ficbook.net Open in urlscan Pro
172.67.17.216 Public Scan

URL:
https://ficbook.net/
Submission: On March 15 via api (March 15th 2021, 9:32:22 pm UTC) from BR

Summary HTTP 140 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 47 IPs in 10 countries across 35 domains to perform 140 HTTP transactions. The main IP is 172.67.17.216, located in United States and belongs to CLOUDFLARENET, US. The main domain is ficbook.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 1st 2020. Valid for: a year.

This is the only time ficbook.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	172.67.17.216 172.67.17.216	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
5	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8::16b 2a02:6b8::16b	13238 (YANDEX) (YANDEX)
1 14	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
3 8	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
3	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1	195.209.111.20 195.209.111.20	52007 (ADRIVER-AS) (ADRIVER-AS)
1	2a04:4e42:4a:... 2a04:4e42:4a::621	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
2 15	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	5.254.23.213 5.254.23.213	3223 (VOXILITY) (VOXILITY)
7 8	18.158.181.33 18.158.181.33	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
2 2	193.232.148.142 193.232.148.142	48061 (UMA-TECH-AS) (UMA-TECH-AS)
2 2	216.52.2.39 216.52.2.39	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
3 4	31.172.81.172 31.172.81.172	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 3	31.172.81.160 31.172.81.160	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	2a00:1450:400... 2a00:1450:400c:c09::9d	15169 (GOOGLE) (GOOGLE)
1 2	80.239.201.120 80.239.201.120	1299 (TELIANET ...) (TELIANET Telia Carrier)
2 2	18.185.0.221 18.185.0.221	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	77.88.21.179 77.88.21.179	13238 (YANDEX) (YANDEX)
1	2a02:6b8::5:114 2a02:6b8::5:114	13238 (YANDEX) (YANDEX)
7	2a02:6b8::184 2a02:6b8::184	13238 (YANDEX) (YANDEX)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:6b8:a::a 2a02:6b8:a::a	13238 (YANDEX) (YANDEX)
2 3	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 3	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	95.216.101.186 95.216.101.186	24940 (HETZNER-AS) (HETZNER-AS)
1 2	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
1	88.99.242.108 88.99.242.108	24940 (HETZNER-AS) (HETZNER-AS)
1	104.19.132.78 104.19.132.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
1	2a0c:5c81:516... 2a0c:5c81:5160::2	55081 (24SHELLS) (24SHELLS)
140	47

26 172.67.17.216 (United States)

ASN13335 (CLOUDFLARENET, US)

ficbook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.ficbook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::16b (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

matchid.adfox.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 188.42.191.196 (Luxembourg) 3 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.30 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net

adfox-c2s-ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.209.111.20 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)

pb.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:4a::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:6b8::1:119 (Moscow, Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.254.23.213 (Frankfurt am Main, Germany)

ASN3223 (VOXILITY, GB)

cache.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.158.181.33 (Frankfurt am Main, Germany) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-181-33.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:51e4:db4b:4436:b305 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.148.142 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: hosting.adhigh.net

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.39 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.172.81.172 (Germany) 3 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.172.81.160 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 80.239.201.120 (Sweden) 1 redirects

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 80-239-201-120.teliacarrier-cust.com

mc.webvisor.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.0.221 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-0-221.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 77.88.21.179 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: adfox-external-l3-engine.stable.qloud-b.yandex.net

ads.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::5:114 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

ysa-static.passport.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::184 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

95ad313bde6c4125f4477b6514e01c83.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8:a::a (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.34 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.42.132 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.216.101.186 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.186.101.216.95.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.242.108 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: a02.smtp.rees46.com

api.rees46.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.132.78 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5160::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	yandex.ru 3 redirects matchid.adfox.yandex.ru an.yandex.ru mc.yandex.ru ysa-static.passport.yandex.ru yandex.ru	192 KB
26	ficbook.net ficbook.net static.ficbook.net	747 KB
12	doubleclick.net 2 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	230 KB
12	yastatic.net yastatic.net	430 KB
9	betweendigital.com 3 redirects ads.betweendigital.com cache.betweendigital.com	5 KB
8	bidswitch.net 7 redirects x.bidswitch.net	3 KB
7	google.com 2 redirects adservice.google.com www.google.com	2 KB
7	google.de adservice.google.de www.google.de	2 KB
7	yandex.net avatars.mds.yandex.net	101 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
4	bumlam.com 3 redirects sync.bumlam.com	2 KB
3	googleadservices.com 2 redirects www.googleadservices.com	13 KB
3	googlesyndication.com 95ad313bde6c4125f4477b6514e01c83.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	7 KB
3	adfox.ru ads.adfox.ru	135 B
3	googletagservices.com www.googletagservices.com	81 KB
3	adsniper.ru 2 redirects sync3.adsniper.ru	1 KB
3	criteo.com bidder.criteo.com gum.criteo.com	432 B
3	criteo.net static.criteo.net	38 KB
2	tns-counter.ru 1 redirects www.tns-counter.ru	707 B
2	1dmp.io 1 redirects sync.1dmp.io	793 B
2	creative-serving.com 2 redirects ads.creative-serving.com	1 KB
2	webvisor.org 1 redirects mc.webvisor.org	737 B
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	adhigh.net 2 redirects px.adhigh.net	918 B
2	google-analytics.com www.google-analytics.com	19 KB
1	adtelligent.com s.adtelligent.com
1	onetag-sys.com onetag-sys.com	818 B
1	mgid.com cm.mgid.com	779 B
1	rees46.com api.rees46.com	158 B
1	quantserve.com 1 redirects pixel.quantserve.com	516 B
1	jsdelivr.net cdn.jsdelivr.net	77 KB
1	adriver.ru pb.adriver.ru	299 B
1	mail.ru ad.mail.ru	334 B
1	creativecdn.com adfox-c2s-ams.creativecdn.com	205 B
1	googletagmanager.com www.googletagmanager.com	39 KB
140	35

	Domain	Requested by
24	static.ficbook.net	ficbook.net static.ficbook.net
15	mc.yandex.ru	2 redirects ficbook.net cdn.jsdelivr.net yastatic.net mc.yandex.ru
14	an.yandex.ru	1 redirects yastatic.net an.yandex.ru
12	yastatic.net	ficbook.net yastatic.net an.yandex.ru
8	x.bidswitch.net	7 redirects ficbook.net
8	ads.betweendigital.com	3 redirects ficbook.net yastatic.net
7	avatars.mds.yandex.net	ficbook.net
6	www.google.de
6	www.google.com	2 redirects
6	googleads.g.doubleclick.net	2 redirects www.googleadservices.com
5	securepubads.g.doubleclick.net	ficbook.net securepubads.g.doubleclick.net www.googletagservices.com
4	sync.bumlam.com	3 redirects
3	www.googleadservices.com	2 redirects yastatic.net
3	ads.adfox.ru	ficbook.net
3	www.googletagservices.com	yastatic.net securepubads.g.doubleclick.net
3	sync3.adsniper.ru	2 redirects ficbook.net
3	static.criteo.net	yastatic.net ficbook.net
2	www.tns-counter.ru	1 redirects
2	sync.1dmp.io	1 redirects
2	eus.rubiconproject.com	cache.betweendigital.com eus.rubiconproject.com
2	ads.creative-serving.com	2 redirects
2	mc.webvisor.org	1 redirects ficbook.net
2	ap.lijit.com	2 redirects
2	px.adhigh.net	2 redirects
2	bidder.criteo.com	static.criteo.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	ficbook.net	ficbook.net
1	s.adtelligent.com
1	onetag-sys.com	cache.betweendigital.com
1	cm.mgid.com
1	api.rees46.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	secure-assets.rubiconproject.com	1 redirects
1	yandex.ru	yastatic.net
1	gum.criteo.com	static.criteo.net
1	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.googletagservices.com
1	tpc.googlesyndication.com	securepubads.g.doubleclick.net
1	95ad313bde6c4125f4477b6514e01c83.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	ysa-static.passport.yandex.ru	ficbook.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	pixel.quantserve.com	1 redirects
1	cache.betweendigital.com	ads.betweendigital.com
1	cdn.jsdelivr.net	ficbook.net
1	pb.adriver.ru	yastatic.net
1	ad.mail.ru	yastatic.net
1	adfox-c2s-ams.creativecdn.com	yastatic.net
1	matchid.adfox.yandex.ru	yastatic.net
1	www.googletagmanager.com	ficbook.net
140	50

This site contains links to these domains. Also see Links.

Domain
vk.com
twitter.com
www.facebook.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
ficbook.net Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.yastatic.net Yandex CA	`2021-03-03` - `2021-09-01`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
matchid.adfox.yandex.ru Yandex CA	`2020-09-29` - `2021-03-24`	6 months	crt.sh
bs.yandex.ru Yandex CA	`2020-12-17` - `2021-06-17`	6 months	crt.sh
ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-19` - `2021-12-20`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.creativecdn.com RapidSSL RSA CA 2018	`2019-01-11` - `2021-04-11`	2 years	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2020-11-13` - `2021-11-17`	a year	crt.sh
*.adriver.ru RapidSSL RSA CA 2018	`2020-04-03` - `2022-04-24`	2 years	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-09` - `2021-04-17`	a month	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
cache.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-08` - `2022-02-05`	2 years	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.adsniper.ru R3	`2021-01-07` - `2021-04-07`	3 months	crt.sh
mc.webvisor.com Yandex CA	`2021-03-11` - `2021-09-02`	6 months	crt.sh
*.adfox.ru Yandex CA	`2021-02-26` - `2021-08-08`	5 months	crt.sh
ysa-static.passport.yandex.net Yandex CA	`2020-09-30` - `2021-03-31`	6 months	crt.sh
*.avatars.mds.yandex.net Yandex CA	`2020-09-29` - `2021-03-30`	6 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.bumlam.com R3	`2021-01-06` - `2021-04-06`	3 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai Yandex CA	`2020-10-01` - `2021-04-01`	6 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-05` - `2022-01-18`	a year	crt.sh
sync.1dmp.io R3	`2021-01-21` - `2021-04-21`	3 months	crt.sh
*.tns-counter.ru GlobalSign ECC OV SSL CA 2018	`2020-11-10` - `2021-12-12`	a year	crt.sh
api.rees46.com R3	`2021-03-14` - `2021-06-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-09` - `2021-07-09`	a year	crt.sh
onetag-sys.com R3	`2021-02-10` - `2021-05-11`	3 months	crt.sh
s.adtelligent.com R3	`2021-02-06` - `2021-05-07`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://ficbook.net/
Frame ID: 0698171DB91D69E4DB4B8B56607A02AF
Requests: 89 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=6980b64b-9996-524b-85dc-6dcfe593bf9f&CACHEBUSTER=514332
Frame ID: 47DE1708DE3937111D94B8C816B3BA7E
Requests: 9 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
Frame ID: BAA7AB903267842F6C5A5D39D31945C3
Requests: 23 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 66B3E3AA9AD0F772566358F8E33D1283
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbzRgo6AVvMZlvTaZ7_Etjwb82rc9m9KU8IA4lAOq07ANPKJb0IaqRUy-wJ-AL_qhPV-TkihbY1MRh46josHf5O7rI7sIfTTVws5Daz-KrjWT3VOpl-3qb3rII32T6NxvZiISwmUzAjh8L0NE1hQDVgt7EWIU6g8_WLVr-9HV7ce3aLdDtBAui8uOHL6ufEfKjrTDvKFx1KIMvic13frI4Ys6Wv9pORvOUfeTgOR_ck3CS--v6nJECSYbUFFzRj6DjpDinsclgB7FQk-ACYrcwvOimqWQqhXm7ffIgPT7LX-Cx6PKnWEM_DcWk7iI4Xcs4blMbvV14fTsNf5hP6Q&sai=AMfl-YRiIM75ZKGHasXaYy8asjq-L-_jc0AwADlJvHxHqF6z1mkWfrjNIL0EWSGK0It5eWJ8YCbJ_xnFmJLF_0-OgZbcrofIgNsqBTYSQ7P6kq9_t82g-Bi7HrwM4h5-kSw&sig=Cg0ArKJSzDUkc7JnfG7sEAE&urlfix=1&adurl=
Frame ID: EB5D2EC1D6092A45E91C51EB3ADB3885
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=ficbook.net
Frame ID: E1AE217B20389842E0B043CC9CCBAAD2
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 6E6FD5D5EFBEECCD1F29643F95ABD48A
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: 86DED17F1158394E7591F62BF28E4231
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /https?:\/\/an\.yandex\.ru\//i

