l2free.fun Open in urlscan Pro
2a03:6f00:6:1::57f9:26fd Public Scan

Go To Rescan
Add Verdict Report

URL:
https://l2free.fun/
Submission: On February 03 via manual (February 3rd 2022, 5:41:42 am UTC) from IN — Scanned from DE

Summary HTTP 51 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 13 domains to perform 51 HTTP transactions. The main IP is 2a03:6f00:6:1::57f9:26fd, located in Russian Federation and belongs to TIMEWEB-AS, RU. The main domain is l2free.fun.
TLS certificate: Issued by R3 on January 29th 2022. Valid for: 3 months.

This is the only time l2free.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	2a03:6f00:6:1... 2a03:6f00:6:1::57f9:26fd	9123 (TIMEWEB-AS) (TIMEWEB-AS)
1	87.98.138.36 87.98.138.36	16276 (OVH) (OVH)
1	2a03:c980:b23... 2a03:c980:b239:dfeb:178:57:223:235	210079 (EUROBYTE ...) (EUROBYTE Eurobyte LLC)
1	2606:4700:20:... 2606:4700:20::ac43:4a7a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:c980:b95... 2a03:c980:b957:c686:185:87:198:134	210079 (EUROBYTE ...) (EUROBYTE Eurobyte LLC)
1	2606:4700:303... 2606:4700:3031::ac43:b3d5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3035::6815:2f5d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a0a:2b43:89:... 2a0a:2b43:89:17e8::	35278 (SPRINTHOST) (SPRINTHOST)
3 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
3	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
51	12

29 2a03:6f00:6:1::57f9:26fd (Russian Federation)

ASN9123 (TIMEWEB-AS, RU)

l2free.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.98.138.36 (France)

ASN16276 (OVH, FR)
PTR: l2top.ru

l2top.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:c980:b239:dfeb:178:57:223:235 (Russian Federation)

ASN210079 (EUROBYTE Eurobyte LLC, RU)

l2-top.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4a7a (United States)

ASN13335 (CLOUDFLARENET, US)

www.top100arena.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:c980:b957:c686:185:87:198:134 (Russian Federation)

ASN210079 (EUROBYTE Eurobyte LLC, RU)

new-lineage.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:b3d5 (United States)

ASN13335 (CLOUDFLARENET, US)

l2new.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:2f5d (United States)

ASN13335 (CLOUDFLARENET, US)

l2an.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0a:2b43:89:17e8:: (Russian Federation)

ASN35278 (SPRINTHOST, RU)

blayzer.uz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	l2free.fun l2free.fun	736 KB
8	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 25627	2 KB
4	gstatic.com fonts.gstatic.com	129 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	2 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2853	68 KB
1	blayzer.uz blayzer.uz	23 KB
1	l2an.ru l2an.ru	32 KB
1	l2new.ru l2new.ru	6 KB
1	new-lineage.ru new-lineage.ru	12 KB
1	top100arena.com www.top100arena.com	3 KB
1	l2-top.ru l2-top.ru	24 KB
1	l2top.ru l2top.ru — Cisco Umbrella Rank: 667940	3 KB
0	freegeoip.net Failed freegeoip.net Failed
51	13

	Domain	Requested by
29	l2free.fun	l2free.fun
8	mc.yandex.com	2 redirects l2free.fun mc.yandex.ru
4	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	l2free.fun
2	mc.yandex.ru	1 redirects l2free.fun
1	blayzer.uz	l2free.fun
1	l2an.ru	l2free.fun
1	l2new.ru	l2free.fun
1	new-lineage.ru	l2free.fun
1	www.top100arena.com	l2free.fun
1	l2-top.ru	l2free.fun
1	l2top.ru	l2free.fun
0	freegeoip.net Failed	l2free.fun
51	13

This site contains links to these domains. Also see Links.

Domain
l2top.ru
la2.mmotop.ru
l2noo.ru
l2-pick.ru
l2-top.ru
www.top100arena.com
new-lineage.ru
l2new.ru
l2an.ru
blayzer.uz

Subject Issuer	Validity	Valid
l2free.fun R3	`2022-01-29` - `2022-04-29`	3 months	crt.sh
l2top.ru AlphaSSL CA - SHA256 - G2	`2021-02-03` - `2022-03-07`	a year	crt.sh
l2-top.ru Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-11-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-16` - `2022-06-15`	a year	crt.sh
new-lineage.ru Sectigo RSA Domain Validation Secure Server CA	`2021-05-30` - `2022-06-06`	a year	crt.sh
*.l2new.ru R3	`2021-12-22` - `2022-03-22`	3 months	crt.sh
*.l2an.ru R3	`2022-01-04` - `2022-04-04`	3 months	crt.sh
blayzer.uz R3	`2022-01-03` - `2022-04-03`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://l2free.fun/
Frame ID: 9B56507503A1D288FD362935137CBF10
Requests: 51 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

L2Free.Fun - У НАС РАЗРЕШЕН БОТ!!!

Detected technologies

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

51
Requests

94 %
HTTPS

91 %
IPv6

13
Domains

13
Subdomains

12
IPs

4
Countries

1041 kB
Transfer

1275 kB
Size

12
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://l2top.ru/

Search URL Search Domain Scan URL

URL: https://la2.mmotop.ru/

Search URL Search Domain Scan URL

URL: https://l2noo.ru/

Search URL Search Domain Scan URL

URL: https://l2-pick.ru/

Search URL Search Domain Scan URL

URL: https://l2-top.ru/

Search URL Search Domain Scan URL

URL: https://www.top100arena.com/

Search URL Search Domain Scan URL

URL: https://new-lineage.ru/

Search URL Search Domain Scan URL

URL: https://l2new.ru/

Search URL Search Domain Scan URL

URL: https://l2an.ru/

Search URL Search Domain Scan URL

URL: https://blayzer.uz/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9538.5h-q3grU04tbeFIVeP4-G_Aygq1c5AC2QjhuG1H8KQNYmAwCITsH4l1nRvbDEc5F.LNJDodJEETkvMhNqf25F5imOgPE%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9538.Pwy5__d51XsOoInTPlHk5jprbm2c_i-DV2l3FH818j0Hl-_-ulz8mzzCvbp8HeHH6jqjrI-bfO1w2j-vZF-HPw%2C%2C.u6vEA3QsYYp54sHJ3E1UJZqs0ZI%2C

