read3.w1.flibusta.life Open in urlscan Pro
104.21.91.39 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://read3.w1.flibusta.life/b/576360
Submission: On January 13 via manual (January 13th 2022, 9:14:53 am UTC) from IN — Scanned from DE

Summary HTTP 121 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 22 IPs in 8 countries across 33 domains to perform 121 HTTP transactions. The main IP is 104.21.91.39, located in and belongs to CLOUDFLARENET, US. The main domain is read3.w1.flibusta.life.

This is the only time read3.w1.flibusta.life was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	104.21.91.39 104.21.91.39	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	5.255.255.5 5.255.255.5	13238 (YANDEX) (YANDEX)
2 3	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
8	178.154.131.216 178.154.131.216	13238 (YANDEX) (YANDEX)
20 62	213.180.193.90 213.180.193.90	13238 (YANDEX) (YANDEX)
3 12	87.250.251.119 87.250.251.119	13238 (YANDEX) (YANDEX)
9	87.250.247.182 87.250.247.182	13238 (YANDEX) (YANDEX)
9	213.180.204.36 213.180.204.36	13238 (YANDEX) (YANDEX)
3 4	95.217.86.150 95.217.86.150	24940 (HETZNER-AS) (HETZNER-AS)
1 1	95.217.109.66 95.217.109.66	24940 (HETZNER-AS) (HETZNER-AS)
3 3	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
2	81.222.128.214 81.222.128.214	20597 (ELTEL-AS) (ELTEL-AS)
2 2	185.15.175.132 185.15.175.132	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1 1	80.64.106.148 80.64.106.148	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
1 1	80.64.106.147 80.64.106.147	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
2 2	89.108.120.68 89.108.120.68	197695 (AS-REG) (AS-REG)
2 2	78.46.100.125 78.46.100.125	24940 (HETZNER-AS) (HETZNER-AS)
1 1	91.192.148.30 91.192.148.30	42481 (BEGUN-AS) (BEGUN-AS)
1 2	34.247.200.0 34.247.200.0	16509 (AMAZON-02) (AMAZON-02)
2	37.18.16.22 37.18.16.22	205675 (HYBRID-AS) (HYBRID-AS)
1 1	194.226.130.229 194.226.130.229	52016 (TNSMSK-) (TNSMSK-)
2 2	148.251.236.115 148.251.236.115	24940 (HETZNER-AS) (HETZNER-AS)
1 1	144.76.138.28 144.76.138.28	24940 (HETZNER-AS) (HETZNER-AS)
8 12	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
3 4	96.46.183.20 96.46.183.20	7979 (SERVERS-COM) (SERVERS-COM)
3 3	195.201.243.72 195.201.243.72	24940 (HETZNER-AS) (HETZNER-AS)
1 1	116.202.128.114 116.202.128.114	24940 (HETZNER-AS) (HETZNER-AS)
1 1	81.163.17.245 81.163.17.245	50340 (SELECTEL-MSK) (SELECTEL-MSK)
2 2	217.66.147.170 217.66.147.170	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
1 1	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
1	31.172.81.160 31.172.81.160	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1 1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2 2	194.190.76.44 194.190.76.44	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	87.250.250.114 87.250.250.114	13238 (YANDEX) (YANDEX)
2	213.180.204.158 213.180.204.158	13238 (YANDEX) (YANDEX)
2 3	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2 6	142.250.181.228 142.250.181.228	15169 (GOOGLE) (GOOGLE)
6	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
121	22

14 104.21.91.39 (None, )

ASN13335 (CLOUDFLARENET, US)

read3.w1.flibusta.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.255.255.5 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
PTR: yandex.ru

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.212.201.198 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 178.154.131.216 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: static.yandex.net

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 213.180.193.90 (Russian Federation) 20 redirects

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 87.250.251.119 (Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 87.250.247.182 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: avatars.mds.yandex.net

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 213.180.204.36 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: favicon.yandex.net

favicon.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.217.86.150 (Helsinki, Finland) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.150.86.217.95.clients.your-server.de

sonar.semantiqo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn3.caltat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.217.109.66 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.66.109.217.95.clients.your-server.de

sync.magnitent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.16.14 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.214 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad14.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.132 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.148 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr3.rutarget.ru

yandex-dmp-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.147 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr2.rutarget.ru

yandex-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.120.68 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51803.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.100.125 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.125.100.46.78.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.192.148.30 (Russian Federation) 1 redirects

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru

profile.ssp.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.247.200.0 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-200-0.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.18.16.22 (Russian Federation)

ASN205675 (HYBRID-AS, RU)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.226.130.229 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

cm.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.251.236.115 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-5.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.76.138.28 (Thale, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-3.community.moscow

228b43bd-9471-4f02-8322-898ff6a57938.sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.16.130 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 96.46.183.20 (United States) 3 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 195.201.243.72 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: regensburg.aucourant.info

acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.128.114 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1315780.sapientru.net

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.163.17.245 (Russian Federation) 1 redirects

ASN50340 (SELECTEL-MSK, RU)

mitdmp.whiteboxdigital.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.66.147.170 (St Petersburg, Russian Federation) 2 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-170-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.87.44.187 (Moscow, Russian Federation) 1 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.172.81.160 (Muehlheim am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.190.76.44 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: hosting.adhigh.net

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.250.250.114 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: ysa-static.passport.yandex.net

ysa-static.passport.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.180.204.158 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: storage.mds.yandex.net

storage.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.66 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.181.228 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	yandex.ru 21 redirects yandex.ru — Cisco Umbrella Rank: 1525 an.yandex.ru — Cisco Umbrella Rank: 2850 mc.yandex.ru — Cisco Umbrella Rank: 3317 ysa-static.passport.yandex.ru — Cisco Umbrella Rank: 29672	279 KB
20	yandex.net avatars.mds.yandex.net — Cisco Umbrella Rank: 9300 favicon.yandex.net — Cisco Umbrella Rank: 13701 storage.mds.yandex.net — Cisco Umbrella Rank: 27640	244 KB
14	flibusta.life read3.w1.flibusta.life	199 KB
12	doubleclick.net 8 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 169 googleads.g.doubleclick.net — Cisco Umbrella Rank: 44	6 KB
9	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 29691	3 KB
8	yastatic.net yastatic.net — Cisco Umbrella Rank: 7693	220 KB
6	google.de www.google.de — Cisco Umbrella Rank: 6151	1 KB
6	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 8	1 KB
4	betweendigital.com 3 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1471	3 KB
3	googleadservices.com 2 redirects www.googleadservices.com — Cisco Umbrella Rank: 97	15 KB
3	mts.ru 3 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 35454 tech.rtb.mts.ru — Cisco Umbrella Rank: 33839	2 KB
3	acint.net 3 redirects acint.net — Cisco Umbrella Rank: 30163	1 KB
3	upravel.com 3 redirects sync.upravel.com — Cisco Umbrella Rank: 33962 228b43bd-9471-4f02-8322-898ff6a57938.sync.upravel.com	2 KB
3	weborama.fr 3 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 9547	594 B
3	semantiqo.com 2 redirects sonar.semantiqo.com — Cisco Umbrella Rank: 68318	1 KB
3	yadro.ru 2 redirects counter.yadro.ru — Cisco Umbrella Rank: 9433	2 KB
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 10763	812 B
2	hybrid.ai dm.hybrid.ai — Cisco Umbrella Rank: 5603	475 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 184	2 KB
2	1dmp.io 2 redirects sync.1dmp.io — Cisco Umbrella Rank: 11473	1 KB
2	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 13521	1 KB
2	rutarget.ru 2 redirects yandex-dmp-sync.rutarget.ru — Cisco Umbrella Rank: 81136 yandex-sync.rutarget.ru — Cisco Umbrella Rank: 81326	847 B
2	digitaltarget.ru 2 redirects dmg.digitaltarget.ru — Cisco Umbrella Rank: 26732	1 KB
2	adriver.ru ssp.adriver.ru — Cisco Umbrella Rank: 12534	402 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 9983	203 B
1	bumlam.com sync.bumlam.com — Cisco Umbrella Rank: 2726	103 B
1	whiteboxdigital.ru 1 redirects mitdmp.whiteboxdigital.ru — Cisco Umbrella Rank: 30271	785 B
1	sape.ru 1 redirects ssp-rtb.sape.ru — Cisco Umbrella Rank: 39438	631 B
1	opera.com t.adx.opera.com — Cisco Umbrella Rank: 4726	410 B
1	tns-counter.ru 1 redirects cm.tns-counter.ru — Cisco Umbrella Rank: 85284	388 B
1	rambler.ru 1 redirects profile.ssp.rambler.ru — Cisco Umbrella Rank: 17812	244 B
1	magnitent.com 1 redirects sync.magnitent.com	780 B
1	caltat.com 1 redirects cdn3.caltat.com — Cisco Umbrella Rank: 214312	334 B
121	33

	Domain	Requested by
62	an.yandex.ru	20 redirects yandex.ru read3.w1.flibusta.life
14	read3.w1.flibusta.life	read3.w1.flibusta.life
9	mc.yandex.com	2 redirects read3.w1.flibusta.life mc.yandex.ru
9	favicon.yandex.net	read3.w1.flibusta.life
9	avatars.mds.yandex.net	read3.w1.flibusta.life
8	yastatic.net	yandex.ru yastatic.net read3.w1.flibusta.life
6	www.google.de
6	www.google.com	2 redirects
6	googleads.g.doubleclick.net	2 redirects www.googleadservices.com
6	cm.g.doubleclick.net	6 redirects
4	ads.betweendigital.com	3 redirects
3	www.googleadservices.com	2 redirects yastatic.net
3	acint.net	3 redirects
3	redirect.frontend.weborama.fr	3 redirects
3	sonar.semantiqo.com	2 redirects read3.w1.flibusta.life
3	mc.yandex.ru	1 redirects yandex.ru yastatic.net
3	counter.yadro.ru	2 redirects read3.w1.flibusta.life
2	storage.mds.yandex.net	yastatic.net
2	px.adhigh.net	2 redirects
2	sm.rtb.mts.ru	2 redirects
2	sync.upravel.com	2 redirects
2	dm.hybrid.ai	read3.w1.flibusta.life
2	dpm.demdex.net	1 redirects
2	sync.1dmp.io	2 redirects
2	x01.aidata.io	2 redirects
2	dmg.digitaltarget.ru	2 redirects
2	ssp.adriver.ru	read3.w1.flibusta.life
2	yandex.ru	read3.w1.flibusta.life yastatic.net
1	ysa-static.passport.yandex.ru	read3.w1.flibusta.life
1	s.uuidksinc.net	1 redirects
1	sync.bumlam.com	read3.w1.flibusta.life
1	tech.rtb.mts.ru	1 redirects
1	mitdmp.whiteboxdigital.ru	1 redirects
1	ssp-rtb.sape.ru	1 redirects
1	t.adx.opera.com	read3.w1.flibusta.life
1	228b43bd-9471-4f02-8322-898ff6a57938.sync.upravel.com	1 redirects
1	cm.tns-counter.ru	1 redirects
1	profile.ssp.rambler.ru	1 redirects
1	yandex-sync.rutarget.ru	1 redirects
1	yandex-dmp-sync.rutarget.ru	1 redirects
1	sync.magnitent.com	1 redirects
1	cdn3.caltat.com	1 redirects
121	42

This site contains links to these domains. Also see Links.

Domain
booktracker.org
fbsearch.ru
openid.net
libgen.lc
sci-hub.se
z-lib.org
cyberleninka.ru
magzdb.org
www.liveinternet.ru

Subject Issuer	Validity	Valid
yandex.ru Yandex CA	`2021-08-30` - `2022-02-28`	6 months	crt.sh
*.yastatic.net Yandex CA	`2021-08-18` - `2022-02-16`	6 months	crt.sh
bs.yandex.ru Yandex CA	`2021-11-17` - `2022-05-18`	6 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
avatars.mds.yandex.net Yandex CA	`2021-08-31` - `2022-03-01`	6 months	crt.sh
favicon.yandex.net Yandex CA	`2021-11-23` - `2022-04-24`	5 months	crt.sh
*.adriver.ru RapidSSL RSA CA 2018	`2020-04-03` - `2022-04-24`	2 years	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
*.bumlam.com R3	`2021-12-08` - `2022-03-08`	3 months	crt.sh
ysa-static.passport.yandex.net Yandex CA	`2021-08-21` - `2022-02-19`	6 months	crt.sh
storage.yandex.net Yandex CA	`2021-08-31` - `2022-03-01`	6 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh

This page contains 4 frames:

Primary Page: http://read3.w1.flibusta.life/b/576360
Frame ID: 4334FE674C0B2B5876BC52821D150A12
Requests: 60 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: A5D6C068A32917D290674BA96768BF1D
Requests: 53 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/protected/render.html
Frame ID: 8C71A1F9A7138B51A507BB793D039C03
Requests: 2 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/protected/render.html
Frame ID: 7A6F17D1067599B43D2D8ABBF07587AE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Меняйся быстрее, чем наступит завтра (fb2) | Флибуста

Detected technologies

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

121
Requests

66 %
HTTPS

0 %
IPv6

33
Domains

42
Subdomains

22
IPs

8
Countries

964 kB
Transfer

2423 kB
Size

57
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: http://booktracker.org/
Title: [Книжный торрент]

Search URL Search Domain Scan URL

URL: http://fbsearch.ru/
Title: Полнотекстовый поиск по книгам

Search URL Search Domain Scan URL

URL: https://openid.net/
Title: Что такое OpenID?

Search URL Search Domain Scan URL

URL: http://libgen.lc/
Title: Научная литература

Search URL Search Domain Scan URL

URL: http://sci-hub.se/
Title: Научные статьи

Search URL Search Domain Scan URL

URL: http://libgen.lc/foreignfiction/
Title: Иностранная литература

Search URL Search Domain Scan URL

URL: https://z-lib.org/
Title: Z-Library

Search URL Search Domain Scan URL

URL: https://cyberleninka.ru/
Title: Киберленинка

Search URL Search Domain Scan URL

URL: http://libgen.lc/comics/
Title: Архив комиксов

Search URL Search Domain Scan URL

URL: http://magzdb.org/
Title: Вся периодика мира

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click;flibusta_life

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://counter.yadro.ru/hit;flibusta_life?t45.1;r;s1600*1200*24;uhttp%3A//read3.w1.flibusta.life/b/576360;h%u041C%u0435%u043D%u044F%u0439%u0441%u044F%20%u0431%u044B%u0441%u0442%u0440%u0435%u0435%2C%20%u0447%u0435%u043C%20%u043D%u0430%u0441%u0442%u0443%u043F%u0438%u0442%20%u0437%u0430%u0432%u0442%u0440%u0430%20%28fb2%29%20%7C%20%u0424%u043B%u0438%u0431%u0443%u0441%u0442%u0430;0.4498239744256174 HTTP 302
https://counter.yadro.ru/hit;flibusta_life?q;t45.1;r;s1600*1200*24;uhttp%3A//read3.w1.flibusta.life/b/576360;h%u041C%u0435%u043D%u044F%u0439%u0441%u044F%20%u0431%u044B%u0441%u0442%u0440%u0435%u0435%2C%20%u0447%u0435%u043C%20%u043D%u0430%u0441%u0442%u0443%u043F%u0438%u0442%20%u0437%u0430%u0432%u0442%u0440%u0430%20%28fb2%29%20%7C%20%u0424%u043B%u0438%u0431%u0443%u0441%u0442%u0430;0.4498239744256174

Request Chain 40

https://sonar.semantiqo.com/dmp/scr.php HTTP 302
https://counter.yadro.ru/id127/reff-id.gif?sid=b139c3190fda4d2091279710bef8b0cc HTTP 302
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=F03D07D68CC7E718&sid=b139c3190fda4d2091279710bef8b0cc HTTP 302
https://cdn3.caltat.com/fbfc504c-89b0-4a80-bef4-c8e39daeee6f/sess.php?sid=b139c3190fda4d2091279710bef8b0cc&spid=F03D07D68CC7E718&v= HTTP 302
https://sync.magnitent.com/fbfli/ct_sync.php?ct=d4b8dd3adeb24dc18ae9541ce720960b&sonar=b139c3190fda4d2091279710bef8b0cc&spid=F03D07D68CC7E718&v= HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fsonar.semantiqo.com%2F983we%2Fspixel.php%3Fsid%3Db139c3190fda4d2091279710bef8b0cc%26c%3Dd4b8dd3adeb24dc18ae9541ce720960b%26w%3D={WEBO_CID} HTTP 302
https://sonar.semantiqo.com/983we/spixel.php?sid=b139c3190fda4d2091279710bef8b0cc&c=d4b8dd3adeb24dc18ae9541ce720960b&w==jRTzgfOBhHTSvKERpPfySe

Request Chain 42

https://dmg.digitaltarget.ru/1/119/i/i?i=1642065287 HTTP 307
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&i=1642065287 HTTP 307
https://an.yandex.ru/mapuid/dmpamberdata/ay8TJjiP7ewSbsF7ZWZO HTTP 302
https://an.yandex.ru/mapuid/dmpamberdata/ay8TJjiP7ewSbsF7ZWZO?redir-setuniq=1

Request Chain 43

https://yandex-dmp-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/dmpsegmento/g6py-gm-ZeK0?sign=3398714641 HTTP 302
https://an.yandex.ru/mapuid/dmpsegmento/g6py-gm-ZeK0?redir-setuniq=1&sign=3398714641

Request Chain 44

https://yandex-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/rutargetis/fn1zmppDHrDB HTTP 302
https://an.yandex.ru/mapuid/rutargetis/fn1zmppDHrDB?redir-setuniq=1

Request Chain 45

https://x01.aidata.io/0.gif?pid=YANDEX HTTP 302
https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1 HTTP 302
https://an.yandex.ru/mapuid/dmpaidatame/iT6bF45JZwy8%2FLiTZMnP7Q?sign=3711397364 HTTP 302
https://an.yandex.ru/mapuid/dmpaidatame/iT6bF45JZwy8/LiTZMnP7Q?redir-setuniq=1&sign=3711397364

Request Chain 46

https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au HTTP 302
https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au&cs=1 HTTP 302
https://an.yandex.ru/mapuid/dmpcleverdata/425c4900-7451-11ec-8677-901b0e934d81?sign=2330275486 HTTP 302
https://an.yandex.ru/mapuid/dmpcleverdata/425c4900-7451-11ec-8677-901b0e934d81?redir-setuniq=1&sign=2330275486

Request Chain 47

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID} HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=1461490971 HTTP 302
https://an.yandex.ru/mapuid/dmpweborama/jRTzgfOBhHTSvKERpPfySe HTTP 302
https://an.yandex.ru/mapuid/dmpweborama/jRTzgfOBhHTSvKERpPfySe?redir-setuniq=1

Request Chain 48

https://profile.ssp.rambler.ru/sync3.302?pid=188 HTTP 302
https://an.yandex.ru/mapuid/ramblerssp/ HTTP 302
https://an.yandex.ru/mapuid/ramblerssp/?redir-setuniq=1

Request Chain 49

https://an.yandex.ru/mapuid/adobedmp/ HTTP 302
https://an.yandex.ru/mapuid/adobedmp/?redir-setuniq=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=31D4FF9DD681B6F6 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=31D4FF9DD681B6F6

Request Chain 51

https://cm.tns-counter.ru/yacm HTTP 302
https://an.yandex.ru/mapuid/mediascope/fb3285bb5534bf66f11e7eead7ddbe1e85e9a78c4406bf79fde145969c31874c HTTP 302
https://an.yandex.ru/mapuid/mediascope/fb3285bb5534bf66f11e7eead7ddbe1e85e9a78c4406bf79fde145969c31874c?redir-setuniq=1