Page Statistics

140
Requests

99 %
HTTPS

56 %
IPv6

35
Domains

50
Subdomains

47
IPs

10
Countries

1991 kB
Transfer

5614 kB
Size

14
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://vk.com/ficbooknet
Title:

Search URL Search Domain Scan URL

URL: http://twitter.com/ficbooknet
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ficbook.net/
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ficbook.net.official/
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCbtVE1EkJhiaeO1jD2P7lQg
Title:

Search URL Search Domain Scan URL

URL: https://vk.com/ficbooknet
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/ficbooknet
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://ads.betweendigital.com/sspmatch-js?p=42573&randsalt=5793778039 HTTP 302
https://ads.betweendigital.com/sspmatch-js?p=42573&randsalt=5793778039&crf=1

Request Chain 44

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fficbook.net%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6ah8uksa0119%3Afp%3A682%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A2%3Adp%3A0%3Als%3A816261153106%3Ahid%3A585117050%3Az%3A60%3Ai%3A20210315223200%3Aet%3A1615843921%3Ac%3A1%3Arn%3A272537085%3Au%3A1615843921100630755%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1615843919397%3Awv%3A2%3Ads%3A6%2C113%2C198%2C29%2C0%2C0%2C%2C519%2C27%2C%2C%2C%2C840%3Adsn%3A6%2C113%2C198%2C29%2C0%2C0%2C%2C493%2C27%2C%2C%2C%2C840%3Ati%3A2%3Ast%3A1615843921 HTTP 302
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fficbook.net%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6ah8uksa0119%3Afp%3A682%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A2%3Adp%3A0%3Als%3A816261153106%3Ahid%3A585117050%3Az%3A60%3Ai%3A20210315223200%3Aet%3A1615843921%3Ac%3A1%3Arn%3A272537085%3Au%3A1615843921100630755%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1615843919397%3Awv%3A2%3Ads%3A6%2C113%2C198%2C29%2C0%2C0%2C%2C519%2C27%2C%2C%2C%2C840%3Adsn%3A6%2C113%2C198%2C29%2C0%2C0%2C%2C493%2C27%2C%2C%2C%2C840%3Ati%3A2%3Ast%3A1615843921

Request Chain 49

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=between&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=between&gdpr=1&user_id=1_IwQ4XwMRXMpmcWg_opHNXyMRbMpmYQg6aaOg97

Request Chain 50

https://px.adhigh.net/p/cm/btw HTTP 302
https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=6xk9sZCewKD.AikABlF4N82L_w

Request Chain 51

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true HTTP 307
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=1b77c4d046ede5c3465bda20

Request Chain 52

https://sync.bumlam.com/?src=bw1&uid=6980b64b-9996-524b-85dc-6dcfe593bf9f HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjRpL-CBlIFvp7KygpiJDY5ODBiNjRiLTk5OTYtNTI0Yi04NWRjLTZkY2ZlNTkzYmY5Zg**

Request Chain 54

https://mc.webvisor.org/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9213.8U38EWS47A-1kVRTxcM0maGz77j8-JrMNGLp9L_CX4l9HzVnXJGeJ7k6jk7gqoH8.smyq0-Xkn1x8baU6BR-Z3c-zOs4%2C HTTP 302
https://mc.webvisor.org/sync_cookie_image_decide?token=9213.Dqw1gV0XdQ3Wq-T_nJZT0PE6X7IiQndetx0aeYEHgHZ-Hlz3henCq3h6OjFf9Vn9QVCIh3xkXTBPDTgBnspt67Udz8WYvgmySy_wm-yoTUc%2C.RxGj94SJO7eFBnvJNtsu54D6wVw%2C

Request Chain 55

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=44515673-d6be-4923-aaf3-08eb11958243 HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=44515673-d6be-4923-aaf3-08eb11958243 HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=580bb19a-ab88-45dd-a94e-cfb7207fa2ed&ssp=between&expires=30&user_group=5&bsw_param=44515673-d6be-4923-aaf3-08eb11958243 HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=44515673-d6be-4923-aaf3-08eb11958243

Request Chain 91

https://sync.bumlam.com/?src=aid0 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjRpL-CBlIFl4XSlAY* HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjRpL-CBlIFl4XSlAaiARDhI4zuhdUR66bpACWQyCQ3 HTTP 302
https://sync.bumlam.com/?src=aid0&s_data=CAIQABjRpL-CBqIBEOEjjO6F1RHrpukAJZDIJDc* HTTP 302
https://sync.bumlam.com/?src=aid0&s_data=CAIQARjRpL-CBqIBEOEjjO6F1RHrpukAJZDIJDc*

Request Chain 111

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=U9JPYPGNH9mKgQecvqugBg&random=1941852700&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1941852700&crd=&is_vtc=1&random=3362585237 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1941852700&crd=&is_vtc=1&random=3362585237&ipr=y

Request Chain 112

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=U9JPYMaUH5W0gAe9sabgBA&random=2146429531&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2146429531&crd=&is_vtc=1&random=1499667811 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2146429531&crd=&is_vtc=1&random=1499667811&ipr=y

Request Chain 130

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

Request Chain 133

https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=6980b64b-9996-524b-85dc-6dcfe593bf9f HTTP 302
https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=6980b64b-9996-524b-85dc-6dcfe593bf9f&cs=1

Request Chain 134

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/514332 HTTP 302
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/514332

Request Chain 136

https://x.bidswitch.net/sync?dsp_id=429&user_id=6980b64b-9996-524b-85dc-6dcfe593bf9f&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=429&user_id=6980b64b-9996-524b-85dc-6dcfe593bf9f&expires=30 HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=3e92b1dc-97fa-4a14-aac2-cd974413d0ad&gdpr=&gdpr_consent=&us_privacy=

Request Chain 138

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F6980b64b-9996-524b-85dc-6dcfe593bf9f HTTP 302
https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F6980b64b-9996-524b-85dc-6dcfe593bf9f&crf=1 HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/6980b64b-9996-524b-85dc-6dcfe593bf9f HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/6980b64b-9996-524b-85dc-6dcfe593bf9f?redir-setuniq=1

140 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ficbook.net/ 159 KB
22 KB 318ms
198ms Document
text/html 172.67.17.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ficbook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.17.216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c274ca6ffb1e8a95e4ab838609e83a8007b0771421d40ba8c54b6864ad5510cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: ficbook.net
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:31:59 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d0de37b7124b97441ada657fab99542341615843919; expires=Wed, 14-Apr-21 21:31:59 GMT; path=/; domain=.ficbook.net; HttpOnly; SameSite=Lax; Secure
cache-control: max-age=0, must-revalidate, private
pragma: no-cache
expires: Mon, 15 Mar 2021 21:31:59 GMT
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
cf-request-id: 08d9669ebb00004c80d13d4000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6308da112a194c80-AMS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 app.46988852.css
static.ficbook.net/ficbook/assets/ 329 KB
55 KB 89ms
81ms Stylesheet
text/css 172.67.17.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ficbook.net/ficbook/assets/app.46988852.css

Requested by

Host: ficbook.net
URL: https://ficbook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.17.216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b85a1356108118c022e666d6ae622e52f4bdec3d33ee4494f0addf169a58c14b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2833
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d9669f8f00004c800fa67000000001
last-modified: Tue, 09 Mar 2021 10:06:57 GMT
server: cloudflare
etag: W/"604748c1-52396"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: text/css
access-control-allow-origin: https://ficbook.net
vary: Accept-Encoding
cache-control: max-age=432000
cf-ray: 6308da127d0d4c80-AMS

GET
H2 200 header-bidding.js Show response
yastatic.net/pcode/adfox/ 162 KB
37 KB 127ms
41ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode/adfox/header-bidding.js

Requested by

Host: ficbook.net
URL: https://ficbook.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

2ab3032feeaca77436d8e4da413159243f5285be343a90ed4d56e4e7d887683a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:31:59 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 37023
last-modified: Fri, 12 Mar 2021 09:56:19 GMT
server: nginx/1.17.9
etag: "1d018827af0f42d261978119470275a0"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Mar 2021 22:30:52 GMT

GET
H2 200 loader.js Show response
yastatic.net/pcode/adfox/ 181 KB
41 KB 123ms
40ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode/adfox/loader.js

Requested by

Host: ficbook.net
URL: https://ficbook.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

56bfc6e6f845f5aca103000cf061da1c9a623b0737db22ec2edeff646f3fb3de

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://ficbook.net
Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:31:59 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 41592
last-modified: Fri, 12 Mar 2021 09:56:19 GMT
server: nginx/1.17.9
etag: "37a8639c1e4db135937539f7886862ca"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Mar 2021 22:29:35 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 58 KB
20 KB 164ms
53ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ficbook.net
URL: https://ficbook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

e4e1f7c434d7cab19e663e0f8806e4523a3aa03a75b0a335702eea0ad406432e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "813 / 727 of 1000 / last-modified: 1615806790"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19737
x-xss-protection: 0
expires: Mon, 15 Mar 2021 21:32:00 GMT

GET
H2 200 logo.svg
static.ficbook.net/ficbook/design/ 3 KB
2 KB 103ms
101ms Image
image/svg+xml 172.67.17.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ficbook.net/ficbook/design/logo.svg

Requested by

Host: ficbook.net
URL: https://ficbook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.17.216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

