extand.ru Open in urlscan Pro
2606:4700:3037::ac43:af69 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://extand.ru/
Effective URL:
https://extand.ru/
Submission: On January 31 via api (January 31st 2024, 9:42:30 pm UTC) from US — Scanned from US

Summary HTTP 22 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 22 HTTP transactions. The main IP is 2606:4700:3037::ac43:af69, located in United States and belongs to CLOUDFLARENET, US. The main domain is extand.ru.
TLS certificate: Issued by E1 on December 11th 2023. Valid for: 3 months.

This is the only time extand.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3034::6815:115b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2606:4700:303... 2606:4700:3037::ac43:af69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 8	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
22	3

1 2606:4700:3034::6815:115b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

extand.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:3037::ac43:af69 (United States)

ASN13335 (CLOUDFLARENET, US)

extand.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::1:119 (Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	extand.ru 1 redirects extand.ru	702 KB
6	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 8747	5 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3982	71 KB
22	3

	Domain	Requested by
18	extand.ru	1 redirects extand.ru
6	mc.yandex.com	2 redirects extand.ru mc.yandex.ru
2	mc.yandex.ru	1 redirects extand.ru
22	3

This site contains links to these domains. Also see Links.

Domain
kraker9.at
kraken2t5rzudyv46aicv5drwpb3rikupov4733x7gyxzuaqdd2genqd.onion
tg.krweb.at
2kra.nl

Subject Issuer	Validity	Valid
extand.ru E1	`2023-12-11` - `2024-03-10`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-12-26` - `2024-06-05`	5 months	crt.sh

This page contains 2 frames:

Primary Page: https://extand.ru/
Frame ID: B042844ED3EC82B3CDA6BDDC7A34BDAD
Requests: 22 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 77EE4B868B259CE7EAB03269A373E484
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Кракен даркнет ссылка Маркетплейс- kraken6.at kraken7.at kraken8.at kraken9.at

Page URL History Show full URLs

http://extand.ru/ HTTP 301
https://extand.ru/ Page URL

Detected technologies

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

22
Requests

91 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

775 kB
Transfer

1115 kB
Size

15
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://kraker9.at/
Title: Перейти на Kraken

Search URL Search Domain Scan URL

URL: http://kraken2t5rzudyv46aicv5drwpb3rikupov4733x7gyxzuaqdd2genqd.onion/
Title: Вход на Kraken через TOR

Search URL Search Domain Scan URL

URL: https://tg.krweb.at/
Title: Вход на Kraken Telegram

Search URL Search Domain Scan URL

URL: https://2kra.nl/
Title: ссылка kraken

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://extand.ru/ HTTP 301
https://extand.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10265.6b_w9ju8Gzjkx857rDhT3dUubcQVYvCs_Ew-bDnJcNv-tpwC0dfDD_LgAuO8jjmQ.PdLV6u-xtg2mbw7fpnNu8kDmdEI%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10265.Z2eDCwCxAZD_p890Ak_rtFK0uif5sGv931DkvLmyfCx7TZHdjGJGn0Uxk6tynrLG0SDFreppzJeSZIdE4kS3-4V2iNX36rv7MK0aeRlrGrUAXPgWauZvODM_ePbFmW4AFrv7xKNEYYvNg6_K9rDFJag4rCQDQFbGmWANFrsXDDD5XeM00svP5VOwnCQzLsJx2vVC34R-2g5UuXAJheTOW-G2q19kD15U_pD2JbvqSbk%2C.Se_OIM22N87nPVBjQ1qclH2jHAw%2C