Request Chain 52

https://sync.upravel.com/yandex/sync HTTP 302
https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
https://228b43bd-9471-4f02-8322-898ff6a57938.sync.upravel.com/yandex/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIiwiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
https://an.yandex.ru/mapuid/upravelis/228b43bd-9471-4f02-8322-898ff6a57938

Request Chain 53

https://an.yandex.ru/mapuid/google/?partner-tag=yandex_llc HTTP 302
https://an.yandex.ru/mapuid/google/?redir-setuniq=1&partner-tag=yandex_llc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=C5D476C177C232EC&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=C5D476C177C232EC&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc= HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 54

https://an.yandex.ru/mapuid/google/?partner-tag=yandexcom HTTP 302
https://an.yandex.ru/mapuid/google/?redir-setuniq=1&partner-tag=yandexcom HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=C5D476C177C232EC&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=C5D476C177C232EC&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc= HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 55

https://an.yandex.ru/mapuid/google/?partner-tag=yandexru HTTP 302
https://an.yandex.ru/mapuid/google/?redir-setuniq=1&partner-tag=yandexru HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=C5D476C177C232EC&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=C5D476C177C232EC&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc= HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 56

https://an.yandex.ru/mapuid/operacom/ HTTP 302
https://an.yandex.ru/mapuid/operacom/?redir-setuniq=1 HTTP 302
https://t.adx.opera.com/sync?vendor=60143&uid=BBC98E54A6DD4B5A

Request Chain 57

https://an.yandex.ru/mapuid/betweenx/ HTTP 302
https://an.yandex.ru/mapuid/betweenx/?redir-setuniq=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=4C68C74E65EF32A6 HTTP 302
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=4C68C74E65EF32A6&crf=1

Request Chain 58

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F%24%7BUSER_ID%7D HTTP 302
https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F$%7BUSER_ID%7D&dp=151&tc=1 HTTP 302
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252FSAPEis%252F$%257BUSER_ID%257D&dp=14 HTTP 302
https://acint.net/rmatch?dp=14&euid=0100007F8BEDDF6182007A99027C46F9&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F$%7BUSER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/SAPEis/0100007F8BEDDF619A002FAF024CFD19

Request Chain 59

https://mitdmp.whiteboxdigital.ru/pixel?id=a&source=yandex&redirect=false&href=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fqbitis%2F%7Bmiid%7D HTTP 302
https://an.yandex.ru/mapuid/qbitis/dd6aea32-a4db-4c65-b739-aed007e0e53b

Request Chain 60

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1 HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/5169bf29-7b16-530d-b660-6215d7bf8f9e

Request Chain 61

https://sm.rtb.mts.ru/p?ssp=yandex&id=map HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=55&exu=map HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=532df3c3-8122-4eef-8d40-481a400736c7&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2F532df3c3-8122-4eef-8d40-481a400736c7 HTTP 302
https://an.yandex.ru/mapuid/mtsdspis/532df3c3-8122-4eef-8d40-481a400736c7

Request Chain 65

https://s.uuidksinc.net/match/501 HTTP 302
https://an.yandex.ru/mapuid/kadamis/oFdBAwilrq58U9lV6Jlu

Request Chain 66

https://px.adhigh.net/p/cm/yandexssp HTTP 302
https://px.adhigh.net/p/cm/yandexssp?bounced=1 HTTP 302
https://an.yandex.ru/mapuid/getintentis/0MywcITPBGZ.AikABlF-Urfpbg

Request Chain 73

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=i-3fYfzJKYjYx_AP3uCT0AQ&random=181303526&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=181303526&crd=&is_vtc=1&random=1747040062 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=181303526&crd=&is_vtc=1&random=1747040062&ipr=y

Request Chain 74

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=i-3fYcLIKdWvgQe67K2gAw&random=2118189847&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2118189847&crd=&is_vtc=1&random=2178073033 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2118189847&crd=&is_vtc=1&random=2178073033&ipr=y

Request Chain 98

https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=http%3A%2F%2Fread3.w1.flibusta.life%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A747780789215%3Ahid%3A663681943%3Az%3A0%3Ai%3A20220113091451%3Aet%3A1642065291%3Ac%3A1%3Arn%3A3998710%3Arqn%3A1%3Au%3A164206529167094089%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1642065287801%3Ads%3A0%2C870%2C448%2C1%2C0%2C0%2C%2C24%2C0%2C1348%2C1348%2C0%2C1348%3Adsn%3A0%2C870%2C448%2C1%2C0%2C0%2C%2C28%2C0%2C1348%2C1348%2C0%2C1348%3Aco%3A0%3Ast%3A1642065291&t=gdpr()aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=http%3A%2F%2Fread3.w1.flibusta.life%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A747780789215%3Ahid%3A663681943%3Az%3A0%3Ai%3A20220113091451%3Aet%3A1642065291%3Ac%3A1%3Arn%3A3998710%3Arqn%3A1%3Au%3A164206529167094089%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1642065287801%3Ads%3A0%2C870%2C448%2C1%2C0%2C0%2C%2C24%2C0%2C1348%2C1348%2C0%2C1348%3Adsn%3A0%2C870%2C448%2C1%2C0%2C0%2C%2C28%2C0%2C1348%2C1348%2C0%2C1348%3Aco%3A0%3Ast%3A1642065291&t=gdpr%28%29aw%281%29ti%282%29

Request Chain 102

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9517.s0w3fGjRT6Tp0b_VicLHm8ql5WcfMhbih07iBcySKm0ckwuvVx7Bv-2B25aisXGm.3X5OgxJ5vk_mjMGwzeemZEEpUwE%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9517.q8e0I5eX_8WrUcrlCr3FpKLF2TfMmtgmwMbPnw4R0OOFR3TS1fLdqxns-Y57C72eeSr4pkCY4sWYguFvgD97wJSm0Tfo7p42lUg44FrvnAk%2C.lYE6L2hPCvOCojTfNaNDHuF3VqA%2C

121 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 576360 Show response
read3.w1.flibusta.life/b/ 29 KB
10 KB 377ms
296ms Document
text/html 104.21.91.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://read3.w1.flibusta.life/b/576360
Protocol: HTTP/1.1
Server: 104.21.91.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 550116d1cc65e48e0c93fd975464892e2e2ce6102288031449fd0082d1e01212

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Thu, 13 Jan 2022 09:14:45 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.1.33
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: max-age=86400, must-revalidate
pragma: no-cache
CF-Cache-Status: MISS
Last-Modified: Thu, 13 Jan 2022 09:14:45 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VVF4dZLCINRnvc%2FbgioDqV11lmQCWZ2flU8h9BIctWXtzkZ16NKA4N89AEiQtiEPsTNpYrRZafQJJLjR0gD%2Bz0O0BJ4vBBPi3V%2B2ubLjgF1PKcnHBo4uNUmq0kRFzOJlytTjqd1%2B9NgR"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6ccd8421cd9df2ac-WAW
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK css_541b6da58ae4dff17f932324504056f9.css
read3.w1.flibusta.life/sites/default/files/css/ 25 KB
7 KB 293ms
293ms Stylesheet
text/css 104.21.91.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360
Protocol: HTTP/1.1
Server: 104.21.91.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 361840fbee3b0726b5f0f5bbfe37e13bdab8c3c873d643a45b56c5e37c8d2a86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/b/576360
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 09:14:45 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: no-cache
Last-Modified: Thu, 13 Jan 2022 09:14:45 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F5LGkgsesKn8rUGmJWeLLckhEsLJDOq50iog%2BAdpjDSKUYt2DGz%2BCXT%2BEJbRheuJuhoaF11nP2lomZ3Woc%2F0%2BI%2BQC1fP8elW15sszJLoPrgx%2Bg3Aco4VRD20TpYJZpdfMk4nWKVIWbTs"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css;charset=UTF-8
cache-control: max-age=86400, must-revalidate
CF-RAY: 6ccd8423b964f2ac-WAW
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK js_38da4b3058a476fa69101d044220c361.js Show response
read3.w1.flibusta.life/sites/default/files/js/ 130 KB
45 KB 380ms
331ms Script
application/javascript 104.21.91.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://read3.w1.flibusta.life/sites/default/files/js/js_38da4b3058a476fa69101d044220c361.js
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360
Protocol: HTTP/1.1
Server: 104.21.91.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 0ce15a8f257959b2f4e39c9d2eaa5e7ca98ac78d9740851aa1b1d9d0c56f3009

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/b/576360
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 09:14:46 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: no-cache
Last-Modified: Thu, 13 Jan 2022 09:14:45 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a81ReTaoz8PTfazhSsQ6Ir0SpodN46rwtL%2BFzRC2Mxaj%2Bt3EdaE68p5bwxrSdDLjlG%2FyKt9atQIvf0flei1ZUOPDOIYJ5x94JJiD9VeFFCehbUdEo9MVlzCsUeL63rUtRSleUa8z0wqb"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
cache-control: max-age=86400, must-revalidate
CF-RAY: 6ccd8423fb860020-WAW
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 306 KB
82 KB 150ms
55ms Script
text/javascript 5.255.255.5
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.255.255.5 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

yandex.ru

Software

Resource Hash

c90f044345dd4f0011b188dbbe7d26f41bdb8b9edc266d0fedc1689f1055ef98

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1642065286097247-17535913556576005148-man2-5984-29c-man-l7-balancer-8080-BAL-9951
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 13 Jan 2022 10:14:46 GMT

GET
H/1.1 200
OK bluebreeze_logo.png
read3.w1.flibusta.life/sites/default/files/ 13 KB
14 KB 316ms
316ms Image
image/png 104.21.91.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read3.w1.flibusta.life/sites/default/files/bluebreeze_logo.png
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360
Protocol: HTTP/1.1
Server: 104.21.91.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 6ebb99f44b593382de6cfbf5a66e1e4eb5f56c4061dcbb889c4e741bda853cb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/b/576360
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 09:14:46 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: no-cache
Last-Modified: Thu, 13 Jan 2022 09:14:46 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TkY%2BtlPGPyDG%2BX2KbrXhtrCpdtM6MYE6xE%2F6bE37C3ePkFAYaseff82%2Fra%2ByeCAPyug4cO5C96gG9oWRmLAWy%2BAUSq5VlpKKG3zQRw2OVaFN3cDsLgyVe2VJ0D6nx8gPsGqQgdthAHye"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
cache-control: max-age=86400, must-revalidate
CF-RAY: 6ccd842659300020-WAW
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK znak4.gif
read3.w1.flibusta.life/img/ 946 B
2 KB 308ms
308ms Image
image/gif 104.21.91.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read3.w1.flibusta.life/img/znak4.gif
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360
Protocol: HTTP/1.1
Server: 104.21.91.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 6e10d1dc79cb5a6fbe62cd0bfd36c2423c95810f860ec008d707dd61d715f9f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/b/576360
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 09:14:46 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: no-cache
Last-Modified: Thu, 13 Jan 2022 09:14:46 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sF8ACZWBV4UlZoNUGVmJvGb8egt0uXYIvaqjtYn%2FiHs0ges64XCG6LMA3viaMGQ7CFyfGM0kEVkuIRvskT9hBzbR7OeBueTU0Yz0vSeZdAvyDN5NzsKwliz7XPDE1pI%2B1RzqIVgwSXrx"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
cache-control: max-age=86400, must-revalidate
CF-RAY: 6ccd84265ec4f2ac-WAW
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK cover.jpg
read3.w1.flibusta.life/i/60/576360/ 72 KB
73 KB 326ms
275ms Image
image/jpeg 104.21.91.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read3.w1.flibusta.life/i/60/576360/cover.jpg
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360
Protocol: HTTP/1.1
Server: 104.21.91.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 724ecca5300fed887d728b329e49bfc32b041d71e94777206a5a4664a6466719

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/b/576360
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 09:14:46 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: no-cache
Last-Modified: Thu, 13 Jan 2022 09:14:46 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GAJ0IupMKQ9cCMHPi9WpY2WjF4eHZuYChWICmfIR78%2B6RHmkHO%2FZEMkR%2BhuM93MfpiH5wyKuWHUXUiqCUQJ%2BkzEACu0aAWJ4EpduqFZ%2FGzaXAQ8dF4PcnnWwnNWfGpNyTjnffg1tTRXW"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
cache-control: max-age=86400, must-revalidate
CF-RAY: 6ccd8426cdc40c21-AMS
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK bg-header.gif
read3.w1.flibusta.life/themes/bluebreeze/images/ 40 KB
41 KB 658ms
353ms Image
image/gif 104.21.91.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read3.w1.flibusta.life/themes/bluebreeze/images/bg-header.gif
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
Protocol: HTTP/1.1
Server: 104.21.91.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: d5382a54699a1e6984f8d16c12b2874c57d7da68e7dc4999a2423cbe1f56a419

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 09:14:46 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: no-cache
Last-Modified: Thu, 13 Jan 2022 09:14:46 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5eScdUXh3nEFO8EqNBUCIdfKjzw1Sgcw9XfbQXLaXs%2B3H7ktm0SbSnas2lHKqah%2BAdrts7FWjx0VQ%2F73oTwxldmHlX3hq4l4LB4kw31m7eRHRcx4WtUvIDdAt%2BsFYfvkJ%2F5cxwPI%2FD%2F"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
cache-control: max-age=86400, must-revalidate
CF-RAY: 6ccd84287ecc0020-WAW
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK bg-primary.gif
read3.w1.flibusta.life/themes/bluebreeze/images/ 146 B
1000 B 780ms
472ms Image
image/gif 104.21.91.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read3.w1.flibusta.life/themes/bluebreeze/images/bg-primary.gif
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
Protocol: HTTP/1.1
Server: 104.21.91.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: dfcea52ba20178b53f04aa15dd3ac627061def92702459e3afdf5dc2910138a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 09:14:46 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: no-cache
Last-Modified: Thu, 13 Jan 2022 09:14:46 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9vDr6bug6ia%2BhbKdsxshwiV%2FGIYmQcO%2FR6%2BzOypxQtFAOkZRFvqZjawkTPDJO1h52Fvrg5p3uCLkyrcx7YvC%2FAxmA48PC9TroKZn3xvF1YWj1aICgE1hWkF4ueeLhhyXRUlNi48oc13q"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
cache-control: max-age=86400, must-revalidate
CF-RAY: 6ccd84287b6ef2ac-WAW
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1

200
OK

hit;flibusta_life
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit;flibusta_life?t45.1;r;s1600*1200*24;uhttp%3A//read3.w1.flibusta.life/b/576360;h%u041C%u0435%u043D%u044F%u0439%u0441%u044F%20%u0431%u044B%u0441%u0442%u0440%u0435%u0435%2...
https://counter.yadro.ru/hit;flibusta_life?q;t45.1;r;s1600*1200*24;uhttp%3A//read3.w1.flibusta.life/b/576360;h%u041C%u0435%u043D%u044F%u0439%u0441%u044F%20%u0431%u044B%u0441%u0442%u0440%u0435%u0435...

112 B
598 B

125ms
125ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;flibusta_life?q;t45.1;r;s1600*1200*24;uhttp%3A//read3.w1.flibusta.life/b/576360;h%u041C%u0435%u043D%u044F%u0439%u0441%u044F%20%u0431%u044B%u0441%u0442%u0440%u0435%u0435%2C%20%u0447%u0435%u043C%20%u043D%u0430%u0441%u0442%u0443%u043F%u0438%u0442%20%u0437%u0430%u0432%u0442%u0440%u0430%20%28fb2%29%20%7C%20%u0424%u043B%u0438%u0431%u0443%u0441%u0442%u0430;0.4498239744256174

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

bb51b9caddb8a0e55d70c819b8a8903fbf2f94b7ad453653ec6aa0e823524276

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 13 Jan 2022 09:15:00 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 112
Expires: Tue, 12 Jan 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 13 Jan 2022 09:14:59 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit;flibusta_life?q;t45.1;r;s1600*1200*24;uhttp%3A//read3.w1.flibusta.life/b/576360;h%u041C%u0435%u043D%u044F%u0439%u0441%u044F%20%u0431%u044B%u0441%u0442%u0440%u0435%u0435%2C%20%u0447%u0435%u043C%20%u043D%u0430%u0441%u0442%u0443%u043F%u0438%u0442%20%u0437%u0430%u0432%u0442%u0440%u0430%20%28fb2%29%20%7C%20%u0424%u043B%u0438%u0431%u0443%u0441%u0442%u0430;0.4498239744256174
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Tue, 12 Jan 2021 21:00:00 GMT

GET
H/1.1 200
OK open.gif
read3.w1.flibusta.life/img/ 67 B
919 B 668ms
312ms Image
image/gif 104.21.91.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read3.w1.flibusta.life/img/open.gif
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
Protocol: HTTP/1.1
Server: 104.21.91.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 1d4c1410507cbfa6fa4e3594f092ddf8ba0688dd58eec01bcc501f60250803fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 09:14:46 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: no-cache
Last-Modified: Thu, 13 Jan 2022 09:14:46 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=biLdTn5ChQD7bxTP%2FAFneV%2FEeqoHopu3qaLUAzQswM96P041mtctVFRXaJmyZxYATiyGMUeYMokBQkG35IC0tC%2F%2FTXIZtcA9DtHwa4OqYAOk8y42WbxeUZNdCODdJ0KFb19DD4LlMZZU"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
cache-control: max-age=86400, must-revalidate
CF-RAY: 6ccd8428cfa50020-WAW
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK menu-leaf.gif
read3.w1.flibusta.life/themes/bluebreeze/images/ 175 B
1 KB 363ms
349ms Image
image/gif 104.21.91.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read3.w1.flibusta.life/themes/bluebreeze/images/menu-leaf.gif
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
Protocol: HTTP/1.1
Server: 104.21.91.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 913e0bff2ebdfd8aa46e82e8282910638f68fdb9f56f447f1f6b259f3fe5e539

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 09:14:46 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: no-cache
Last-Modified: Thu, 13 Jan 2022 09:14:46 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wiVKkVER4SZcZt5NgqLfjESPBtdFrpID0yPCj71pFYrR1kqOeDNB1VbvOcOnltKrjxrN0JWr6ttphSu26Ookcg3OZbF6Faqem5EMmfM1y0%2FFphO%2BaM7wn0v6thqw%2FudwE%2BllmTJ1fnLr"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
cache-control: max-age=86400, must-revalidate
CF-RAY: 6ccd84269bc65007-WAW
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
DATA 200
OK truncated
/ 484 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef9ed4adcba4950bf4be0556283131eedd7c629de1821c8c3967c7f70d971596