193f4351ff27ff1fd162455c17bf362ee12c4be5e0c26e7fdb20e56b9c842096

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2369
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d966a07500004c80f437a000000001
last-modified: Tue, 09 Mar 2021 10:05:58 GMT
server: cloudflare
etag: W/"60474886-cd7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/svg+xml
access-control-allow-origin: https://ficbook.net
vary: Accept-Encoding
cache-control: max-age=432000
cf-ray: 6308da13e8e04c80-AMS

GET
H2 200 night_reading.png
static.ficbook.net/ficbook/design/presents/ 7 KB
8 KB 102ms
101ms Image
image/webp 172.67.17.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ficbook.net/ficbook/design/presents/night_reading.png

Requested by

Host: ficbook.net
URL: https://ficbook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.17.216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc96a273a5b65108f8b8a2414a93020eb3ac42bd6a850ce6caeeafc5bb54850a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5293
cf-polished: origFmt=png, origSize=8585
content-disposition: inline; filename="night_reading.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7646
cf-request-id: 08d966a07500004c80d1001000000001
last-modified: Tue, 09 Mar 2021 10:05:58 GMT
server: cloudflare
etag: "60474886-2189"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/webp
access-control-allow-origin: https://ficbook.net
vary: Accept
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 6308da13e8e44c80-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 hard_work.png
static.ficbook.net/ficbook/design/presents/ 9 KB
9 KB 103ms
101ms Image
image/webp 172.67.17.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ficbook.net/ficbook/design/presents/hard_work.png

Requested by

Host: ficbook.net
URL: https://ficbook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.17.216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b465ec538ad80ec1865094dd5bbfa70e08480e3b7b8a63d9ba920b0a393b532f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3931
cf-polished: origFmt=png, origSize=8990
content-disposition: inline; filename="hard_work.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8794
cf-request-id: 08d966a07500004c80018b1000000001
last-modified: Tue, 09 Mar 2021 10:05:58 GMT
server: cloudflare
etag: "60474886-231e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/webp
access-control-allow-origin: https://ficbook.net
vary: Accept
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 6308da13e8e54c80-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 festival-cat-3.svg
static.ficbook.net/ficbook/design/festivals/ 10 KB
4 KB 101ms
101ms Image
image/svg+xml 172.67.17.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ficbook.net/ficbook/design/festivals/festival-cat-3.svg

Requested by

Host: ficbook.net
URL: https://ficbook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.17.216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4e8f0e8ec3598d4d2cdefd9aaf88dc6570451734fef0b11cda7c009f353d6a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2520
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d966a09b00004c80bbb0b000000001
last-modified: Tue, 09 Mar 2021 10:05:58 GMT
server: cloudflare
etag: W/"60474886-266f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/svg+xml
access-control-allow-origin: https://ficbook.net
vary: Accept-Encoding
cache-control: max-age=432000
cf-ray: 6308da1429774c80-AMS

GET
H2 200 payments-dark-bg.png
static.ficbook.net/ficbook/design/payment_icons/ 6 KB
6 KB 70ms
69ms Image
image/webp 172.67.17.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ficbook.net/ficbook/design/payment_icons/payments-dark-bg.png

Requested by

Host: ficbook.net
URL: https://ficbook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.17.216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbb7208095b55d497d8ed965e37183ffc0ab7443c53140ed1f38cdaa097b7027

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3022
cf-polished: origFmt=png, origSize=6849
content-disposition: inline; filename="payments-dark-bg.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6064
cf-request-id: 08d966a13800004c80051b4000000001
last-modified: Tue, 09 Mar 2021 10:05:58 GMT
server: cloudflare
etag: "60474886-1ac1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/webp
access-control-allow-origin: https://ficbook.net
vary: Accept
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 6308da152c174c80-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 advertisement.744028b4.js Show response
static.ficbook.net/ficbook/assets/ 54 KB
14 KB 71ms
70ms Script
application/x-javascript 172.67.17.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ficbook.net/ficbook/assets/advertisement.744028b4.js

Requested by

Host: ficbook.net
URL: https://ficbook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.17.216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65d34930ca0e6ef1aa47fe5e4516a730a2bbb3b572c28e66641d99c083e8dc25

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 737
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d966a04800004c80e1821000000001
last-modified: Tue, 09 Mar 2021 10:06:57 GMT
server: cloudflare
etag: W/"604748c1-d858"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: application/x-javascript
access-control-allow-origin: https://ficbook.net
vary: Accept-Encoding
cache-control: max-age=432000
cf-ray: 6308da13a8214c80-AMS

GET
H2 200 app.8b9d069d.js Show response
static.ficbook.net/ficbook/assets/ 887 KB
256 KB 97ms
97ms Script
application/x-javascript 172.67.17.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ficbook.net/ficbook/assets/app.8b9d069d.js

Requested by

Host: ficbook.net
URL: https://ficbook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.17.216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ae863ce773e3b0e3634972b423aaa1595fcc0c087e60a85ab58f567676d5f96

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4840
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d966a05a00004c800ab81000000001
last-modified: Tue, 09 Mar 2021 10:06:57 GMT
server: cloudflare
etag: W/"604748c1-ddaa1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: application/x-javascript
access-control-allow-origin: https://ficbook.net
vary: Accept-Encoding
cache-control: max-age=432000
cf-ray: 6308da13c8674c80-AMS

GET
H2 200 typed.min.js Show response
static.ficbook.net/ficbook/js/ 11 KB
3 KB 104ms
102ms Script
application/x-javascript 172.67.17.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ficbook.net/ficbook/js/typed.min.js

Requested by

Host: ficbook.net
URL: https://ficbook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.17.216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

960d3c7144bd7d1695869610cb719fa0d30c5ca692eb76e1497a96f0c7ee001c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2520
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d966a07500004c80b11a5000000001
last-modified: Tue, 09 Mar 2021 10:05:58 GMT
server: cloudflare
etag: W/"60474886-2cc5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: application/x-javascript
access-control-allow-origin: https://ficbook.net
vary: Accept-Encoding
cache-control: max-age=432000
cf-ray: 6308da13e8de4c80-AMS

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
39 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-60182365-3

Requested by

Host: ficbook.net
URL: https://ficbook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

96ad0e0ce48119cc7337f90b69c3698e307ca1355ca72a6cee7d8628310980d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:31:59 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39794
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Mar 2021 21:31:59 GMT

GET
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 88 B
369 B 151ms
48ms XHR
application/json 2a02:6b8::16b
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

ad555d55333db8ce11ef0e9cfc5d167e096fd1bca88b4a4a903cfc428dcb9963

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ficbook.net
date: Mon, 15 Mar 2021 21:32:00 GMT
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 88
x-content-type-options: nosniff
content-type: application/json

GET
H2 200 banners.js Show response
yastatic.net/pcode-bundles/0.1.3048/ 116 KB
28 KB 50ms
50ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode-bundles/0.1.3048/banners.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

2a5be421dc7f222c63e678a2c065e1fe4d89a0ad71e8d12f65a91d5a89520269

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://ficbook.net
Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:31:59 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 27624
last-modified: Fri, 12 Mar 2021 06:44:47 GMT
server: nginx/1.17.9
etag: "e8b0d4fad4bad5d6f85c992b33aa6c56"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Mar 2051 04:06:27 GMT

GET
H2 200 context.js Show response
an.yandex.ru/system/ 127 KB
36 KB 146ms
58ms Script
text/javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/context.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

71229c58bce993d4516e509141695550d63051fab1ee351c2845405bc2056cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
strict-transport-security: max-age=31536000
content-encoding: br
etag: 2679536210
x-yandex-req-id: 1615843920069068-1248552039282013616300208-production-app-host-vla-pcode-24
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Mon, 15 Mar 2021 22:32:00 GMT

GET
H2 200 icons-sprite5.svg
ficbook.net/icons/ 74 KB
22 KB 103ms
101ms Other
image/svg+xml 172.67.17.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ficbook.net/icons/icons-sprite5.svg

Requested by

Host: ficbook.net
URL: https://ficbook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.17.216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a964a4c1c5aae43666478cf223a51bea27bfe87a91c157d63fa0d03e7a87459

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4688
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d966a07600004c80f8a0d000000001
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 09 Mar 2021 10:05:58 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60474886-1272a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=432000
cf-ray: 6308da13e8e74c80-AMS

GET
H2 200 bg-pattern.e19bb103.jpg
static.ficbook.net/ficbook/assets/images/ 9 KB
9 KB 104ms
101ms Image
image/webp 172.67.17.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ficbook.net/ficbook/assets/images/bg-pattern.e19bb103.jpg

Requested by

Host: static.ficbook.net
URL: https://static.ficbook.net/ficbook/assets/app.46988852.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.17.216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

634b10d372a7bfa3c6b1bc5246190e2318c83b1558be25d35acb9364fc483a9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.ficbook.net/ficbook/assets/app.46988852.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6443
cf-polished: qual=85, origFmt=jpeg, origSize=18918
content-disposition: inline; filename="bg-pattern.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8764
cf-request-id: 08d966a0ec00004c80d100e000000001
last-modified: Tue, 09 Mar 2021 10:06:57 GMT
server: cloudflare
etag: "604748c1-49e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/webp
access-control-allow-origin: https://ficbook.net
vary: Accept
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 6308da14aacb4c80-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 pattern.7769d569.jpg
static.ficbook.net/ficbook/assets/images/ 15 KB
16 KB 105ms
102ms Image
image/webp 172.67.17.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ficbook.net/ficbook/assets/images/pattern.7769d569.jpg

Requested by

Host: static.ficbook.net
URL: https://static.ficbook.net/ficbook/assets/app.46988852.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.17.216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fec5da3fc8e519c5240ce9dc0e127eb1d6273f2ae67c12014ddc7918fbd0ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.ficbook.net/ficbook/assets/app.46988852.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1934
cf-polished: qual=85, origFmt=jpeg, origSize=15842
content-disposition: inline; filename="pattern.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15792
cf-request-id: 08d966a0ed00004c80e2259000000001
last-modified: Tue, 09 Mar 2021 10:06:57 GMT
server: cloudflare
etag: "604748c1-3de2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/webp
access-control-allow-origin: https://ficbook.net
vary: Accept
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 6308da14aacf4c80-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 corner-lt.c3ea5e60.png
static.ficbook.net/ficbook/assets/images/ 2 KB
2 KB 103ms
100ms Image
image/webp 172.67.17.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ficbook.net/ficbook/assets/images/corner-lt.c3ea5e60.png

Requested by

Host: static.ficbook.net
URL: https://static.ficbook.net/ficbook/assets/app.46988852.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.17.216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

