65a1f0a9b32fd6f4761545c3c1f332970cb0d94dc491fd4d2e08c4a190

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:19 GMT
x-content-type-options: nosniff
last-modified: Thu, 27-Jan-2022 01:50:19 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Thu, 27-Jan-2022 01:50:19 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame ED9D 43 B
100 B 43ms
43ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 01:50:19 GMT
last-modified: Wed, 26 Jan 2022 15:48:14 GMT
etag: "61f1430e-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 27 Jan 2022 02:50:19 GMT

GET
H2 200 1GXRafbg0QC100000000U9nJZBXdzDv_nLfLm-rt_pYgvreoMKRy-fZ800IUC95G_zgblB6LOg8CgOn0ySpjTtkiGUAbh41UxKOWqSgO02Id0cKL66OoElvY08E5Z9jEGLWh6KK28QozZ1hCF0n7mVohZ23ZxZ8oo30m_6MSnSJ0C9S99BAKwHGp0yDQ9f0nPvd-0... Show response
an.yandex.ru/rtbcount/ 43 B
154 B 69ms
68ms XHR
image/gif 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/rtbcount/1GXRafbg0QC100000000U9nJZBXdzDv_nLfLm-rt_pYgvreoMKRy-fZ800IUC95G_zgblB6LOg8CgOn0ySpjTtkiGUAbh41UxKOWqSgO02Id0cKL66OoElvY08E5Z9jEGLWh6KK28QozZ1hCF0n7mVohZ23ZxZ8oo30m_6MSnSJ0C9S99BAKwHGp0yDQ9f0nPvd-0y4h9W7NwXSns-y2BV6rxsgxnihmbua5P34po0szp8eWwvb1ckSoCu4i198AO0itCY_I2fgwEMIdpKdcY6DRAiNMdxMx2bPv5qp-P7PmueSub-Li_qOmQmNBmI_CErYO3x0mtcI1kFk3_KEMMJD1uARzMnQGwnUmyfvaRMba1qlVP8t8M_6ArTua_oihoC4psAuS3bx0zkHvP_UEBsiVvAraWsa-mEPnWetv4Hjli9EJbMbeVcgLPtAu-Kisc3K_sIhJrs_wmFhLVXOxgwcneQKn00wcVkG0?confirmTime=2100000&confirmRatio=1000000&test-tag=532764923265026&format-type=95&actual-format=7&rnd=9320919973039&pcode-active-testids=487926%2C0%2C82&banner-sizes=eyI3MjA1NzYwMzIxMjY3NDE4MSI6IjM5NngyOTAiLCI3MjA1NzYwMzE1NTQ5ODM0MSI6IjM5NngyOTAiLCI3MjA1NzYwNTYzNTAyNjIwMiI6IjM5NngyOTAiLCI3MjA1NzYwNDA3NDY4Mzk5NyI6IjM5NngyOTAifQ%3D%3D&width=1600&height=290

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read3.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:19 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 01:50:19 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://read3.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 01:50:19 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame ED9D 3 KB
1 KB 63ms
37ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1643248219522&cv=9&fst=1643248219522&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fread3.w1.flibusta.life%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e5a673466a97849a092fcae523b713f2f8961c38e94f6f578deaba4816dfe18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1119
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame ED9D 3 KB
1 KB 60ms
35ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1643248219525&cv=9&fst=1643248219525&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fread3.w1.flibusta.life%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebf0f651e0518e436753f194730217bdccad652b14f42e41e3e63eb18e56ed3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1122
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame ED9D 3 KB
1 KB 58ms
36ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1643248219528&cv=9&fst=1643248219528&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fread3.w1.flibusta.life%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