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK login-bg.png
read3.w1.flibusta.life/modules/openid/ 223 B
1 KB 1279ms
1278ms Image
image/png 104.21.91.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read3.w1.flibusta.life/modules/openid/login-bg.png
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
Protocol: HTTP/1.1
Server: 104.21.91.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: d4247ed30734f69d609692cc4278b576470108373acc75ae3a5e4dba20457cf1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 09:14:47 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: no-cache
Last-Modified: Thu, 13 Jan 2022 09:14:47 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2BZp%2BsK%2BfKJC4fvt8diCDdKGUlebd5q4Iy8rkANwnZ2NXYW0FWLWgQKHygFW7yKCCDWwvFBD88DzxSuy51Wvqm5rf0hJ%2FmPhDsTGfqzLW2rjKPXo761bPop3clD6rRE7PIj4PDNNSKr3"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
cache-control: max-age=86400, must-revalidate
CF-RAY: 6ccd842f0f3a5007-WAW
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK menu-expanded.gif
read3.w1.flibusta.life/themes/bluebreeze/images/ 183 B
1 KB 341ms
314ms Image
image/gif 104.21.91.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read3.w1.flibusta.life/themes/bluebreeze/images/menu-expanded.gif
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
Protocol: HTTP/1.1
Server: 104.21.91.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: aa76185f417cf85d7029b35e3a6544d4495402e17f76a32633b5ba80a81faa26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 09:14:46 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: no-cache
Last-Modified: Thu, 13 Jan 2022 09:14:46 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EsVDMlmW0y%2F2yIQiahyssJarMcXQLAW9ErhOykNb40bYZcOckWMXoYYKjyvDmUdf1joHxogl%2FjFhxAkqTNXLtSKWIzA%2BYzv13BGYyUGKTQi44esdfCQqot8kB920iERfwb%2BGfm2N6L2A"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
cache-control: max-age=86400, must-revalidate
CF-RAY: 6ccd8426aa060020-WAW
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK menu-collapsed.gif
read3.w1.flibusta.life/themes/bluebreeze/images/ 176 B
1 KB 381ms
361ms Image
image/gif 104.21.91.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read3.w1.flibusta.life/themes/bluebreeze/images/menu-collapsed.gif
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
Protocol: HTTP/1.1
Server: 104.21.91.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: b4e545d7af5622814ef6da2f4aca4f1ce46077bb9c1641761c2398eaf661d8c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 09:14:46 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: no-cache
Last-Modified: Thu, 13 Jan 2022 09:14:46 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mTQ5WkfDHFJ4JETx4nazNQHZ9kZ2MYdixzUlBu1fER93RhVgHTWzTRhSBhBRX7p3PCjeabHZzThWwGpwjG2qEX3E%2FqRz%2BJfdngxzwmse8LvBB5Qxc1TDlFJ80rl%2F9aDSqCrFpPYSBmxq"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
cache-control: max-age=86400, must-revalidate
CF-RAY: 6ccd8426abdacc77-WAW
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK bg-footer.gif
read3.w1.flibusta.life/themes/bluebreeze/images/ 187 B
1 KB 312ms
312ms Image
image/gif 104.21.91.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://read3.w1.flibusta.life/themes/bluebreeze/images/bg-footer.gif
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
Protocol: HTTP/1.1
Server: 104.21.91.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: f739d2729f1fd478c855bef64b16d83ab8524e6068651ca4325e47ccca7aa1bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/sites/default/files/css/css_541b6da58ae4dff17f932324504056f9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 09:14:46 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.33
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: no-cache
Last-Modified: Thu, 13 Jan 2022 09:14:46 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QXbCeJ0IhSaGrkKUZo1AriuQGFAuNiL6oEHIk8l%2Bhh0gDbsZX%2F0%2Bx0XQ5rbpF9TqPETxekgQNHEIJewvtL7fI6GXyBBvg%2FmqmqXcoqol5a%2Bpni0QnvbN%2BfZw4jFhh%2FwLkV54ak3fp16O"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
cache-control: max-age=86400, must-revalidate
CF-RAY: 6ccd8429aa21cc77-WAW
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 64c0710034beba405073.js Show response
yastatic.net/partner-code-bundles/51883/ 13 KB
5 KB 423ms
206ms Script
text/javascript 178.154.131.216
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/51883/64c0710034beba405073.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.216 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

4ff14a24b5b987df73bf322a5639b6bc9de5bd5c862131e72f50f997b4517daa

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://read3.w1.flibusta.life/
Origin: http://read3.w1.flibusta.life
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 09:14:46 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4454
last-modified: Wed, 12 Jan 2022 15:43:03 GMT
server: nginx/1.17.9
etag: "345bea6fe9a43ec8573644f3976e98b9"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jan 2052 15:47:54 GMT

GET
H2 200 9973b31c34685a4198c1.js Show response
yastatic.net/partner-code-bundles/51883/ 80 KB
17 KB 773ms
557ms Script
text/javascript 178.154.131.216
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/51883/9973b31c34685a4198c1.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.216 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

2ddc0270f67098887df783cd646e3a21ca627f76edd49103f4b1e540f7558016

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://read3.w1.flibusta.life/
Origin: http://read3.w1.flibusta.life
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 09:14:46 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 17105
last-modified: Wed, 12 Jan 2022 15:43:03 GMT
server: nginx/1.17.9
etag: "fdb96a336e3400b4bb653b86c6bb60f7"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jan 2052 15:48:00 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 930ms
715ms Script
text/javascript 178.154.131.216
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.216 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://read3.w1.flibusta.life/
Origin: http://read3.w1.flibusta.life
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 09:14:46 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jan 2052 15:48:18 GMT

GET
H2 200 1382009 Show response
an.yandex.ru/meta/ 15 KB
9 KB 1292ms
366ms XHR
application/json 213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/1382009?target-ref=http%3A%2F%2Fread3.w1.flibusta.life%2Fb%2F576360&charset=utf-8&pcode-test-ids=455963%2C0%2C70%3B483201%2C0%2C36%3B466938%2C0%2C76%3B484008%2C0%2C59%3B452124%2C0%2C50%3B488677%2C0%2C73%3B488524%2C0%2C9%3B437233%2C0%2C-1&pcode-flags-map=eJyNVttu2zgQ%2FRc9excSde8bJdEWUZnUklQcNwgIJxHaAG4cOEqx26L%2F3qEuG0tO5frBsmid4fDMmTP6YRGGk4LolGcklXqTU0UKKpX14eaH9W23f62tD5YSFbEWVlO%2FNPQB7j0U235s%2FbxdWBmVLT4jS1wVSqucrIkm61JtdVYJrChnF2OFbhtrTTKK9ZJCuIQqwBJdCsoFhVhLnCouRpHsv23zcc6ieW20K15UkEpSKcWZxoyuz5PpDn8WIGwDVIwuuQDUn0A6NtIcsxWQWdD0I1AheLXKdcFXNB3FgLNAJkNqwxlHMV0UItTG7At0VcZ9kebp9Jwwdk6Bb6xCeanK9VoSc6uI0BXL4Bsnmeas2F4I7HuoYxZKA8dL%2BbosCNQoIUATlAoWZc4vshWgyPe7CmEJ5LCVJtelXhYYfkxT1mpbnqlAw34gOEkFyQalzOceuoHj%2FmbPC5uNAjvTqChoo9IVMxRMctKU4bK8kFnseB0bpamuHvrpimaEQwBDc8IHqWRVCdI613H97%2FMoauTGdnAqgl5xJWak6FSAheCbca2uiNhuciLIb2IZ7qTq0iNCTpOAJ4MoHmPDwO%2FEiLMlv9ZrkcLJJE1oYRiGjNpWmT0LCl3XHhqy4Ngo1ggAr0fUNsfXegQzeXcw0LuUwpA5wZzv9T9oWRVFiyqJSAlTpotBKgqf4lsHcsbi9sOOrMEQTYzORkaNe2N9r59gb%2FhG%2FeWvz7v9vj7%2BB7d3j%2Fv93WF3fIDfXw7Hx%2B%2BHp2a3H93YrhPBwu5h99w8fqvTw9MLUHDfHI6w%2BvXwUB%2BfcP8fLDwfXpr6mO6Oh9eXen%2BKe1t6%2Bbo7Nrp53NfW7ftnEirRCWbMVABaR85y%2BQbLE5DL6bMecnz3%2FWff1UkCUtmwcYwbJ4gCFC6QD7PIh0sURc7C9T0nihbIjX3XXHw7DBYo8DzPXSAbObY9POLacRAAPLRjKCHs73nR7aQz7UG7WhLCNE8kEZOjWPXT7m5fj707QHE3Qpb0GuygK78WxLjtLGemgbwBqdeg2JzQVa40U%2FPC9Xy3d%2F2SS%2BPs4GIpmYdEMGI6iHl2cJ7sfbV2Arqqj83jfavEbiE%2FFeefiOx9vb7JWmZj8b1l%2BYkwBBwaj10xjRz9jwtuRErtzh7TRyjurD%2FFMI8l%2BF%2BBP221cRIN7wSreZZCO%2FLDniUCLqpND1BWUHYBh%2BIeJ3Oc8Y0WnCvNSzJv3GEQoy5bRjYaZ0nBYdSC98zbfRigrvopr8CrFNfX%2BbzSojDqp7mxR8VLeENKiZwMvKmpAsrvqqEqAWPJJNlZ8oVxhPpWMiOkH0k5Z2RbGlKYlmsMdttb7ShUypkSvBg7SxC7Ud%2BZMvs47Ugv8mw7GifQrrTvmODJtPOwEei%2B2U9k4%2FT89A0FiUiY3mevBFNgFAX9%2B2NZglCUmR2VKC5g%2FH4zc1wMbd8K08yOebsIkWvU8vMXEBJzxQ%3D%3D&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=WW6VZZuusRcUvDXcXhh1lwCm19NxKYCq%2FKEXLZSbD2vq5jzVoehVbveKMPO9cWZX4kD6iliZAXDaMsXVoysiZG81tLA%3D&imp-id=5&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=375534760493058&ad-session-id=552751642065286314&target-id=53091451&tga-with-creatives=1&top-ancestor=http%3A%2F%2Fread3.w1.flibusta.life&top-ancestor-undetermined=0&pcode-version=51883&pcodever=51883&flash-ver=0&available-width=1600&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A99%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=564&grab=dNCc0LXQvdGP0LnRgdGPINCx0YvRgdGC0YDQtdC1LCDRh9C10Lwg0L3QsNGB0YLRg9C_0LjRgiDQt9Cw0LLRgtGA0LAgKGZiMikgfCDQpNC70LjQsdGD0YHRgtCwCjEg0KTQu9C40LHRg9GB0YLQsCAKMdCc0LXQvdGP0LnRgdGPINCx0YvRgdGC0YDQtdC1LCDRh9C10Lwg0L3QsNGB0YLRg9C_0LjRgiDQt9Cw0LLRgtGA0LAgKGZiMikgCjLQkNC90L3QvtGC0LDRhtC40Y8gCjLQoNC10LrQvtC80LXQvdC00LDRhtC40Lg6IAoyINCf0L7QuNGB0Log0LrQvdC40LMgCjIg0JLRhdC-0LQg0LIg0YHQuNGB0YLQtdC80YMgCjIg0J3QsNCy0LjQs9Cw0YbQuNGPIAoyINCf0L7RgdC70LXQtNC90LjQtSDQutC-0LzQvNC10L3RgtCw0YDQuNC4IAoyINCS0L_QtdGH0LDRgtC70LXQvdC40Y8g0L4g0LrQvdC40LPQsNGFIAoyINCg0Y7QutC30LDRh9C-0LogCg%3D%3D&uniformat=true&callback=Ya%5B3419209374944%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

9a461fbd84446dbdb4ad3fe15abf88cc707a74cee6cdf705f731823de77b6123

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read3.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:47 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:47 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1642065287430709-631175181628735267300274-production-app-host-man-pcode-24
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: http://read3.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:47 GMT

GET
H2 200 a0864e374dc59e50c95a.js Show response
yastatic.net/partner-code-bundles/51883/ 643 KB
131 KB 749ms
558ms Script
text/javascript 178.154.131.216
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/51883/a0864e374dc59e50c95a.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.216 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

c52300065c159bb2754b346f0888ba07144c3446e8ba1975b103d5be581a0e7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://read3.w1.flibusta.life/
Origin: http://read3.w1.flibusta.life
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 09:14:46 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 133532
last-modified: Wed, 12 Jan 2022 15:43:03 GMT
server: nginx/1.17.9
etag: "049f152d3814a563fc06a8df6d044d8c"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jan 2052 15:47:56 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 837ms
138ms Preflight 213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://read3.w1.flibusta.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
date: Thu, 13 Jan 2022 09:14:48 GMT
access-control-max-age: 1728000
access-control-allow-headers: content-type
access-control-allow-origin: http://read3.w1.flibusta.life
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-encoding: gzip
strict-transport-security: max-age=31536000

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
379 B 584ms
584ms XHR
text/plain 213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read3.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:48 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:48 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://read3.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:48 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 134 KB
48 KB 1759ms
1529ms Script
application/javascript 87.250.251.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

13478bdce3b05abe223de8fe7aeab8fa7e1c0599adde7b20944739374757ecfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://read3.w1.flibusta.life/
Origin: http://read3.w1.flibusta.life
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 09:14:48 GMT
content-encoding: br
last-modified: Wed, 12 Jan 2022 11:07:36 GMT
etag: "61de8c48-bd04"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 48388
expires: Thu, 13 Jan 2022 10:14:48 GMT

GET
H2 200 1382009 Show response
an.yandex.ru/meta/ 79 KB
24 KB 322ms
322ms XHR
application/json 213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/1382009?target-ref=http%3A%2F%2Fread3.w1.flibusta.life%2Fb%2F576360&charset=utf-8&pcode-test-ids=455963%2C0%2C70%3B483201%2C0%2C36%3B466938%2C0%2C76%3B484008%2C0%2C59%3B452124%2C0%2C50%3B488677%2C0%2C73%3B488524%2C0%2C9%3B437233%2C0%2C-1&pcode-flags-map=eJyNVttu2zgQ%2FRc9excSde8bJdEWUZnUklQcNwgIJxHaAG4cOEqx26L%2F3qEuG0tO5frBsmid4fDMmTP6YRGGk4LolGcklXqTU0UKKpX14eaH9W23f62tD5YSFbEWVlO%2FNPQB7j0U235s%2FbxdWBmVLT4jS1wVSqucrIkm61JtdVYJrChnF2OFbhtrTTKK9ZJCuIQqwBJdCsoFhVhLnCouRpHsv23zcc6ieW20K15UkEpSKcWZxoyuz5PpDn8WIGwDVIwuuQDUn0A6NtIcsxWQWdD0I1AheLXKdcFXNB3FgLNAJkNqwxlHMV0UItTG7At0VcZ9kebp9Jwwdk6Bb6xCeanK9VoSc6uI0BXL4Bsnmeas2F4I7HuoYxZKA8dL%2BbosCNQoIUATlAoWZc4vshWgyPe7CmEJ5LCVJtelXhYYfkxT1mpbnqlAw34gOEkFyQalzOceuoHj%2FmbPC5uNAjvTqChoo9IVMxRMctKU4bK8kFnseB0bpamuHvrpimaEQwBDc8IHqWRVCdI613H97%2FMoauTGdnAqgl5xJWak6FSAheCbca2uiNhuciLIb2IZ7qTq0iNCTpOAJ4MoHmPDwO%2FEiLMlv9ZrkcLJJE1oYRiGjNpWmT0LCl3XHhqy4Ngo1ggAr0fUNsfXegQzeXcw0LuUwpA5wZzv9T9oWRVFiyqJSAlTpotBKgqf4lsHcsbi9sOOrMEQTYzORkaNe2N9r59gb%2FhG%2FeWvz7v9vj7%2BB7d3j%2Fv93WF3fIDfXw7Hx%2B%2BHp2a3H93YrhPBwu5h99w8fqvTw9MLUHDfHI6w%2BvXwUB%2BfcP8fLDwfXpr6mO6Oh9eXen%2BKe1t6%2Bbo7Nrp53NfW7ftnEirRCWbMVABaR85y%2BQbLE5DL6bMecnz3%2FWff1UkCUtmwcYwbJ4gCFC6QD7PIh0sURc7C9T0nihbIjX3XXHw7DBYo8DzPXSAbObY9POLacRAAPLRjKCHs73nR7aQz7UG7WhLCNE8kEZOjWPXT7m5fj707QHE3Qpb0GuygK78WxLjtLGemgbwBqdeg2JzQVa40U%2FPC9Xy3d%2F2SS%2BPs4GIpmYdEMGI6iHl2cJ7sfbV2Arqqj83jfavEbiE%2FFeefiOx9vb7JWmZj8b1l%2BYkwBBwaj10xjRz9jwtuRErtzh7TRyjurD%2FFMI8l%2BF%2BBP221cRIN7wSreZZCO%2FLDniUCLqpND1BWUHYBh%2BIeJ3Oc8Y0WnCvNSzJv3GEQoy5bRjYaZ0nBYdSC98zbfRigrvopr8CrFNfX%2BbzSojDqp7mxR8VLeENKiZwMvKmpAsrvqqEqAWPJJNlZ8oVxhPpWMiOkH0k5Z2RbGlKYlmsMdttb7ShUypkSvBg7SxC7Ud%2BZMvs47Ugv8mw7GifQrrTvmODJtPOwEei%2B2U9k4%2FT89A0FiUiY3mevBFNgFAX9%2B2NZglCUmR2VKC5g%2FH4zc1wMbd8K08yOebsIkWvU8vMXEBJzxQ%3D%3D&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=WW6VZZuusRcUvDXcXhh1lwCm19NxKYCq%2FKEXLZSbD2vq5jzVoehVbveKMPO9cWZX4kD6iliZAXDaMsXVoysiZG81tLA%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=375534760493058&ad-session-id=552751642065286314&target-id=73099285&tga-with-creatives=1&top-ancestor=http%3A%2F%2Fread3.w1.flibusta.life&top-ancestor-undetermined=0&pcode-version=51883&pcodever=51883&flash-ver=0&available-width=270&skip-token=yabs.NzIwNTc2MDU0MzEwODczNzQ%3D&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A270%2C%22h%22%3A0%2C%22width%22%3A270%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1322%2C%22top%22%3A563%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A1%7D&grab-orig-len=564&grab=dNCc0LXQvdGP0LnRgdGPINCx0YvRgdGC0YDQtdC1LCDRh9C10Lwg0L3QsNGB0YLRg9C_0LjRgiDQt9Cw0LLRgtGA0LAgKGZiMikgfCDQpNC70LjQsdGD0YHRgtCwCjEg0KTQu9C40LHRg9GB0YLQsCAKMdCc0LXQvdGP0LnRgdGPINCx0YvRgdGC0YDQtdC1LCDRh9C10Lwg0L3QsNGB0YLRg9C_0LjRgiDQt9Cw0LLRgtGA0LAgKGZiMikgCjLQkNC90L3QvtGC0LDRhtC40Y8gCjLQoNC10LrQvtC80LXQvdC00LDRhtC40Lg6IAoyINCf0L7QuNGB0Log0LrQvdC40LMgCjIg0JLRhdC-0LQg0LIg0YHQuNGB0YLQtdC80YMgCjIg0J3QsNCy0LjQs9Cw0YbQuNGPIAoyINCf0L7RgdC70LXQtNC90LjQtSDQutC-0LzQvNC10L3RgtCw0YDQuNC4IAoyINCS0L_QtdGH0LDRgtC70LXQvdC40Y8g0L4g0LrQvdC40LPQsNGFIAoyINCg0Y7QutC30LDRh9C-0LogCg%3D%3D&uniformat=true&callback=Ya%5B7877393996053%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

620b2d1d093923a6df3bb28339a39ca7e1719ca6030db1cacfe11f0ac9a265bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read3.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 13 Jan 2022 09:14:48 GMT
content-encoding: gzip
ssr: true
x-yandex-req-id: 1642065287853374-1719771314663538405000241-production-app-host-sas-pcode-275
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 13 Jan 2022 09:14:48 GMT
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: http://read3.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
uniformat: true
expires: Thu, 13 Jan 2022 09:14:48 GMT

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame A5D6 24 KB
7 KB 1318ms
448ms Document
text/html 178.154.131.216
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.216 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/