772bd7eefd1c8a50aac62beb35d14aa5bf8b9c427b798b9954ac04d3bc14eb09

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.ficbook.net/ficbook/assets/app.46988852.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7025
cf-polished: origFmt=png, origSize=1771
content-disposition: inline; filename="corner-lt.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1648
cf-request-id: 08d966a0ed00004c80a71fe000000001
last-modified: Tue, 09 Mar 2021 10:06:57 GMT
server: cloudflare
etag: "604748c1-6eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/webp
access-control-allow-origin: https://ficbook.net
vary: Accept
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 6308da14aada4c80-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 bg-nav.03ab5278.png
static.ficbook.net/ficbook/assets/images/ 164 B
319 B 91ms
85ms Image
image/webp 172.67.17.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ficbook.net/ficbook/assets/images/bg-nav.03ab5278.png

Requested by

Host: static.ficbook.net
URL: https://static.ficbook.net/ficbook/assets/app.46988852.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.17.216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2977604c676963e549a66ff8c698e083609c0a9004b7e13cc46fb630004cb581

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.ficbook.net/ficbook/assets/app.46988852.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 403
cf-polished: origFmt=png, origSize=352
content-disposition: inline; filename="bg-nav.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 164
cf-request-id: 08d966a0d600004c80acb66000000001
last-modified: Tue, 09 Mar 2021 10:06:57 GMT
server: cloudflare
etag: "604748c1-160"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/webp
access-control-allow-origin: https://ficbook.net
vary: Accept
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 6308da148a654c80-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 index-book-bg-darkened.40e487c7.jpg
static.ficbook.net/ficbook/assets/images/ 60 KB
60 KB 95ms
93ms Image
image/jpeg 172.67.17.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ficbook.net/ficbook/assets/images/index-book-bg-darkened.40e487c7.jpg

Requested by

Host: static.ficbook.net
URL: https://static.ficbook.net/ficbook/assets/app.46988852.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.17.216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3c80ac4f897d96ad1046d4d9ef2db2e8072f1af8c274c589d5942f79eb7da26

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.ficbook.net/ficbook/assets/app.46988852.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6013
cf-polished: status=not_needed
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 61105
cf-request-id: 08d966a0ee00004c80e1832000000001
last-modified: Tue, 09 Mar 2021 10:06:57 GMT
server: cloudflare
etag: "604748c1-eeb1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/jpeg
access-control-allow-origin: https://ficbook.net
vary: Accept-Encoding
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 6308da14aadc4c80-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 original.72493a99.jpg
static.ficbook.net/ficbook/assets/images/ 32 KB
32 KB 93ms
90ms Image
image/jpeg 172.67.17.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ficbook.net/ficbook/assets/images/original.72493a99.jpg

Requested by

Host: static.ficbook.net
URL: https://static.ficbook.net/ficbook/assets/app.46988852.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.17.216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52a3909e9b909233d2bd349d2f1573f4d090c3ed042d19d579156bc67e811bf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.ficbook.net/ficbook/assets/app.46988852.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5892
cf-polished: degrade=85, origSize=34740, status=webp_bigger
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32268
cf-request-id: 08d966a0ed00004c800231c000000001
last-modified: Tue, 09 Mar 2021 10:06:57 GMT
server: cloudflare
etag: "604748c1-87b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/jpeg
access-control-allow-origin: https://ficbook.net
vary: Accept-Encoding
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 6308da14aad14c80-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 witcher.56e2bce5.jpg
static.ficbook.net/ficbook/assets/images/ 29 KB
29 KB 77ms
72ms Image
image/webp 172.67.17.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ficbook.net/ficbook/assets/images/witcher.56e2bce5.jpg

Requested by

Host: static.ficbook.net
URL: https://static.ficbook.net/ficbook/assets/app.46988852.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.17.216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce0adc53ee8c4c193da8d3334a5505d0ac4330672c538efdc69cff19e70b7207

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.ficbook.net/ficbook/assets/app.46988852.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2941
cf-polished: qual=85, origFmt=jpeg, origSize=33828
content-disposition: inline; filename="witcher.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29316
cf-request-id: 08d966a0d600004c80a9075000000001
last-modified: Tue, 09 Mar 2021 10:06:57 GMT
server: cloudflare
etag: "604748c1-8424"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/webp
access-control-allow-origin: https://ficbook.net
vary: Accept
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 6308da148a664c80-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 strangerthings.622796fb.jpg
static.ficbook.net/ficbook/assets/images/ 21 KB
21 KB 80ms
75ms Image
image/jpeg 172.67.17.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ficbook.net/ficbook/assets/images/strangerthings.622796fb.jpg

Requested by

Host: static.ficbook.net
URL: https://static.ficbook.net/ficbook/assets/app.46988852.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.17.216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c49f2db61c1a30d033de11a5f20324bf18d8ab1c23070c99bf45ae344dd5816e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.ficbook.net/ficbook/assets/app.46988852.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1898
cf-polished: status=not_needed
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21386
cf-request-id: 08d966a0d700004c80a1043000000001
last-modified: Tue, 09 Mar 2021 10:06:57 GMT
server: cloudflare
etag: "604748c1-538a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/jpeg
access-control-allow-origin: https://ficbook.net
vary: Accept-Encoding
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 6308da148a694c80-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 harrypotter.33fe285d.jpg
static.ficbook.net/ficbook/assets/images/ 22 KB
22 KB 83ms
78ms Image
image/webp 172.67.17.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ficbook.net/ficbook/assets/images/harrypotter.33fe285d.jpg

Requested by

Host: static.ficbook.net
URL: https://static.ficbook.net/ficbook/assets/app.46988852.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.17.216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1d1efd3323cc4ba879e4463b9c7c615ebe227533e94c197b27a1021bb56a142

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.ficbook.net/ficbook/assets/app.46988852.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5445
cf-polished: qual=85, origFmt=jpeg, origSize=28260
content-disposition: inline; filename="harrypotter.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22700
cf-request-id: 08d966a0d600004c80b30e4000000001
last-modified: Tue, 09 Mar 2021 10:06:57 GMT
server: cloudflare
etag: "604748c1-6e64"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/webp
access-control-allow-origin: https://ficbook.net
vary: Accept
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 6308da148a674c80-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 naruto.0adc3c0b.jpg
static.ficbook.net/ficbook/assets/images/ 27 KB
27 KB 102ms
99ms Image
image/webp 172.67.17.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ficbook.net/ficbook/assets/images/naruto.0adc3c0b.jpg

Requested by

Host: static.ficbook.net
URL: https://static.ficbook.net/ficbook/assets/app.46988852.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.17.216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aad623ba53ddea046df9d96c937a4d31f8985d2dc84b8d99159109539ca8f661

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.ficbook.net/ficbook/assets/app.46988852.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3474
cf-polished: qual=85, origFmt=jpeg, origSize=33757
content-disposition: inline; filename="naruto.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27838
cf-request-id: 08d966a0ed00004c80da025000000001
last-modified: Tue, 09 Mar 2021 10:06:57 GMT
server: cloudflare
etag: "604748c1-83dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/webp
access-control-allow-origin: https://ficbook.net
vary: Accept
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 6308da14aad34c80-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 fairyTale.b75138ee.jpg
static.ficbook.net/ficbook/assets/images/ 33 KB
33 KB 89ms
83ms Image
image/webp 172.67.17.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ficbook.net/ficbook/assets/images/fairyTale.b75138ee.jpg

Requested by

Host: static.ficbook.net
URL: https://static.ficbook.net/ficbook/assets/app.46988852.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.17.216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f77568b1fa6d6e0394f6b470907f580e3ba99d57cc8458ab4aa0ea651746442

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.ficbook.net/ficbook/assets/app.46988852.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4298
cf-polished: qual=85, origFmt=jpeg, origSize=39541
content-disposition: inline; filename="fairyTale.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33576
cf-request-id: 08d966a0d700004c80c32af000000001
last-modified: Tue, 09 Mar 2021 10:06:57 GMT
server: cloudflare
etag: "604748c1-9a75"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/webp
access-control-allow-origin: https://ficbook.net
vary: Accept
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 6308da148a614c80-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 surenatural.dda1e011.jpg
static.ficbook.net/ficbook/assets/images/ 29 KB
29 KB 106ms
104ms Image
image/webp 172.67.17.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ficbook.net/ficbook/assets/images/surenatural.dda1e011.jpg

Requested by

Host: static.ficbook.net
URL: https://static.ficbook.net/ficbook/assets/app.46988852.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.17.216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce417dbb60f9f1f514c7a650156c444044c28eea6190d8db1ac711ecc6a50f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.ficbook.net/ficbook/assets/app.46988852.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2941
cf-polished: qual=85, origFmt=jpeg, origSize=36380
content-disposition: inline; filename="surenatural.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29444
cf-request-id: 08d966a0ed00004c800fa87000000001
last-modified: Tue, 09 Mar 2021 10:06:57 GMT
server: cloudflare
etag: "604748c1-8e1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/webp
access-control-allow-origin: https://ficbook.net
vary: Accept
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 6308da14aad64c80-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 sherlock.aee47279.jpg
static.ficbook.net/ficbook/assets/images/ 13 KB
13 KB 80ms
75ms Image
image/webp 172.67.17.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ficbook.net/ficbook/assets/images/sherlock.aee47279.jpg

Requested by

Host: static.ficbook.net
URL: https://static.ficbook.net/ficbook/assets/app.46988852.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.17.216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0e5fb353670c58b59abc29cbc929100570fb5be684928f9704373b0e6912c16

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.ficbook.net/ficbook/assets/app.46988852.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4298
cf-polished: qual=85, origFmt=jpeg, origSize=32424
content-disposition: inline; filename="sherlock.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13492
cf-request-id: 08d966a0d600004c80a3a82000000001
last-modified: Tue, 09 Mar 2021 10:06:57 GMT
server: cloudflare
etag: "604748c1-7ea8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/webp
access-control-allow-origin: https://ficbook.net
vary: Accept
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 6308da148a644c80-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 BTS.221299a5.jpg
static.ficbook.net/ficbook/assets/images/ 26 KB
26 KB 85ms
80ms Image
image/webp 172.67.17.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ficbook.net/ficbook/assets/images/BTS.221299a5.jpg

Requested by

Host: static.ficbook.net
URL: https://static.ficbook.net/ficbook/assets/app.46988852.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.17.216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78378fda0852879be981cc2af6173dbf3b95813927c10c7abe73bf72e0d4d2e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.ficbook.net/ficbook/assets/app.46988852.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5860
cf-polished: qual=85, origFmt=jpeg, origSize=32604
content-disposition: inline; filename="BTS.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26426
cf-request-id: 08d966a0d800004c80a1a51000000001
last-modified: Tue, 09 Mar 2021 10:06:57 GMT
server: cloudflare
etag: "604748c1-7f5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/webp
access-control-allow-origin: https://ficbook.net
vary: Accept
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 6308da148a6b4c80-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 EXO.a2b5ceb4.jpg
static.ficbook.net/ficbook/assets/images/ 26 KB
27 KB 74ms
69ms Image
image/webp 172.67.17.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ficbook.net/ficbook/assets/images/EXO.a2b5ceb4.jpg