Request Chain 21

https://mc.yandex.com/watch/95339736?wmode=7&page-url=https%3A%2F%2Fextand.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6lymxorwswbp5wtc63gz2swr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1220%3Acn%3A1%3Adp%3A0%3Als%3A985209732242%3Ahid%3A125478807%3Az%3A-600%3Ai%3A20240131114225%3Aet%3A1706737345%3Ac%3A1%3Arn%3A628410894%3Arqn%3A1%3Au%3A1706737345917470381%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C63%2C1030%2C479%2C108%2C0%2C%2C433%2C0%2C%2C%2C%2C2114%3Aco%3A0%3Acpf%3A1%3Ans%3A1706737342511%3Afp%3A2129%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706737346%3At%3A%D0%9A%D1%80%D0%B0%D0%BA%D0%B5%D0%BD%20%D0%B4%D0%B0%D1%80%D0%BA%D0%BD%D0%B5%D1%82%20%D1%81%D1%81%D1%8B%D0%BB%D0%BA%D0%B0%20%D0%9C%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%BF%D0%BB%D0%B5%D0%B9%D1%81-%20kraken6.at%20kraken7.at%20kraken8.at%20kraken9.at&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
https://mc.yandex.com/watch/95339736/1?wmode=7&page-url=https%3A%2F%2Fextand.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6lymxorwswbp5wtc63gz2swr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1220%3Acn%3A1%3Adp%3A0%3Als%3A985209732242%3Ahid%3A125478807%3Az%3A-600%3Ai%3A20240131114225%3Aet%3A1706737345%3Ac%3A1%3Arn%3A628410894%3Arqn%3A1%3Au%3A1706737345917470381%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C63%2C1030%2C479%2C108%2C0%2C%2C433%2C0%2C%2C%2C%2C2114%3Aco%3A0%3Acpf%3A1%3Ans%3A1706737342511%3Afp%3A2129%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706737346%3At%3A%D0%9A%D1%80%D0%B0%D0%BA%D0%B5%D0%BD%20%D0%B4%D0%B0%D1%80%D0%BA%D0%BD%D0%B5%D1%82%20%D1%81%D1%81%D1%8B%D0%BB%D0%BA%D0%B0%20%D0%9C%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%BF%D0%BB%D0%B5%D0%B9%D1%81-%20kraken6.at%20kraken7.at%20kraken8.at%20kraken9.at&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

22 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
extand.ru/
Redirect Chain

http://extand.ru/
https://extand.ru/

68 KB
20 KB

1094ms
1030ms

Document
text/html

2606:4700:3037::ac43:af69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://extand.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:af69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60f36665982efaea5b7768b2c54f11931fa4a5fc6953b428294437be1984bd13

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84e51fc7d8da4bcc-BUF
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 31 Jan 2024 21:42:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BXv0CPJVLCNIGeRBEFBiWjf7nTywcuC2Iv9YxZWiFCDzhCDBPslqtC4MVhsmTSuf9uyopr76wf3CrqUDGtDKRwTniNcY7SOUijgpLe0YvVblCqAuKaNQMyJ%2FXWaGJ%2F%2F8aC6jPghruoA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-RAY: 84e51fc7396b4bd3-BUF
Cache-Control: max-age=3600
Connection: keep-alive
Date: Wed, 31 Jan 2024 21:42:22 GMT
Expires: Wed, 31 Jan 2024 22:42:22 GMT
Location: https://extand.ru/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GTaA%2FCttdkeq%2BVCLBcV0xNkqTLdSyeNBTYYmHoL2y6B87Ctou4h8wT7RFeTcnYGAvZK7tmWYTuMiMI7llOJd9Oba7aEvooIId8EgmMtcnw08BfrqFEzimxdyGGsMR03UBAj%2BRUuckng%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
extand.ru/templates/KRAKEN_CAP/styles/ 7 KB
2 KB 845ms
844ms Stylesheet
text/css 2606:4700:3037::ac43:af69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://extand.ru/templates/KRAKEN_CAP/styles/style.css
Requested by: Host: extand.ru
URL: https://extand.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:af69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5f2f5b8acc41af5d1e493354718795990ecd36bfa05e02471546976c4c71b7e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://extand.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 21:42:24 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/1328142298
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v4ENTADiLOjjD7Ufk%2B8B6uDGTjCZ7ASaz%2FoG3xp6GZ9GfQGJwQtVHoshOW2gG0aVkv9RIm14KEl9kiAYwP1o3ykI8BG4p9FS25ofKYjn6r2Q%2FP5ja8vAA9Wk6hMVGnnMHXWLYmdeBnY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=14400
cf-ray: 84e51fce5ec74bcc-BUF
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 12 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c05de73997c73ae0e95a3918ccf2ed6b79829106d949d2ece28b63480704b18