Request Chain 46

https://mc.yandex.com/watch/87360422?wmode=7&page-url=https%3A%2F%2Fl2free.fun%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A1632503210970%3Ahid%3A240617470%3Az%3A0%3Ai%3A20220203054137%3Aet%3A1643866897%3Ac%3A1%3Arn%3A916156174%3Arqn%3A1%3Au%3A164386689735500918%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643866896939%3Ads%3A39%2C82%2C86%2C1%2C0%2C0%2C%2C151%2C10%2C%2C%2C%2C361%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643866898%3At%3AL2Free.Fun%20-%20%D0%A3%20%D0%9D%D0%90%D0%A1%20%D0%A0%D0%90%D0%97%D0%A0%D0%95%D0%A8%D0%95%D0%9D%20%D0%91%D0%9E%D0%A2!!!&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/87360422/1?wmode=7&page-url=https%3A%2F%2Fl2free.fun%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A1632503210970%3Ahid%3A240617470%3Az%3A0%3Ai%3A20220203054137%3Aet%3A1643866897%3Ac%3A1%3Arn%3A916156174%3Arqn%3A1%3Au%3A164386689735500918%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643866896939%3Ads%3A39%2C82%2C86%2C1%2C0%2C0%2C%2C151%2C10%2C%2C%2C%2C361%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643866898%3At%3AL2Free.Fun%20-%20%D0%A3%20%D0%9D%D0%90%D0%A1%20%D0%A0%D0%90%D0%97%D0%A0%D0%95%D0%A8%D0%95%D0%9D%20%D0%91%D0%9E%D0%A2%21%21%21&t=gdpr%2814%29aw%281%29ti%282%29

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
l2free.fun/ 10 KB
3 KB 208ms
86ms Document
text/html 2a03:6f00:6:1::57f9:26fd
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://l2free.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:26fd , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 2a95edefcaae164dbb3b7b481c1e4d3b2d995a380d332fb160eb5c88dedba8b2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx/1.20.1
date: Thu, 03 Feb 2022 05:41:37 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
expires: 0
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
last-modified: Wed, 02 Feb 2022 05:41:37 GMT
content-encoding: gzip

GET
H2 200 jquery-1.12.4.min.js Show response
l2free.fun/templates/mysterium/js/ 95 KB
33 KB 84ms
84ms Script
application/x-javascript 2a03:6f00:6:1::57f9:26fd
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://l2free.fun/templates/mysterium/js/jquery-1.12.4.min.js
Requested by: Host: l2free.fun
URL: https://l2free.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:26fd , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:41:37 GMT
content-encoding: gzip
last-modified: Sun, 30 Jan 2022 19:22:21 GMT
server: nginx/1.20.1
etag: W/"61f6e56d-17b8b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2678400
expires: Sun, 06 Mar 2022 05:41:37 GMT

GET
H2 200 jquery.cookie.js Show response
l2free.fun/templates/mysterium/js/ 2 KB
1007 B 86ms
85ms Script
application/x-javascript 2a03:6f00:6:1::57f9:26fd
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://l2free.fun/templates/mysterium/js/jquery.cookie.js
Requested by: Host: l2free.fun
URL: https://l2free.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:26fd , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 1f822cda6ee813443720c99191181d7affcf9b5dfeb7d9620ef8f991940047f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:41:37 GMT
content-encoding: gzip
last-modified: Sun, 30 Jan 2022 19:22:21 GMT
server: nginx/1.20.1
etag: W/"61f6e56d-718"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2678400
expires: Sun, 06 Mar 2022 05:41:37 GMT

GET
H2 200 mmotop.js Show response
l2free.fun/templates/mysterium/js/ 280 B
468 B 86ms
85ms Script
application/x-javascript 2a03:6f00:6:1::57f9:26fd
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://l2free.fun/templates/mysterium/js/mmotop.js
Requested by: Host: l2free.fun
URL: https://l2free.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:26fd , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 7b000936d91c5be463d8bc4d0ef6498c66bf7dd386ffc48469f08f8c3ee9f87c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:41:37 GMT
last-modified: Sun, 30 Jan 2022 19:22:21 GMT
server: nginx/1.20.1
etag: "61f6e56d-118"
content-type: application/x-javascript
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 280
expires: Sun, 06 Mar 2022 05:41:37 GMT

GET
H2 200 script.js Show response
l2free.fun/templates/mysterium/js/ 3 KB
1 KB 86ms
85ms Script
application/x-javascript 2a03:6f00:6:1::57f9:26fd
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://l2free.fun/templates/mysterium/js/script.js
Requested by: Host: l2free.fun
URL: https://l2free.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:26fd , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: fb52bf9a61424eef0420f941cff6e5313296e22cf54431a383b1921f2428a68d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:41:37 GMT
content-encoding: gzip
last-modified: Sun, 30 Jan 2022 19:22:21 GMT
server: nginx/1.20.1
etag: W/"61f6e56d-d87"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2678400
expires: Sun, 06 Mar 2022 05:41:37 GMT

GET
H2 200 rotate.js Show response
l2free.fun/templates/mysterium/js/ 7 KB
2 KB 87ms
86ms Script
application/x-javascript 2a03:6f00:6:1::57f9:26fd
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://l2free.fun/templates/mysterium/js/rotate.js
Requested by: Host: l2free.fun
URL: https://l2free.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:26fd , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 3c467ea111393130da0ca4eb7327f5ff1feb2a66bf350cdde5e8d5a5896aec5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:41:37 GMT
content-encoding: gzip
last-modified: Sun, 30 Jan 2022 19:22:21 GMT
server: nginx/1.20.1
etag: W/"61f6e56d-1b1d"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2678400
expires: Sun, 06 Mar 2022 05:41:37 GMT

GET
H2 200 mysterium.js Show response
l2free.fun/templates/mysterium/js/ 407 B
596 B 87ms
86ms Script
application/x-javascript 2a03:6f00:6:1::57f9:26fd
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://l2free.fun/templates/mysterium/js/mysterium.js
Requested by: Host: l2free.fun
URL: https://l2free.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:26fd , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: c5fea69df05f0e27f2374a26e491945fb49bc96139758496550697cc4d9c1a4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:41:37 GMT
last-modified: Sun, 30 Jan 2022 19:22:21 GMT
server: nginx/1.20.1
etag: "61f6e56d-197"
content-type: application/x-javascript
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 407
expires: Sun, 06 Mar 2022 05:41:37 GMT