Requested by

Host: static.ficbook.net
URL: https://static.ficbook.net/ficbook/assets/app.46988852.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.17.216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07c70a9ccdd2c20e319a8d87011cda32bb31c6931b4c90dfe029e53159fa8caf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.ficbook.net/ficbook/assets/app.46988852.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1898
cf-polished: qual=85, origFmt=jpeg, origSize=35744
content-disposition: inline; filename="EXO.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26994
cf-request-id: 08d966a0d700004c80b0a94000000001
last-modified: Tue, 09 Mar 2021 10:06:57 GMT
server: cloudflare
etag: "604748c1-8ba0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/webp
access-control-allow-origin: https://ficbook.net
vary: Accept
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 6308da148a6c4c80-AMS
cf-bgj: imgq:85,h2pri

GET
H2

200

sspmatch-js Show response
ads.betweendigital.com/
Redirect Chain

https://ads.betweendigital.com/sspmatch-js?p=42573&randsalt=5793778039
https://ads.betweendigital.com/sspmatch-js?p=42573&randsalt=5793778039&crf=1

882 B
1 KB

60ms
60ms

Script
text/javascript

188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-js?p=42573&randsalt=5793778039&crf=1
Requested by: Host: ficbook.net
URL: https://ficbook.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 19a45e21e52fcc6e2e14c40e7790ea724e76821b47d9065481db24d556c9cdb9

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 882
content-type: text/javascript

Redirect headers

location: /sspmatch-js?p=42573&randsalt=5793778039&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 114 KB
37 KB 66ms
23ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 69e31d53d95f965695db3712f85925810e90cc839a793c87adfcb21eb637673e

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:00 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 11:00:30 GMT
server: nginx
etag: W/"6034e04e-1c974"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Tue, 16 Mar 2021 21:32:00 GMT

POST
H2 204 bids Show response
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 0
205 B 184ms
61ms XHR
application/json 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ficbook.net
date: Mon, 15 Mar 2021 21:32:00 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST
content-type: application/json;charset=utf-8

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_yandex/ 11 B
334 B 159ms
58ms XHR
application/json 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_yandex/
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 15 Mar 2021 21:32:00 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://ficbook.net
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
921 B 170ms
60ms XHR
application/json 188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ficbook.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H/1.1 204
No Content bid.cgi Show response
pb.adriver.ru/cgi-bin/ 0
299 B 482ms
120ms XHR
text/plain 195.209.111.20
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.111.20 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://ficbook.net
Pragma: no-cache
Date: Mon, 15 Mar 2021 21:32:00 GMT
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 tag.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 211 KB
77 KB 29ms
29ms Script
application/javascript 2a04:4e42:4a::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Requested by

Host: ficbook.net
URL: https://ficbook.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:4a::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3b3252017c164da70cf7978aede4f4720b671d8bb65cc734bdd1a5e1ca8041e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 4188
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 78305
etag: W/"34a01-SxdI7uXc8zckzk/3Br/gcMPH/sU"
x-served-by: cache-fra19179-FRA, cache-man4133-MAN
date: Mon, 15 Mar 2021 21:32:00 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 3c1e9ba9908c3388e7be.js Show response
yastatic.net/partner-code-bundles/14145/ 12 KB
5 KB 42ms
42ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/14145/3c1e9ba9908c3388e7be.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

20ab0affbc3d4d72fcdd8d98b9cc1998e431eee7f470fd20bec5ee1799fde36a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://ficbook.net
Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:00 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4197
last-modified: Fri, 12 Mar 2021 06:53:39 GMT
server: nginx/1.17.9
etag: "38f48b281eba6d0c6d220e6373031b1f"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Mar 2051 04:03:36 GMT

GET
H2 200 441c92aeaa911c7f52e0.js Show response
yastatic.net/partner-code-bundles/14145/ 391 KB
82 KB 53ms
53ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/14145/441c92aeaa911c7f52e0.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

bc62c7ec9f3d61384c7692db2cc00b913a0a50065620f504f06fd7d09d06cc9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://ficbook.net
Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:00 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 82857
last-modified: Fri, 12 Mar 2021 06:53:39 GMT
server: nginx/1.17.9
etag: "269a364fd7b3101fa58cbe00381023c0"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Mar 2051 04:03:36 GMT

GET
H2 200 b634d99114c0207e5bdd.js Show response
yastatic.net/partner-code-bundles/14145/ 270 KB
45 KB 108ms
108ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/14145/b634d99114c0207e5bdd.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

a35772189b1234fa7d83ef6856d9d30e4eb48f38dd7476438e316ee1c015077a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://ficbook.net
Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:00 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 45420
last-modified: Fri, 12 Mar 2021 06:53:40 GMT
server: nginx/1.17.9
etag: "a9124d2a9a5a673846aab44eefb1180f"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Mar 2051 04:03:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-60182365-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 5365
date: Mon, 15 Mar 2021 20:02:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Mon, 15 Mar 2021 22:02:35 GMT

GET
H3-Q050 200 pubads_impl_2021031001.js Show response
securepubads.g.doubleclick.net/gpt/ 284 KB
100 KB 178ms
126ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

cc54d49a204cf8a8440884a769b3bc5a01030ce4f1d45582adc2170c95752ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Mar 2021 09:39:15 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102356
x-xss-protection: 0
expires: Mon, 15 Mar 2021 21:32:00 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/3/
Redirect Chain

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fficbook.net%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6ah8uksa0119%3Afp%3A682%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen...
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fficbook.net%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6ah8uksa0119%3Afp%3A682%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...

35 B
358 B

44ms
44ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fficbook.net%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6ah8uksa0119%3Afp%3A682%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A2%3Adp%3A0%3Als%3A816261153106%3Ahid%3A585117050%3Az%3A60%3Ai%3A20210315223200%3Aet%3A1615843921%3Ac%3A1%3Arn%3A272537085%3Au%3A1615843921100630755%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1615843919397%3Awv%3A2%3Ads%3A6%2C113%2C198%2C29%2C0%2C0%2C%2C519%2C27%2C%2C%2C%2C840%3Adsn%3A6%2C113%2C198%2C29%2C0%2C0%2C%2C493%2C27%2C%2C%2C%2C840%3Ati%3A2%3Ast%3A1615843921

Requested by

Host: ficbook.net
URL: https://ficbook.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 15-Mar-2021 21:32:00 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ficbook.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 35
x-xss-protection: 1; mode=block
expires: Mon, 15-Mar-2021 21:32:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:00 GMT
last-modified: Mon, 15-Mar-2021 21:32:00 GMT
location: /watch/3/1?wmode=7&page-url=https%3A%2F%2Fficbook.net%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6ah8uksa0119%3Afp%3A682%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A2%3Adp%3A0%3Als%3A816261153106%3Ahid%3A585117050%3Az%3A60%3Ai%3A20210315223200%3Aet%3A1615843921%3Ac%3A1%3Arn%3A272537085%3Au%3A1615843921100630755%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1615843919397%3Awv%3A2%3Ads%3A6%2C113%2C198%2C29%2C0%2C0%2C%2C519%2C27%2C%2C%2C%2C840%3Adsn%3A6%2C113%2C198%2C29%2C0%2C0%2C%2C493%2C27%2C%2C%2C%2C840%3Ati%3A2%3Ast%3A1615843921
strict-transport-security: max-age=31536000
access-control-allow-origin: https://ficbook.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Mon, 15-Mar-2021 21:32:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
141 B 174ms
59ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=105&profileId=184&cb=71147616080
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://ficbook.net
date: Mon, 15 Mar 2021 21:32:00 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
134 B 42ms
42ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: ficbook.net
URL: https://ficbook.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:00 GMT
last-modified: Thu, 11 Mar 2021 18:32:00 GMT
etag: "60472f6c-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 15 Mar 2021 22:32:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
63 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1630502010&t=pageview&_s=1&dl=https%3A%2F%2Fficbook.net%2F&ul=en-us&de=UTF-8&dt=%D0%9A%D0%BD%D0%B8%D0%B3%D0%B0%20%D0%A4%D0%B0%D0%BD%D1%84%D0%B8%D0%BA%D0%BE%D0%B2%20-%20%D0%B1%D0%BE%D0%BB%D0%B5%D0%B5%2025000%20%D1%84%D0%B5%D0%BD%D0%B4%D0%BE%D0%BC%D0%BE%D0%B2%2C%20%D0%BE%D1%80%D0%B8%D0%B4%D0%B6%D0%B8%D0%BD%D0%B0%D0%BB%D1%8B%20%D0%BE%D1%82%20%D0%BF%D0%BE%D0%BF%D1%83%D0%BB%D1%8F%D1%80%D0%BD%D1%8B%D1%85%20%D0%B0%D0%B2%D1%82%D0%BE%D1%80%D0%BE%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1347731470&gjid=1399809732&cid=1691409138.1615843921&tid=UA-60182365-3&_gid=946491699.1615843921&_r=1&gtm=2ou330&z=100336776

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ficbook.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bidder_18.html Show response
cache.betweendigital.com/code/ Frame 47DE 4 KB
1 KB 138ms
42ms Document
text/html 5.254.23.213
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=6980b64b-9996-524b-85dc-6dcfe593bf9f&CACHEBUSTER=514332
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-js?p=42573&randsalt=5793778039
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.213 Frankfurt am Main, Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: a1c68fd2bd2ee4b4f547e60af04ee988f48aade799a957f6c82720b347620ad7

Request headers

:method: GET
:authority: cache.betweendigital.com
:scheme: https
:path: /code/bidder_18.html?USER_ID=6980b64b-9996-524b-85dc-6dcfe593bf9f&CACHEBUSTER=514332
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ficbook.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: dc=lux1; ss=1; tuuid=6980b64b-9996-524b-85dc-6dcfe593bf9f; ut=YE_SUAAFsQgOtFXnqVHmN345epTQDvYtQsa4JA==; unm=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ficbook.net/

Response headers

server: nginx
date: Mon, 15 Mar 2021 21:32:00 GMT
content-type: text/html
last-modified: Fri, 22 Jan 2021 13:30:11 GMT
etag: W/"600ad363-1003"
content-encoding: gzip

GET
H2

200

sync
x.bidswitch.net/
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://x.bidswitch.net/ul_cb/sync?ssp=between
https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=between&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=between&gdpr=1&user_id=1_IwQ4XwMRXMpmcWg_opHNXyMRbMpmYQg6aaOg97

43 B
145 B

65ms
65ms

Image
image/gif

18.158.181.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=between&gdpr=1&user_id=1_IwQ4XwMRXMpmcWg_opHNXyMRbMpmYQg6aaOg97
Requested by: Host: ficbook.net
URL: https://ficbook.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.181.33 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-181-33.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:00 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=between&gdpr=1&user_id=1_IwQ4XwMRXMpmcWg_opHNXyMRbMpmYQg6aaOg97
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

match
ads.betweendigital.com/
Redirect Chain

https://px.adhigh.net/p/cm/btw
https://px.adhigh.net/p/cm/btw?bounced=1
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=6xk9sZCewKD.AikABlF4N82L_w