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 16429674581_kraken-ssylka-sajt-krmp-ccgroup.jpg
extand.ru/PARSE/DATA/IMAGES/ 43 KB
43 KB 1066ms
1064ms Image
image/jpeg 2606:4700:3037::ac43:af69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://extand.ru/PARSE/DATA/IMAGES/16429674581_kraken-ssylka-sajt-krmp-ccgroup.jpg
Requested by: Host: extand.ru
URL: https://extand.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:af69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18846e930edd55cd5186ab39a14b75b882a75b586c8f145f57b3a78ac79114c7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://extand.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 21:42:25 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/31190690
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=05s77RBSJzzbxfGQQnYBul6m0oAggSsAmEdgrJlHqLa6RPcPaVPiAkDPnlS4PtSIz3SqcU2wFPzffq7waj62tdN6lgqzqgz3BVyPCXtBM36qcngnbUMWBQHFqtRq25LuJ%2F%2FDpXZaYI8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 84e51fd14f094bbd-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 41539508281_polnyj-sajt-kramp-krmp-cc.jpg
extand.ru/PARSE/DATA/IMAGES/ 51 KB
51 KB 1106ms
1104ms Image
image/jpeg 2606:4700:3037::ac43:af69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://extand.ru/PARSE/DATA/IMAGES/41539508281_polnyj-sajt-kramp-krmp-cc.jpg
Requested by: Host: extand.ru
URL: https://extand.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:af69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb77a30e53707aa20a5d9721961873347792a724f0080a73e7bdf9ce5ec53944

Request headers

accept-language: en-US,en;q=0.9
Referer: https://extand.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 21:42:25 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/205866912
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JGKgJRFqrRJgGvecp49pUV2w1%2BAcCQ7kYILpIBPzaGyNTv%2B3tRzjuYhIr9Tn8S2jZrSOkRrOCrMgCRgaTECMIzC2dTJRetXU%2FEfI7CXHMQgc6obcsG9ifBCFBdC28CGzsCQ%2Fdc0%2FGmA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 84e51fd14f0a4bbd-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 85312089191_mega-centr-com.jpg
extand.ru/PARSE/DATA/IMAGES/ 50 KB
50 KB 1088ms
1086ms Image
image/jpeg 2606:4700:3037::ac43:af69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://extand.ru/PARSE/DATA/IMAGES/85312089191_mega-centr-com.jpg
Requested by: Host: extand.ru
URL: https://extand.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:af69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 946cacd7b9c7a34f8385c3419956c9d0ba4d9598a5e3cf5aa97c95bdaa8f411b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://extand.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 21:42:25 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/2374004361
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mr9SF3TkLbU4IXFlP%2BhkIzbigRgVxThlK9i%2Buj1M5DfmLST0TJYoaznckKNoJeOf%2FYujW1x%2FOZVi4cB6Z5hYA7zuDlgEKVSESy1%2BIeQKjFiVDiwcPHxkOpTd5Ko0f6wAyZJHAldZm6w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 84e51fd14f0c4bbd-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 34605551671_kak-razbanit-gidru.jpg
extand.ru/PARSE/DATA/IMAGES/ 50 KB
50 KB 1020ms
1018ms Image
image/jpeg 2606:4700:3037::ac43:af69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://extand.ru/PARSE/DATA/IMAGES/34605551671_kak-razbanit-gidru.jpg
Requested by: Host: extand.ru
URL: https://extand.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:af69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ec9996a97985e021f5efd7608eae333c9154186b2b86e2175808dbc363f4471

Request headers

accept-language: en-US,en;q=0.9
Referer: https://extand.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 21:42:25 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/471858960
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nm2j9CtTyUZK%2FjBo20rcgTercUEz%2FyTQ8WGmGQRRRQyobLPpcvbQt1kez84SwbVQg0p2UutqSeR6e4M1rX270S8fIcarql%2BKHwFDsC%2BSLUgDh0WQj8kX45xemStwVheiFXmpR6%2BkcHM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 84e51fd14f0d4bbd-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 69508664561_vojti-na-kraken-v-obhod-blokirovki.jpg
extand.ru/PARSE/DATA/IMAGES/ 48 KB
48 KB 1181ms
1179ms Image
image/jpeg 2606:4700:3037::ac43:af69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://extand.ru/PARSE/DATA/IMAGES/69508664561_vojti-na-kraken-v-obhod-blokirovki.jpg
Requested by: Host: extand.ru
URL: https://extand.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:af69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a27feed3f7a7ce87cbcec60d95d0499b3c3bc20b139f665199ea1315cebfbe2a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://extand.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 21:42:25 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/2647106844
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X7gqZk4jZN4vVJZORY0m64YV6%2F5FMpzKVpBSfZp6WqJxHKNONR19EGJ76oxyKUT1QobwFDYzZiFaZBysIc8%2FFNEdy5xNnIlSqfUM%2FAUX6fKAhcS%2FwfSy3pfF1GVW%2BQrHPjShy32ZQqI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 84e51fd14f0e4bbd-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 21002896121_kraken-tor-zerkala-krmp-cc.jpg
extand.ru/PARSE/DATA/IMAGES/ 38 KB
38 KB 817ms
815ms Image
image/jpeg 2606:4700:3037::ac43:af69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://extand.ru/PARSE/DATA/IMAGES/21002896121_kraken-tor-zerkala-krmp-cc.jpg
Requested by: Host: extand.ru
URL: https://extand.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:af69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e924e5241b99fd281078f214fe08c4dc8463fd2b1a32c329ce4bbf9f0651f144