Response headers

server: nginx/1.17.9
date: Thu, 13 Jan 2022 09:14:49 GMT
content-type: text/html
content-length: 6262
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Sat, 13 Jan 2052 15:50:36 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/protected/ Frame 8C71 24 KB
7 KB 1341ms
473ms Document
text/html 178.154.131.216
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/protected/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.216 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name

Value

Content-Security-Policy

default-src 'none'; media-src storage.mds.yandex.net storage.mdst.yandex.net; img-src 'self' yandex.ru yandex.ua yandex.by yandex.kz yandex.com yandex.com.tr *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net mc.yandex.ru an.yandex.ru data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' yandex.ru yandex.ua yandex.by yandex.kz yandex.com yandex.com.tr *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net an.yandex.ru mc.yandex.ru yastatic.net; child-src 'none'; frame-src https://yandex.ru https://an.yandex.ru; connect-src storage.mds.yandex.net storage.mdst.yandex.net mc.yandex.ru yandex.ru; style-src 'unsafe-inline' 'self' *.yandex.ru *.yandex.kz *.yandex.ua mc.yandex.ru storage.mds.yandex.net storage.mdst.yandex.net; font-src 'self' *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net data:;

Strict-Transport-Security

max-age=43200000; includeSubDomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/

Response headers

server: nginx/1.17.9
date: Thu, 13 Jan 2022 09:14:49 GMT
content-type: text/html
content-length: 6262
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
content-security-policy: default-src 'none'; media-src storage.mds.yandex.net storage.mdst.yandex.net; img-src 'self' yandex.ru yandex.ua yandex.by yandex.kz yandex.com yandex.com.tr *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net mc.yandex.ru an.yandex.ru data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' yandex.ru yandex.ua yandex.by yandex.kz yandex.com yandex.com.tr *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net an.yandex.ru mc.yandex.ru yastatic.net; child-src 'none'; frame-src https://yandex.ru https://an.yandex.ru; connect-src storage.mds.yandex.net storage.mdst.yandex.net mc.yandex.ru yandex.ru; style-src 'unsafe-inline' 'self' *.yandex.ru *.yandex.kz *.yandex.ua mc.yandex.ru storage.mds.yandex.net storage.mdst.yandex.net; font-src 'self' *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net data:;
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Sat, 13 Jan 2052 15:47:47 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 1127ms
570ms Preflight 213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://read3.w1.flibusta.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
date: Thu, 13 Jan 2022 09:14:48 GMT
access-control-max-age: 1728000
access-control-allow-headers: content-type
access-control-allow-origin: http://read3.w1.flibusta.life
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-encoding: gzip
strict-transport-security: max-age=31536000

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 168ms
167ms XHR
text/plain 213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read3.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:49 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:49 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://read3.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:49 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 230ms
230ms Preflight 213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://read3.w1.flibusta.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
date: Thu, 13 Jan 2022 09:14:48 GMT
access-control-max-age: 1728000
access-control-allow-headers: content-type
access-control-allow-origin: http://read3.w1.flibusta.life
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-encoding: gzip
strict-transport-security: max-age=31536000

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 169ms
168ms XHR
text/plain 213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read3.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:49 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:49 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://read3.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:49 GMT

GET
H2 200 1382009 Show response
an.yandex.ru/meta/ 195 KB
51 KB 620ms
620ms XHR
application/json 213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/1382009?target-ref=http%3A%2F%2Fread3.w1.flibusta.life%2Fb%2F576360&charset=utf-8&pcode-test-ids=455963%2C0%2C70%3B483201%2C0%2C36%3B466938%2C0%2C76%3B484008%2C0%2C59%3B452124%2C0%2C50%3B488677%2C0%2C73%3B488524%2C0%2C9%3B437233%2C0%2C-1&pcode-flags-map=eJyNVttu2zgQ%2FRc9excSde8bJdEWUZnUklQcNwgIJxHaAG4cOEqx26L%2F3qEuG0tO5frBsmid4fDMmTP6YRGGk4LolGcklXqTU0UKKpX14eaH9W23f62tD5YSFbEWVlO%2FNPQB7j0U235s%2FbxdWBmVLT4jS1wVSqucrIkm61JtdVYJrChnF2OFbhtrTTKK9ZJCuIQqwBJdCsoFhVhLnCouRpHsv23zcc6ieW20K15UkEpSKcWZxoyuz5PpDn8WIGwDVIwuuQDUn0A6NtIcsxWQWdD0I1AheLXKdcFXNB3FgLNAJkNqwxlHMV0UItTG7At0VcZ9kebp9Jwwdk6Bb6xCeanK9VoSc6uI0BXL4Bsnmeas2F4I7HuoYxZKA8dL%2BbosCNQoIUATlAoWZc4vshWgyPe7CmEJ5LCVJtelXhYYfkxT1mpbnqlAw34gOEkFyQalzOceuoHj%2FmbPC5uNAjvTqChoo9IVMxRMctKU4bK8kFnseB0bpamuHvrpimaEQwBDc8IHqWRVCdI613H97%2FMoauTGdnAqgl5xJWak6FSAheCbca2uiNhuciLIb2IZ7qTq0iNCTpOAJ4MoHmPDwO%2FEiLMlv9ZrkcLJJE1oYRiGjNpWmT0LCl3XHhqy4Ngo1ggAr0fUNsfXegQzeXcw0LuUwpA5wZzv9T9oWRVFiyqJSAlTpotBKgqf4lsHcsbi9sOOrMEQTYzORkaNe2N9r59gb%2FhG%2FeWvz7v9vj7%2BB7d3j%2Fv93WF3fIDfXw7Hx%2B%2BHp2a3H93YrhPBwu5h99w8fqvTw9MLUHDfHI6w%2BvXwUB%2BfcP8fLDwfXpr6mO6Oh9eXen%2BKe1t6%2Bbo7Nrp53NfW7ftnEirRCWbMVABaR85y%2BQbLE5DL6bMecnz3%2FWff1UkCUtmwcYwbJ4gCFC6QD7PIh0sURc7C9T0nihbIjX3XXHw7DBYo8DzPXSAbObY9POLacRAAPLRjKCHs73nR7aQz7UG7WhLCNE8kEZOjWPXT7m5fj707QHE3Qpb0GuygK78WxLjtLGemgbwBqdeg2JzQVa40U%2FPC9Xy3d%2F2SS%2BPs4GIpmYdEMGI6iHl2cJ7sfbV2Arqqj83jfavEbiE%2FFeefiOx9vb7JWmZj8b1l%2BYkwBBwaj10xjRz9jwtuRErtzh7TRyjurD%2FFMI8l%2BF%2BBP221cRIN7wSreZZCO%2FLDniUCLqpND1BWUHYBh%2BIeJ3Oc8Y0WnCvNSzJv3GEQoy5bRjYaZ0nBYdSC98zbfRigrvopr8CrFNfX%2BbzSojDqp7mxR8VLeENKiZwMvKmpAsrvqqEqAWPJJNlZ8oVxhPpWMiOkH0k5Z2RbGlKYlmsMdttb7ShUypkSvBg7SxC7Ud%2BZMvs47Ugv8mw7GifQrrTvmODJtPOwEei%2B2U9k4%2FT89A0FiUiY3mevBFNgFAX9%2B2NZglCUmR2VKC5g%2FH4zc1wMbd8K08yOebsIkWvU8vMXEBJzxQ%3D%3D&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=WW6VZZuusRcUvDXcXhh1lwCm19NxKYCq%2FKEXLZSbD2vq5jzVoehVbveKMPO9cWZX4kD6iliZAXDaMsXVoysiZG81tLA%3D&imp-id=3&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=375534760493058&ad-session-id=552751642065286314&target-id=34987621&tga-with-creatives=1&top-ancestor=http%3A%2F%2Fread3.w1.flibusta.life&top-ancestor-undetermined=0&pcode-version=51883&pcodever=51883&flash-ver=0&available-width=270&skip-token=yabs.NzIwNTc2MDU0MzEwODczNzQKNzIwNTc2MDUyNjg3NTM3MjIKNzIwNTc2MDU1OTA0MDg2NzQ%3D&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A270%2C%22h%22%3A0%2C%22width%22%3A270%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A1322%2C%22top%22%3A1617%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A2%2C%22req_no%22%3A2%7D&grab-orig-len=564&grab=dNCc0LXQvdGP0LnRgdGPINCx0YvRgdGC0YDQtdC1LCDRh9C10Lwg0L3QsNGB0YLRg9C_0LjRgiDQt9Cw0LLRgtGA0LAgKGZiMikgfCDQpNC70LjQsdGD0YHRgtCwCjEg0KTQu9C40LHRg9GB0YLQsCAKMdCc0LXQvdGP0LnRgdGPINCx0YvRgdGC0YDQtdC1LCDRh9C10Lwg0L3QsNGB0YLRg9C_0LjRgiDQt9Cw0LLRgtGA0LAgKGZiMikgCjLQkNC90L3QvtGC0LDRhtC40Y8gCjLQoNC10LrQvtC80LXQvdC00LDRhtC40Lg6IAoyINCf0L7QuNGB0Log0LrQvdC40LMgCjIg0JLRhdC-0LQg0LIg0YHQuNGB0YLQtdC80YMgCjIg0J3QsNCy0LjQs9Cw0YbQuNGPIAoyINCf0L7RgdC70LXQtNC90LjQtSDQutC-0LzQvNC10L3RgtCw0YDQuNC4IAoyINCS0L_QtdGH0LDRgtC70LXQvdC40Y8g0L4g0LrQvdC40LPQsNGFIAoyINCg0Y7QutC30LDRh9C-0LogCg%3D%3D&uniformat=true&callback=Ya%5B7975374115832%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

17d4bb211467418b6ff7cc1cec3c8b1c59cb955b6a83513cb339b2205ae659b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read3.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 13 Jan 2022 09:14:49 GMT
content-encoding: gzip
ssr: true
x-yandex-req-id: 1642065288875950-864878686284650748800247-production-app-host-sas-pcode-150
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 13 Jan 2022 09:14:49 GMT
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: http://read3.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
uniformat: true
expires: Thu, 13 Jan 2022 09:14:49 GMT

GET
H2 200 y300
avatars.mds.yandex.net/get-direct/4755507/1cY5BC77azj2SOWWDxeO6w/ 22 KB
22 KB 294ms
79ms Image
image/webp 87.250.247.182
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4755507/1cY5BC77azj2SOWWDxeO6w/y300
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.250.247.182 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: avatars.mds.yandex.net
Software: nginx /
Resource Hash: 84d2041ec64dc2bd119a84fb87f52c35c89885c169ba1d44b3599a4e5e6b4893

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 09:14:49 GMT
last-modified: Thu, 29 Jul 2021 17:16:40 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 22180
x-request-id: 6e2aeb707c8745ab

GET
H/1.1 200
Ok yandex.com
favicon.yandex.net/favicon/ 270 B
483 B 281ms
75ms Image
image/png 213.180.204.36
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/yandex.com?size=32&stub=1

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.180.204.36 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

favicon.yandex.net

Software

Resource Hash

0e32a537bacaccf1c6ae723723661810fabf900659257f8f037e454cb4011503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 x300
avatars.mds.yandex.net/get-direct/5341740/sDVnfhCPl6YgzV9eYudgXw/ 10 KB
10 KB 294ms
80ms Image
image/webp 87.250.247.182
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5341740/sDVnfhCPl6YgzV9eYudgXw/x300
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.250.247.182 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: avatars.mds.yandex.net
Software: nginx /
Resource Hash: cf40ddddce0ecb930d92b5eb69da2c7932f4c7790a80efdd36dfb19ecd0985a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 09:14:49 GMT
last-modified: Wed, 29 Dec 2021 13:15:48 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 10092
x-request-id: 42b40cdc6a8610a6

GET
H/1.1 200
Ok znakomstva-prosto.com
favicon.yandex.net/favicon/ 1 KB
1 KB 282ms
74ms Image
image/png 213.180.204.36
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/znakomstva-prosto.com?size=32&stub=1

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.180.204.36 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

favicon.yandex.net

Software

Resource Hash

79616a67bc7bdf1f244f6225dc3ee26f50a9599d7c5cf4ed655016e907323107

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 93ms
93ms Preflight 213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://read3.w1.flibusta.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
date: Thu, 13 Jan 2022 09:14:48 GMT
access-control-max-age: 1728000
access-control-allow-headers: content-type
access-control-allow-origin: http://read3.w1.flibusta.life
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-encoding: gzip
strict-transport-security: max-age=31536000

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
123 B 143ms
142ms XHR
text/plain 213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read3.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:49 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:49 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://read3.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:49 GMT

GET
H2 200 WPOejI_zODe0PGm0j1K00000dxwbbmK0sW4nX-tVOG00000uyjce0M2C66W4W07JtPa4Y06BZEmDa06SnAxnr820W0AO0Pp4hl5Ki06Objsi2BW1eFM-hYFO0VxSrvy1u06-k-wU0Q02XDcB6S2nLUW4bXk81Ru3a0Nz1h05XW6u1Om2m0NO1iW5WGBW1NQW1iW1g... Show response
an.yandex.ru/tracking/ Frame A5D6 0
67 B 1649ms
1648ms XHR
text/plain 213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/tracking/WPOejI_zODe0PGm0j1K00000dxwbbmK0sW4nX-tVOG00000uyjce0M2C66W4W07JtPa4Y06BZEmDa06SnAxnr820W0AO0Pp4hl5Ki06Objsi2BW1eFM-hYFO0VxSrvy1u06-k-wU0Q02XDcB6S2nLUW4bXk81Ru3a0Nz1h05XW6u1Om2m0NO1iW5WGBW1NQW1iW1g0R80Sa6Xuqfj_1PHXUf1-l6p2B9lElzk0UGCj071E07f0_2a846y0cW1VW9i0I02WYchzFNwyO009Z79nvprGK0y0i6u0s2W801XjkcezASjCb1e0x0X3se3-kDiyAIcU_r_G604EBRtn-Gn22X4O0K8AWK_GRGsu-D1k0K0TWLmOhsxAEFlFnZs1QOlhg3lwFuyfK1WHS00F0_c1UXmTGjq1WX-1Y06O8S3KncEJfcQKLwR5H8LpVf780TVw4TiNwXQDyEh3-e7G7O7gs57w0VlwoK80u02IEOsf3WKjgcgWO4nCFFlCzb7lYEGsZ4B_aIbUFcMH1RG-LTaxvpYOyM0pm3~1?action-id=11

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:49 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:49 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:49 GMT

GET
H2

200

spixel.php
sonar.semantiqo.com/983we/ Frame A5D6
Redirect Chain

https://sonar.semantiqo.com/dmp/scr.php
https://counter.yadro.ru/id127/reff-id.gif?sid=b139c3190fda4d2091279710bef8b0cc
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=F03D07D68CC7E718&sid=b139c3190fda4d2091279710bef8b0cc
https://cdn3.caltat.com/fbfc504c-89b0-4a80-bef4-c8e39daeee6f/sess.php?sid=b139c3190fda4d2091279710bef8b0cc&spid=F03D07D68CC7E718&v=
https://sync.magnitent.com/fbfli/ct_sync.php?ct=d4b8dd3adeb24dc18ae9541ce720960b&sonar=b139c3190fda4d2091279710bef8b0cc&spid=F03D07D68CC7E718&v=
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fsonar.semantiqo.com%2F983we%2Fspixel.php%3Fsid%3Db139c3190fda4d2091279710bef8b0cc%26c%3Dd4b8dd3adeb24dc18ae9541ce720960b%26w%3D={WEBO_CID}
https://sonar.semantiqo.com/983we/spixel.php?sid=b139c3190fda4d2091279710bef8b0cc&c=d4b8dd3adeb24dc18ae9541ce720960b&w==jRTzgfOBhHTSvKERpPfySe

0
355 B

109ms
109ms

Image
text/html

95.217.86.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sonar.semantiqo.com/983we/spixel.php?sid=b139c3190fda4d2091279710bef8b0cc&c=d4b8dd3adeb24dc18ae9541ce720960b&w==jRTzgfOBhHTSvKERpPfySe
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360
Protocol: H2
Server: 95.217.86.150 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.86.217.95.clients.your-server.de
Software: nginx/1.20.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 09:14:51 GMT
content-encoding: gzip
server: nginx/1.20.2
mode: no-cors
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
via: 1.1 google
last-modified: Thu, 13 Jan 2022 09:14:51 GMT
server: nginx/1.12.0
location: https://sonar.semantiqo.com/983we/spixel.php?sid=b139c3190fda4d2091279710bef8b0cc&c=d4b8dd3adeb24dc18ae9541ce720960b&w==jRTzgfOBhHTSvKERpPfySe
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame A5D6 42 B
201 B 802ms
136ms Image
image/gif 81.222.128.214
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=109
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.214 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad14.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 09:14:49 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

ay8TJjiP7ewSbsF7ZWZO
an.yandex.ru/mapuid/dmpamberdata/ Frame A5D6
Redirect Chain

https://dmg.digitaltarget.ru/1/119/i/i?i=1642065287
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&i=1642065287
https://an.yandex.ru/mapuid/dmpamberdata/ay8TJjiP7ewSbsF7ZWZO
https://an.yandex.ru/mapuid/dmpamberdata/ay8TJjiP7ewSbsF7ZWZO?redir-setuniq=1

43 B
80 B

312ms
311ms

Image
image/gif

213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpamberdata/ay8TJjiP7ewSbsF7ZWZO?redir-setuniq=1

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360

Protocol

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:51 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:51 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:50 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:50 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/dmpamberdata/ay8TJjiP7ewSbsF7ZWZO?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:50 GMT

GET
H2

200

g6py-gm-ZeK0
an.yandex.ru/mapuid/dmpsegmento/ Frame A5D6
Redirect Chain

https://yandex-dmp-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/dmpsegmento/g6py-gm-ZeK0?sign=3398714641
https://an.yandex.ru/mapuid/dmpsegmento/g6py-gm-ZeK0?redir-setuniq=1&sign=3398714641

43 B
80 B

316ms
316ms

Image
image/gif

213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpsegmento/g6py-gm-ZeK0?redir-setuniq=1&sign=3398714641

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360

Protocol

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:51 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:51 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:50 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:50 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/dmpsegmento/g6py-gm-ZeK0?redir-setuniq=1&sign=3398714641
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:50 GMT

GET
H2

200

fn1zmppDHrDB
an.yandex.ru/mapuid/rutargetis/ Frame A5D6
Redirect Chain

https://yandex-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/rutargetis/fn1zmppDHrDB
https://an.yandex.ru/mapuid/rutargetis/fn1zmppDHrDB?redir-setuniq=1

43 B
80 B

312ms
312ms

Image
image/gif

213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/rutargetis/fn1zmppDHrDB?redir-setuniq=1

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360

Protocol

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:51 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:51 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:50 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:50 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/rutargetis/fn1zmppDHrDB?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:50 GMT

GET
H2

200

LiTZMnP7Q
an.yandex.ru/mapuid/dmpaidatame/iT6bF45JZwy8/ Frame A5D6
Redirect Chain

https://x01.aidata.io/0.gif?pid=YANDEX
https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1
https://an.yandex.ru/mapuid/dmpaidatame/iT6bF45JZwy8%2FLiTZMnP7Q?sign=3711397364
https://an.yandex.ru/mapuid/dmpaidatame/iT6bF45JZwy8/LiTZMnP7Q?redir-setuniq=1&sign=3711397364

43 B
108 B

269ms
269ms

Image
image/gif

213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpaidatame/iT6bF45JZwy8/LiTZMnP7Q?redir-setuniq=1&sign=3711397364

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360

Protocol

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:51 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:51 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:49 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:49 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/dmpaidatame/iT6bF45JZwy8/LiTZMnP7Q?redir-setuniq=1&sign=3711397364
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:49 GMT