91c2fa896deb98397cc3fb371b114e849ef5829fd2d16847efabf82d44505095

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1122
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame ED9D 3 KB
1 KB 56ms
36ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1643248219529&cv=9&fst=1643248219529&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fread3.w1.flibusta.life%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b19eb1446ae849b66d1591da3d7be24b9c7c55fe28a4c23b73b5089c4a34be5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1122
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame ED9D 42 B
108 B 76ms
32ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1643248219525&cv=9&fst=1643245200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fread3.w1.flibusta.life%2F&async=1&fmt=3&is_vtc=1&random=1078892183&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.se/pagead/1p-user-list/693627671/ Frame ED9D 42 B
108 B 77ms
31ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/pagead/1p-user-list/693627671/?random=1643248219525&cv=9&fst=1643245200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fread3.w1.flibusta.life%2F&async=1&fmt=3&is_vtc=1&random=1078892183&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame ED9D 42 B
548 B 74ms
31ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1643248219529&cv=9&fst=1643245200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fread3.w1.flibusta.life%2F&async=1&fmt=3&is_vtc=1&random=3041078196&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.se/pagead/1p-user-list/693627671/ Frame ED9D 42 B
108 B 78ms
33ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/pagead/1p-user-list/693627671/?random=1643248219529&cv=9&fst=1643245200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fread3.w1.flibusta.life%2F&async=1&fmt=3&is_vtc=1&random=3041078196&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame ED9D 42 B
108 B 74ms
33ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1643248219528&cv=9&fst=1643245200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fread3.w1.flibusta.life%2F&async=1&fmt=3&is_vtc=1&random=3844715850&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.se/pagead/1p-user-list/947884341/ Frame ED9D 42 B
108 B 75ms
30ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/pagead/1p-user-list/947884341/?random=1643248219528&cv=9&fst=1643245200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fread3.w1.flibusta.life%2F&async=1&fmt=3&is_vtc=1&random=3844715850&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame ED9D 42 B
108 B 77ms
36ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1643248219522&cv=9&fst=1643245200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fread3.w1.flibusta.life%2F&async=1&fmt=3&is_vtc=1&random=3428847819&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.se/pagead/1p-user-list/947884341/ Frame ED9D 42 B
548 B 74ms
30ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/pagead/1p-user-list/947884341/?random=1643248219522&cv=9&fst=1643245200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fread3.w1.flibusta.life%2F&async=1&fmt=3&is_vtc=1&random=3428847819&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 37412095 Show response
mc.yandex.com/watch/ Frame ED9D 350 B
385 B 42ms
42ms XHR
application/json 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=http%3A%2F%2Fread3.w1.flibusta.life%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3Agqny5kf3qo6c2s0fzz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A2%3Adp%3A1%3Als%3A1134178441195%3Ahid%3A479308990%3Az%3A0%3Ai%3A20220127015019%3Aet%3A1643248220%3Ac%3A1%3Arn%3A815242705%3Arqn%3A1%3Au%3A164324821910171762%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1643248217289%3Ads%3A0%2C87%2C43%2C6%2C0%2C0%2C%2C50%2C0%2C187%2C187%2C0%2C187%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643248220%3At%3A&t=gdpr(6)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

6625a84e0cf260065dfc6d781f32eaad7de68d18ac750fa539e3c647fe766d9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:19 GMT
x-content-type-options: nosniff
last-modified: Thu, 27-Jan-2022 01:50:19 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Thu, 27-Jan-2022 01:50:19 GMT