Request headers

accept-language: en-US,en;q=0.9
Referer: https://extand.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 21:42:24 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/420218427
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xF8WU8aG8FO%2BOo3UmOKaM8e8lPellriVfGYDtMIu4EUO%2Fri0PLkkGCd8fGoswi7hnnN8TzaCQmj7McEZo5508Mu%2FM1ZtOwlO5Vh8erzaY5otydcwE%2F4Pc5aSnXUXfUHR%2BCTazzE4FGg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 84e51fd14f0f4bbd-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 34636891071_nastojaschee-zerkalo-kramp-kraken-ssylka-onion.jpg
extand.ru/PARSE/DATA/IMAGES/ 51 KB
51 KB 1016ms
1015ms Image
image/jpeg 2606:4700:3037::ac43:af69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://extand.ru/PARSE/DATA/IMAGES/34636891071_nastojaschee-zerkalo-kramp-kraken-ssylka-onion.jpg
Requested by: Host: extand.ru
URL: https://extand.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:af69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 710271cbf9be7b35ac30bc2101b5870e4b94a2ba85e31543097776f6fecefb04

Request headers

accept-language: en-US,en;q=0.9
Referer: https://extand.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 21:42:25 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/1168091472
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FYxA7kf%2FAb2Xy7ry7NSwG44vIkt89Y8grFS0i8vVC9zVMTOZ4thWhsJc94rCoeUohpLVMYOr%2FLdLHxaH7bTLviqTrKwOBJPPh5CVDDHqyMm57ZrkIg1bLcSJfqdsOeGbZtz9ajecjR4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 84e51fd14f104bbd-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 14685346611_tor-zajti-na-kraken.jpg
extand.ru/PARSE/DATA/IMAGES/ 33 KB
33 KB 1454ms
1453ms Image
image/jpeg 2606:4700:3037::ac43:af69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://extand.ru/PARSE/DATA/IMAGES/14685346611_tor-zajti-na-kraken.jpg
Requested by: Host: extand.ru
URL: https://extand.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:af69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53807c39826346186f2dbabfe15d3e1f388fcecf249eb46055633cfaf0a748a6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://extand.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 21:42:25 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/2250502477
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rjo2Gkb1jfLwiwv4tb9WiyHZIrxqsQs4fqvnudkGS0xD%2FeqsInimDO%2FbKb5OF6otjMG26vjC5wm%2Fk16sQSwUN7x%2B8wm%2BE1vLjv286mNIbgqNZcUNqmrm0tOQiCDyWDUJGP%2BifUJLAWA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 84e51fd14f114bbd-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 18142272511_kraken-vhod-ssylka-in-krmp-cc.jpg
extand.ru/PARSE/DATA/IMAGES/ 57 KB
57 KB 1337ms
1336ms Image
image/jpeg 2606:4700:3037::ac43:af69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://extand.ru/PARSE/DATA/IMAGES/18142272511_kraken-vhod-ssylka-in-krmp-cc.jpg
Requested by: Host: extand.ru
URL: https://extand.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:af69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67585746ffdc8bd7b83b45211fe69fd962854d0928de8262c9262c332e725904

Request headers

accept-language: en-US,en;q=0.9
Referer: https://extand.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 21:42:25 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/1274942785
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8MiYVOPC7ZTESTxdOT0FC%2BPrtG8QvBC%2Fzjt3Nj5aSLBLpht47catBUqbQqKrdJnnK9yj%2FTM%2Bx%2FYiTz1udvGAb6pBpQnv2bmYQPL0CBqlTOwBkCIRy5NxBJumQa8zlxUyDHQMHODitfs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 84e51fd14f124bbd-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 13212674881_matanga-zerkalo-rabochee-matangapatoo7b4vduaj7pd5rcbzfdk6slrlu6borvxawulquqmdswydonion-com.jpg
extand.ru/PARSE/DATA/IMAGES/ 28 KB
28 KB 1329ms
1327ms Image
image/jpeg 2606:4700:3037::ac43:af69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://extand.ru/PARSE/DATA/IMAGES/13212674881_matanga-zerkalo-rabochee-matangapatoo7b4vduaj7pd5rcbzfdk6slrlu6borvxawulquqmdswydonion-com.jpg
Requested by: Host: extand.ru
URL: https://extand.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:af69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76c7feec92951356292a45c4d3ecdc8fd4b10a7244f825d4a8b710aedd4f6c68