68 B
159 B

60ms
59ms

Image
image/png

188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=6xk9sZCewKD.AikABlF4N82L_w
Requested by: Host: ficbook.net
URL: https://ficbook.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:00 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f3-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=6xk9sZCewKD.AikABlF4N82L_w
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
ads.betweendigital.com/
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=1b77c4d046ede5c3465bda20

68 B
159 B

68ms
68ms

Image
image/png

188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=1b77c4d046ede5c3465bda20
Requested by: Host: ficbook.net
URL: https://ficbook.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Date: Mon, 15 Mar 2021 21:32:00 GMT
Server: nginx
Location: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=1b77c4d046ede5c3465bda20
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1

204
No Content

/
sync3.adsniper.ru/
Redirect Chain

https://sync.bumlam.com/?src=bw1&uid=6980b64b-9996-524b-85dc-6dcfe593bf9f
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjRpL-CBlIFvp7KygpiJDY5ODBiNjRiLTk5OTYtNTI0Yi04NWRjLTZkY2ZlNTkzYmY5Zg**

0
103 B

1181ms
1043ms

Image
text/plain

31.172.81.160
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjRpL-CBlIFvp7KygpiJDY5ODBiNjRiLTk5OTYtNTI0Yi04NWRjLTZkY2ZlNTkzYmY5Zg**
Requested by: Host: ficbook.net
URL: https://ficbook.net/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.160 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Mon, 15 Mar 2021 21:32:02 GMT
Server: nginx

Redirect headers

Location: //sync3.adsniper.ru/?src=ss1&s_data=CAEQABjRpL-CBlIFvp7KygpiJDY5ODBiNjRiLTk5OTYtNTI0Yi04NWRjLTZkY2ZlNTkzYmY5Zg**
Date: Mon, 15 Mar 2021 21:32:01 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
82 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-60182365-3&cid=1691409138.1615843921&jid=1347731470&gjid=1399809732&_gid=946491699.1615843921&_u=IEBAAUAAAAAAAC~&z=1118522755

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 15 Mar 2021 21:32:00 GMT
content-type: text/plain
access-control-allow-origin: https://ficbook.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain

https://mc.webvisor.org/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9213.8U38EWS47A-1kVRTxcM0maGz77j8-JrMNGLp9L_CX4l9HzVnXJGeJ7k6jk7gqoH8.smyq0-Xkn1x8baU6BR-Z3c-zOs4%2C
https://mc.webvisor.org/sync_cookie_image_decide?token=9213.Dqw1gV0XdQ3Wq-T_nJZT0PE6X7IiQndetx0aeYEHgHZ-Hlz3henCq3h6OjFf9Vn9QVCIh3xkXTBPDTgBnspt67Udz8WYvgmySy_wm-yoTUc%2C.RxGj94SJO7eFBnvJNtsu54D6wV...

43 B
381 B

80ms
80ms

Image
image/gif

80.239.201.120
TELIANET Telia Ca...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.webvisor.org/sync_cookie_image_decide?token=9213.Dqw1gV0XdQ3Wq-T_nJZT0PE6X7IiQndetx0aeYEHgHZ-Hlz3henCq3h6OjFf9Vn9QVCIh3xkXTBPDTgBnspt67Udz8WYvgmySy_wm-yoTUc%2C.RxGj94SJO7eFBnvJNtsu54D6wVw%2C

Requested by

Host: ficbook.net
URL: https://ficbook.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

80.239.201.120 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),

Reverse DNS

80-239-201-120.teliacarrier-cust.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:01 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.webvisor.org/sync_cookie_image_decide?token=9213.Dqw1gV0XdQ3Wq-T_nJZT0PE6X7IiQndetx0aeYEHgHZ-Hlz3henCq3h6OjFf9Vn9QVCIh3xkXTBPDTgBnspt67Udz8WYvgmySy_wm-yoTUc%2C.RxGj94SJO7eFBnvJNtsu54D6wVw%2C
date: Mon, 15 Mar 2021 21:32:00 GMT
strict-transport-security: max-age=31536000
content-length: 0
x-xss-protection: 1; mode=block

GET
H2

200

match
ads.betweendigital.com/ Frame 47DE
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://x.bidswitch.net/ul_cb/sync?ssp=between
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=44515673-d6be-4923-aaf3-08eb11958243
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=44515673-d6be-4923-aaf3-08eb11958243
https://x.bidswitch.net/sync?dsp_id=4&user_id=580bb19a-ab88-45dd-a94e-cfb7207fa2ed&ssp=between&expires=30&user_group=5&bsw_param=44515673-d6be-4923-aaf3-08eb11958243
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=44515673-d6be-4923-aaf3-08eb11958243

68 B
159 B

61ms
60ms

Image
image/png

188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=44515673-d6be-4923-aaf3-08eb11958243
Requested by: Host: ficbook.net
URL: https://ficbook.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=44515673-d6be-4923-aaf3-08eb11958243
date: Mon, 15 Mar 2021 21:32:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 v2 Show response
an.yandex.ru/adfox/264596/getBulk/ 8 KB
3 KB 299ms
299ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/264596/getBulk/v2?dl=https%3A%2F%2Fficbook.net%2F&date=2021-03-15T22%3A32%3A00.793%2B01%3A00&pd=15&pdh=1200&pdw=1600&pr1=3670243156&pr=551755513&prr=&pv=22&pw=1&extid_loader=MTYxNTg0MzkyMTEwMDYzMDc1NQ%3D%3D&extid_tag_loader=ficbook.net&ylv=0.3049&ybv=0.3048&ytt=549755818608661&is-turbo=0&skip-token=&ad-session-id=4144041615843920798&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1123%2C%22h%22%3A0%2C%22width%22%3A1123%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A239%2C%22top%22%3A273%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&yandexuid=14075020392218463565&sign=7d31e7e4a110bd7522137305437c5142&p1=cltfs&p2=grju&slotNumber=1&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjEyNDY1MjAsInJlc3BvbnNlX3RpbWUiOjMwOCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjgwNjI4MCJ9LHsiY2FtcGFpZ25faWQiOjEyNDY1MjMsInJlc3BvbnNlX3RpbWUiOjMxMSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjM5MzA1NDQifSx7ImNhbXBhaWduX2lkIjoxMjQ2NTE4LCJyZXNwb25zZV90aW1lIjozMTQsImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiJWOVBrQWl1UW5DV1VMd3hsa3c2SSJ9LHsiY2FtcGFpZ25faWQiOjEyNDY1MjIsInJlc3BvbnNlX3RpbWUiOjQ5NCwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IjUzOkRFU0tUT1AtZmljYm9vay5uZXQtOTcweDI1MC1BVEYtQklMTEJPQVJEIn0seyJjYW1wYWlnbl9pZCI6MTI0NjUxOSwicmVzcG9uc2VfdGltZSI6NTYzLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTUyNzkyNiJ9XQ%3D%3D&grab=dNCa0L3QuNCz0LAg0KTQsNC90YTQuNC60L7QsiAtINCx0L7Qu9C10LUgMjUwMDAg0YTQtdC90LTQvtC80L7Qsiwg0L7RgNC40LTQttC40L3QsNC70Ysg0L7RgiDQv9C-0L_Rg9C70Y_RgNC90YvRhSDQsNCy0YLQvtGA0L7Qsgox0JrQvdC40LPQsCDRhNCw0L3RhNC40LrQvtCyIAoy0JzQuNC70LvQuNC-0L3RiyDQuNGB0YLQvtGA0LjQuSDQviDRgtCy0L7QuNGFINC70Y7QsdC40LzRi9GFINC_0LXRgNGB0L7QvdCw0LbQsNGFIAoy0JvRg9GH0YjQtdC1INC80LXRgdGC0L4g0LTQu9GPINGC0LLQvtC10Lkg0LjRgdGC0L7RgNC40LggCjLQmtCw0YLQtdCz0L7RgNC40LggCjLQndCw0L_RgNCw0LLQu9C10L3QvdC-0YHRgtC4IAoy0JPQvtGA0Y_Rh9C40LUg0YDQsNCx0L7RgtGLIAoy0JPQvtGA0Y_Rh9C40LUg0LfQsNGP0LLQutC4IAozQXF1YSBldCBpZ25pcyAKM01lbiwgZG9ncyBhbmQgS2VuIAoz0KHQtNC10LvQutCwINC90LAg0LbQuNC30L3RjCAKM9Cc0L7RjyDQrdC70LjRgSAKM9Ca0L7Qs9C00LAg0LzQvdC1INCx0YvQu9C-IDE0Li4uIAoz0KHRgtC40LLQuCwg0YLRiyDRgtCw0Log0LTQvtC70LPQviDRgdC_0LDQuyEgCjPQpNGR0LTQvtGAINCU0L7RgdGC0L7QtdCy0YHQutC40Lkg0LIg0LrQsNGH0LXRgdGC0LLQtSDQvtGC0YbQsCAKM9Cg0L7QutGB0Lgg4oCUIDcg0YTQtdGPINCyINCa0LvRg9Cx0LUg0JLQuNC90LrRgSAKM9Ck0YPRgtCw0L3QsNGA0LgsINC_0L7Qv9Cw0LTQsNC90LXRhiDQsiDRhNGD0YLQsNC90LDRgNC4IAoz0JLQvtC50LTQuNGC0LUg0LIg0LDQutC60LDRg9C90YIgCg%3D%3D&utf8=%E2%9C%93&duid=MTYxNTg0MzkyMTEwMDYzMDc1NQ%3D%3D