GET
H2 200 WJqejI_zO980dGa0T0yDfNrFD3_hV0K0aW4GW8200J5O-l5X000003ZosQW1Y085kG80EJBAfOkXHl02YSVWdGl0aNdm1G6W1k82k0R00Sa6MDuoxq-ehIMf1xVTZ3idRJa22geB44Lxw5ottG00bKq_YeRMy0i6c0xOZDFDv-BhvZwe3xUxyu_qfDkS0f0GcBwwW... Show response
an.yandex.ru/count/ 43 B
82 B 68ms
67ms XHR
image/gif 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/count/WJqejI_zO980dGa0T0yDfNrFD3_hV0K0aW4GW8200J5O-l5X000003ZosQW1Y085kG80EJBAfOkXHl02YSVWdGl0aNdm1G6W1k82k0R00Sa6MDuoxq-ehIMf1xVTZ3idRJa22geB44Lxw5ottG00bKq_YeRMy0i6c0xOZDFDv-BhvZwe3xUxyu_qfDkS0f0GcBwwWx-Z-FAL0VWG0vcjzxqpa1Dau1G1s1N1YlRieu-y_6FmoHQ15wWN3PaOq1WX-1Y06RWPm1dOtA7Ltk2Fcc_I6H9vOM9pNtDbSdPbSYzoDZ4sBJ7e6S0Cy1c0mWE270rJGa8wDLLlPNf9OrStwHo07Vz_4W1GPBnh42Y6ZK71NHKDa-WMWaa8WhbizQxCtSRHE1vyr6pBIwSy8l8miDeviQeh5YiJ_jXl4350A000~1=Wl8ejI_zO702HHS0X2Ydux2CS0E6WC2tkTsexiS1W07Prvd-Ye_KkOi1Y07kwzQEJf01YfBShSI0W802c06AajojHA01x96e0UoHtAr4k07GhSAs7zW1ykxA7-01tj6O7-W1zWEW0j2jYWgm0vOQY0N1tXcG1QBp6h05jEi6k0MqwmR01QBE9iW5mUW9q0MKtWBW1PMe1k82k0U01T070jW74E07XWhn1m000032w9Q51O0A0S4ARZAWdP_6lZ_9-0g0jHZP2xVTZ3idRJa2w0l1tXc838h5thu1w0oR1fWDrEKpFw0Em8GzW13bn_uOcX0R2K04640Po131a13G4CANhr-O4O7n7Q4HKhWUXUjHoE0HpP_61UWHuD7upAgskkqG84ZlG481KHu5tj0_c1C2u1EqwmQ85EADpj-LivBaGw0KjEi6g1IYyngm583km1Qu583qxWR850BG59NCnG7O5Cc4meq6w1IC0j0LoOJ2ZGRO5S6AzkoZZxpyOvWMhlU4ZmQWi1Qo0xWM0S0MOCaMy3_G5eh5thu1s1QOlhg3lwFuyfK1WHUO5-EO_YUu5m705xKoq1VGXWFO5_NvEkWN0vaOe1WBi1ZmryUF1hWO1lWOv8Yr-RVQrwzKW1c96OI1e1d00RWP____0U0P0kWPm0pm6O320u4Q__z7tM_CT-M86i24FP0QW42O6jJ3Kw0Q-fp4Zjd2tuIo0VKQ0G0009WRrEKpi1j8k1i3s1j0wHi00000hSbWGV0RY8F14FWRXwtl3jWSmTuPu1oYynhf703mF_4S0000-Ab7nh-07Vz_cHq0y3-97gWU0T0UkCEQdxlhke7-0TWU-jeUe1_bn_uOi1y1o1-vj-KFqXy5DJCnEJCW05O44N09a3K1BGg7dqiPnNa7CM7Au2YI0oNYPmRzL4QiDX1IcexLihcC6kAnDDkR8_TTtK2BM0MDaO6W2GrQBCZYyrm42CleEGR11nzITALqZiRnw9odPjx1DW47~1=WjCejI_zO6W2JHO0b2PFEUPYQ0EqYxcspTcxmB81W041Y06hkgFECv01ojMOzyE0W802c07ArPZtGw01ngW1nhW1w9-WkHdO0SRGk1JW0OYwjnJe0Tu3e0BizVyIm08Be0C4i0FMBOW5WwCBa0MtbGom1PAy0xW5ahm3m0M3Z0t81VlT0z05i9u1u0MK0PW6o8U0a0oe1k82k0U01T075jW74E07f0_n1yA2zlg_2SaAlmePEgDFyZ_P2xVTZ3idRJa2w0k3emk83AQZthu1gGoWdBhcQ3guF-WCcmQO3TJbCx0-e0x0X3tP3-8oNBE6nUu_W13loPuHeIAO4O7n7Q4HKhWUXUjHoE0HpP_61UWHuD7upAgskkqG84ZlG14VItlAvC0_c1C2u1FBa0I85EADpj-LivBaGw0Kov04g1J6lGx6h_2A1kWKZ0BG5SQly8e6s1N1YlRieu-y_6EO5gxtX8y6eB0MiWF95j0MfgFUlW7O5fY-keE_e_ZobG615m3mFvWN_hhX5RWN0S0NjJBG5z260zWNllqww1S1cHYW60sm6F3Nnuy6k1W4-1ZaYBNvjzhNhrI06OaPX86W6S01k1d___y1u1a6w1d03F0PWC83WHh___y48uoa1uWQm8Gza1g0W820X828G9WQrCDJzHe10000c1lKvJEm6qYu6mFO6u20W801wHi00000jsRuGF0RYx8L-1kjfX2X7000040DyD4_gHm000Z0iHou7eNhKRZElxb0s1oojGtW7CQz3kaSyHm0003ugKV6lu0T_t-P7OaUg1u1s1xysXwW7-_9dX6m7mB87wEed0hI7mKrCp4vCo00BOBZHaZAvEI48DzDgYO8aQACShk3EB0o9WBbS2_K43YLWHIMr4g23I_tfNYvDHUB2o7N5m4r47WY20aeIJ54m43ESmK808H5Gyyne5ifdTMwniW6x4XDKe9j0Wu0~1=WjCejI_zO582JHO0v2RGr2AIKWFo-Oxpzx64oC81W07Y-ywJ0eW1cV38luK1a06qjEspre20W0AO0RIqxRDMe06mg06mk06QhlRN8zW1xDUNeW7W0RpHbw81w06i1FW1wfNUlW6W0fZNbHcO0y24FQ031h03WZA81Usy2v05ku0Ci0NGXWEu1T260y05k_KIo0NGvmJG1Q2S0U05C9W6c8tX6QW6uWAu1u05yGS00CBCwyeCW0e1mGf9HJnhsmlhFydu2e2r6DaBjzsCEoTjEGBe2-sy2uWCu8NZlW7e39i6c0tKvJDmFQ0Em8GzsO0Gzgcq8S6o49WHWV4TeH5Ik1w5wr78u17DdyO5w17WqVZCghQwxH3n4G00000WIEz0sD--JwKOjp-O4mBW4z260uWKuetEtvMpakH3e1JGXWEe5Bk03B0Kwwsm2RWKW9lk1T0KsFdWMTWKlyV0ZmRe58m2q1M_ny2F1jWLmOhsxAEFlFnZc1QkzuIF1g2m5h83oHRG5k25uxu1s1QOlhg3lwFuyfK1WHS0y3-O5v2kaowu5m705xKoq1VGXWFO5uZIE-WN0PaOe1W3i1ZmryUF1hWO1_WOv8Yr-RVQrwzKW1c96OI11m000000e1d00RWP____0U0P1EWPm0pm6O320u4Q__-38p60Bao86i24FPWQrCDJzHe10000c1lKvJEm6qYu6mFf6m000C3rqn51y1lZZqRu6u_VEzWSxRmBu1oxW0pf7F4S0000-Ab7nh-07Vz_cHtW7UkiD8aUg1u1q1wvtfkBlDs7c3RO7lhQ7eWV____0Q0Vzgcq8R0V0yWVzkkBKT8V1JKpCJap7G2n6Yo584Oe8N3ah3A661jb00TMy4IW7Ex56WAfCZIqFkkz3pOa-Asv0BDa2H7FMdWHgq73X22ynuFg0B8OFHSyHmpCnEicelGS0mAmb4u8x71DKe9j0Wu0~1=WjiejI_zO6O2ZHO0n2P6mqvyPWEqYxcspTcxmB81W06AgEW3Y07qqxkvHf01kldbuyg0W802c06w-UNZIg01XAW1XBW1oi_1_HtO0OI0vHlW0TYyv0de0Vm3e0B2ggqKe0C8i0EvCeW5diOBa0NIs0km1V_X0xW5_-43m0Nih1V81SV21z05cPW1u0MKg0RY0hW7W0NG1mBO1n3W1v0DyGS00000mg7LbcqtN9zKiE0_oTaBjzsCEoTjEGBe2vx62vi6c0tKvJEW3i24FO0GmhlP5i6m49WHWV4TeH5Ik1w5wr78u17DdyO5w17WqVZCghQwxH0WIEz02Pk0lkVym3-O4mBW4__X0uWKuetEtvMpakH3e1J_uGEe5DBO2x0KelwE1BWKm8st0S0KW8ZUlW7850JG5AlmYHtO5D6U-uu6w1IC0j0LqPxxZWRO5S6AzkoZZxpyOvWMhlU4ZmQWi1Qo0yaMq1Qcezw-0TWMcBwwWx-Z-FAL0O4Nc1UdgOa5k1S1m1UrCj0Nq8O3s1UVpJhe5mAP6A0O2B0OyDV7ZmQu60tu6EI8jVctsjUlL80PYHc4WQ0Pm06u6Vy1u1a1w1d03F0PWC83WHh__vE0UM0ZDuWQm8Gza1g0W820X828G9WQrCDJe1g9z_MKghBJbSq1zHe10000c1lKvJEm6qYu6mFO6u20W801wHi00000x28rGV0RZiE60lWRoPcp0TWSdiOBu1pIs0lf703mF_4S0000-Ab7nh-07Vz_cHq0y3_W7UJs_mA97gWU0T0UrkBAwiQ8d-bws1xxsXw87____m6W7yAxsHQm7mJ87uB0yWtI7mKrCp4vCo40ingCY204BW6oog15_1dPnSI1AOEZI0wKNASXq5GPiTP0I5awrbLpiK88MVEkGY15GBsVqouG43v3LqTrlQ15OaTiE905vxa84DRGSmm23Zwat4hfFECrHWfW7MiI7MmJS000~1?stat-id=5&test-tag=532765174955585&banner-sizes=eyI3MjA1NzYwMzIxMjY3NDE4MSI6IjM5NngyOTAiLCI3MjA1NzYwMzE1NTQ5ODM0MSI6IjM5NngyOTAiLCI3MjA1NzYwNTYzNTAyNjIwMiI6IjM5NngyOTAiLCI3MjA1NzYwNDA3NDY4Mzk5NyI6IjM5NngyOTAifQ%3D%3D&format-type=95&actual-format=7&pcodever=53193&banner-test-tags=eyI3MjA1NzYwMzIxMjY3NDE4MSI6IjQyOTUwMjQ2NTciLCI3MjA1NzYwMzE1NTQ5ODM0MSI6IjQyOTUwMjQ2NTgiLCI3MjA1NzYwNTYzNTAyNjIwMiI6IjQyOTUwMjQ2NTkiLCI3MjA1NzYwNDA3NDY4Mzk5NyI6IjQyOTUwMjQ2NjAifQ%3D%3D&pcode-active-testids=487926%2C0%2C82&width=1600&height=290&confirmTime=2102000&confirmRatio=1000000&wmode=0