Request headers

accept-language: en-US,en;q=0.9
Referer: https://extand.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 21:42:25 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/2419833240
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vbuTHK1vJJ8eFH0%2FaIFHPnppVSl1JMY7xr1sXylRcFM4YbsepkqqrXsxOkgJHeiMjEUPknsZW5UmXMnrzRc%2BuylRsg3Kqwqu8zqn5UzJFuI41%2BBEmctAGv8Dw5gBpD1r%2F5NVuRMzztc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 84e51fd14f134bbd-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 35768429981_smotret-kartinki-sajt-kraken.jpg
extand.ru/PARSE/DATA/IMAGES/ 54 KB
54 KB 1182ms
1181ms Image
image/jpeg 2606:4700:3037::ac43:af69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://extand.ru/PARSE/DATA/IMAGES/35768429981_smotret-kartinki-sajt-kraken.jpg
Requested by: Host: extand.ru
URL: https://extand.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:af69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f77984d6ccb721f7492c12224f2f7514a9f69f17ae47a3dcb9515eb8a5efb7a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://extand.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 21:42:25 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/2986994131
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2F%2BYIb2NImf0W0%2Fpm3jVl1jQulKF7GyQ1IH50KmfjHSoqaWtAJwlu4C2MxO9hrV9RcpBZvDfnOr1mkW5Isnbe76dZ9wpfOKSBo7MDJ875XlGYPFO5tIO1z5JXQqGLQNeV62YsizB6DM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 84e51fd14f154bbd-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 11515857591_obhod-blokirovki-zerkal-kraken.jpg
extand.ru/PARSE/DATA/IMAGES/ 40 KB
40 KB 981ms
980ms Image
image/jpeg 2606:4700:3037::ac43:af69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://extand.ru/PARSE/DATA/IMAGES/11515857591_obhod-blokirovki-zerkal-kraken.jpg
Requested by: Host: extand.ru
URL: https://extand.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:af69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7813d906c0bbe492b61a6554fa4bf40d02b23addfe9418a5c6dac5388aaa0378

Request headers

accept-language: en-US,en;q=0.9
Referer: https://extand.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 21:42:25 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/2788021729
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ovc59d2RIK1c3etK5gs3Blq6rQJ9NvJfJBxQ5IfcP%2BmxaCYbtu%2FOHpCYBKilkxAW39uBFb6r8Z9t7XMNFoJ%2FLDYZiKjOZsxAg9wMzcoSZ2PGYGxSnhYm8LprKG8LTqfkK6fX6dWmt8Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 84e51fd14f174bbd-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 logo.webp
extand.ru/templates/KRAKEN_CAP/img/ 14 KB
14 KB 1428ms
1427ms Image
text/html 2606:4700:3037::ac43:af69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://extand.ru/templates/KRAKEN_CAP/img/logo.webp
Requested by: Host: extand.ru
URL: https://extand.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:af69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b37b37345e460c496b82109389c5bc53605bc8e0fc8612c2182864422563da5c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://extand.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 21:42:25 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 31 Jan 2024 21:42:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WJMbq%2Fs6oH7nuR4eqrLn006Gu17oboootQfGXQjSbYJ7mHc6qWnhlsO4wUQcm%2B%2F3V7XtEU6POayMPGaOTvZ9FetxOlP6KF3YWsbCx2SyGT25K1RU9HZySnvRa5%2BW10Zwy%2Bqj2xkG%2BbU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=14400
cf-ray: 84e51fd14f194bbd-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 204 KB
71 KB 605ms
293ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: extand.ru
URL: https://extand.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

9c641fd8ad8fc0517d4ee8d937866e2542fe7e0b07761c710a5c9a423b269dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://extand.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 21:42:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 31 Jan 2024 11:10:18 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65ba2a9a-11840"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71744
expires: Wed, 31 Jan 2024 22:42:24 GMT