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

103ead0807ebdeb898e24777854a09558c2986f67006b3bf911a551a258f7f39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:01 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 21:32:01 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://ficbook.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 15 Mar 2021 21:32:01 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/264596/getBulk/ 37 KB
9 KB 232ms
232ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/264596/getBulk/v2?dl=https%3A%2F%2Fficbook.net%2F&date=2021-03-15T22%3A32%3A00.802%2B01%3A00&pd=15&pdh=1200&pdw=1600&pr1=3622021168&pr=551755513&prr=&pv=22&pw=1&extid_loader=MTYxNTg0MzkyMTEwMDYzMDc1NQ%3D%3D&extid_tag_loader=ficbook.net&ylv=0.3049&ybv=0.3048&ytt=549755818608661&is-turbo=0&skip-token=&ad-session-id=4144041615843920798&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1113%2C%22h%22%3A0%2C%22width%22%3A1113%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A244%2C%22top%22%3A1761%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&yandexuid=14075020392218463565&sign=7d31e7e4a110bd7522137305437c5142&p1=cmapo&p2=gxvv&slotNumber=2&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjEyNDY1MjAsInJlc3BvbnNlX3RpbWUiOjMwOSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjgxNDU1NiJ9LHsiY2FtcGFpZ25faWQiOjEyNDY1MjMsInJlc3BvbnNlX3RpbWUiOjMxMSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjM5NDQzNzcifSx7ImNhbXBhaWduX2lkIjoxMjQ2NTE4LCJyZXNwb25zZV90aW1lIjozMTQsImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiJJbHVzZVpkUWlBcnBzQmlrdDNlVyJ9LHsiY2FtcGFpZ25faWQiOjEyNDY1MjIsInJlc3BvbnNlX3RpbWUiOjQ5NCwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IjUzOkRFU0tUT1AtZmljYm9vay5uZXQtOTcweDI1MC1taWQifSx7ImNhbXBhaWduX2lkIjoxMjQ2NTE5LCJyZXNwb25zZV90aW1lIjo1NjQsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxNTM1MTAyIn1d&grab=dNCa0L3QuNCz0LAg0KTQsNC90YTQuNC60L7QsiAtINCx0L7Qu9C10LUgMjUwMDAg0YTQtdC90LTQvtC80L7Qsiwg0L7RgNC40LTQttC40L3QsNC70Ysg0L7RgiDQv9C-0L_Rg9C70Y_RgNC90YvRhSDQsNCy0YLQvtGA0L7Qsgox0JrQvdC40LPQsCDRhNCw0L3RhNC40LrQvtCyIAoy0JzQuNC70LvQuNC-0L3RiyDQuNGB0YLQvtGA0LjQuSDQviDRgtCy0L7QuNGFINC70Y7QsdC40LzRi9GFINC_0LXRgNGB0L7QvdCw0LbQsNGFIAoy0JvRg9GH0YjQtdC1INC80LXRgdGC0L4g0LTQu9GPINGC0LLQvtC10Lkg0LjRgdGC0L7RgNC40LggCjLQmtCw0YLQtdCz0L7RgNC40LggCjLQndCw0L_RgNCw0LLQu9C10L3QvdC-0YHRgtC4IAoy0JPQvtGA0Y_Rh9C40LUg0YDQsNCx0L7RgtGLIAoy0JPQvtGA0Y_Rh9C40LUg0LfQsNGP0LLQutC4IAozQXF1YSBldCBpZ25pcyAKM01lbiwgZG9ncyBhbmQgS2VuIAoz0KHQtNC10LvQutCwINC90LAg0LbQuNC30L3RjCAKM9Cc0L7RjyDQrdC70LjRgSAKM9Ca0L7Qs9C00LAg0LzQvdC1INCx0YvQu9C-IDE0Li4uIAoz0KHRgtC40LLQuCwg0YLRiyDRgtCw0Log0LTQvtC70LPQviDRgdC_0LDQuyEgCjPQpNGR0LTQvtGAINCU0L7RgdGC0L7QtdCy0YHQutC40Lkg0LIg0LrQsNGH0LXRgdGC0LLQtSDQvtGC0YbQsCAKM9Cg0L7QutGB0Lgg4oCUIDcg0YTQtdGPINCyINCa0LvRg9Cx0LUg0JLQuNC90LrRgSAKM9Ck0YPRgtCw0L3QsNGA0LgsINC_0L7Qv9Cw0LTQsNC90LXRhiDQsiDRhNGD0YLQsNC90LDRgNC4IAoz0JLQvtC50LTQuNGC0LUg0LIg0LDQutC60LDRg9C90YIgCg%3D%3D&utf8=%E2%9C%93&duid=MTYxNTg0MzkyMTEwMDYzMDc1NQ%3D%3D

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

34cda760d049822a46bc242d964a326faaff2db4d996eec977ea86acef5772be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:01 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 21:32:01 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://ficbook.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 15 Mar 2021 21:32:01 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/264596/getBulk/ 105 KB
32 KB 305ms
304ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/264596/getBulk/v2?dl=https%3A%2F%2Fficbook.net%2F&date=2021-03-15T22%3A32%3A00.806%2B01%3A00&pd=15&pdh=1200&pdw=1600&pr1=2281812591&pr=551755513&prr=&pv=22&pw=1&extid_loader=MTYxNTg0MzkyMTEwMDYzMDc1NQ%3D%3D&extid_tag_loader=ficbook.net&ylv=0.3049&ybv=0.3048&ytt=549755818608661&is-turbo=0&skip-token=&ad-session-id=4144041615843920798&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1113%2C%22h%22%3A0%2C%22width%22%3A1113%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A244%2C%22top%22%3A5030%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&yandexuid=14075020392218463565&sign=7d31e7e4a110bd7522137305437c5142&p1=cmapp&p2=gxvv&slotNumber=3&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjEyNDY1MjAsInJlc3BvbnNlX3RpbWUiOjMwOSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjgxNDU1OCJ9LHsiY2FtcGFpZ25faWQiOjEyNDY1MjMsInJlc3BvbnNlX3RpbWUiOjMxMiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjM5NDQzNzgifSx7ImNhbXBhaWduX2lkIjoxMjQ2NTE4LCJyZXNwb25zZV90aW1lIjozMTUsImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiIwVmtaYWF1emludGoyRXVqeEo1byJ9LHsiY2FtcGFpZ25faWQiOjEyNDY1MjIsInJlc3BvbnNlX3RpbWUiOjQ5NSwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IjUzOkRFU0tUT1AtZmljYm9vay5uZXQtOTcweDI1MC1ib3R0b20ifSx7ImNhbXBhaWduX2lkIjoxMjQ2NTE5LCJyZXNwb25zZV90aW1lIjo1NjUsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxNTM1MTAzIn1d&grab=dNCa0L3QuNCz0LAg0KTQsNC90YTQuNC60L7QsiAtINCx0L7Qu9C10LUgMjUwMDAg0YTQtdC90LTQvtC80L7Qsiwg0L7RgNC40LTQttC40L3QsNC70Ysg0L7RgiDQv9C-0L_Rg9C70Y_RgNC90YvRhSDQsNCy0YLQvtGA0L7Qsgox0JrQvdC40LPQsCDRhNCw0L3RhNC40LrQvtCyIAoy0JzQuNC70LvQuNC-0L3RiyDQuNGB0YLQvtGA0LjQuSDQviDRgtCy0L7QuNGFINC70Y7QsdC40LzRi9GFINC_0LXRgNGB0L7QvdCw0LbQsNGFIAoy0JvRg9GH0YjQtdC1INC80LXRgdGC0L4g0LTQu9GPINGC0LLQvtC10Lkg0LjRgdGC0L7RgNC40LggCjLQmtCw0YLQtdCz0L7RgNC40LggCjLQndCw0L_RgNCw0LLQu9C10L3QvdC-0YHRgtC4IAoy0JPQvtGA0Y_Rh9C40LUg0YDQsNCx0L7RgtGLIAoy0JPQvtGA0Y_Rh9C40LUg0LfQsNGP0LLQutC4IAozQXF1YSBldCBpZ25pcyAKM01lbiwgZG9ncyBhbmQgS2VuIAoz0KHQtNC10LvQutCwINC90LAg0LbQuNC30L3RjCAKM9Cc0L7RjyDQrdC70LjRgSAKM9Ca0L7Qs9C00LAg0LzQvdC1INCx0YvQu9C-IDE0Li4uIAoz0KHRgtC40LLQuCwg0YLRiyDRgtCw0Log0LTQvtC70LPQviDRgdC_0LDQuyEgCjPQpNGR0LTQvtGAINCU0L7RgdGC0L7QtdCy0YHQutC40Lkg0LIg0LrQsNGH0LXRgdGC0LLQtSDQvtGC0YbQsCAKM9Cg0L7QutGB0Lgg4oCUIDcg0YTQtdGPINCyINCa0LvRg9Cx0LUg0JLQuNC90LrRgSAKM9Ck0YPRgtCw0L3QsNGA0LgsINC_0L7Qv9Cw0LTQsNC90LXRhiDQsiDRhNGD0YLQsNC90LDRgNC4IAoz0JLQvtC50LTQuNGC0LUg0LIg0LDQutC60LDRg9C90YIgCg%3D%3D&utf8=%E2%9C%93&duid=MTYxNTg0MzkyMTEwMDYzMDc1NQ%3D%3D

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3829d9bdd934875b642c9b106ab61735a5b4855ba05b04b69aef236c7409e69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:01 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 21:32:01 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://ficbook.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 15 Mar 2021 21:32:01 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/264596/getBulk/ 10 KB
4 KB 201ms
201ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/264596/getBulk/v2?dl=https%3A%2F%2Fficbook.net%2F&date=2021-03-15T22%3A32%3A00.810%2B01%3A00&pd=15&pdh=1200&pdw=1600&pr1=1519076423&pr=551755513&prr=&pv=22&pw=1&extid_loader=MTYxNTg0MzkyMTEwMDYzMDc1NQ%3D%3D&extid_tag_loader=ficbook.net&ylv=0.3049&ybv=0.3048&ytt=549755818608661&is-turbo=0&skip-token=&ad-session-id=4144041615843920798&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A0%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A0%2C%22req_no%22%3A3%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&yandexuid=14075020392218463565&sign=7d31e7e4a110bd7522137305437c5142&p1=cmapm&p2=gxvy&slotNumber=4&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjEyNDY1MjAsInJlc3BvbnNlX3RpbWUiOjMxMCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjgxNDU0OSJ9LHsiY2FtcGFpZ25faWQiOjEyNDY1MjMsInJlc3BvbnNlX3RpbWUiOjMxMiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjM5NDQzNzUifSx7ImNhbXBhaWduX2lkIjoxMjQ2NTE4LCJyZXNwb25zZV90aW1lIjozMTYsImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiJQT1d1d0Q4aTdhaVIzRVJaa1BuYSJ9LHsiY2FtcGFpZ25faWQiOjEyNDY1MjIsInJlc3BvbnNlX3RpbWUiOjQ5NSwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IjUzOkRFU0tUT1AtZmljYm9vay5uZXQtMTYweDYwMCJ9LHsiY2FtcGFpZ25faWQiOjEyNDY1MTksInJlc3BvbnNlX3RpbWUiOjU2NiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE1MzUxMDUifV0%3D&grab=dNCa0L3QuNCz0LAg0KTQsNC90YTQuNC60L7QsiAtINCx0L7Qu9C10LUgMjUwMDAg0YTQtdC90LTQvtC80L7Qsiwg0L7RgNC40LTQttC40L3QsNC70Ysg0L7RgiDQv9C-0L_Rg9C70Y_RgNC90YvRhSDQsNCy0YLQvtGA0L7Qsgox0JrQvdC40LPQsCDRhNCw0L3RhNC40LrQvtCyIAoy0JzQuNC70LvQuNC-0L3RiyDQuNGB0YLQvtGA0LjQuSDQviDRgtCy0L7QuNGFINC70Y7QsdC40LzRi9GFINC_0LXRgNGB0L7QvdCw0LbQsNGFIAoy0JvRg9GH0YjQtdC1INC80LXRgdGC0L4g0LTQu9GPINGC0LLQvtC10Lkg0LjRgdGC0L7RgNC40LggCjLQmtCw0YLQtdCz0L7RgNC40LggCjLQndCw0L_RgNCw0LLQu9C10L3QvdC-0YHRgtC4IAoy0JPQvtGA0Y_Rh9C40LUg0YDQsNCx0L7RgtGLIAoy0JPQvtGA0Y_Rh9C40LUg0LfQsNGP0LLQutC4IAozQXF1YSBldCBpZ25pcyAKM01lbiwgZG9ncyBhbmQgS2VuIAoz0KHQtNC10LvQutCwINC90LAg0LbQuNC30L3RjCAKM9Cc0L7RjyDQrdC70LjRgSAKM9Ca0L7Qs9C00LAg0LzQvdC1INCx0YvQu9C-IDE0Li4uIAoz0KHRgtC40LLQuCwg0YLRiyDRgtCw0Log0LTQvtC70LPQviDRgdC_0LDQuyEgCjPQpNGR0LTQvtGAINCU0L7RgdGC0L7QtdCy0YHQutC40Lkg0LIg0LrQsNGH0LXRgdGC0LLQtSDQvtGC0YbQsCAKM9Cg0L7QutGB0Lgg4oCUIDcg0YTQtdGPINCyINCa0LvRg9Cx0LUg0JLQuNC90LrRgSAKM9Ck0YPRgtCw0L3QsNGA0LgsINC_0L7Qv9Cw0LTQsNC90LXRhiDQsiDRhNGD0YLQsNC90LDRgNC4IAoz0JLQvtC50LTQuNGC0LUg0LIg0LDQutC60LDRg9C90YIgCg%3D%3D&utf8=%E2%9C%93&duid=MTYxNTg0MzkyMTEwMDYzMDc1NQ%3D%3D