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read3.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:19 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 01:50:19 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://read3.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 01:50:19 GMT

GET
H2 200 1ObGYYs30Ra100000000U9nJZFJZtTAwGLJCSFjTc_VMkPPCbf6_FYOo084dJ2HKS-UsxDXACL66L4QWUERsktyUWSHBGRpQZK2YbJ41I4u5yXKOPZ8kTcO0WuMCLc8Grah69nmGrbx6IJzu68w2-LSPGGRSPMIGOM3uozYxzBJJN2OceCXIfWz0SYrJ191pbka_4... Show response
an.yandex.ru/rtbcount/ 43 B
82 B 63ms
62ms XHR
image/gif 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/rtbcount/1ObGYYs30Ra100000000U9nJZFJZtTAwGLJCSFjTc_VMkPPCbf6_FYOo084dJ2HKS-UsxDXACL66L4QWUERsktyUWSHBGRpQZK2YbJ41I4u5yXKOPZ8kTcO0WuMCLc8Grah69nmGrbx6IJzu68w2-LSPGGRSPMIGOM3uozYxzBJJN2OceCXIfWz0SYrJ191pbka_4BnY4bYxv5VZzhiC3DhbBbrjrrWP_ZAnW2ncPWMIlSoA8EkPGNRCPGOPiH98AZ20-1kP5sa5JTqSijFc97F4iIsLOklFsbrb1biC9fyost__nVcJsS697-9ebXNz6y6i7IpC1rWORx907Fx1_Y7Bh9aWSDF-BGl8-GjOUK-oBYvZ1qjVO5MuoHgHj-8Lgxr9_bTMaAD_iN8QcfcRc1WP6LisiEr_zzf_1jkLmy4Bs9uyx-pUyMNjWxoLR30J3x1vd61ZViJ66-paP6KIxffUvPaSRlwI3MRtJxRBaw_h5s_yQ3-BdTNKsD3I6034CugE?confirmTime=2100000&confirmRatio=1000000&test-tag=532764923265026&rnd=2405182257639&pcode-active-testids=487926%2C0%2C82&width=270&height=600&media-test-tag=16257125219

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read3.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:19 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 01:50:19 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://read3.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 01:50:19 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 01:50:19 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 01:50:19 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 01:50:19 GMT