GET
H3 200 Goldman-Regular.ttf
extand.ru/templates/KRAKEN_CAP/fonts/ 75 KB
39 KB 1347ms
1347ms Font
text/html 2606:4700:3037::ac43:af69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://extand.ru/templates/KRAKEN_CAP/fonts/Goldman-Regular.ttf
Requested by: Host: extand.ru
URL: https://extand.ru/templates/KRAKEN_CAP/styles/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:af69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d077d1058ef409ed140e66930f33c015e135a06ac9dbd6dedda5d3ab92d8c68f

Request headers

Referer: https://extand.ru/templates/KRAKEN_CAP/styles/style.css
Origin: https://extand.ru
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 21:42:25 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 31 Jan 2024 21:42:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cz%2FCZNyO1RHViBq9ZHO2msHDiVE4rbHGqyeV9cBfVc7liWiF%2FXNrAa8ITe4oxFg9UpNY1R%2BSVlU1n2vabNl5gAlOnyq9HSZ%2BP4xyY5CjHXck%2FEbjkrHNrMw7%2B4RYYBo03OMGekszMnI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=14400
cf-ray: 84e51fd3a8564bbd-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 Montserrat-Regular.ttf
extand.ru/templates/KRAKEN_CAP/fonts/ 193 KB
82 KB 1993ms
1992ms Font
text/html 2606:4700:3037::ac43:af69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://extand.ru/templates/KRAKEN_CAP/fonts/Montserrat-Regular.ttf
Requested by: Host: extand.ru
URL: https://extand.ru/templates/KRAKEN_CAP/styles/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:af69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fc535f2ff2e7534271db5c7bfe30e461ff82e148f335bd51327ce61f43f0b6f

Request headers

Referer: https://extand.ru/templates/KRAKEN_CAP/styles/style.css
Origin: https://extand.ru
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 21:42:26 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 31 Jan 2024 21:42:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dBhvnL3qJL%2FlwZp%2F3maLACXPfYHYOy7jvrLrgi%2Fx8IpAl1f0OemSVDsPllyMEMecybCd2%2BSEPdYmDoA1%2B7mMFY1jc91jU%2BK6TyvhmkafjRV0c9Ci7Or5NGubwjJ5lYuBm4rnYucooPg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=14400
cf-ray: 84e51fd3a8574bbd-BUF
alt-svc: h3=":443"; ma=86400

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10265.6b_w9ju8Gzjkx857rDhT3dUubcQVYvCs_Ew-bDnJcNv-tpwC0dfDD_LgAuO8jjmQ.PdLV6u-xtg2mbw7fpnNu8kDmdEI%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10265.Z2eDCwCxAZD_p890Ak_rtFK0uif5sGv931DkvLmyfCx7TZHdjGJGn0Uxk6tynrLG0SDFreppzJeSZIdE4kS3-4V2iNX36rv7MK0aeRlrGrUAXPgWauZvODM_ePbFmW4AFrv7xKNEYY...

43 B
668 B

147ms
146ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10265.Z2eDCwCxAZD_p890Ak_rtFK0uif5sGv931DkvLmyfCx7TZHdjGJGn0Uxk6tynrLG0SDFreppzJeSZIdE4kS3-4V2iNX36rv7MK0aeRlrGrUAXPgWauZvODM_ePbFmW4AFrv7xKNEYYvNg6_K9rDFJag4rCQDQFbGmWANFrsXDDD5XeM00svP5VOwnCQzLsJx2vVC34R-2g5UuXAJheTOW-G2q19kD15U_pD2JbvqSbk%2C.Se_OIM22N87nPVBjQ1qclH2jHAw%2C

Requested by

Host: extand.ru
URL: https://extand.ru/

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://extand.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 21:42:25 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10265.Z2eDCwCxAZD_p890Ak_rtFK0uif5sGv931DkvLmyfCx7TZHdjGJGn0Uxk6tynrLG0SDFreppzJeSZIdE4kS3-4V2iNX36rv7MK0aeRlrGrUAXPgWauZvODM_ePbFmW4AFrv7xKNEYYvNg6_K9rDFJag4rCQDQFbGmWANFrsXDDD5XeM00svP5VOwnCQzLsJx2vVC34R-2g5UuXAJheTOW-G2q19kD15U_pD2JbvqSbk%2C.Se_OIM22N87nPVBjQ1qclH2jHAw%2C
date: Wed, 31 Jan 2024 21:42:25 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
494 B 149ms
148ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: extand.ru
URL: https://extand.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://extand.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 21:42:25 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 31 Jan 2024 11:10:18 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65ba2a9a-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 31 Jan 2024 22:42:25 GMT