GET
H2

200

425c4900-7451-11ec-8677-901b0e934d81
an.yandex.ru/mapuid/dmpcleverdata/ Frame A5D6
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au
https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au&cs=1
https://an.yandex.ru/mapuid/dmpcleverdata/425c4900-7451-11ec-8677-901b0e934d81?sign=2330275486
https://an.yandex.ru/mapuid/dmpcleverdata/425c4900-7451-11ec-8677-901b0e934d81?redir-setuniq=1&sign=2330275486

43 B
80 B

269ms
269ms

Image
image/gif

213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpcleverdata/425c4900-7451-11ec-8677-901b0e934d81?redir-setuniq=1&sign=2330275486

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360

Protocol

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:51 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:51 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:50 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:50 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/dmpcleverdata/425c4900-7451-11ec-8677-901b0e934d81?redir-setuniq=1&sign=2330275486
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:50 GMT

GET
H2

200

jRTzgfOBhHTSvKERpPfySe
an.yandex.ru/mapuid/dmpweborama/ Frame A5D6
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID}
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=1461490971
https://an.yandex.ru/mapuid/dmpweborama/jRTzgfOBhHTSvKERpPfySe
https://an.yandex.ru/mapuid/dmpweborama/jRTzgfOBhHTSvKERpPfySe?redir-setuniq=1

43 B
80 B

271ms
271ms

Image
image/gif

213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpweborama/jRTzgfOBhHTSvKERpPfySe?redir-setuniq=1

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360

Protocol

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:51 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:51 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:49 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:49 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/dmpweborama/jRTzgfOBhHTSvKERpPfySe?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:49 GMT

GET
H2

200

/
an.yandex.ru/mapuid/ramblerssp/ Frame A5D6
Redirect Chain

https://profile.ssp.rambler.ru/sync3.302?pid=188
https://an.yandex.ru/mapuid/ramblerssp/
https://an.yandex.ru/mapuid/ramblerssp/?redir-setuniq=1

43 B
80 B

317ms
316ms

Image
image/gif

213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/ramblerssp/?redir-setuniq=1

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360

Protocol

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:51 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:51 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:49 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:49 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/ramblerssp/?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:49 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame A5D6
Redirect Chain

https://an.yandex.ru/mapuid/adobedmp/
https://an.yandex.ru/mapuid/adobedmp/?redir-setuniq=1
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=31D4FF9DD681B6F6
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=31D4FF9DD681B6F6

42 B
945 B

51ms
50ms

Image
image/gif

34.247.200.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=31D4FF9DD681B6F6

Protocol

HTTP/1.1

Server

34.247.200.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-200-0.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v026-099f6d80c.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: EVVDILohRHQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v026-06a894a95.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: N9fyBXW9SFQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=31D4FF9DD681B6F6
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 yandexdmp-match
dm.hybrid.ai/ Frame A5D6 0
238 B 2046ms
253ms Image
text/plain 37.18.16.22
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/yandexdmp-match

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.22 , Russian Federation, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 109
x-xss-protection: 1; mode=block
expires: -1

GET
H2

200

fb3285bb5534bf66f11e7eead7ddbe1e85e9a78c4406bf79fde145969c31874c
an.yandex.ru/mapuid/mediascope/ Frame A5D6
Redirect Chain

https://cm.tns-counter.ru/yacm
https://an.yandex.ru/mapuid/mediascope/fb3285bb5534bf66f11e7eead7ddbe1e85e9a78c4406bf79fde145969c31874c
https://an.yandex.ru/mapuid/mediascope/fb3285bb5534bf66f11e7eead7ddbe1e85e9a78c4406bf79fde145969c31874c?redir-setuniq=1

43 B
80 B

313ms
312ms

Image
image/gif

213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mediascope/fb3285bb5534bf66f11e7eead7ddbe1e85e9a78c4406bf79fde145969c31874c?redir-setuniq=1

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360

Protocol

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:51 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:51 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:50 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:50 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/mediascope/fb3285bb5534bf66f11e7eead7ddbe1e85e9a78c4406bf79fde145969c31874c?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:50 GMT

GET
H2

200

228b43bd-9471-4f02-8322-898ff6a57938
an.yandex.ru/mapuid/upravelis/ Frame A5D6
Redirect Chain

https://sync.upravel.com/yandex/sync
https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ
https://228b43bd-9471-4f02-8322-898ff6a57938.sync.upravel.com/yandex/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIiwiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ
https://an.yandex.ru/mapuid/upravelis/228b43bd-9471-4f02-8322-898ff6a57938

43 B
80 B

92ms
92ms

Image
image/gif

213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/upravelis/228b43bd-9471-4f02-8322-898ff6a57938

Protocol

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:51 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:51 GMT

Redirect headers

date: Thu, 13 Jan 2022 09:14:51 GMT
server: nginx
location: https://an.yandex.ru/mapuid/upravelis/228b43bd-9471-4f02-8322-898ff6a57938
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
content-type: image/png
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame A5D6
Redirect Chain

https://an.yandex.ru/mapuid/google/?partner-tag=yandex_llc
https://an.yandex.ru/mapuid/google/?redir-setuniq=1&partner-tag=yandex_llc
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=C5D476C177C232EC&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=C5D476C177C232EC&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc=
https://an.yandex.ru/resource/spacer.gif

43 B
78 B

114ms
114ms

Image
image/gif

213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360

Protocol

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 13 Jan 2022 09:14:51 GMT
content-encoding: gzip
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif
x-xss-protection: 1; mode=block
expires: Thu, 29 Dec 2022 09:14:51 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://an.yandex.ru/resource/spacer.gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame A5D6
Redirect Chain

https://an.yandex.ru/mapuid/google/?partner-tag=yandexcom
https://an.yandex.ru/mapuid/google/?redir-setuniq=1&partner-tag=yandexcom
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=C5D476C177C232EC&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=C5D476C177C232EC&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc=
https://an.yandex.ru/resource/spacer.gif

43 B
126 B

97ms
96ms

Image
image/gif

213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360

Protocol

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 13 Jan 2022 09:14:51 GMT
content-encoding: gzip
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif
x-xss-protection: 1; mode=block
expires: Thu, 29 Dec 2022 09:14:51 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://an.yandex.ru/resource/spacer.gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame A5D6
Redirect Chain

https://an.yandex.ru/mapuid/google/?partner-tag=yandexru
https://an.yandex.ru/mapuid/google/?redir-setuniq=1&partner-tag=yandexru
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=C5D476C177C232EC&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=C5D476C177C232EC&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc=
https://an.yandex.ru/resource/spacer.gif

43 B
78 B

109ms
108ms

Image
image/gif

213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360

Protocol

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 13 Jan 2022 09:14:51 GMT
content-encoding: gzip
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif
x-xss-protection: 1; mode=block
expires: Thu, 29 Dec 2022 09:14:51 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://an.yandex.ru/resource/spacer.gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
t.adx.opera.com/ Frame A5D6
Redirect Chain

https://an.yandex.ru/mapuid/operacom/
https://an.yandex.ru/mapuid/operacom/?redir-setuniq=1
https://t.adx.opera.com/sync?vendor=60143&uid=BBC98E54A6DD4B5A

0
410 B

242ms
95ms

Image
text/plain

82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60143&uid=BBC98E54A6DD4B5A
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360
Protocol: H2
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
server: Tengine
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:51 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://t.adx.opera.com/sync?vendor=60143&uid=BBC98E54A6DD4B5A
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:51 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame A5D6
Redirect Chain

https://an.yandex.ru/mapuid/betweenx/
https://an.yandex.ru/mapuid/betweenx/?redir-setuniq=1
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=4C68C74E65EF32A6
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=4C68C74E65EF32A6&crf=1

68 B
607 B

123ms
123ms

Image
image/png

96.46.183.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=161&external_user_id=4C68C74E65EF32A6&crf=1
Protocol: H2
Server: 96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=161&external_user_id=4C68C74E65EF32A6&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

404

0100007F8BEDDF619A002FAF024CFD19
an.yandex.ru/mapuid/SAPEis/ Frame A5D6
Redirect Chain

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F%24%7BUSER_ID%7D
https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F$%7BUSER_ID%7D&dp=151&tc=1
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252FSAPEis%252F$%257BUSER_ID%257D&dp=14
https://acint.net/rmatch?dp=14&euid=0100007F8BEDDF6182007A99027C46F9&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F$%7BUSER_ID%7D
https://an.yandex.ru/mapuid/SAPEis/0100007F8BEDDF619A002FAF024CFD19

43 B
80 B

74ms
73ms

Image
image/gif

213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/SAPEis/0100007F8BEDDF619A002FAF024CFD19

Protocol

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:51 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:51 GMT

Redirect headers

date: Thu, 13 Jan 2022 09:14:51 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://an.yandex.ru/mapuid/SAPEis/0100007F8BEDDF619A002FAF024CFD19
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: text/html
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

dd6aea32-a4db-4c65-b739-aed007e0e53b
an.yandex.ru/mapuid/qbitis/ Frame A5D6
Redirect Chain

https://mitdmp.whiteboxdigital.ru/pixel?id=a&source=yandex&redirect=false&href=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fqbitis%2F%7Bmiid%7D
https://an.yandex.ru/mapuid/qbitis/dd6aea32-a4db-4c65-b739-aed007e0e53b

43 B
80 B

131ms
131ms

Image
image/gif

213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/qbitis/dd6aea32-a4db-4c65-b739-aed007e0e53b

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360

Protocol

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:51 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:51 GMT

Redirect headers

Date: Thu, 13 Jan 2022 09:14:51 GMT
Server: nginx/1.21.0
Location: https://an.yandex.ru/mapuid/qbitis/dd6aea32-a4db-4c65-b739-aed007e0e53b
Access-Control-Max-Age: 3628800
Access-Control-Allow-Methods: GET, DELETE, OPTIONS, POST, PUT
Access-Control-Allow-Origin
Access-Control-Expose-Headers: Content-Length,Content-Range
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
Content-Length: 0

GET
H2

200

5169bf29-7b16-530d-b660-6215d7bf8f9e
an.yandex.ru/mapuid/betweendigitalis/ Frame A5D6
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1
https://an.yandex.ru/mapuid/betweendigitalis/5169bf29-7b16-530d-b660-6215d7bf8f9e

43 B
80 B

80ms
79ms

Image
image/gif

213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/betweendigitalis/5169bf29-7b16-530d-b660-6215d7bf8f9e

Protocol

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:51 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:51 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/betweendigitalis/5169bf29-7b16-530d-b660-6215d7bf8f9e
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

532df3c3-8122-4eef-8d40-481a400736c7
an.yandex.ru/mapuid/mtsdspis/ Frame A5D6
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=yandex&id=map
https://sm.rtb.mts.ru/match/second?ssp=55&exu=map
https://tech.rtb.mts.ru/?dsp_uid=532df3c3-8122-4eef-8d40-481a400736c7&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2F532df3c3-8122-4eef-8d40-481a400736c7
https://an.yandex.ru/mapuid/mtsdspis/532df3c3-8122-4eef-8d40-481a400736c7

43 B
80 B

92ms
91ms

Image
image/gif

213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mtsdspis/532df3c3-8122-4eef-8d40-481a400736c7

Protocol

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:51 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:51 GMT

Redirect headers

Date: Thu, 13 Jan 2022 09:14:51 GMT
Server: nginx/1.13.12
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/mapuid/mtsdspis/532df3c3-8122-4eef-8d40-481a400736c7
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H/1.1 204
No Content /
sync.bumlam.com/ Frame A5D6 0
103 B 1284ms
1072ms Image
text/plain 31.172.81.160
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=yandex
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.160 Muehlheim am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection: keep-alive
Date: Thu, 13 Jan 2022 09:14:52 GMT
Server: nginx

GET
H2 204 match
dm.hybrid.ai/ Frame A5D6 0
237 B 118ms
112ms Image
text/plain 37.18.16.22
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=182

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.22 , Russian Federation, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 113
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame A5D6 42 B
201 B 134ms
128ms Image
image/gif 81.222.128.214
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=19
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.214 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad14.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 09:14:51 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

oFdBAwilrq58U9lV6Jlu
an.yandex.ru/mapuid/kadamis/ Frame A5D6
Redirect Chain

https://s.uuidksinc.net/match/501
https://an.yandex.ru/mapuid/kadamis/oFdBAwilrq58U9lV6Jlu

43 B
80 B

130ms
130ms

Image
image/gif

213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/kadamis/oFdBAwilrq58U9lV6Jlu

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360

Protocol

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:51 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:51 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/kadamis/oFdBAwilrq58U9lV6Jlu
date: Thu, 13 Jan 2022 09:14:51 GMT
server: nginx/1.19.0
content-length: 0

GET
H2

200

0MywcITPBGZ.AikABlF-Urfpbg
an.yandex.ru/mapuid/getintentis/ Frame A5D6
Redirect Chain

https://px.adhigh.net/p/cm/yandexssp
https://px.adhigh.net/p/cm/yandexssp?bounced=1
https://an.yandex.ru/mapuid/getintentis/0MywcITPBGZ.AikABlF-Urfpbg

43 B
80 B

77ms
77ms

Image
image/gif

213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/getintentis/0MywcITPBGZ.AikABlF-Urfpbg

Protocol

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:51 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:51 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f22-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://an.yandex.ru/mapuid/getintentis/0MywcITPBGZ.AikABlF-Urfpbg
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
Ok d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame A5D6 95 B
400 B 648ms
55ms Image
image/png 87.250.250.114
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

87.250.250.114 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

ysa-static.passport.yandex.net

Software

nginx/1.14.2 /

Resource Hash

18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 09:14:51 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=315360000; includeSubDomains
X-RT-IH: 0.0002
Content-Type: image/png
Cache-Control: private
Connection: close
X-RT-IQ: 0.0001
Content-Length: 95
Expires: Fri, 14 Jan 2022 09:14:51 GMT

GET
H2 200 image.jpg
storage.mds.yandex.net/get-canvas-html5/3006599/f9c37d4f-08cc-40a3-8475-77b5f789e82e/ Frame 8C71 21 KB
21 KB 486ms
258ms Image
image/jpeg 213.180.204.158
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.mds.yandex.net/get-canvas-html5/3006599/f9c37d4f-08cc-40a3-8475-77b5f789e82e/image.jpg
Requested by: Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/1-1-0/protected/render.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.180.204.158 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: storage.mds.yandex.net
Software: nginx /
Resource Hash: d5b5c8924b6e3efa9e26aa3ff8dda5b2395c03208103ac5944b746930aa9f942

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 09:14:49 GMT
last-modified: Tue, 23 Nov 2021 06:44:33 GMT
server: nginx
etag: "7d421096adb27161ebc8b032781efb2e"
x-cache-status: hit
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-data-size: 21680
x-mds-request-id: 75d4e1975974a5dd
x-robots-tag: noindex, noarchive, nofollow
content-length: 21680

GET
H2 200 bundle.js Show response
yastatic.net/q/set/s/rsya-tag-users/ Frame A5D6 105 KB
37 KB 242ms
242ms Script
application/javascript 178.154.131.216
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.216 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 09:14:49 GMT
content-encoding: br
last-modified: Fri, 29 Oct 2021 11:19:01 GMT
server: nginx/1.17.9
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Sat, 15 Jan 2022 21:14:37 GMT
cache-control: public, max-age=31556952
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
x-nginx-request-id: 65890a1d642c5377

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame A5D6 134 KB
48 KB 546ms
326ms Script
application/javascript 87.250.251.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

13478bdce3b05abe223de8fe7aeab8fa7e1c0599adde7b20944739374757ecfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 09:14:50 GMT
content-encoding: br
last-modified: Wed, 12 Jan 2022 11:07:36 GMT
etag: "61de8c48-bd04"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 48388
expires: Thu, 13 Jan 2022 10:14:50 GMT

GET
H2 200 data Show response
yandex.ru/set/s/rsya-tag-users/ Frame A5D6 402 B
691 B 175ms
175ms Fetch
application/json 5.255.255.5
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/set/s/rsya-tag-users/data?referrer=http%3A%2F%2Fread3.w1.flibusta.life%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.255.255.5 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

yandex.ru

Software

Resource Hash

3063147ee89c6141391741d81be50588897535216a1a28b6f1596828d1793adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 09:14:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: public,max-age=300
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame A5D6 38 KB
15 KB 189ms
48ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

1fe7c9b04cd9ebd46cd5a636bd2c2b1d54054f3995db24951c0d0318ec71d70c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 09:14:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14835
x-xss-protection: 0
server: cafe
etag: 2630088915750441828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 13 Jan 2022 09:14:51 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame A5D6
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=i-3fYfzJKYjYx_AP3uCT0A...
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=181303526&crd=&is_vtc=1&random=1747040062
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=181303526&crd=&is_vtc=1&random=1747040062&ipr=y

42 B
108 B

57ms
34ms

Image
image/gif

142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=181303526&crd=&is_vtc=1&random=1747040062&ipr=y

Protocol

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=181303526&crd=&is_vtc=1&random=1747040062&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame A5D6
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=i-3fYcLIKdWvgQe67K2gAw...
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2118189847&crd=&is_vtc=1&random=2178073033
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2118189847&crd=&is_vtc=1&random=2178073033&ipr=y

42 B
108 B

68ms
44ms

Image
image/gif

142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2118189847&crd=&is_vtc=1&random=2178073033&ipr=y

Protocol

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2118189847&crd=&is_vtc=1&random=2178073033&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 134ms
134ms Preflight 213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://read3.w1.flibusta.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
date: Thu, 13 Jan 2022 09:14:50 GMT
access-control-max-age: 1728000
access-control-allow-headers: content-type
access-control-allow-origin: http://read3.w1.flibusta.life
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-encoding: gzip
strict-transport-security: max-age=31536000

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
120 B 236ms
236ms XHR
text/plain 213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read3.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:51 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://read3.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:51 GMT