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

56 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 00:28:54	Name: afpix Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 00:36:06	Name: pcssspb Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 00:28:54	Name: pcs3 Value: 1
.yadro.ru/	1970-01-20 09:12:46	Name: FTID Value: 1XyVfc3Qmd8F1XyVfc001JI9
.yadro.ru/	1970-01-20 09:12:46	Name: VID Value: 2A6VzX3KvVOF1XyVfc0013db
.an.yandex.ru/	1970-01-20 00:37:33	Name: yabs-vdrf Value: A0
.1dmp.io/	1970-01-20 09:13:04	Name: uid Value: 7a585c00-7f13-11ec-a15e-901b0e8d6a9d
.weborama.fr/	1970-01-20 09:59:09	Name: AFFICHE_W Value: l9h16g96LlCX99
.1dmp.io/	1970-01-20 00:27:28	Name: ru-seq Value: null
.yandex.ru/	1970-01-23 16:03:28	Name: yuidss Value: 9099796631643248217
.yandex.ru/	1970-01-23 16:03:28	Name: yandexuid Value: 9099796631643248217
.mc.yandex.com/	1970-01-20 00:27:28	Name: sync_cookie_csrf Value: 4044204376fake
.sonar.semantiqo.com/	1970-01-21 21:05:52	Name: semantiqo_a Value: 9977ac5191f4407ab2465bed7ed1eb63
.sonar.semantiqo.com/	1970-01-20 09:23:09	Name: check Value: 926c16212e0a4dbbad332cb07a8050ca
.mc.yandex.ru/	1970-01-20 00:27:28	Name: sync_cookie_csrf Value: 2936140024fake
.dmg.digitaltarget.ru/	1970-01-21 02:22:40	Name: viuserid Value: 1dTPjKr5qGwuFMb755JD
.aidata.io/	1970-01-20 17:58:40	Name: __upin Value: dnzWAzZHsDJ8vL69Lf5iww
.aidata.io/	1970-01-20 17:58:40	Name: __upints Value: 1643248217
.adx.opera.com/	1970-01-20 01:10:40	Name: UID Value: ca63f4df31dd45538b0ab6e41775da5b
.yandex.com/	1970-01-20 09:13:04	Name: yandexuid Value: 9099796631643248217
.yandex.com/	1970-01-20 09:13:04	Name: yuidss Value: 9099796631643248217
.mc.yandex.com/	1970-01-20 00:28:54	Name: sync_cookie_ok Value: synced
x01.aidata.io/	1970-01-20 00:37:33	Name: yaya Value: 1
.doubleclick.net/	1970-01-20 09:49:04	Name: IDE Value: AHWqTUmlydVyxVscGH44CXzO6GjAGfJ_VSOnaDkj8D0dAMzH8OxuDRZFIp94QXCX56U
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2349329491643248217
.yandex.com/	1970-01-23 16:03:28	Name: i Value: QLf+vqxU94qf8UH9xlp3UDdJzbfyGs9TP/rPgrdu4GK/5MsuhICfJ5OwfknII56yloTaV9WZKFcd7MVg3Vw1bx99x88=
.yandex.com/	1970-01-20 09:13:04	Name: ymex Value: 1674784217.yrts.1643248217#1674784217.yrtsi.1643248217
.demdex.net/	1970-01-20 04:46:40	Name: demdex Value: 70861426602753587373997703171072430991
.betweendigital.com/	1970-01-20 09:13:04	Name: dc Value: mow1
.betweendigital.com/	1970-01-20 09:13:04	Name: ss Value: 1
.rutarget.ru/	1970-01-20 04:46:40	Name: userId Value: nYaXkaJcue09
.acint.net/	1970-01-20 00:27:28	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-25 20:05:16	Name: aid Value: fwAAAWHx+llaAgaOyVczAt1ye8LM4QrU/0g6G+JpIDhFJieK
.dpm.demdex.net/	1970-01-20 04:46:40	Name: dpm Value: 70861426602753587373997703171072430991
.betweendigital.com/	1970-01-20 09:13:04	Name: tuuid Value: 1c824dfd-16a9-511b-8cc8-0065ed39fa3c
.tns-counter.ru/	1970-01-20 09:13:04	Name: guid Value: 383B693661F1FA59X1643248217
.caltat.com/	1970-01-21 21:05:52	Name: caltat Value: 5da1de2981a449e59c8f71f24346907a
.acint.net/	1970-01-20 01:10:40	Name: cSyncDp14v3 Value: 1643248217
.upravel.com/	1970-01-20 00:27:28	Name: session_tptc Value: 1643248217914
.betweendigital.com/	1970-01-20 09:13:04	Name: ut Value: YfH6WQAN0xDHeVz5KMJW3iJKZ-woZDt8wG9Qng==
.whiteboxdigital.ru/	1970-01-20 17:58:33	Name: MiId Value: ff1d463c-fe03-4b6f-8432-b0c29db2f699
.uuidksinc.net/	1970-01-20 09:13:04	Name: jcsuuid Value: sKiUQbO8RBoSg03J71S8
.upravel.com/	1970-01-23 16:03:28	Name: user_id Value: 96252c97-5794-4a37-8098-47d7545774d9
.ssp-rtb.sape.ru/	1970-01-25 20:05:16	Name: sspuid Value: fwAAAWHx+lm90AAiKIbQAqhUkuw/W0ZpXXnZc2v23k+Li5di
.mts.ru/	1970-01-20 09:00:06	Name: dspid Value: 73b99467-ce5b-465a-b257-23699a99dc5a
.magnitent.com/	1970-01-21 21:05:52	Name: sonar Value: 9977ac5191f4407ab2465bed7ed1eb63
.magnitent.com/	1970-01-21 21:05:52	Name: ct Value: 5da1de2981a449e59c8f71f24346907a
.magnitent.com/	1970-01-21 21:05:52	Name: spid Value: 5A9FBD0828BFC1D1
.magnitent.com/	1970-01-20 01:12:06	Name: 3db Value: 5A9FBD0828BFC1D1
.adhigh.net/	1970-01-20 09:13:04	Name: gi_u Value: 5nUqkegvElc.AikABlF-mTnwIw
.mts.ru/	1970-01-23 14:51:28	Name: mts_id Value: 77b88bdd-8e6b-4c64-81f1-c239f99d1354
.mts.ru/	1970-01-23 14:51:28	Name: mts_id_last_sync Value: 1643248218
.adhigh.net/	1970-01-20 09:13:04	Name: yandexssp_sync Value: j8B
.yandex.ru/	1970-01-20 17:58:40	Name: is_gdpr Value: 1
.yandex.ru/	1970-01-20 17:58:40	Name: is_gdpr_b Value: CJS2CBDcXhgB
.yandex.ru/	1970-01-20 17:58:40	Name: i Value: eh8xUQ0XeYyz9oS+Df9AGaHc+0ytH6GpT72FAWlSXjozQgLLiEtdKud+7MPZduxMXnWQi2RhgKpxCG92KqFTkC2zsuA=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://an.yandex.ru/mapuid/SAPEis/0100007F59FAF1618E06025A023357C9 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