GET
H2 200 progressbar.min.js Show response
l2free.fun/templates/mysterium/js/ 15 KB
5 KB 122ms
121ms Script
application/x-javascript 2a03:6f00:6:1::57f9:26fd
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://l2free.fun/templates/mysterium/js/progressbar.min.js
Requested by: Host: l2free.fun
URL: https://l2free.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:26fd , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 170dfb66a9c9bc1160a0c3d1b0783fb646d853fcee466f4a38b3f0856a440097

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:41:37 GMT
content-encoding: gzip
last-modified: Sun, 30 Jan 2022 19:22:21 GMT
server: nginx/1.20.1
etag: W/"61f6e56d-3b74"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2678400
expires: Sun, 06 Mar 2022 05:41:37 GMT

GET
H2 200 status.js Show response
l2free.fun/templates/mysterium/js/ 687 B
875 B 123ms
122ms Script
application/x-javascript 2a03:6f00:6:1::57f9:26fd
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://l2free.fun/templates/mysterium/js/status.js
Requested by: Host: l2free.fun
URL: https://l2free.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:26fd , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 26eb9d64be905e56f8c335528021c0d01e266f7225f61fab8f18020794ce867b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:41:37 GMT
last-modified: Sun, 30 Jan 2022 19:22:21 GMT
server: nginx/1.20.1
etag: "61f6e56d-2af"
content-type: application/x-javascript
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 687
expires: Sun, 06 Mar 2022 05:41:37 GMT

GET
H2 200 unitpay_effects.js Show response
l2free.fun/templates/mysterium/js/ 0
176 B 123ms
122ms Script
application/x-javascript 2a03:6f00:6:1::57f9:26fd
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://l2free.fun/templates/mysterium/js/unitpay_effects.js
Requested by: Host: l2free.fun
URL: https://l2free.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:26fd , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:41:37 GMT
last-modified: Sun, 30 Jan 2022 19:22:21 GMT
server: nginx/1.20.1
etag: "61f6e56d-0"
content-type: application/x-javascript
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 0
expires: Sun, 06 Mar 2022 05:41:37 GMT

GET
H2 200 style.css
l2free.fun/templates/mysterium/css/ 14 KB
3 KB 123ms
122ms Stylesheet
text/css 2a03:6f00:6:1::57f9:26fd
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://l2free.fun/templates/mysterium/css/style.css
Requested by: Host: l2free.fun
URL: https://l2free.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:26fd , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 79ed669461617ae25667912e264b6362751fadb0ddd930bd380fd28e42c93d9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:41:37 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 20:50:51 GMT
server: nginx/1.20.1
etag: W/"61f99d2b-3928"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2678400
expires: Sun, 06 Mar 2022 05:41:37 GMT

GET
H2 200 engine.css
l2free.fun/templates/mysterium/css/ 10 KB
2 KB 123ms
123ms Stylesheet
text/css 2a03:6f00:6:1::57f9:26fd
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://l2free.fun/templates/mysterium/css/engine.css
Requested by: Host: l2free.fun
URL: https://l2free.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:26fd , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: c78385c89e1801e036ead31ba77df431e0edff198ec32b266ba97c6cf98a9a97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:41:37 GMT
content-encoding: gzip
last-modified: Sun, 30 Jan 2022 19:22:19 GMT
server: nginx/1.20.1
etag: W/"61f6e56b-2784"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2678400
expires: Sun, 06 Mar 2022 05:41:37 GMT

GET
H2 200 hover.css
l2free.fun/templates/mysterium/css/ 2 KB
765 B 123ms
123ms Stylesheet
text/css 2a03:6f00:6:1::57f9:26fd
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://l2free.fun/templates/mysterium/css/hover.css
Requested by: Host: l2free.fun
URL: https://l2free.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:26fd , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 7c52a969cf60d2c26aaeea6d9a4529377c527cc3b101ac5c6f0a855e8d4a19e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:41:37 GMT
content-encoding: gzip
last-modified: Sun, 30 Jan 2022 19:22:20 GMT
server: nginx/1.20.1
etag: W/"61f6e56c-8b1"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2678400
expires: Sun, 06 Mar 2022 05:41:37 GMT

GET
H2 200 window.css
l2free.fun/templates/mysterium/css/ 6 KB
1 KB 123ms
123ms Stylesheet
text/css 2a03:6f00:6:1::57f9:26fd
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://l2free.fun/templates/mysterium/css/window.css
Requested by: Host: l2free.fun
URL: https://l2free.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:26fd , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 5447fed258e4cd1b4c4be0ee9d460b1dc82996385b53aeb790d98f8d81a9bac6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:41:37 GMT
content-encoding: gzip
last-modified: Sun, 30 Jan 2022 19:22:20 GMT
server: nginx/1.20.1
etag: W/"61f6e56c-169a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2678400
expires: Sun, 06 Mar 2022 05:41:37 GMT

GET
H/1.1 200
OK top.php
l2top.ru/catalog/ 3 KB
3 KB 86ms
17ms Image
text/html 87.98.138.36
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l2top.ru/catalog/top.php
Requested by: Host: l2free.fun
URL: https://l2free.fun/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.98.138.36 , France, ASN16276 (OVH, FR),
Reverse DNS: l2top.ru
Software: nginx /
Resource Hash: ef413b830bfa87537e75bc74a0e0d8bbd07848efb6995a40503cb3df33545d0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 03 Feb 2022 05:41:37 GMT
Server: nginx
Connection: keep-alive
Content-Length: 3253
Content-Type: image/png, text/html; charset=windows-1251

GET
H2 200 mmotop.png
l2free.fun/images/ 8 KB
8 KB 83ms
83ms Image
image/png 2a03:6f00:6:1::57f9:26fd
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l2free.fun/images/mmotop.png
Requested by: Host: l2free.fun
URL: https://l2free.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:26fd , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 0ae4daaa416d2808ad5dfc23a7d1138a1e64ab0e28db12dd40b31f5e32e0623e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:41:37 GMT
last-modified: Wed, 02 Feb 2022 17:51:56 GMT
server: nginx/1.20.1
etag: "61fac4bc-2011"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 8209
expires: Sun, 06 Mar 2022 05:41:37 GMT

GET
H2 200 l2noo.png
l2free.fun/images/ 9 KB
9 KB 83ms
82ms Image
image/png 2a03:6f00:6:1::57f9:26fd
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l2free.fun/images/l2noo.png
Requested by: Host: l2free.fun
URL: https://l2free.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:26fd , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: f536518a882e9850f895b443cf4867217665028ef57d36c4e680f1403f22bb9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:41:37 GMT
last-modified: Wed, 02 Feb 2022 17:51:57 GMT
server: nginx/1.20.1
etag: "61fac4bd-23ec"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 9196
expires: Sun, 06 Mar 2022 05:41:37 GMT