GET
H2 200 1382009 Show response
an.yandex.ru/meta/ 15 KB
9 KB 378ms
377ms XHR
application/json 213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/1382009?target-ref=http%3A%2F%2Fread3.w1.flibusta.life%2Fb%2F576360&charset=utf-8&pcode-test-ids=455963%2C0%2C70%3B483201%2C0%2C36%3B466938%2C0%2C76%3B484008%2C0%2C59%3B452124%2C0%2C50%3B488677%2C0%2C73%3B488524%2C0%2C9%3B437233%2C0%2C-1&pcode-flags-map=eJyNVttu2zgQ%2FRc9excSde8bJdEWUZnUklQcNwgIJxHaAG4cOEqx26L%2F3qEuG0tO5frBsmid4fDMmTP6YRGGk4LolGcklXqTU0UKKpX14eaH9W23f62tD5YSFbEWVlO%2FNPQB7j0U235s%2FbxdWBmVLT4jS1wVSqucrIkm61JtdVYJrChnF2OFbhtrTTKK9ZJCuIQqwBJdCsoFhVhLnCouRpHsv23zcc6ieW20K15UkEpSKcWZxoyuz5PpDn8WIGwDVIwuuQDUn0A6NtIcsxWQWdD0I1AheLXKdcFXNB3FgLNAJkNqwxlHMV0UItTG7At0VcZ9kebp9Jwwdk6Bb6xCeanK9VoSc6uI0BXL4Bsnmeas2F4I7HuoYxZKA8dL%2BbosCNQoIUATlAoWZc4vshWgyPe7CmEJ5LCVJtelXhYYfkxT1mpbnqlAw34gOEkFyQalzOceuoHj%2FmbPC5uNAjvTqChoo9IVMxRMctKU4bK8kFnseB0bpamuHvrpimaEQwBDc8IHqWRVCdI613H97%2FMoauTGdnAqgl5xJWak6FSAheCbca2uiNhuciLIb2IZ7qTq0iNCTpOAJ4MoHmPDwO%2FEiLMlv9ZrkcLJJE1oYRiGjNpWmT0LCl3XHhqy4Ngo1ggAr0fUNsfXegQzeXcw0LuUwpA5wZzv9T9oWRVFiyqJSAlTpotBKgqf4lsHcsbi9sOOrMEQTYzORkaNe2N9r59gb%2FhG%2FeWvz7v9vj7%2BB7d3j%2Fv93WF3fIDfXw7Hx%2B%2BHp2a3H93YrhPBwu5h99w8fqvTw9MLUHDfHI6w%2BvXwUB%2BfcP8fLDwfXpr6mO6Oh9eXen%2BKe1t6%2Bbo7Nrp53NfW7ftnEirRCWbMVABaR85y%2BQbLE5DL6bMecnz3%2FWff1UkCUtmwcYwbJ4gCFC6QD7PIh0sURc7C9T0nihbIjX3XXHw7DBYo8DzPXSAbObY9POLacRAAPLRjKCHs73nR7aQz7UG7WhLCNE8kEZOjWPXT7m5fj707QHE3Qpb0GuygK78WxLjtLGemgbwBqdeg2JzQVa40U%2FPC9Xy3d%2F2SS%2BPs4GIpmYdEMGI6iHl2cJ7sfbV2Arqqj83jfavEbiE%2FFeefiOx9vb7JWmZj8b1l%2BYkwBBwaj10xjRz9jwtuRErtzh7TRyjurD%2FFMI8l%2BF%2BBP221cRIN7wSreZZCO%2FLDniUCLqpND1BWUHYBh%2BIeJ3Oc8Y0WnCvNSzJv3GEQoy5bRjYaZ0nBYdSC98zbfRigrvopr8CrFNfX%2BbzSojDqp7mxR8VLeENKiZwMvKmpAsrvqqEqAWPJJNlZ8oVxhPpWMiOkH0k5Z2RbGlKYlmsMdttb7ShUypkSvBg7SxC7Ud%2BZMvs47Ugv8mw7GifQrrTvmODJtPOwEei%2B2U9k4%2FT89A0FiUiY3mevBFNgFAX9%2B2NZglCUmR2VKC5g%2FH4zc1wMbd8K08yOebsIkWvU8vMXEBJzxQ%3D%3D&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=WW6VZZuusRcUvDXcXhh1lwCm19NxKYCq%2FKEXLZSbD2vq5jzVoehVbveKMPO9cWZX4kD6iliZAXDaMsXVoysiZG81tLA%3D&imp-id=6&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=375534760493058&ad-session-id=552751642065286314&target-id=79998164&tga-with-creatives=1&top-ancestor=http%3A%2F%2Fread3.w1.flibusta.life&top-ancestor-undetermined=0&pcode-version=51883&pcodever=51883&flash-ver=0&available-width=1600&skip-token=yabs.NzIwNTc2MDU0MzEwODczNzQ%3D&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A0%2C%22top%22%3A7285%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A9%2C%22req_no%22%3A3%7D&grab-orig-len=564&grab=dNCc0LXQvdGP0LnRgdGPINCx0YvRgdGC0YDQtdC1LCDRh9C10Lwg0L3QsNGB0YLRg9C_0LjRgiDQt9Cw0LLRgtGA0LAgKGZiMikgfCDQpNC70LjQsdGD0YHRgtCwCjEg0KTQu9C40LHRg9GB0YLQsCAKMdCc0LXQvdGP0LnRgdGPINCx0YvRgdGC0YDQtdC1LCDRh9C10Lwg0L3QsNGB0YLRg9C_0LjRgiDQt9Cw0LLRgtGA0LAgKGZiMikgCjLQkNC90L3QvtGC0LDRhtC40Y8gCjLQoNC10LrQvtC80LXQvdC00LDRhtC40Lg6IAoyINCf0L7QuNGB0Log0LrQvdC40LMgCjIg0JLRhdC-0LQg0LIg0YHQuNGB0YLQtdC80YMgCjIg0J3QsNCy0LjQs9Cw0YbQuNGPIAoyINCf0L7RgdC70LXQtNC90LjQtSDQutC-0LzQvNC10L3RgtCw0YDQuNC4IAoyINCS0L_QtdGH0LDRgtC70LXQvdC40Y8g0L4g0LrQvdC40LPQsNGFIAoyINCg0Y7QutC30LDRh9C-0LogCg%3D%3D&uniformat=true&callback=Ya%5B8849563940291%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

1328b31ad7c4d5d9cceff8917322e41439874f0dfd4675681921db2165a66ecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read3.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:51 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1642065291034991-465607062438124563900256-production-app-host-vla-pcode-116
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: http://read3.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:51 GMT

GET
H2 200 x300
avatars.mds.yandex.net/get-direct/4694892/ba5fYr-vFEUFbKRGQnQAaw/ 9 KB
10 KB 115ms
114ms Image
image/webp 87.250.247.182
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4694892/ba5fYr-vFEUFbKRGQnQAaw/x300
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.250.247.182 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: avatars.mds.yandex.net
Software: nginx /
Resource Hash: b1723f96fb8bdcccd48fa69cb27d2dcd22bf865a6e1305aeb8ee9b2aa982d7ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 09:14:50 GMT
last-modified: Sun, 14 Feb 2021 13:56:42 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 9658
x-request-id: a8d26d8211d08e29

GET
H/1.1 200
Ok bez-kompleksov.com
favicon.yandex.net/favicon/ 2 KB
2 KB 437ms
436ms Image
image/png 213.180.204.36
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/bez-kompleksov.com?size=32&stub=1

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.180.204.36 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

favicon.yandex.net

Software

Resource Hash

0085d2a72737b67417a31387e91d62897a6f3eba7dfc89283aba02bd9216f28f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 wy300
avatars.mds.yandex.net/get-direct/4384279/4Ir303V9_kFCmB1xdj6Y5Q/ 15 KB
16 KB 257ms
254ms Image
image/webp 87.250.247.182
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4384279/4Ir303V9_kFCmB1xdj6Y5Q/wy300
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.250.247.182 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: avatars.mds.yandex.net
Software: nginx /
Resource Hash: f157e24773ce74cb1b45891570f4e43d5dbe009c177a24dce25ce5986fdb5664

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 09:14:51 GMT
last-modified: Wed, 03 Mar 2021 21:34:27 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 15718
x-request-id: 6c0a92b09243bd2d

GET
H/1.1 200
Ok wowfit.ru
favicon.yandex.net/favicon/ 2 KB
2 KB 150ms
150ms Image
image/png 213.180.204.36
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/wowfit.ru?size=32&stub=1

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.180.204.36 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

favicon.yandex.net

Software

Resource Hash

a9e2c21fea32dc63142707b7904f8a962f77bb77f81fdd6a8bbb700a1f94657b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 x300
avatars.mds.yandex.net/get-direct/4593589/HtFaHTLQF8ts8msXkYkRfA/ 17 KB
17 KB 257ms
247ms Image
image/webp 87.250.247.182
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4593589/HtFaHTLQF8ts8msXkYkRfA/x300
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.250.247.182 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: avatars.mds.yandex.net
Software: nginx /
Resource Hash: d5fc16f4f77ba591931d7f5cf79756ff00428ec79f15bc603308e565ff6d91df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 09:14:51 GMT
last-modified: Tue, 28 Dec 2021 17:51:19 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 17170
x-request-id: d7adfd1449f7581b

GET
H/1.1 200
Ok nataliedate.com
favicon.yandex.net/favicon/ 792 B
1005 B 285ms
134ms Image
image/png 213.180.204.36
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/nataliedate.com?size=32&stub=1

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.180.204.36 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

favicon.yandex.net

Software

Resource Hash

7e13a73480283ea7702a7c762a362c4da09447668a3113c8b90a216095b58785

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 y300
avatars.mds.yandex.net/get-direct/4772989/wnswI-qHFzRlLIuJMt1jQQ/ 17 KB
17 KB 257ms
248ms Image
image/webp 87.250.247.182
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4772989/wnswI-qHFzRlLIuJMt1jQQ/y300
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.250.247.182 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: avatars.mds.yandex.net
Software: nginx /
Resource Hash: a3b77dba56fc2d18a7392de3ef027537296f69e7614a66f3e070de79c12ccc17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 09:14:51 GMT
last-modified: Tue, 07 Dec 2021 12:36:21 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 17402
x-request-id: b3b12b472a39ae73

GET
H/1.1 200
Ok yandex.ru
favicon.yandex.net/favicon/ 756 B
969 B 334ms
119ms Image
image/png 213.180.204.36
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/yandex.ru?size=32&stub=1

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.180.204.36 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

favicon.yandex.net

Software

Resource Hash

dd321da9fbfb2751ef37064414b32f455ae4e64bfdcfc7c89f9681b163dca0fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 y300
avatars.mds.yandex.net/get-direct/363179/7oyxBVRuagpOWq25qHAOWw/ 15 KB
16 KB 256ms
248ms Image
image/webp 87.250.247.182
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/363179/7oyxBVRuagpOWq25qHAOWw/y300
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.250.247.182 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: avatars.mds.yandex.net
Software: nginx /
Resource Hash: 324bcea8ab074b342ea41f5b5acecff155d45ef22a65149a283543035c233cc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 09:14:51 GMT
last-modified: Wed, 01 Aug 2018 13:41:41 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 15864
x-request-id: a0f036bc655b9710

GET
H/1.1 200
Ok xcraft.ru
favicon.yandex.net/favicon/ 531 B
744 B 332ms
118ms Image
image/png 213.180.204.36
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/xcraft.ru?size=32&stub=1

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.180.204.36 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

favicon.yandex.net

Software

Resource Hash

4489654fed8c9c74673842a01b843721f90f284f177ec777830a1896b67594e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 x300
avatars.mds.yandex.net/get-direct/2810180/kHeGNz8Zdf99OwlJ_3V4eA/ 17 KB
17 KB 255ms
248ms Image
image/webp 87.250.247.182
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/2810180/kHeGNz8Zdf99OwlJ_3V4eA/x300
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.250.247.182 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: avatars.mds.yandex.net
Software: nginx /
Resource Hash: 34a2a7c887b10484d4e38a459c88f96d96ddbae0423cd433d46be2e7e5618555

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 09:14:51 GMT
last-modified: Fri, 05 Feb 2021 18:50:42 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 17252
x-request-id: 8db65989601554b7

GET
H/1.1 200
Ok skillsupschool.ru
favicon.yandex.net/favicon/ 947 B
1 KB 333ms
118ms Image
image/png 213.180.204.36
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/skillsupschool.ru?size=32&stub=1

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.180.204.36 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

favicon.yandex.net

Software

Resource Hash

11c35db6374560a24a72bea90c406077550000358188b92d685be86170465854

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 y300
avatars.mds.yandex.net/get-direct/4081043/Qqp8CH5fZNLcaO5mOoKcug/ 12 KB
12 KB 249ms
142ms Image
image/webp 87.250.247.182
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4081043/Qqp8CH5fZNLcaO5mOoKcug/y300
Requested by: Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.250.247.182 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: avatars.mds.yandex.net
Software: nginx /
Resource Hash: 9d2520c1fc815925584f9c02e6d05304e4ee26d575aca41c95c95d23ef08ccbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 09:14:51 GMT
last-modified: Mon, 21 Jun 2021 13:42:43 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 12118
x-request-id: bf4eaec183da06b0

GET
H/1.1 200
Ok vchate.com
favicon.yandex.net/favicon/ 753 B
966 B 249ms
114ms Image
image/png 213.180.204.36
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/vchate.com?size=32&stub=1

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.180.204.36 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

favicon.yandex.net

Software

Resource Hash

d873222307a7ffd443127be78ccc18ec73ddeb06ea6b12600b2ca31f5bd4ce99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 1QEKHK1C0Ou100000000U9nJR9_RVFJefqqLXg-F2Qn_lEVrNylsj_SJ6O304oOIgdhwS5nifPWeGoeZK3ppzJ69rI3nKX2lDWL8j3A2oAb0lWB3JCPdp0nWi91H3CfQoMZ3267jPVGxni1m5Co_oWWIlCl88CF0y9Tn5XC3mrmcaCXPflz0y8f9G97zSzfhe7A1B... Show response
an.yandex.ru/rtbcount/ 43 B
91 B 141ms
140ms XHR
image/gif 213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/rtbcount/1QEKHK1C0Ou100000000U9nJR9_RVFJefqqLXg-F2Qn_lEVrNylsj_SJ6O304oOIgdhwS5nifPWeGoeZK3ppzJ69rI3nKX2lDWL8j3A2oAb0lWB3JCPdp0nWi91H3CfQoMZ3267jPVGxni1m5Co_oWWIlCl88CF0y9Tn5XC3mrmcaCXPflz0y8f9G97zSzfhe7A1B3svugki37-PM42MCRC2oLvcHP2Lp20DSvcPG9O0IGMm9HkPLsq9cBNXo6hsaynjQpDLdbwOv7WLhF8kcFp9xE343t4Yo_B-ZM3M2fPdx3jOc0-mCDvaWJZrW_r3bbapGU2c_LiMa8CNiFAUP6LGO0TBtsHjczdujI1fNSbNLf1xPx1TEHoyWEt9yyxk7L_MFiXRoGRJV83DumGRyoCsNfyqIolJV6F3t12FSFENR31hVi9P043HVJK0?confirmTime=2100000&confirmRatio=1000000&test-tag=375534760493058&format-type=94&actual-format=3&rnd=5104784697279&pcode-active-testids=488677%2C0%2C73&banner-sizes=eyI3MjA1NzYwNTI2ODc1MzcyMiI6IjI2OHgyODgiLCI3MjA1NzYwNTU5MDQwODY3NCI6IjI2OHgyODgifQ%3D%3D&width=270&height=613

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read3.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:51 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://read3.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:51 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 101ms
101ms Preflight 213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://read3.w1.flibusta.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
date: Thu, 13 Jan 2022 09:14:51 GMT
access-control-max-age: 1728000
access-control-allow-headers: content-type
access-control-allow-origin: http://read3.w1.flibusta.life
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-encoding: gzip
strict-transport-security: max-age=31536000

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 168ms
168ms XHR
text/plain 213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read3.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:51 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://read3.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:51 GMT

GET
H2 200 WR0ejI_zOFS0DGq091S00000kZQzHGK0zm4nY-tVOG00000uyjce0M2C66W4W06WxEu1Y062aOa8a070mFkqnO20W0AO0S30-xH5i06Ie8gc2BW1eg_3pn_O0Qw6cHxW0URZ_GkW0iwph1Nu0eA0W830iLNe19mRY0Nf0P05cWEm1KQu1Nl01Te2o0Leu0Lse0R80...
an.yandex.ru/tracking/ Frame A5D6 0
49 B 128ms
128ms Image
text/plain 213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/tracking/WR0ejI_zOFS0DGq091S00000kZQzHGK0zm4nY-tVOG00000uyjce0M2C66W4W06WxEu1Y062aOa8a070mFkqnO20W0AO0S30-xH5i06Ie8gc2BW1eg_3pn_O0Qw6cHxW0URZ_GkW0iwph1Nu0eA0W830iLNe19mRY0Nf0P05cWEm1KQu1Nl01Te2o0Leu0Lse0R80QW6o0791edDWttp89o7gGUEpMHsfRth_RW7a3BG1mJW1wGFmf21Y0iCgWiGMVas98xD001Mt5uUSzK50F0B1eRRfgFIdBJ9GQ0Em8Gzg0-EcyFdrxJlzVq1W13-dkeJcX0R2G004StCpCpCpFG_6SWGa2IX4O0K8AWKcWF0583XwnVeiCpt1U0K0TWLmOhsxAEFlFnZs1QOlhg3lwFuyfK1WHS00F0_c1UxkBmEq1WX-1Y06O8S3MisGJffRav5RLH8LpVf780TVw4TS7h_5_gah3-e7G7G7ekOhUUCt_2hMjWUhOKVe1-QZ_yN3m0F8rZ08i6bj4rL3GX863_pRvTvG3mEKceIPE5LntVAoI1CyXYVycO7b4O-KdWNMGe0~1?action-id=11

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:51 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:51 GMT