96252c97-5794-4a37-8098-47d7545774d9.sync.upravel.com
acint.net
ads.betweendigital.com
an.yandex.ru
avatars.mds.yandex.net
cdn3.caltat.com
cm.g.doubleclick.net
cm.tns-counter.ru
counter.yadro.ru
dm.hybrid.ai
dmg.digitaltarget.ru
dpm.demdex.net
ext-strm-cogent17.strm.yandex.net
favicon.yandex.net
googleads.g.doubleclick.net
jstracer.yandex.ru
mc.yandex.com
mc.yandex.ru
mitdmp.whiteboxdigital.ru
profile.ssp.rambler.ru
px.adhigh.net
read3.w1.flibusta.life
redirect.frontend.weborama.fr
s.uuidksinc.net
sm.rtb.mts.ru
sonar.semantiqo.com
ssp-rtb.sape.ru
ssp.adriver.ru
storage.mds.yandex.net
strm.yandex.ru
sync.1dmp.io
sync.bumlam.com
sync.magnitent.com
sync.upravel.com
t.adx.opera.com
tech.rtb.mts.ru
www.google.com
www.google.se
www.googleadservices.com
x01.aidata.io
yandex-dmp-sync.rutarget.ru
yandex-sync.rutarget.ru
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
142.250.184.194
142.250.186.66
159.69.74.8
176.9.8.252
185.15.175.130
188.42.29.166
194.190.76.45
195.201.243.71
2001:6d0:4001::226
2001:978:7401:1::37
213.87.44.187
217.66.147.168
2a00:1450:4001:813::2002
2a00:1450:4001:829::2003
2a00:1450:4001:831::2004
2a02:6b8:20::215
2a02:6b8::158
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::2:94
2a02:6b8::36
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
2a06:98c1:3121::7
31.172.81.160
31.220.27.134
35.190.16.14
37.18.16.22
54.228.253.216
78.46.16.13
80.64.106.151
80.64.106.152
81.163.17.245
81.222.128.214
82.145.213.8
88.212.201.198
88.99.149.88
89.108.120.76
91.192.149.14
95.217.109.66
95.217.86.150
0169fba0235eec2cb5e8511731cb3be0b9fc9b145f93b336e5294516af3511a1
07be557a3a676be33ac207afef9c11e7bee39cb5721214d0d608f2de6630f6ef
0e498acee76811d27d3fd6fa85050262110a471d29f2e221bae9e4b2a583b154
1006cd4ad1bf8d42c932551ed187ef709087d51d87bcac6cf76ed5699d0a3b7e
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
1a86cb3bd758183ce508342c916aa1320293d578fb6d7f327393bd6470c6fc86
1b19eb1446ae849b66d1591da3d7be24b9c7c55fe28a4c23b73b5089c4a34be5
1ee1d4d5e0181085e4c9dc650aa13998647fd50518bb1ec829020af4836aacc2
21df33fec94d7aeb3a5eea73af3f7400d4490ac3600e815b3fd4f7e140293c48
23cfda178a76b8e7a63025e52b46d678138381aedc4daf4bd1d65c7680baff03
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2e3e80ad8c654d0bd2f81345400ff44866cf029b2726de5add67e25667f5c657
2f3ee8524a05db8a30e14cfbe98175341508f92759804299364e97848f4a0148
2f69c88069fbb6487564bd7b9ecfd25e7c23165017f611aeaff47cf87b2b8b89
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
361840fbee3b0726b5f0f5bbfe37e13bdab8c3c873d643a45b56c5e37c8d2a86
38a3b5f1156ecb916a87d5fdc82f97a659bacda099a984d446b75fa57d81e578
3a9a492fbad3a10d0e45765f1eb2b86dac887202edd10d65ea755b0a3ae48e32
3f4b01069940693f6b84cc20f869d3d78105be38fca0e812e1ec1fc0e4d1af8f
409090daef0622387caaa569ebfe555b0c6550502f4606c55572fcf0bdb17c6e
41effc4984c276f2021cd80388c9d4c290d1f04637f5d9166a0e3cf18a2b6fc1
440a8f300cba4ec1407ef8bf5d1ea95bea6e7febbb05286bfd38e207e84c0504
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4489654fed8c9c74673842a01b843721f90f284f177ec777830a1896b67594e6
44c548ce886d60087d56dd617387840c8eadbcf7778d2e0f0cf90056202ca998
4948b20f4bac9585a0ab498e6bcc7d41a91a31896a8b51f95081fae909fad54e
4e5a673466a97849a092fcae523b713f2f8961c38e94f6f578deaba4816dfe18
51cb1132b2b6c23d934ed2c4854f7b9d7f0c0211beb4e93de10f6e0ea14b9a7f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5afdaafa2a6eae8997def98a3feeb11ac6b3afa82d4ec45c24a702fc892a277a