GET
H2 200 l2pick2.png
l2free.fun/images/ 9 KB
9 KB 85ms
84ms Image
image/png 2a03:6f00:6:1::57f9:26fd
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l2free.fun/images/l2pick2.png
Requested by: Host: l2free.fun
URL: https://l2free.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:26fd , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 7346076e637587ca34b9b2dd88d1f1c322f02c05ba5ebc1716f8270a017b550e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:41:37 GMT
last-modified: Wed, 02 Feb 2022 17:51:56 GMT
server: nginx/1.20.1
etag: "61fac4bc-223d"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 8765
expires: Sun, 06 Mar 2022 05:41:37 GMT

GET
H2 200 button1.gif
l2-top.ru/img/ 24 KB
24 KB 193ms
40ms Image
image/gif 2a03:c980:b239:dfeb:178:57:223:235
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://l2-top.ru/img/button1.gif

Requested by

Host: l2free.fun
URL: https://l2free.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:c980:b239:dfeb:178:57:223:235 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),

Reverse DNS

Software

LiteSpeed /

Resource Hash

b97862a2854fa737e4241781ae173ae95c41517f686b3e821a8ac24573f9e5ea

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:41:37 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 21 Dec 2020 14:44:09 GMT
server: LiteSpeed
etag: "5eec-5fe0b4b9-0;;;"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 24300
expires: Thu, 10 Feb 2022 05:41:37 GMT

GET
H2 200 small
www.top100arena.com/hit/98967/ 2 KB
3 KB 158ms
124ms Image
image/jpeg 2606:4700:20::ac43:4a7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.top100arena.com/hit/98967/small

Requested by

Host: l2free.fun
URL: https://l2free.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a7a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2ee3d040bc9a07e86df305de4605bc201d2cab1225b16557b125a80b4dc89e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:41:37 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 2216
x-xss-protection: 1; mode=block
last-modified: Fri, 18 Jun 2021 23:06:53 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining: 29
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D8Y7lsIA6j4YRVhA5BXg9WCmXukkktEENPIJ5OKK%2BUzXkDO1ubXYCbCIVbQEBm3BzcBQRmMXRA1cb9PUFvj%2BI8ekJosfSbCabInSPP8oFEZa%2B0JOk7xnWLyFQGMHt44gLQGnjQpJ4mftbP9Piul4f44%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public
x-ratelimit-limit: 30
accept-ranges: bytes
cf-ray: 6d7954cc585390ec-FRA

GET
H2 200 L2.gif
new-lineage.ru/IMG/ 12 KB
12 KB 183ms
40ms Image
image/gif 2a03:c980:b957:c686:185:87:198:134
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://new-lineage.ru/IMG/L2.gif
Requested by: Host: l2free.fun
URL: https://l2free.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:c980:b957:c686:185:87:198:134 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 63e35c66c85849bd4434ace800e760318e7cf76f50b4d9b616e4e0387045bd3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:41:37 GMT
last-modified: Sun, 03 Dec 2017 17:25:54 GMT
server: LiteSpeed
etag: "2fed-5a2433a2-69bf3af19734c582;;;"
content-type: image/gif
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 12269

GET
H2 200 promo.gif
l2new.ru/l2/images/ 6 KB
6 KB 354ms
309ms Image
image/gif 2606:4700:3031::ac43:b3d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l2new.ru/l2/images/promo.gif
Requested by: Host: l2free.fun
URL: https://l2free.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b3d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b41d1a0529060faf22bdeaddea9da151a42d6c44584239d3b2e14eaecd224d3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:41:37 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5649
last-modified: Wed, 20 May 2020 08:28:24 GMT
server: cloudflare
etag: "5ec4ea28-1611"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FmeDQ4bbokxNPlLNSbyI7zBWfcDwcb45yCYonsAkk6tHNZomWgkXKgcMtussPGIAZ0iwJeXA1JxmPp7FIt8zu4UPzAP4S0%2FalsQCq8GfzCoNlL%2B%2Fp%2F8AYqblLf%2BTpvMLTwkE1WjoPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6d7954cc68a49186-FRA
expires: Sat, 05 Mar 2022 05:41:37 GMT

GET
H2 200 but.jpg
l2an.ru/bnrs/ 31 KB
32 KB 77ms
41ms Image
image/jpeg 2606:4700:3035::6815:2f5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l2an.ru/bnrs/but.jpg
Requested by: Host: l2free.fun
URL: https://l2free.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2f5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92ddbc1002ffa547247021bd1daac012f58070ca431f4e862b5cca9115b3b8d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:41:37 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 11 Jul 2021 22:23:54 GMT
server: cloudflare
etag: "60eb6f7a-7bef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9JlZhckTFnrRBVtc9V2qsT0ABLAwhLvTq%2FFerkPQN31ddtEbGycsfaFePqVYCa80zBnMUk4qjETIm%2BEOuLpETdOQs15Qao8LX0b6D4HVEqlLFL%2FN2fE9%2BTSeP%2BFIon%2F07hThtZnr"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d7954cc58ca9088-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31727

GET
H2 200 anons.png
blayzer.uz/ 23 KB
23 KB 232ms
41ms Image
image/png 2a0a:2b43:89:17e8::
SPRINTHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blayzer.uz/anons.png
Requested by: Host: l2free.fun
URL: https://l2free.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:2b43:89:17e8:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software: openresty /
Resource Hash: 3c11b6dbf4a1d51928bb204bd221979d8114e09e251055dd2573764b1b91d789

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:41:37 GMT
last-modified: Thu, 17 Sep 2015 13:22:27 GMT
server: openresty
etag: "55fabe93-5cfd"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 23805
expires: Thu, 10 Feb 2022 05:41:37 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 198 KB
68 KB 132ms
63ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: l2free.fun
URL: https://l2free.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

d98da1540993d215b6f4e184906020e8ce32286b315a4261127d26bf79146bb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:41:37 GMT
content-encoding: br
last-modified: Tue, 01 Feb 2022 13:59:59 GMT
etag: "61f912af-10e38"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 69176
expires: Thu, 03 Feb 2022 06:41:37 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
948 B 133ms
45ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans

Requested by

Host: l2free.fun
URL: https://l2free.fun/templates/mysterium/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5eabef73d642bd854d2e9ad3eccb6d73c8c1982fc2d2b67b2547dd09ede42d76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 04:49:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 03 Feb 2022 05:41:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 03 Feb 2022 05:41:37 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
547 B 133ms
45ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans+Caption:700