GET
H2 200 metrika_match.html Show response
mc.yandex.com/metrika/ Frame 77EE 2 KB
1 KB 149ms
148ms Document
text/html 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

9df4ea0c8c25b6c96ccb4ef96780a7b074ee266972670f2572d38a961f1b481f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://extand.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 869
content-type: text/html
date: Wed, 31 Jan 2024 21:42:25 GMT
etag: "65ba2a9a-365"
expires: Wed, 31 Jan 2024 22:42:25 GMT
last-modified: Wed, 31 Jan 2024 11:10:18 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

GET
H2

200

1 Show response
mc.yandex.com/watch/95339736/
Redirect Chain

https://mc.yandex.com/watch/95339736?wmode=7&page-url=https%3A%2F%2Fextand.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6lymxorwswbp5wtc63gz2swr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%...
https://mc.yandex.com/watch/95339736/1?wmode=7&page-url=https%3A%2F%2Fextand.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6lymxorwswbp5wtc63gz2swr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-U...

447 B
602 B

152ms
151ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/95339736/1?wmode=7&page-url=https%3A%2F%2Fextand.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6lymxorwswbp5wtc63gz2swr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1220%3Acn%3A1%3Adp%3A0%3Als%3A985209732242%3Ahid%3A125478807%3Az%3A-600%3Ai%3A20240131114225%3Aet%3A1706737345%3Ac%3A1%3Arn%3A628410894%3Arqn%3A1%3Au%3A1706737345917470381%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C63%2C1030%2C479%2C108%2C0%2C%2C433%2C0%2C%2C%2C%2C2114%3Aco%3A0%3Acpf%3A1%3Ans%3A1706737342511%3Afp%3A2129%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706737346%3At%3A%D0%9A%D1%80%D0%B0%D0%BA%D0%B5%D0%BD%20%D0%B4%D0%B0%D1%80%D0%BA%D0%BD%D0%B5%D1%82%20%D1%81%D1%81%D1%8B%D0%BB%D0%BA%D0%B0%20%D0%9C%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%BF%D0%BB%D0%B5%D0%B9%D1%81-%20kraken6.at%20kraken7.at%20kraken8.at%20kraken9.at&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Requested by

Host: extand.ru
URL: https://extand.ru/

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

c71297f250befab897d85f01a5aff08d31d16f4cf9cca0c3fda9cc6167684867

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://extand.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 21:42:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 31-Jan-2024 21:42:26 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://extand.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 447
x-xss-protection: 1; mode=block
expires: Wed, 31-Jan-2024 21:42:26 GMT

Redirect headers

pragma: no-cache
date: Wed, 31 Jan 2024 21:42:25 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 31-Jan-2024 21:42:25 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/95339736/1?wmode=7&page-url=https%3A%2F%2Fextand.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6lymxorwswbp5wtc63gz2swr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1220%3Acn%3A1%3Adp%3A0%3Als%3A985209732242%3Ahid%3A125478807%3Az%3A-600%3Ai%3A20240131114225%3Aet%3A1706737345%3Ac%3A1%3Arn%3A628410894%3Arqn%3A1%3Au%3A1706737345917470381%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C63%2C1030%2C479%2C108%2C0%2C%2C433%2C0%2C%2C%2C%2C2114%3Aco%3A0%3Acpf%3A1%3Ans%3A1706737342511%3Afp%3A2129%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706737346%3At%3A%D0%9A%D1%80%D0%B0%D0%BA%D0%B5%D0%BD%20%D0%B4%D0%B0%D1%80%D0%BA%D0%BD%D0%B5%D1%82%20%D1%81%D1%81%D1%8B%D0%BB%D0%BA%D0%B0%20%D0%9C%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%BF%D0%BB%D0%B5%D0%B9%D1%81-%20kraken6.at%20kraken7.at%20kraken8.at%20kraken9.at&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin: https://extand.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 31-Jan-2024 21:42:25 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| ym object| Ya object| yaCounter95339736