63158f73aa9f4d442cf349762c6beac9fcf35c14c3376888e728164acfde3b86
63cde3c17fce0e5852a294d0f7c939bca59034a0eb64636920d9b84d6dfc7735
6625a84e0cf260065dfc6d781f32eaad7de68d18ac750fa539e3c647fe766d9b
6ebb99f44b593382de6cfbf5a66e1e4eb5f56c4061dcbb889c4e741bda853cb3
759f36c867bc2a0f057bc98bd860d02e590c3f38442eef46e2067050bf3a73df
7dd34c9eee35f531427bd86eb783c9a5c08f38d69558d4db32eb3b7f8fc706d6
81211473e99fae78ef02d3eeade1cccf9c85a248d4af1502613ffce4a244dbcb
88fbd38472a996a0f979e26c443c21de09538e570a5e34e1b9f8f1c26926fda7
8cff3b0ee7cd91bd8185932bbf57a0e129b4b9a0291ba08c70cfe0b8a833a27f
913e0bff2ebdfd8aa46e82e8282910638f68fdb9f56f447f1f6b259f3fe5e539
91c2fa896deb98397cc3fb371b114e849ef5829fd2d16847efabf82d44505095
927d4a032e4576a8cca81944a5d1dc2983bb7f51bf771a4f16644970dadd084a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
a16c80c7292600c1a4b6d6bd3b855f260d288a969b2fed1b604d8dd11cbdd2c6
a9282480fab841f50fa4e992eaf11fee0a0e5f893d118ab26b07e05022c9a88d
a9e2c21fea32dc63142707b7904f8a962f77bb77f81fdd6a8bbb700a1f94657b
aa76185f417cf85d7029b35e3a6544d4495402e17f76a32633b5ba80a81faa26
b1a4bb65a1f0a9b32fd6f4761545c3c1f332970cb0d94dc491fd4d2e08c4a190
b4e545d7af5622814ef6da2f4aca4f1ce46077bb9c1641761c2398eaf661d8c9
b885a94b7ae74bfe47ba0679f970a9c69d0c3664e934feb41dea1c51b02eba56
bb51b9caddb8a0e55d70c819b8a8903fbf2f94b7ad453653ec6aa0e823524276
c6798c82e7e67e7733858912d2a7f6a6bb46edfbc5fb274d4b7202156bd9f489
c7b51ffb4818fb6c3ce0a92d42d42de2101de2cab3ed90880a8778edd324ca58
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d4247ed30734f69d609692cc4278b576470108373acc75ae3a5e4dba20457cf1
d5371d9ddb244450343609db48f4651b44fae78d12c2ddfbce47ebfe23a12726
d5382a54699a1e6984f8d16c12b2874c57d7da68e7dc4999a2423cbe1f56a419
d978f0015bc749229c5a5250e624eb7948dee8b6ddb1ff119c508f69f091c945
d9c38ae14826741460e5075d62c883671e6d3ce12fdfaf8c0398b9cde962ddbd
dfcea52ba20178b53f04aa15dd3ac627061def92702459e3afdf5dc2910138a6
e0c7f5b629e296373b39fb59394961426f3d4f1cdfc967d2254ba342d507eb97
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e324a888469e9546d8a58d792c28ceb56b2b7162d9f11f030482c931ba8c27e6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6c8d2640f24dd5bb4966e5b9d5d5164059cde1c3144f8489970fe5a4c0a1b70
eb1844fcc4bf1d62b69602a2b0b49b3b1e4628aaeecb4b571dce11ed044f922c
ebf0f651e0518e436753f194730217bdccad652b14f42e41e3e63eb18e56ed3e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9ed4adcba4950bf4be0556283131eedd7c629de1821c8c3967c7f70d971596
f0bd09ce14c812196cf9b7fcf90b148bf6121813408ff06c25ad92dce4e4d17e
f31f3006bf86e7b168f9d8ad03514b5c280e7524fc5e05c53766f62d3e9ba5f3
f739d2729f1fd478c855bef64b16d83ab8524e6068651ca4325e47ccca7aa1bc
f7844bcc00975226e4717968b1e3b6ac0ba2b6b5010fb73fa0872caf46e03a1e
fca8ff51021749135f2cc6ba7a37015baa645de15908d1d318a1e376a3d376de
ff81169d729307757ece6b7c0afa316a7bdd0f7bb3178dd93c9f42771076c1d4

read3.w1.flibusta.life Open in urlscan Pro 2a06:98c1:3121::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

133 Requests

64 %HTTPS

36 %IPv6

33 Domains

45 Subdomains

23 IPs

8 Countries

2026 kBTransfer

4005 kBSize

56 Cookies

24 Outgoing links

Redirected requests

133 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

read3.w1.flibusta.life Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Screenshot
Live screenshot

Full Image

133
Requests

64 %
HTTPS

36 %
IPv6

33
Domains

45
Subdomains

23
IPs

8
Countries

2026 kB
Transfer

4005 kB
Size

56
Cookies

133 HTTP transactions
2 data transactions