Requested by

Host: l2free.fun
URL: https://l2free.fun/templates/mysterium/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

864844ab9f07a212b50d682afae19cefb03f4c48b1119625ec6ec679b33dcde6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 05:41:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 03 Feb 2022 05:41:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 03 Feb 2022 05:41:37 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
580 B 133ms
46ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,700

Requested by

Host: l2free.fun
URL: https://l2free.fun/templates/mysterium/css/window.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4c8637d0e9be13cf21057f33cf485a942d0ab8283c5813fcdc5c57ccd403896b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 05:15:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 03 Feb 2022 05:41:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 03 Feb 2022 05:41:37 GMT

GET /
freegeoip.net/json/ 0
0

GET
H2 200 all_bg.jpg
l2free.fun/templates/mysterium/images/mysterium_bg/ 2 KB
2 KB 42ms
41ms Image
image/jpeg 2a03:6f00:6:1::57f9:26fd
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l2free.fun/templates/mysterium/images/mysterium_bg/all_bg.jpg
Requested by: Host: l2free.fun
URL: https://l2free.fun/templates/mysterium/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:26fd , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 0c3fd4fdc9f638b7f418bd845ef7f99b580ac505a9dc4ed40b152712a5125dac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/templates/mysterium/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:41:37 GMT
last-modified: Sun, 30 Jan 2022 19:22:20 GMT
server: nginx/1.20.1
etag: "61f6e56c-7f3"
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 2035
expires: Sun, 06 Mar 2022 05:41:37 GMT

GET
H2 200 head_bg.jpg
l2free.fun/templates/mysterium/images/mysterium_bg/ 369 KB
370 KB 45ms
44ms Image
image/jpeg 2a03:6f00:6:1::57f9:26fd
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l2free.fun/templates/mysterium/images/mysterium_bg/head_bg.jpg
Requested by: Host: l2free.fun
URL: https://l2free.fun/templates/mysterium/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:26fd , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 3380d226c029fb74691dd8b8ca15ca294ba552c93be1ff86d6d653efd9e13ed8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/templates/mysterium/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:41:37 GMT
last-modified: Sun, 30 Jan 2022 19:22:20 GMT
server: nginx/1.20.1
etag: "61f6e56c-5c553"
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 378195
expires: Sun, 06 Mar 2022 05:41:37 GMT

GET
H2 200 0FlJVP6Hrxmt7-fsUFhlFXNIlpcSwSrkSA-v_38.woff2
fonts.gstatic.com/s/ptsanscaption/v17/ 22 KB
22 KB 127ms
42ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsanscaption/v17/0FlJVP6Hrxmt7-fsUFhlFXNIlpcSwSrkSA-v_38.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans+Caption:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31009d1f494b9905d3ec3a27643c80fd9a50f030052a2178eb3332799eac58ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://l2free.fun
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 00:16:28 GMT
x-content-type-options: nosniff
age: 19509
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22332
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:06:46 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 03 Feb 2023 00:16:28 GMT

GET
H2 200 lk.png
l2free.fun/templates/mysterium/images/mysterium_bg/ 64 KB
64 KB 85ms
85ms Image
image/png 2a03:6f00:6:1::57f9:26fd
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l2free.fun/templates/mysterium/images/mysterium_bg/lk.png
Requested by: Host: l2free.fun
URL: https://l2free.fun/templates/mysterium/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:26fd , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: bc46260eee6fd764ca704d6cb9bee5c5e982ecdc03402294f8d7e2f4a8c21e9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/templates/mysterium/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:41:37 GMT
last-modified: Sun, 30 Jan 2022 19:22:20 GMT
server: nginx/1.20.1
etag: "61f6e56c-fe80"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 65152
expires: Sun, 06 Mar 2022 05:41:37 GMT

GET
H2 200 logo.png
l2free.fun/templates/mysterium/images/mysterium_bg/ 82 KB
82 KB 85ms
85ms Image
image/png 2a03:6f00:6:1::57f9:26fd
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l2free.fun/templates/mysterium/images/mysterium_bg/logo.png
Requested by: Host: l2free.fun
URL: https://l2free.fun/templates/mysterium/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:26fd , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 88034b175df4eba7fcb15dc1a33d52e5eafb6f73ce35c49035fa63f101a8275a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/templates/mysterium/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:41:37 GMT
last-modified: Sun, 30 Jan 2022 20:05:49 GMT
server: nginx/1.20.1
etag: "61f6ef9d-148d5"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 84181
expires: Sun, 06 Mar 2022 05:41:37 GMT

GET
H2 200 one.png
l2free.fun/templates/mysterium/images/mysterium_bg/ 38 KB
39 KB 85ms
85ms Image
image/png 2a03:6f00:6:1::57f9:26fd
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l2free.fun/templates/mysterium/images/mysterium_bg/one.png
Requested by: Host: l2free.fun
URL: https://l2free.fun/templates/mysterium/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:26fd , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 8575ef6f9cbc54e9ecef299535cef00c17ef673d6d3eb847b507ff9adad67b7d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/templates/mysterium/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:41:37 GMT
last-modified: Sun, 30 Jan 2022 19:22:20 GMT
server: nginx/1.20.1
etag: "61f6e56c-9931"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 39217
expires: Sun, 06 Mar 2022 05:41:37 GMT

GET
H2 200 one2.png
l2free.fun/templates/mysterium/images/mysterium_bg/ 41 KB
42 KB 85ms
85ms Image
image/png 2a03:6f00:6:1::57f9:26fd
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l2free.fun/templates/mysterium/images/mysterium_bg/one2.png
Requested by: Host: l2free.fun
URL: https://l2free.fun/templates/mysterium/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:26fd , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 563ac5542aa683e4a2613a8f600802d648786a8d28396e1cc347feef43e5ff29

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/templates/mysterium/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:41:37 GMT
last-modified: Sun, 30 Jan 2022 19:22:20 GMT
server: nginx/1.20.1
etag: "61f6e56c-a5a2"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 42402
expires: Sun, 06 Mar 2022 05:41:37 GMT

GET
H2 200 null.png
l2free.fun/templates/mysterium/images/status/ 3 KB
3 KB 85ms
85ms Image
image/png 2a03:6f00:6:1::57f9:26fd
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l2free.fun/templates/mysterium/images/status/null.png
Requested by: Host: l2free.fun
URL: https://l2free.fun/templates/mysterium/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:26fd , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 69b5b80e21e9fbb93a3806bd37e168d3aa704e253486f900506c9bf9b4c533fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/templates/mysterium/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:41:37 GMT
last-modified: Sun, 30 Jan 2022 19:22:21 GMT
server: nginx/1.20.1
etag: "61f6e56d-c9d"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 3229
expires: Sun, 06 Mar 2022 05:41:37 GMT