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yandex.ru/	1970-01-21 03:41:37	Name: i Value: fQeH2p6hVOPurUKGNfsWN5ICN6F52tJY3cKUvut6QmBy73hCd52EOgXbj9v7tF9mdYQAOz0FGeEHL4m9VXKJ8iutFHY=
.yandex.ru/	1970-01-21 03:41:37	Name: yandexuid Value: 580824241706737344
.extand.ru/	1970-01-21 02:51:13	Name: _ym_uid Value: 1706737345917470381
.extand.ru/	1970-01-21 02:51:13	Name: _ym_d Value: 1706737345
.mc.yandex.com/	1970-01-20 18:05:37	Name: sync_cookie_csrf Value: 2911385598fake
.extand.ru/	1970-01-20 18:06:49	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 18:05:37	Name: sync_cookie_csrf Value: 3872570155fake
.yandex.com/	1970-01-21 02:51:13	Name: yandexuid Value: 580824241706737344
.yandex.com/	1970-01-21 02:51:13	Name: yuidss Value: 580824241706737344
.yandex.com/	1970-01-21 03:41:37	Name: i Value: fQeH2p6hVOPurUKGNfsWN5ICN6F52tJY3cKUvut6QmBy73hCd52EOgXbj9v7tF9mdYQAOz0FGeEHL4m9VXKJ8iutFHY=
.yandex.com/	1970-01-21 03:41:37	Name: yp Value: 1706823745.yu.618264201706737345
.mc.yandex.com/	1970-01-20 18:07:03	Name: sync_cookie_ok Value: synced
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 852269561706737345
.yandex.com/	1970-01-21 02:51:13	Name: ymex Value: 1709329345.oyu.618264201706737345#1738273345.yrts.1706737345
.yandex.com/	1970-01-21 02:51:13	Name: bh Value: KgI/MA==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

extand.ru
mc.yandex.com
mc.yandex.ru
2606:4700:3034::6815:115b
2606:4700:3037::ac43:af69
2a02:6b8::1:119
18846e930edd55cd5186ab39a14b75b882a75b586c8f145f57b3a78ac79114c7
3f77984d6ccb721f7492c12224f2f7514a9f69f17ae47a3dcb9515eb8a5efb7a
3fc535f2ff2e7534271db5c7bfe30e461ff82e148f335bd51327ce61f43f0b6f
4ec9996a97985e021f5efd7608eae333c9154186b2b86e2175808dbc363f4471
53807c39826346186f2dbabfe15d3e1f388fcecf249eb46055633cfaf0a748a6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5c05de73997c73ae0e95a3918ccf2ed6b79829106d949d2ece28b63480704b18
60f36665982efaea5b7768b2c54f11931fa4a5fc6953b428294437be1984bd13
67585746ffdc8bd7b83b45211fe69fd962854d0928de8262c9262c332e725904
710271cbf9be7b35ac30bc2101b5870e4b94a2ba85e31543097776f6fecefb04
76c7feec92951356292a45c4d3ecdc8fd4b10a7244f825d4a8b710aedd4f6c68
7813d906c0bbe492b61a6554fa4bf40d02b23addfe9418a5c6dac5388aaa0378
946cacd7b9c7a34f8385c3419956c9d0ba4d9598a5e3cf5aa97c95bdaa8f411b
9c641fd8ad8fc0517d4ee8d937866e2542fe7e0b07761c710a5c9a423b269dd9
9df4ea0c8c25b6c96ccb4ef96780a7b074ee266972670f2572d38a961f1b481f
a27feed3f7a7ce87cbcec60d95d0499b3c3bc20b139f665199ea1315cebfbe2a
b37b37345e460c496b82109389c5bc53605bc8e0fc8612c2182864422563da5c
b5f2f5b8acc41af5d1e493354718795990ecd36bfa05e02471546976c4c71b7e
c71297f250befab897d85f01a5aff08d31d16f4cf9cca0c3fda9cc6167684867
cb77a30e53707aa20a5d9721961873347792a724f0080a73e7bdf9ce5ec53944
d077d1058ef409ed140e66930f33c015e135a06ac9dbd6dedda5d3ab92d8c68f
e924e5241b99fd281078f214fe08c4dc8463fd2b1a32c329ce4bbf9f0651f144

extand.ru Open in urlscan Pro 2606:4700:3037::ac43:af69 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

91 %HTTPS

100 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

775 kBTransfer

1115 kBSize

15 Cookies

4 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

15 Cookies

Indicators

extand.ru Open in urlscan Pro
2606:4700:3037::ac43:af69 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

91 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

775 kB
Transfer

1115 kB
Size

15
Cookies

22 HTTP transactions
1 data transactions