GET
H2 200 WJCejI_zO8i0JGa050zUmyibbdCfBmK0Ym4GW8200J67xTzX000003ZosQW1Y081kG9I_SygKEWo4_02s_BiZmB0iLNm1G6W1iW1oGQ7dOF5nVAoUAa7wyOOg-Eyw_s02W682WqX1_DcwyO0011gBXvprORRfgFIdBJ9GQWFwut3-BgSx_Nz0P0GcBwwWx-Z-FAL0...
an.yandex.ru/count/ 43 B
80 B 155ms
154ms Image
image/gif 213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/count/WJCejI_zO8i0JGa050zUmyibbdCfBmK0Ym4GW8200J67xTzX000003ZosQW1Y081kG9I_SygKEWo4_02s_BiZmB0iLNm1G6W1iW1oGQ7dOF5nVAoUAa7wyOOg-Eyw_s02W682WqX1_DcwyO0011gBXvprORRfgFIdBJ9GQWFwut3-BgSx_Nz0P0GcBwwWx-Z-FAL0P6jzxqpu1G1s1N1YlRieu-y_6FmoHRmFu4Ng1SDcHZG627u680Pk1d___y1m1c6iuQiZywOrtJI6H9vOM9pNtDbSdPbSYzoDZ4mBJ7e6Ou2y1c0mWE270rCPZawDMypCMrKI5StwHo07Vz_4G1GPFnh43Yy1WO5TrKqJA9R204b1kQorIBdyCyzAhF1eFp_1CC0JkqSTHyuYYByiTqWOe1G~1=WgCejI_zO2u2pHG0D2CedZWUBWEdkVhvai7Yy0600P6qvE-AcjsWl0680QYRllD_a07qjCRMqu20W0AO0VIqnjPJe06SiwW1dBF6rbEu0ShSo8qZs072mVAQ0U01bfMlcG7e0Pe3e0AE-eK1c0F0X3sm0xy4Y0MQyoQG1PYmAB05-Q4Ak0NveGh01Ow_CiW5bUiCq0N9ZGJW1J2e1iW1i0U0W90qk0U01V470028X_r2W0e1mGgqIvNvJn3gFydu2e2r6DaBwyOOg-Eyw_te2vhp9fi6c0sTyIu_e0x0X3s04E7UuHt0i9220T0Gvu-lNw4Hu16ddyO5w16wu_ZtdytDZnymZq0mu9o8g0Z2FvWJ0k0J-Q4AY1I-fxsO-jRBx7QW5FcX2gWKcB0ei1JhWJ2u583J3WBG5D_TrXxO59knvOe6w1IC0j0Lcx7bYWRO5S6AzkoZZxpyOw0MaDJ_ZWQm5h83oHRG5iwVthu1s1QOlhg3lwFuyfK1WHUO5vUrj2ou5m705xKIq1VGXWFO5utsE-WN0PaOe1W7i1YUi_-E1hWO4FWOv8Yr-RVQrwzKW1c96G0We1d00RWP____0U0P0UWPZWBm6O320u4Q__-xN6dfv7k86i24FPWQrCDJk1e3zHe10000c1kTyIwm6qYu6mFf6yu2ktX8Iv91y1lszFIF0VWRqPdaCUaSW1t_VvaTu1t1qiy6g1u1q1wWujhrgVYNW5_O7lhQ7eWV____0Q0VuTxX7R0V0SWVuQ2vJHy0FpK63iaYPemgZnoBCY3iZYmVok0eaWCbDv26x6kBMdInWRZ2D0CicLZ1nq5y5q8MmAiGV15GWM0HX6NpnKnXFrRPU2IzR-bvu3fYO6wniHLA-EGoM4hd3wqmdP_Kp32O8Oe0~1=WgKejI_zO2i2tHG0P2FdWk5bAmE8wvlJuP27huy1W07yXx7x0OW1qugNquG1a074zwQ9re20W0AO0SJtfebMe06ug06uk07opQ7E8zW1dD75eG7W0URWbY3e0Ou3e0B8wyKOc0F0X3sW0mIm0wK8Y0NdtnAG1S-O5R05hfq7k0MkdGV01P7V5CW5u8a7q0NjamBW1J2e1iW1i0U0W90qk0U01P0DyGS00CBazQ8CW0e1mGgKaih3ARRlFydP2-l66AlZlElzw0ldtnAR1fWDdV4ki3wW3i24FO0GpgQB8S2o4A4Hu16ddyO5w16wu_ZtdytDZnymZq0n4PQ3lrwyFvWJ0k0Jhfq7Y1I-fxsO-jRBx7QW5AwT1wWKpvWLi1IcqSq9k1J0dwi3m1I0eFZwoi3PQzWKuDArZWRe58m2q1NWqhME1jWLmOhsxAEFlFnZe1QGrF-E1h0MiWF95j0MuiRUlW7O5fY-keE_e_ZobG615vWNqO_bARWN0S0NjHBG5z260zWNdVO-w1S1cHYW61Mm68F1_uu6k1W2-1ZaYBNvjzhNhrI06OaP022W6S01k1d___y1u1a1w1cE0l0PWC83WHh__sD0qrjs3eWQm8Gza1g0W820X828G9WQrCDJk1e3zHe10000c1kTyIwm6qYu6mFf6wIFFmQUUsH1y1kJj84F-1lT-Q05wHm00F0_W1t_VvaTu1tczly2g1u1q1x1aUQWXw3tZclO7llQ7eWV____0Q0VpgQB8R0V0iWVpkZYK200FnrZPYIl8Ki3rYYK0KrtPFbG1aUH72Yv5XgYpqDXOzyQY4jB6MmfiRF7GMXNiYnzLo788g060YyG4YFuCwNoMCM2B4RF1SyHWs2B3Q8mmYSNlr8w0-HFJGoiSqsYWsq23W00~1?stat-id=1&test-tag=375535007988257&banner-sizes=eyI3MjA1NzYwNTI2ODc1MzcyMiI6IjI2OHgyODgiLCI3MjA1NzYwNTU5MDQwODY3NCI6IjI2OHgyODgifQ%3D%3D&format-type=94&actual-format=3&pcodever=51883&banner-test-tags=eyI3MjA1NzYwNTI2ODc1MzcyMiI6IjU3MzYxIiwiNzIwNTc2MDU1OTA0MDg2NzQiOiI1NzM2MiJ9&pcode-active-testids=488677%2C0%2C73&width=270&height=613&confirmTime=2106000&confirmRatio=1000000&wmode=0

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:51 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:51 GMT

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/protected/ Frame 7A6F 24 KB
7 KB 110ms
110ms Document
text/html 178.154.131.216
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/protected/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.216 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=43200000; includeSubDomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/

Response headers

server: nginx/1.17.9
date: Thu, 13 Jan 2022 09:14:51 GMT
content-type: text/html
content-length: 6262
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
content-security-policy: default-src 'none'; media-src storage.mds.yandex.net storage.mdst.yandex.net; img-src 'self' yandex.ru yandex.ua yandex.by yandex.kz yandex.com yandex.com.tr *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net mc.yandex.ru an.yandex.ru data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' yandex.ru yandex.ua yandex.by yandex.kz yandex.com yandex.com.tr *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net an.yandex.ru mc.yandex.ru yastatic.net; child-src 'none'; frame-src https://yandex.ru https://an.yandex.ru; connect-src storage.mds.yandex.net storage.mdst.yandex.net mc.yandex.ru yandex.ru; style-src 'unsafe-inline' 'self' *.yandex.ru *.yandex.kz *.yandex.ua mc.yandex.ru storage.mds.yandex.net storage.mdst.yandex.net; font-src 'self' *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net data:;
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Sat, 13 Jan 2052 15:47:47 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes

GET
H2

200

1 Show response
mc.yandex.com/watch/3/ Frame A5D6
Redirect Chain

https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=http%3A%2F%2Fread3.w1.flibusta.life%2F&charset=utf-8&browser-info...
https://mc.yandex.com/watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=http%3A%2F%2Fread3.w1.flibusta.life%2F&charset=utf-8&browser-in...

167 B
249 B

107ms
107ms

XHR
application/json

87.250.251.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=http%3A%2F%2Fread3.w1.flibusta.life%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A747780789215%3Ahid%3A663681943%3Az%3A0%3Ai%3A20220113091451%3Aet%3A1642065291%3Ac%3A1%3Arn%3A3998710%3Arqn%3A1%3Au%3A164206529167094089%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1642065287801%3Ads%3A0%2C870%2C448%2C1%2C0%2C0%2C%2C24%2C0%2C1348%2C1348%2C0%2C1348%3Adsn%3A0%2C870%2C448%2C1%2C0%2C0%2C%2C28%2C0%2C1348%2C1348%2C0%2C1348%3Aco%3A0%3Ast%3A1642065291&t=gdpr%28%29aw%281%29ti%282%29

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360

Protocol

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

dda53878f875dc7a487e0c2adc15f09e563ca876670ba0c24e1d4805d64fd6d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
x-content-type-options: nosniff
last-modified: Thu, 13-Jan-2022 09:14:51 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Thu, 13-Jan-2022 09:14:51 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
last-modified: Thu, 13-Jan-2022 09:14:51 GMT
location: /watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=http%3A%2F%2Fread3.w1.flibusta.life%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A747780789215%3Ahid%3A663681943%3Az%3A0%3Ai%3A20220113091451%3Aet%3A1642065291%3Ac%3A1%3Arn%3A3998710%3Arqn%3A1%3Au%3A164206529167094089%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1642065287801%3Ads%3A0%2C870%2C448%2C1%2C0%2C0%2C%2C24%2C0%2C1348%2C1348%2C0%2C1348%3Adsn%3A0%2C870%2C448%2C1%2C0%2C0%2C%2C28%2C0%2C1348%2C1348%2C0%2C1348%3Aco%3A0%3Ast%3A1642065291&t=gdpr%28%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 13-Jan-2022 09:14:51 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame A5D6 43 B
165 B 64ms
63ms Image
image/gif 87.250.251.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 09:14:51 GMT
last-modified: Tue, 11 Jan 2022 14:50:01 GMT
etag: "61dd6ee9-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 13 Jan 2022 10:14:51 GMT

GET
H2 200 WLeejI_zOBO0XGe0D14bOn0dLX7yd0K0jW4GW8200J67xTzX000003ZosQW1i06Objsi28W21Ra2KltFAb3eCXFm0hxmaDS8mB5Ly0K1e0R80Sa6Xuqfj_1PHXUf1-l6p2B9lElze0Nu2R04W0e82geB4AQlqzVhnW00cCSd7dFLy0i6W0oObjsi29WEXjkcezASj... Show response
an.yandex.ru/count/ 0
51 B 136ms
136ms XHR
text/plain 213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/count/WLeejI_zOBO0XGe0D14bOn0dLX7yd0K0jW4GW8200J67xTzX000003ZosQW1i06Objsi28W21Ra2KltFAb3eCXFm0hxmaDS8mB5Ly0K1e0R80Sa6Xuqfj_1PHXUf1-l6p2B9lElze0Nu2R04W0e82geB4AQlqzVhnW00cCSd7dFLy0i6W0oObjsi29WEXjkcezASjCb1kGxwAC4EP12e3-kDiyAIcU_r_G6G49Y-keE_e_ZobG6HhVUzC-0K0TWLmOhsxAEFlFnZyCaMy3-15wWN3PaOq1WX-1Y06RWP____0S0PXhE6h8_EcDTqqXaIUM5YSrzpPN9sPN8lSZOnC2qnw1d03F0PWC83WXmDJ6OvEcPfHNfiL4XND-aSW1t_VnC0K6JyQn3elWO61NTLD4oYMuIOOM0kMuLp3ly7f3BB4EMZPMHUnAXMvA6xjNE2hQuuI5FuWsTzn03t~1=WfuejI_zO1q2fHG0b2Cm99bp7GD034W2O8mOQ0HmpBli_UYbvBhi0O01qzsP18W1Yupi3P01dCIkyTI0W802c06SnAxnLB01c9RTh0Yu0Q3rlguZs07-tDUV0U01lhlkdeYDthu1e0A4sOiPi0EM6_W4lWE81Ru3a0Nz1g05XW6e1OO1i0M60RW5Z0B01TW6o0M10j05BU05TgW6o06m1u20a3Iu1v0of0_n1m00mf211k08mkp5380A2CaAq3uOVReyy3_P2-l6p2B9lElzw0lz1e0Cc9RTh0Y83CgNthu1w0oR1fWDglWzFw0Em8GzkGxwAC4EP1204EBRtn-Gn23G4EMBhr-X4U0Hpf_61UWHfBkCWjhakJrUAE6v-8zFFvWJ0k0JZ0A0522858Rqvv2f-C-1pm6W58m2g1Jz1j3RZuq6w1IC0j0LqDkFZGRO5S6AzkoZZxpyOw0MaDJ_ZWQe5kW7i1Re1SaMq1RAbzw-0TWMcBwwWx-Z-FAL0O4Nc1UXmTGjk1S4m1Us4j0Nq8O3s1VVtJxe5m6P6A0O3B0OWy7_ZWQu607u6EI8jVctsjUlL80PYHa08A0Pm06u6V___m7W6G7e6S0Cy1c0mWE16l__IpC46MByY1h0X3sO6jJ3K_KQ0G000FWQglWzc1kOlJYm6qYu6mFf6wEh5eT7Iu91y1k0oVOy-1l4glq7wHo07Vz_cHsX7R5-eMZV3gm_g1q1u1sXmWMe7W7O7gs57uWV____0Q0VlwoK8B0V1iWVl-xhJnm0G3KS3Y4ZPfGiZvo1Cc3iZYp0bC5H90TABck6qARqCmbSmmDX-kplSRpUXP05y2g4BmA25anope5xtpzOogho_f7dWiE8GMpi8OeHV7APAgNpJxqpXtW6~1?viewability-undetermined=0

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read3.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:51 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://read3.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:51 GMT

GET
H2 200 WPOejI_zODe0PGm0j1K00000dxwbbmK0sW4nX-tVOG00000uyjce0M2C66W4W07JtPa4Y06BZEmDa06SnAxnr820W0AO0Pp4hl5Ki06Objsi2BW1eFM-hYFO0VxSrvy1u06-k-wU0Q02XDcB6S2nLUW4bXk81Ru3a0Nz1h05XW6u1Om2m0NO1iW5WGBW1NQW1iW1g...
an.yandex.ru/tracking/ 0
49 B 208ms
208ms Image
text/plain 213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:51 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:51 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9517.s0w3fGjRT6Tp0b_VicLHm8ql5WcfMhbih07iBcySKm0ckwuvVx7Bv-2B25aisXGm.3X5OgxJ5vk_mjMGwzeemZEEpUwE%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9517.q8e0I5eX_8WrUcrlCr3FpKLF2TfMmtgmwMbPnw4R0OOFR3TS1fLdqxns-Y57C72eeSr4pkCY4sWYguFvgD97wJSm0Tfo7p42lUg44FrvnAk%2C.lYE6L2hPCvOCojTfNaNDHuF3VqA%2C

43 B
577 B

99ms
98ms

Image
image/gif

87.250.251.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9517.q8e0I5eX_8WrUcrlCr3FpKLF2TfMmtgmwMbPnw4R0OOFR3TS1fLdqxns-Y57C72eeSr4pkCY4sWYguFvgD97wJSm0Tfo7p42lUg44FrvnAk%2C.lYE6L2hPCvOCojTfNaNDHuF3VqA%2C

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360

Protocol

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 09:14:51 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9517.q8e0I5eX_8WrUcrlCr3FpKLF2TfMmtgmwMbPnw4R0OOFR3TS1fLdqxns-Y57C72eeSr4pkCY4sWYguFvgD97wJSm0Tfo7p42lUg44FrvnAk%2C.lYE6L2hPCvOCojTfNaNDHuF3VqA%2C
date: Thu, 13 Jan 2022 09:14:51 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 image.jpg
storage.mds.yandex.net/get-canvas-html5/3006599/b1189bf4-332b-4d3c-90d8-737abeeff1a2/ Frame 7A6F 74 KB
75 KB 234ms
234ms Image
image/jpeg 213.180.204.158
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.mds.yandex.net/get-canvas-html5/3006599/b1189bf4-332b-4d3c-90d8-737abeeff1a2/image.jpg
Requested by: Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/1-1-0/protected/render.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.180.204.158 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: storage.mds.yandex.net
Software: nginx /
Resource Hash: 81211473e99fae78ef02d3eeade1cccf9c85a248d4af1502613ffce4a244dbcb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 09:14:51 GMT
last-modified: Wed, 24 Jun 2020 09:07:52 GMT
server: nginx
etag: "3df0ecfa53d47298f4ade33dddab051a"
x-cache-status: hit
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-data-size: 76146
x-mds-request-id: da073c55cceeeaee
x-robots-tag: noindex, noarchive, nofollow
content-length: 76146

GET
H2 200 37412095 Show response
mc.yandex.com/watch/ Frame A5D6 350 B
385 B 106ms
104ms XHR
application/json 87.250.251.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=http%3A%2F%2Fread3.w1.flibusta.life%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%22%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A2%3Adp%3A1%3Als%3A1375520332908%3Ahid%3A663681943%3Az%3A0%3Ai%3A20220113091451%3Aet%3A1642065292%3Ac%3A1%3Arn%3A17444989%3Arqn%3A1%3Au%3A164206529167094089%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1642065287801%3Ads%3A0%2C870%2C448%2C1%2C0%2C0%2C%2C24%2C0%2C1348%2C1348%2C0%2C1348%3Adsn%3A0%2C870%2C448%2C1%2C0%2C0%2C%2C28%2C0%2C1348%2C1348%2C0%2C1348%3Aco%3A0%3Arqnl%3A1%3Ast%3A1642065292%3At%3A&t=gdpr(6)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

d5251556cfa57c86775d0d5432d47e587bd4d752f48e471d14cde340ea3704fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
x-content-type-options: nosniff
last-modified: Thu, 13-Jan-2022 09:14:51 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Thu, 13-Jan-2022 09:14:51 GMT

GET
H2 200 1382009 Show response
mc.yandex.com/watch/ 295 B
539 B 71ms
71ms XHR
application/json 87.250.251.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1382009?wmode=7&page-url=http%3A%2F%2Fread3.w1.flibusta.life%2Fb%2F576360&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A1473539978612%3Ahid%3A718217911%3Az%3A0%3Ai%3A20220113091451%3Aet%3A1642065291%3Ac%3A1%3Arn%3A12256039%3Au%3A1642065291126082140%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1642065285294%3Aco%3A0%3Arqnl%3A1%3Ast%3A1642065292%3At%3A%D0%9C%D0%B5%D0%BD%D1%8F%D0%B9%D1%81%D1%8F%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D0%B5%D0%B5%2C%20%D1%87%D0%B5%D0%BC%20%D0%BD%D0%B0%D1%81%D1%82%D1%83%D0%BF%D0%B8%D1%82%20%D0%B7%D0%B0%D0%B2%D1%82%D1%80%D0%B0%20(fb2)%20%7C%20%D0%A4%D0%BB%D0%B8%D0%B1%D1%83%D1%81%D1%82%D0%B0&t=gdpr(14)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

2ca7af92a8e66848708d4416112fb4cc015d86c78c8beaee4b654b4969293677

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
x-content-type-options: nosniff
last-modified: Thu, 13-Jan-2022 09:14:51 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://read3.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 295
x-xss-protection: 1; mode=block
expires: Thu, 13-Jan-2022 09:14:51 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/1382009/ 43 B
73 B 56ms
56ms XHR
image/gif 87.250.251.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1382009/1?page-url=http%3A%2F%2Fread3.w1.flibusta.life%2Fb%2F576360&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afp%3A837%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A1%3Als%3A1473539978612%3Ahid%3A718217911%3Az%3A0%3Ai%3A20220113091451%3Aet%3A1642065292%3Ac%3A1%3Arn%3A60848271%3Arqn%3A1%3Au%3A1642065291126082140%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Aeu%3A1%3Ans%3A1642065285294%3Ads%3A12%2C69%2C296%2C1%2C0%2C0%2C%2C454%2C66%2C6373%2C6373%2C0%2C834%3Adsn%3A12%2C69%2C296%2C1%2C0%2C0%2C%2C455%2C66%2C6373%2C6373%2C1%2C834%3Aco%3A0%3Arqnl%3A1%3Ast%3A1642065292&t=gdpr(14)aw(1)lt(6600)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read3.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
last-modified: Thu, 13-Jan-2022 09:14:51 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://read3.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 13-Jan-2022 09:14:51 GMT

GET
H2 200 1382009 Show response
mc.yandex.com/watch/ 43 B
73 B 64ms
64ms XHR
image/gif 87.250.251.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1382009?page-url=http%3A%2F%2Fread3.w1.flibusta.life%2Fb%2F576360&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A1%3Als%3A1473539978612%3Ahid%3A718217911%3Az%3A0%3Ai%3A20220113091451%3Aet%3A1642065292%3Ac%3A1%3Arn%3A27991277%3Arqn%3A2%3Au%3A1642065291126082140%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Aeu%3A1%3Ans%3A1642065285294%3Aco%3A0%3Arqnl%3A1%3Ast%3A1642065292%3At%3A%D0%9C%D0%B5%D0%BD%D1%8F%D0%B9%D1%81%D1%8F%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D0%B5%D0%B5%2C%20%D1%87%D0%B5%D0%BC%20%D0%BD%D0%B0%D1%81%D1%82%D1%83%D0%BF%D0%B8%D1%82%20%D0%B7%D0%B0%D0%B2%D1%82%D1%80%D0%B0%20(fb2)%20%7C%20%D0%A4%D0%BB%D0%B8%D0%B1%D1%83%D1%81%D1%82%D0%B0&t=gdpr(14)aw(1)lt(6600)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://read3.w1.flibusta.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
last-modified: Thu, 13-Jan-2022 09:14:51 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://read3.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 13-Jan-2022 09:14:51 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame A5D6 3 KB
1 KB 44ms
43ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1642065291728&cv=9&fst=1642065291728&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fread3.w1.flibusta.life%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

c58d53d6f5f87e8640337788f6230e7a0f69f7caa7353ba5b9dd72c37cd9cebf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1121
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame A5D6 3 KB
1 KB 42ms
42ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1642065291732&cv=9&fst=1642065291732&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fread3.w1.flibusta.life%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

3cebbba76fc4342d8366e0b5a254fa2efe1e837b7fa17b01418c2d15f5379928

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1123
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame A5D6 3 KB
1 KB 40ms
39ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1642065291735&cv=9&fst=1642065291735&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fread3.w1.flibusta.life%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