GET
H2 200 0FlJVP6Hrxmt7-fsUFhlFXNIlpcSwSrkTA-v.woff2
fonts.gstatic.com/s/ptsanscaption/v17/ 34 KB
35 KB 186ms
102ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsanscaption/v17/0FlJVP6Hrxmt7-fsUFhlFXNIlpcSwSrkTA-v.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans+Caption:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

106eafbee08b482008e6c88cf642224c8e1bddfd0edac403bb6222574e4f7d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://l2free.fun
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 21:35:23 GMT
x-content-type-options: nosniff
age: 29174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35208
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:06:32 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 21:35:23 GMT

GET
H2 200 jizaRExUiTo99u79D0aExdGM.woff2
fonts.gstatic.com/s/ptsans/v16/ 28 KB
28 KB 168ms
85ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v16/jizaRExUiTo99u79D0aExdGM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://l2free.fun
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:49:23 GMT
x-content-type-options: nosniff
age: 35534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28444
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:57:54 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 19:49:23 GMT

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v16/ 44 KB
44 KB 215ms
132ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v16/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://l2free.fun
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:41:16 GMT
x-content-type-options: nosniff
age: 36021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:57:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 19:41:16 GMT

GET
H2 200 mmotop.png
l2free.fun/templates/mysterium/images/ 2 KB
2 KB 84ms
84ms Image
image/png 2a03:6f00:6:1::57f9:26fd
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l2free.fun/templates/mysterium/images/mmotop.png
Requested by: Host: l2free.fun
URL: https://l2free.fun/templates/mysterium/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:26fd , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 3bfd5cb3ae496e46da1f77b4c9bc4308b8ff62a24b50a5ed9a357fb6082069cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/templates/mysterium/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:41:37 GMT
last-modified: Sun, 30 Jan 2022 19:22:20 GMT
server: nginx/1.20.1
etag: "61f6e56c-819"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 2073
expires: Sun, 06 Mar 2022 05:41:37 GMT

GET
H2 200 box.png
l2free.fun/templates/mysterium/images/ 7 KB
7 KB 83ms
83ms Image
image/png 2a03:6f00:6:1::57f9:26fd
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l2free.fun/templates/mysterium/images/box.png
Requested by: Host: l2free.fun
URL: https://l2free.fun/templates/mysterium/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:26fd , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 6e77e48a6f119c42cd6eeda601934dc46db9b68897f77f2c3e801da88e049ff3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/templates/mysterium/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:41:37 GMT
last-modified: Wed, 02 Feb 2022 17:45:16 GMT
server: nginx/1.20.1
etag: "61fac32c-1b9d"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 7069
expires: Sun, 06 Mar 2022 05:41:37 GMT

GET
H2 200 tg.png
l2free.fun/templates/mysterium/images/ 8 KB
8 KB 83ms
83ms Image
image/png 2a03:6f00:6:1::57f9:26fd
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l2free.fun/templates/mysterium/images/tg.png
Requested by: Host: l2free.fun
URL: https://l2free.fun/templates/mysterium/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:26fd , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 6926661d47e676a19b942885e3be8dd7b0a9c900a65f3aa2398b2d2c762f2b9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/templates/mysterium/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:41:37 GMT
last-modified: Tue, 01 Feb 2022 20:31:15 GMT
server: nginx/1.20.1
etag: "61f99893-1e3a"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 7738
expires: Sun, 06 Mar 2022 05:41:37 GMT

GET
H2 200 email.png
l2free.fun/templates/mysterium/images/ 6 KB
6 KB 83ms
83ms Image
image/png 2a03:6f00:6:1::57f9:26fd
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l2free.fun/templates/mysterium/images/email.png
Requested by: Host: l2free.fun
URL: https://l2free.fun/templates/mysterium/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:26fd , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: acd1dc240dc11e34d30c88c182c10b9fd0612a3d705be5b66457037b95d6a382

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/templates/mysterium/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:41:37 GMT
last-modified: Tue, 01 Feb 2022 20:45:12 GMT
server: nginx/1.20.1
etag: "61f99bd8-1673"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 5747
expires: Sun, 06 Mar 2022 05:41:37 GMT

GET
H2 200 payments.png
l2free.fun/templates/mysterium/images/mysterium_bg/ 30 KB
31 KB 83ms
83ms Image
image/png 2a03:6f00:6:1::57f9:26fd
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l2free.fun/templates/mysterium/images/mysterium_bg/payments.png
Requested by: Host: l2free.fun
URL: https://l2free.fun/templates/mysterium/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:26fd , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 43079ebce9fd1448b6d612b95f70689285da2d6f938fd80ad6ed4bfbf01acc5f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/templates/mysterium/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:41:37 GMT
last-modified: Sun, 30 Jan 2022 19:22:20 GMT
server: nginx/1.20.1
etag: "61f6e56c-799b"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 31131
expires: Sun, 06 Mar 2022 05:41:37 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9538.5h-q3grU04tbeFIVeP4-G_Aygq1c5AC2QjhuG1H8KQNYmAwCITsH4l1nRvbDEc5F.LNJDodJEETkvMhNqf25F5imOgPE%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9538.Pwy5__d51XsOoInTPlHk5jprbm2c_i-DV2l3FH818j0Hl-_-ulz8mzzCvbp8HeHH6jqjrI-bfO1w2j-vZF-HPw%2C%2C.u6vEA3QsYYp54sHJ3E1UJZqs0ZI%2C

75 B
75 B

31ms
31ms

Image
text/html

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9538.Pwy5__d51XsOoInTPlHk5jprbm2c_i-DV2l3FH818j0Hl-_-ulz8mzzCvbp8HeHH6jqjrI-bfO1w2j-vZF-HPw%2C%2C.u6vEA3QsYYp54sHJ3E1UJZqs0ZI%2C

Requested by

Host: l2free.fun
URL: https://l2free.fun/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:41:37 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9538.Pwy5__d51XsOoInTPlHk5jprbm2c_i-DV2l3FH818j0Hl-_-ulz8mzzCvbp8HeHH6jqjrI-bfO1w2j-vZF-HPw%2C%2C.u6vEA3QsYYp54sHJ3E1UJZqs0ZI%2C
date: Thu, 03 Feb 2022 05:41:37 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
136 B 35ms
32ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: l2free.fun
URL: https://l2free.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:41:37 GMT
last-modified: Wed, 26 Jan 2022 15:48:14 GMT
etag: "61f1430e-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 03 Feb 2022 06:41:37 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/87360422/
Redirect Chain

https://mc.yandex.com/watch/87360422?wmode=7&page-url=https%3A%2F%2Fl2free.fun%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A7...
https://mc.yandex.com/watch/87360422/1?wmode=7&page-url=https%3A%2F%2Fl2free.fun%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3...

331 B
413 B

32ms
31ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/87360422/1?wmode=7&page-url=https%3A%2F%2Fl2free.fun%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A1632503210970%3Ahid%3A240617470%3Az%3A0%3Ai%3A20220203054137%3Aet%3A1643866897%3Ac%3A1%3Arn%3A916156174%3Arqn%3A1%3Au%3A164386689735500918%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643866896939%3Ads%3A39%2C82%2C86%2C1%2C0%2C0%2C%2C151%2C10%2C%2C%2C%2C361%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643866898%3At%3AL2Free.Fun%20-%20%D0%A3%20%D0%9D%D0%90%D0%A1%20%D0%A0%D0%90%D0%97%D0%A0%D0%95%D0%A8%D0%95%D0%9D%20%D0%91%D0%9E%D0%A2%21%21%21&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: l2free.fun
URL: https://l2free.fun/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

220f58d343d3684eac143d292b9719231b01083cbb822761dba046906496f5dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://l2free.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 05:41:37 GMT
x-content-type-options: nosniff
last-modified: Thu, 03-Feb-2022 05:41:37 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://l2free.fun
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Thu, 03-Feb-2022 05:41:37 GMT

Redirect headers

pragma: no-cache
date: Thu, 03 Feb 2022 05:41:37 GMT
last-modified: Thu, 03-Feb-2022 05:41:37 GMT
location: /watch/87360422/1?wmode=7&page-url=https%3A%2F%2Fl2free.fun%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A1632503210970%3Ahid%3A240617470%3Az%3A0%3Ai%3A20220203054137%3Aet%3A1643866897%3Ac%3A1%3Arn%3A916156174%3Arqn%3A1%3Au%3A164386689735500918%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643866896939%3Ads%3A39%2C82%2C86%2C1%2C0%2C0%2C%2C151%2C10%2C%2C%2C%2C361%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643866898%3At%3AL2Free.Fun%20-%20%D0%A3%20%D0%9D%D0%90%D0%A1%20%D0%A0%D0%90%D0%97%D0%A0%D0%95%D0%A8%D0%95%D0%9D%20%D0%91%D0%9E%D0%A2%21%21%21&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://l2free.fun
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 03-Feb-2022 05:41:37 GMT

POST
H2 200 87360422 Show response
mc.yandex.com/webvisor/ 43 B
145 B 63ms
62ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/87360422?wmode=0&wv-part=1&wv-hit=240617470&page-url=https%3A%2F%2Fl2free.fun%2F&rn=225126055&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1643866900%3Aw%3A1600x1200%3Av%3A741%3Az%3A0%3Ai%3A20220203054140%3Au%3A164386689735500918%3Avf%3A7oivoclvcqev9drxhj3%3Awe%3A1%3Ast%3A1643866900&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://l2free.fun/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 05:41:40 GMT
last-modified: Thu, 03-Feb-2022 05:41:40 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://l2free.fun
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 03-Feb-2022 05:41:40 GMT

POST
H2 200 87360422 Show response
mc.yandex.com/webvisor/ 43 B
73 B 31ms
31ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/87360422?wmode=0&wv-part=1&wv-hit=240617470&page-url=https%3A%2F%2Fl2free.fun%2F&rn=947036360&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1643866901%3Aw%3A1600x1200%3Av%3A741%3Az%3A0%3Ai%3A20220203054140%3Au%3A164386689735500918%3Avf%3A7oivoclvcqev9drxhj3%3Awe%3A1%3Ast%3A1643866901&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://l2free.fun/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 05:41:40 GMT
last-modified: Thu, 03-Feb-2022 05:41:40 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://l2free.fun
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 03-Feb-2022 05:41:40 GMT

POST
H2 200 87360422 Show response
mc.yandex.com/webvisor/ 43 B
145 B 62ms
62ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/87360422?wmode=0&wv-part=2&wv-hit=240617470&page-url=https%3A%2F%2Fl2free.fun%2F&rn=1005163933&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1643866902%3Aw%3A1600x1200%3Av%3A741%3Az%3A0%3Ai%3A20220203054141%3Au%3A164386689735500918%3Avf%3A7oivoclvcqev9drxhj3%3Awe%3A1%3Ast%3A1643866902&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://l2free.fun/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 05:41:41 GMT
last-modified: Thu, 03-Feb-2022 05:41:41 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://l2free.fun
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 03-Feb-2022 05:41:41 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: freegeoip.net
URL: http://freegeoip.net/json/

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
l2free.fun/	1969-12-31 23:59:59	Name: PHPSESSID Value: 141ff42111144177a81b5cf5d2796514
.l2free.fun/	1970-01-20 09:23:22	Name: _ym_uid Value: 164386689735500918
.l2free.fun/	1970-01-20 09:23:22	Name: _ym_d Value: 1643866897
.mc.yandex.com/	1970-01-20 00:37:47	Name: sync_cookie_csrf Value: 179078206fake
.l2free.fun/	1970-01-20 00:38:58	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 00:37:47	Name: sync_cookie_csrf Value: 1001600920fake
.yandex.com/	1970-01-20 09:23:22	Name: yandexuid Value: 3559562271643866897
.yandex.com/	1970-01-20 09:23:22	Name: yuidss Value: 3559562271643866897
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1753464421643866897
.yandex.com/	1970-01-23 16:13:46	Name: i Value: Vcfd3oSYmIABkx9VD9f2/UuFYoLd5iV3YuUBb+J67YR0+QGTvJ+uTHjgFh/Y2l4YFkrONNyHkjYXvqYzGB6plUcbJtE=
.yandex.com/	1970-01-20 09:23:22	Name: ymex Value: 1675402897.yrts.1643866897#1675402897.yrtsi.1643866897
.l2free.fun/	1970-01-20 00:37:48	Name: _ym_visorc Value: w