23a1f770d49784148ba3e2bda29ee608ca92abc8c8a3f13af2101a62c3dee4f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1122
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame A5D6 3 KB
1 KB 38ms
37ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1642065291736&cv=9&fst=1642065291736&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fread3.w1.flibusta.life%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

4f3834503d10dfeca246e250cc83ca997813b6249e1fab1191dacf5225d679f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1123
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame A5D6 42 B
108 B 31ms
30ms Image
image/gif 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1642065291736&cv=9&fst=1642064400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fread3.w1.flibusta.life%2F&async=1&fmt=3&is_vtc=1&random=3535770382&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame A5D6 42 B
108 B 78ms
33ms Image
image/gif 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1642065291736&cv=9&fst=1642064400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fread3.w1.flibusta.life%2F&async=1&fmt=3&is_vtc=1&random=3535770382&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame A5D6 42 B
108 B 30ms
28ms Image
image/gif 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1642065291735&cv=9&fst=1642064400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fread3.w1.flibusta.life%2F&async=1&fmt=3&is_vtc=1&random=126738296&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame A5D6 42 B
108 B 77ms
34ms Image
image/gif 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1642065291735&cv=9&fst=1642064400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fread3.w1.flibusta.life%2F&async=1&fmt=3&is_vtc=1&random=126738296&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame A5D6 42 B
108 B 31ms
28ms Image
image/gif 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1642065291732&cv=9&fst=1642064400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fread3.w1.flibusta.life%2F&async=1&fmt=3&is_vtc=1&random=2979470298&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame A5D6 42 B
548 B 54ms
33ms Image
image/gif 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1642065291732&cv=9&fst=1642064400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fread3.w1.flibusta.life%2F&async=1&fmt=3&is_vtc=1&random=2979470298&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame A5D6 42 B
108 B 33ms
33ms Image
image/gif 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1642065291728&cv=9&fst=1642064400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fread3.w1.flibusta.life%2F&async=1&fmt=3&is_vtc=1&random=28669596&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame A5D6 42 B
108 B 34ms
33ms Image
image/gif 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1642065291728&cv=9&fst=1642064400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fread3.w1.flibusta.life%2F&async=1&fmt=3&is_vtc=1&random=28669596&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1KEPBIPy0R4100000000U9nJRE_LtFuXqatSyFKn7usJUrx_jMn_Up-H0GWyOIAXwWB9gh6LOg8CgOn0ySpNnyueWSHBMO6ysXGWqSe88gS2PHKOPZBAWRKpC2na_AK1OQraJ160iFOoFZp9mt0KpB_A23BkBYE330F3NyQUfQUTvZ8n0KMMCWK09TOoIG39iqp_W... Show response
an.yandex.ru/rtbcount/ 43 B
154 B 123ms
121ms XHR
image/gif 213.180.193.90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/rtbcount/1KEPBIPy0R4100000000U9nJRE_LtFuXqatSyFKn7usJUrx_jMn_Up-H0GWyOIAXwWB9gh6LOg8CgOn0ySpNnyueWSHBMO6ysXGWqSe88gS2PHKOPZBAWRKpC2na_AK1OQraJ160iFOoFZp9mt0KpB_A23BkBYE330F3NyQUfQUTvZ8n0KMMCWK09TOoIG39iqp_WU0Lay2ozPUllpx6m33ZkBfSyLLMXhzCB22BcK5kw6LM15dFp04avpA3Z5W991KOGFoDpAks1CpQS6Gr-qdcjhMPAaylJ7AyoWos64m-PRR__elp9xE34p_4qIpd-ZU2MJjOc0-mCDvaWJZyW_r3bbapGU2c_LiMaFCNiFAUP6LGO0TBNs1LkCdQDhFnQq7IkfAlh217_sBbD3GpDp4nCZAsR63R_-wr_mosAuU35x0zUTxPlUFBsWTvAzbW9XvWypZ1nlo8ZTSdpT8gBTErAYV48zpy9HlCxfzidRCrNpHk_sWF0FAEZX40?confirmTime=2101000&confirmRatio=1000000&test-tag=375534760493058&rnd=9567492854979&pcode-active-testids=488677%2C0%2C73&width=1600&height=280&media-test-tag=11458839395

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://read3.w1.flibusta.life/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:52 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:52 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://read3.w1.flibusta.life
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:52 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: read3.w1.flibusta.life
URL: http://read3.w1.flibusta.life/b/576360

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 09:14:52 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 09:14:52 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 13 Jan 2022 09:14:52 GMT

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

57 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 00:16:23	Name: pcssspb Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 00:09:11	Name: afpix Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 00:09:11	Name: pcs3 Value: 1
.yandex.ru/	1970-01-20 17:38:57	Name: i Value: NyTcrcb1iJZJsG50yxvU95TyfylbhbRZPjYoExUZH6WIC1aHT1d5IMwpy9MVQNZ7yhQ4E5byoLsW46cNYwuzI00icfg=
.an.yandex.ru/	1970-01-20 00:17:50	Name: yabs-vdrf Value: A0
.yadro.ru/	1970-01-20 08:52:37	Name: FTID Value: 1Xt-sJ0mH9uE1Xt-sJ001BpS
.yadro.ru/	1970-01-20 08:52:37	Name: VID Value: 0x2NPx3eJoOE1Xt-sK001CIC
.weborama.fr/	1970-01-20 09:39:26	Name: AFFICHE_W Value: vAzzhcNwmTK820
.1dmp.io/	1970-01-20 08:53:21	Name: uid Value: 425c4900-7451-11ec-8677-901b0e934d81
.aidata.io/	1970-01-20 17:38:57	Name: __upin Value: iT6bF45JZwy8/LiTZMnP7Q
.aidata.io/	1970-01-20 17:38:57	Name: __upints Value: 1642065289
x01.aidata.io/	1970-01-20 00:17:50	Name: yaya Value: 1
.sonar.semantiqo.com/	1970-01-21 20:46:09	Name: semantiqo_a Value: b139c3190fda4d2091279710bef8b0cc
.sonar.semantiqo.com/	1970-01-20 09:03:26	Name: check Value: 57456ebb0b05410fb0f1d2b5f5d12157
.1dmp.io/	1970-01-20 00:07:45	Name: ru-seq Value: null
.yandex.ru/	1970-01-20 17:38:57	Name: is_gdpr Value: 1
.yandex.ru/	1970-01-20 17:38:57	Name: is_gdpr_b Value: CKm1JBCUXBgB
.tns-counter.ru/	1970-01-20 08:53:21	Name: guid Value: DFB7703561DFED8AX1642065290
.dmg.digitaltarget.ru/	1970-01-21 02:02:57	Name: viuserid Value: ay8TJjiP7ewSbsF7ZWZO
.rutarget.ru/	1970-01-20 04:26:57	Name: userId Value: fn1zmppDHrDB
.caltat.com/	1970-01-21 20:46:09	Name: caltat Value: d4b8dd3adeb24dc18ae9541ce720960b
.yandex.ru/	1970-01-23 15:43:45	Name: yuidss Value: 515410271642065290
.yandex.ru/	1970-01-23 15:43:45	Name: yandexuid Value: 515410271642065290
.magnitent.com/	1970-01-21 20:46:09	Name: sonar Value: b139c3190fda4d2091279710bef8b0cc
.magnitent.com/	1970-01-21 20:46:09	Name: ct Value: d4b8dd3adeb24dc18ae9541ce720960b
.magnitent.com/	1970-01-21 20:46:09	Name: spid Value: F03D07D68CC7E718
.magnitent.com/	1970-01-20 00:52:23	Name: 3db Value: F03D07D68CC7E718
.acint.net/	1970-01-20 00:07:45	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-25 20:05:16	Name: aid Value: fwAAAWHf7YuvLwCaGf1MApSjQX98phl0vfunYMV+ZlU9LrGd
.upravel.com/	1970-01-20 00:07:45	Name: session_tptc Value: 1642065291316
.adx.opera.com/	1970-01-20 00:50:57	Name: UID Value: d1458bbef6e14bd39e314e9d5a27ed5c
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2321612471642065291
.uuidksinc.net/	1970-01-20 08:53:21	Name: jcsuuid Value: oFdBAwilrq58U9lV6Jlu
.acint.net/	1970-01-20 00:50:57	Name: cSyncDp14v3 Value: 1642065291
.mc.yandex.com/	1970-01-20 00:07:45	Name: sync_cookie_csrf Value: 1916993883fake
.whiteboxdigital.ru/	1970-01-20 17:38:24	Name: MiId Value: dd6aea32-a4db-4c65-b739-aed007e0e53b
.mts.ru/	1970-01-20 08:40:23	Name: dspid Value: 532df3c3-8122-4eef-8d40-481a400736c7
.mc.yandex.ru/	1970-01-20 00:07:45	Name: sync_cookie_csrf Value: 3458229691fake
.upravel.com/	1970-01-23 15:43:45	Name: user_id Value: 228b43bd-9471-4f02-8322-898ff6a57938
.doubleclick.net/	1970-01-20 09:29:21	Name: IDE Value: AHWqTUmh_KcC8hipiXBucj860ELBz4Keocc92LpJjkqMMjUJTrGoij6S7O-AF_YCNRM
.yandex.com/	1970-01-27 07:19:45	Name: yandexuid Value: 515410271642065290
.yandex.com/	1970-01-27 07:19:45	Name: yuidss Value: 515410271642065290
.yandex.com/	1970-01-23 15:43:45	Name: yp Value: 1642151691.yu.8910065841642065291
.yandex.com/	1970-01-20 08:53:21	Name: ymex Value: 1644657291.oyu.8910065841642065291#1673601291.yrts.1642065291#1673601291.yrtsi.1642065291
.mc.yandex.com/	1970-01-20 00:09:11	Name: sync_cookie_ok Value: synced
.betweendigital.com/	1970-01-20 08:53:21	Name: dc Value: was1
.betweendigital.com/	1970-01-20 08:53:21	Name: ss Value: 1
.betweendigital.com/	1970-01-20 08:53:21	Name: tuuid Value: 5169bf29-7b16-530d-b660-6215d7bf8f9e
.adhigh.net/	1970-01-20 08:53:21	Name: gi_u Value: 0MywcITPBGZ.AikABlF-Urfpbg
.yandex.com/	1970-01-23 15:43:45	Name: i Value: bvuiY9Kl7uPQcPwLLVAFzCSY4z4jIzacI0ymiqqrw/WYtMlRTMZaN0/4zz8ciHRcHcVjt4RWe8Y1RicxT5C6GUUKE6I=
.adhigh.net/	1970-01-20 08:53:21	Name: yandexssp_sync Value: j8Z
.demdex.net/	1970-01-20 04:26:57	Name: demdex Value: 85847028027138564020111229317476554530
.ssp-rtb.sape.ru/	1970-01-25 20:05:16	Name: sspuid Value: fwAAAWHf7YuZegCC+UZ8ArDvsQQxuOOQQ3/p8WukvGmbdUQd
.betweendigital.com/	1970-01-20 08:53:21	Name: ut Value: Yd_tiwALMzCgpjGGJZiXfEYXaOnVwyLX_sOXKA==
.dpm.demdex.net/	1970-01-20 04:26:57	Name: dpm Value: 85847028027138564020111229317476554530
.mts.ru/	1970-01-23 14:31:45	Name: mts_id Value: 9c6b639a-85a2-4f0e-9ad3-0623d2eadcc4
.mts.ru/	1970-01-23 14:31:45	Name: mts_id_last_sync Value: 1642065291

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://an.yandex.ru/mapuid/SAPEis/0100007F8BEDDF619A002FAF024CFD19 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

228b43bd-9471-4f02-8322-898ff6a57938.sync.upravel.com
acint.net
ads.betweendigital.com
an.yandex.ru
avatars.mds.yandex.net
cdn3.caltat.com
cm.g.doubleclick.net
cm.tns-counter.ru
counter.yadro.ru
dm.hybrid.ai
dmg.digitaltarget.ru
dpm.demdex.net
favicon.yandex.net
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
mitdmp.whiteboxdigital.ru
profile.ssp.rambler.ru
px.adhigh.net
read3.w1.flibusta.life
redirect.frontend.weborama.fr
s.uuidksinc.net
sm.rtb.mts.ru
sonar.semantiqo.com
ssp-rtb.sape.ru
ssp.adriver.ru
storage.mds.yandex.net
sync.1dmp.io
sync.bumlam.com
sync.magnitent.com
sync.upravel.com
t.adx.opera.com
tech.rtb.mts.ru
www.google.com
www.google.de
www.googleadservices.com
x01.aidata.io
yandex-dmp-sync.rutarget.ru
yandex-sync.rutarget.ru
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
104.21.91.39
116.202.128.114
142.250.181.228
142.250.185.195
142.250.185.66
144.76.138.28
148.251.236.115
172.217.16.130
178.154.131.216
185.15.175.132
194.190.76.44
194.226.130.229
195.201.243.72
213.180.193.90
213.180.204.158
213.180.204.36
213.87.44.187
217.66.147.170
31.172.81.160
31.220.27.134
34.247.200.0
35.190.16.14
37.18.16.22
5.255.255.5
78.46.100.125
80.64.106.147
80.64.106.148
81.163.17.245
81.222.128.214
82.145.213.8
87.250.247.182
87.250.250.114
87.250.251.119
88.212.201.198
89.108.120.68
91.192.148.30
95.217.109.66
95.217.86.150
96.46.183.20
0085d2a72737b67417a31387e91d62897a6f3eba7dfc89283aba02bd9216f28f
0ce15a8f257959b2f4e39c9d2eaa5e7ca98ac78d9740851aa1b1d9d0c56f3009
0e32a537bacaccf1c6ae723723661810fabf900659257f8f037e454cb4011503
11c35db6374560a24a72bea90c406077550000358188b92d685be86170465854
1328b31ad7c4d5d9cceff8917322e41439874f0dfd4675681921db2165a66ecd
13478bdce3b05abe223de8fe7aeab8fa7e1c0599adde7b20944739374757ecfb
17d4bb211467418b6ff7cc1cec3c8b1c59cb955b6a83513cb339b2205ae659b7
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
1d4c1410507cbfa6fa4e3594f092ddf8ba0688dd58eec01bcc501f60250803fc
1fe7c9b04cd9ebd46cd5a636bd2c2b1d54054f3995db24951c0d0318ec71d70c
23a1f770d49784148ba3e2bda29ee608ca92abc8c8a3f13af2101a62c3dee4f6
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ca7af92a8e66848708d4416112fb4cc015d86c78c8beaee4b654b4969293677
2ddc0270f67098887df783cd646e3a21ca627f76edd49103f4b1e540f7558016
3063147ee89c6141391741d81be50588897535216a1a28b6f1596828d1793adb
324bcea8ab074b342ea41f5b5acecff155d45ef22a65149a283543035c233cc4
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
34a2a7c887b10484d4e38a459c88f96d96ddbae0423cd433d46be2e7e5618555
361840fbee3b0726b5f0f5bbfe37e13bdab8c3c873d643a45b56c5e37c8d2a86
3cebbba76fc4342d8366e0b5a254fa2efe1e837b7fa17b01418c2d15f5379928
4489654fed8c9c74673842a01b843721f90f284f177ec777830a1896b67594e6
4f3834503d10dfeca246e250cc83ca997813b6249e1fab1191dacf5225d679f0
4ff14a24b5b987df73bf322a5639b6bc9de5bd5c862131e72f50f997b4517daa
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
550116d1cc65e48e0c93fd975464892e2e2ce6102288031449fd0082d1e01212
620b2d1d093923a6df3bb28339a39ca7e1719ca6030db1cacfe11f0ac9a265bb
6e10d1dc79cb5a6fbe62cd0bfd36c2423c95810f860ec008d707dd61d715f9f4
6ebb99f44b593382de6cfbf5a66e1e4eb5f56c4061dcbb889c4e741bda853cb3
724ecca5300fed887d728b329e49bfc32b041d71e94777206a5a4664a6466719
79616a67bc7bdf1f244f6225dc3ee26f50a9599d7c5cf4ed655016e907323107
7e13a73480283ea7702a7c762a362c4da09447668a3113c8b90a216095b58785
81211473e99fae78ef02d3eeade1cccf9c85a248d4af1502613ffce4a244dbcb
84d2041ec64dc2bd119a84fb87f52c35c89885c169ba1d44b3599a4e5e6b4893
913e0bff2ebdfd8aa46e82e8282910638f68fdb9f56f447f1f6b259f3fe5e539
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a461fbd84446dbdb4ad3fe15abf88cc707a74cee6cdf705f731823de77b6123
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
9d2520c1fc815925584f9c02e6d05304e4ee26d575aca41c95c95d23ef08ccbc
a3b77dba56fc2d18a7392de3ef027537296f69e7614a66f3e070de79c12ccc17
a9e2c21fea32dc63142707b7904f8a962f77bb77f81fdd6a8bbb700a1f94657b
aa76185f417cf85d7029b35e3a6544d4495402e17f76a32633b5ba80a81faa26
b1723f96fb8bdcccd48fa69cb27d2dcd22bf865a6e1305aeb8ee9b2aa982d7ed
b4e545d7af5622814ef6da2f4aca4f1ce46077bb9c1641761c2398eaf661d8c9
bb51b9caddb8a0e55d70c819b8a8903fbf2f94b7ad453653ec6aa0e823524276
c52300065c159bb2754b346f0888ba07144c3446e8ba1975b103d5be581a0e7e
c58d53d6f5f87e8640337788f6230e7a0f69f7caa7353ba5b9dd72c37cd9cebf
c90f044345dd4f0011b188dbbe7d26f41bdb8b9edc266d0fedc1689f1055ef98
cf40ddddce0ecb930d92b5eb69da2c7932f4c7790a80efdd36dfb19ecd0985a0
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d4247ed30734f69d609692cc4278b576470108373acc75ae3a5e4dba20457cf1
d5251556cfa57c86775d0d5432d47e587bd4d752f48e471d14cde340ea3704fb
d5382a54699a1e6984f8d16c12b2874c57d7da68e7dc4999a2423cbe1f56a419
d5b5c8924b6e3efa9e26aa3ff8dda5b2395c03208103ac5944b746930aa9f942
d5fc16f4f77ba591931d7f5cf79756ff00428ec79f15bc603308e565ff6d91df
d873222307a7ffd443127be78ccc18ec73ddeb06ea6b12600b2ca31f5bd4ce99
dd321da9fbfb2751ef37064414b32f455ae4e64bfdcfc7c89f9681b163dca0fb
dda53878f875dc7a487e0c2adc15f09e563ca876670ba0c24e1d4805d64fd6d0
dfcea52ba20178b53f04aa15dd3ac627061def92702459e3afdf5dc2910138a6
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9ed4adcba4950bf4be0556283131eedd7c629de1821c8c3967c7f70d971596
f157e24773ce74cb1b45891570f4e43d5dbe009c177a24dce25ce5986fdb5664
f739d2729f1fd478c855bef64b16d83ab8524e6068651ca4325e47ccca7aa1bc

read3.w1.flibusta.life Open in urlscan Pro 104.21.91.39 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

121 Requests

66 %HTTPS

0 %IPv6

33 Domains

42 Subdomains

22 IPs

8 Countries

964 kBTransfer

2423 kBSize

57 Cookies

11 Outgoing links

Redirected requests

121 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

read3.w1.flibusta.life Open in urlscan Pro
104.21.91.39 Public Scan

Screenshot
Live screenshot

Full Image

121
Requests

66 %
HTTPS

0 %
IPv6

33
Domains

42
Subdomains

22
IPs

8
Countries

964 kB
Transfer

2423 kB
Size

57
Cookies

121 HTTP transactions
2 data transactions