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://l2free.fun/ Message: Mixed Content: The page at 'https://l2free.fun/' was loaded over HTTPS, but requested an insecure element 'http://l2top.ru/catalog/top.php'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://l2free.fun/templates/mysterium/js/jquery-1.12.4.min.js(Line 3) Message: Mixed Content: The page at 'https://l2free.fun/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://freegeoip.net/json/'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://l2free.fun/ Message: Mixed Content: The page at 'https://l2free.fun/' was loaded over HTTPS, but requested an insecure element 'http://l2top.ru/catalog/top.php'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9538.Pwy5__d51XsOoInTPlHk5jprbm2c_i-DV2l3FH818j0Hl-_-ulz8mzzCvbp8HeHH6jqjrI-bfO1w2j-vZF-HPw%2C%2C.u6vEA3QsYYp54sHJ3E1UJZqs0ZI%2C Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blayzer.uz
fonts.googleapis.com
fonts.gstatic.com
freegeoip.net
l2-top.ru
l2an.ru
l2free.fun
l2new.ru
l2top.ru
mc.yandex.com
mc.yandex.ru
new-lineage.ru
www.top100arena.com
freegeoip.net
2606:4700:20::ac43:4a7a
2606:4700:3031::ac43:b3d5
2606:4700:3035::6815:2f5d
2a00:1450:4001:809::200a
2a00:1450:4001:82a::2003
2a02:6b8::1:119
2a03:6f00:6:1::57f9:26fd
2a03:c980:b239:dfeb:178:57:223:235
2a03:c980:b957:c686:185:87:198:134
2a0a:2b43:89:17e8::
87.98.138.36
0ae4daaa416d2808ad5dfc23a7d1138a1e64ab0e28db12dd40b31f5e32e0623e
0c3fd4fdc9f638b7f418bd845ef7f99b580ac505a9dc4ed40b152712a5125dac
106eafbee08b482008e6c88cf642224c8e1bddfd0edac403bb6222574e4f7d2a
170dfb66a9c9bc1160a0c3d1b0783fb646d853fcee466f4a38b3f0856a440097
1f822cda6ee813443720c99191181d7affcf9b5dfeb7d9620ef8f991940047f3
220f58d343d3684eac143d292b9719231b01083cbb822761dba046906496f5dd
26eb9d64be905e56f8c335528021c0d01e266f7225f61fab8f18020794ce867b
2a95edefcaae164dbb3b7b481c1e4d3b2d995a380d332fb160eb5c88dedba8b2
31009d1f494b9905d3ec3a27643c80fd9a50f030052a2178eb3332799eac58ce
3380d226c029fb74691dd8b8ca15ca294ba552c93be1ff86d6d653efd9e13ed8
3bfd5cb3ae496e46da1f77b4c9bc4308b8ff62a24b50a5ed9a357fb6082069cf
3c11b6dbf4a1d51928bb204bd221979d8114e09e251055dd2573764b1b91d789
3c467ea111393130da0ca4eb7327f5ff1feb2a66bf350cdde5e8d5a5896aec5a
43079ebce9fd1448b6d612b95f70689285da2d6f938fd80ad6ed4bfbf01acc5f
4c8637d0e9be13cf21057f33cf485a942d0ab8283c5813fcdc5c57ccd403896b
5447fed258e4cd1b4c4be0ee9d460b1dc82996385b53aeb790d98f8d81a9bac6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
563ac5542aa683e4a2613a8f600802d648786a8d28396e1cc347feef43e5ff29
5eabef73d642bd854d2e9ad3eccb6d73c8c1982fc2d2b67b2547dd09ede42d76
63e35c66c85849bd4434ace800e760318e7cf76f50b4d9b616e4e0387045bd3f
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6926661d47e676a19b942885e3be8dd7b0a9c900a65f3aa2398b2d2c762f2b9d
69b5b80e21e9fbb93a3806bd37e168d3aa704e253486f900506c9bf9b4c533fc
6e77e48a6f119c42cd6eeda601934dc46db9b68897f77f2c3e801da88e049ff3
7346076e637587ca34b9b2dd88d1f1c322f02c05ba5ebc1716f8270a017b550e
79ed669461617ae25667912e264b6362751fadb0ddd930bd380fd28e42c93d9c
7b000936d91c5be463d8bc4d0ef6498c66bf7dd386ffc48469f08f8c3ee9f87c
7c52a969cf60d2c26aaeea6d9a4529377c527cc3b101ac5c6f0a855e8d4a19e1
7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8575ef6f9cbc54e9ecef299535cef00c17ef673d6d3eb847b507ff9adad67b7d
864844ab9f07a212b50d682afae19cefb03f4c48b1119625ec6ec679b33dcde6
88034b175df4eba7fcb15dc1a33d52e5eafb6f73ce35c49035fa63f101a8275a
92ddbc1002ffa547247021bd1daac012f58070ca431f4e862b5cca9115b3b8d8
acd1dc240dc11e34d30c88c182c10b9fd0612a3d705be5b66457037b95d6a382
b41d1a0529060faf22bdeaddea9da151a42d6c44584239d3b2e14eaecd224d3d
b97862a2854fa737e4241781ae173ae95c41517f686b3e821a8ac24573f9e5ea
bc46260eee6fd764ca704d6cb9bee5c5e982ecdc03402294f8d7e2f4a8c21e9e
c5fea69df05f0e27f2374a26e491945fb49bc96139758496550697cc4d9c1a4c
c78385c89e1801e036ead31ba77df431e0edff198ec32b266ba97c6cf98a9a97
d98da1540993d215b6f4e184906020e8ce32286b315a4261127d26bf79146bb0
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e2ee3d040bc9a07e86df305de4605bc201d2cab1225b16557b125a80b4dc89e9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef413b830bfa87537e75bc74a0e0d8bbd07848efb6995a40503cb3df33545d0b
f536518a882e9850f895b443cf4867217665028ef57d36c4e680f1403f22bb9e
fb52bf9a61424eef0420f941cff6e5313296e22cf54431a383b1921f2428a68d

l2free.fun Open in urlscan Pro 2a03:6f00:6:1::57f9:26fd Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

51 Requests

94 %HTTPS

91 %IPv6

13 Domains

13 Subdomains

12 IPs

4 Countries

1041 kBTransfer

1275 kBSize

12 Cookies

10 Outgoing links

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

l2free.fun Open in urlscan Pro
2a03:6f00:6:1::57f9:26fd Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

94 %
HTTPS

91 %
IPv6

13
Domains

13
Subdomains

12
IPs

4
Countries

1041 kB
Transfer

1275 kB
Size

12
Cookies

51 HTTP transactions
0 data transactions