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e8f9fbf36ab648c60407a9c380744a75822391fc35d98f6d0e3193aac8aafddf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:00 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 21:32:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://ficbook.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 15 Mar 2021 21:32:00 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
141 B 57ms
56ms Other
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://ficbook.net
date: Mon, 15 Mar 2021 21:32:00 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 22ms
21ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: ficbook.net
URL: https://ficbook.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:00 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 10 Mar 2022 21:32:00 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 22ms
21ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: ficbook.net
URL: https://ficbook.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:00 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 10 Mar 2022 21:32:00 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.80/ 29 KB
8 KB 41ms
41ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.80/host.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9a10b1418ae87e1667a44c85f39b5e1af9b8a24279d9a2743c0859d478f3f925

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://ficbook.net
Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:01 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8120
last-modified: Wed, 13 Jan 2021 14:53:48 GMT
server: nginx/1.17.9
etag: "7fa61ab429a981f415ba1c49d1babdbb"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Mar 2051 04:05:52 GMT

GET
H2 200 widget.js Show response
an.yandex.ru/system/ 83 KB
28 KB 97ms
97ms Script
text/javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/widget.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode-bundles/0.1.3048/banners.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

f90b37547193d618576705987bc9c3612289c508b9189656c0c3d574bcc35ac2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
strict-transport-security: max-age=31536000
content-encoding: br
etag: 4262767781
x-yandex-req-id: 1615843921102359-771729646397053961800184-production-app-host-vla-pcode-20
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Mon, 15 Mar 2021 22:32:01 GMT

GET
H2 200 136261 Show response
mc.yandex.ru/watch/ 167 B
270 B 43ms
43ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/136261?wmode=7&page-url=https%3A%2F%2Fficbook.net%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6ah8uksa0119%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A3%3Adp%3A1%3Als%3A1153395393230%3Ahid%3A585117050%3Az%3A60%3Ai%3A20210315223201%3Aet%3A1615843921%3Ac%3A1%3Arn%3A847173571%3Au%3A1615843921100630755%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1615843919397%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1615843921%3At%3A%D0%9A%D0%BD%D0%B8%D0%B3%D0%B0%20%D0%A4%D0%B0%D0%BD%D1%84%D0%B8%D0%BA%D0%BE%D0%B2%20-%20%D0%B1%D0%BE%D0%BB%D0%B5%D0%B5%2025000%20%D1%84%D0%B5%D0%BD%D0%B4%D0%BE%D0%BC%D0%BE%D0%B2%2C%20%D0%BE%D1%80%D0%B8%D0%B4%D0%B6%D0%B8%D0%BD%D0%B0%D0%BB%D1%8B%20%D0%BE%D1%82%20%D0%BF%D0%BE%D0%BF%D1%83%D0%BB%D1%8F%D1%80%D0%BD%D1%8B%D1%85%20%D0%B0%D0%B2%D1%82%D0%BE%D1%80%D0%BE%D0%B2

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

f4ed7b29c133624fce0e421cdeef28afc989067b734d8273b7ff6301e9580db7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:01 GMT
x-content-type-options: nosniff
last-modified: Mon, 15-Mar-2021 21:32:01 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ficbook.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Mon, 15-Mar-2021 21:32:01 GMT

GET
H2 200 199955 Show response
mc.yandex.ru/watch/ 167 B
198 B 46ms
46ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/199955?wmode=7&page-url=https%3A%2F%2Fficbook.net%2F&charset=utf-8&site-info=%7B%22is_adult_fanfic%22%3A%22not-fanfic-page%22%2C%22is_authorized_visit%22%3Afalse%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6ah8uksa0119%3Afp%3A682%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A1%3Adp%3A0%3Als%3A1499898664037%3Ahid%3A585117050%3Az%3A60%3Ai%3A20210315223200%3Aet%3A1615843921%3Ac%3A1%3Arn%3A375995552%3Au%3A1615843921100630755%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1615843919397%3Awv%3A2%3Ads%3A6%2C113%2C198%2C29%2C0%2C0%2C%2C519%2C27%2C%2C%2C%2C840%3Adsn%3A6%2C113%2C198%2C29%2C0%2C0%2C%2C493%2C27%2C%2C%2C%2C840%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1615843921%3At%3A%D0%9A%D0%BD%D0%B8%D0%B3%D0%B0%20%D0%A4%D0%B0%D0%BD%D1%84%D0%B8%D0%BA%D0%BE%D0%B2%20-%20%D0%B1%D0%BE%D0%BB%D0%B5%D0%B5%2025000%20%D1%84%D0%B5%D0%BD%D0%B4%D0%BE%D0%BC%D0%BE%D0%B2%2C%20%D0%BE%D1%80%D0%B8%D0%B4%D0%B6%D0%B8%D0%BD%D0%B0%D0%BB%D1%8B%20%D0%BE%D1%82%20%D0%BF%D0%BE%D0%BF%D1%83%D0%BB%D1%8F%D1%80%D0%BD%D1%8B%D1%85%20%D0%B0%D0%B2%D1%82%D0%BE%D1%80%D0%BE%D0%B2

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

dc4b6716b40b37133fb7e5ce9d388a331e67930340457d40b0849987cf20fcb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:01 GMT
x-content-type-options: nosniff
last-modified: Mon, 15-Mar-2021 21:32:01 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ficbook.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Mon, 15-Mar-2021 21:32:01 GMT

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.80/1-1-0/ Frame BAA7 22 KB
6 KB 45ms
44ms Document
text/html 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.80/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

40cc818c8b06374b11230d18b2b54f8c7f2a7668b94ac9ee00d6a106cf0efd8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

:method: GET
:authority: yastatic.net
:scheme: https
:path: /safeframe-bundles/0.80/1-1-0/render.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ficbook.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ficbook.net/

Response headers

server: nginx/1.17.9
date: Mon, 15 Mar 2021 21:32:01 GMT
content-type: text/html
content-length: 6026
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "f883bd7781c332870c9968db60e89349"
expires: Thu, 16 Mar 2051 04:06:16 GMT
last-modified: Wed, 13 Jan 2021 14:53:48 GMT
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 66B3 58 KB
20 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode-bundles/0.1.3048/banners.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e56299438cce4c8a43dd66262991ddfeb792cb6b67b0ec63ac6d3451e6b8cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "813 / 588 of 1000 / last-modified: 1615806790"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19736
x-xss-protection: 0
expires: Mon, 15 Mar 2021 21:32:01 GMT

GET
H2 204 event
ads.adfox.ru/264596/ 0
107 B 340ms
126ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/264596/event?hash=57a3ff3db1868d11&pm=bmo&pxo=wKcj7uJdmTfs6W4xD2Fdo1Kz7vOk0T4L10RsmO0ZEzV6iA-XPUyBNMLxbr3HFUsRLmAoO1RdNI2fg9VD2sMqfNVStEC7dPcj5sE8Qo5JzvAKiirsaG7qKdknTVLHXNM4G3mryw13clJyB6QNgBLKEiZrK0cekKdeB2onNz-gqFJhcxvz3g%3D%3D&p5=jepnk&rand=eqoxiei&sj=XSxSCNyKQEyQ8vYTewGRs01lhdRfOZ1Zz3fpmkshnzSFMVKmQIRK8KRHGLBV1Q%3D%3D&ad-session-id=4144041615843920798&lts=ffzyrrc&ytt=549755818608661&ybv=0.3048&ylv=0.3049&dl=https%3A%2F%2Fficbook.net%2F&pr=bulkojx&p1=cltfs&rqs=UDZO-L1mEjNQ0k9gB30c8Q6HexLUFsXE&rtb-si=b&p2=grju

Requested by

Host: ficbook.net
URL: https://ficbook.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 15 Mar 2021 21:32:01 GMT
x-content-type-options: nosniff
timing-allow-origin: *

POST
H2 200 1 Show response
mc.yandex.ru/watch/136261/ 43 B
73 B 42ms
42ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/136261/1?page-url=https%3A%2F%2Fficbook.net%2F&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A1d7r6ah8uksa0119%3Afp%3A682%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A3%3Adp%3A1%3Als%3A1153395393230%3Ahid%3A585117050%3Az%3A60%3Ai%3A20210315223201%3Aet%3A1615843921%3Ac%3A1%3Arn%3A1059366376%3Au%3A1615843921100630755%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1615843919397%3Awv%3A2%3Ads%3A6%2C113%2C198%2C29%2C0%2C0%2C%2C519%2C27%2C%2C%2C%2C840%3Adsn%3A6%2C113%2C198%2C29%2C0%2C0%2C%2C493%2C27%2C%2C%2C%2C840%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1615843921

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:01 GMT
last-modified: Mon, 15-Mar-2021 21:32:01 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ficbook.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 15-Mar-2021 21:32:01 GMT

GET
H2 200 3 Show response
mc.yandex.ru/watch/ 35 B
66 B 50ms
50ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fficbook.net%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6ah8uksa0119%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A2%3Adp%3A1%3Als%3A602751973603%3Ahid%3A585117050%3Az%3A60%3Ai%3A20210315223201%3Aet%3A1615843921%3Ac%3A1%3Arn%3A1026644153%3Au%3A1615843921100630755%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1615843919397%3Awv%3A2%3Ati%3A2%3Ast%3A1615843921

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:01 GMT
x-content-type-options: nosniff
last-modified: Mon, 15-Mar-2021 21:32:01 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ficbook.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 35
x-xss-protection: 1; mode=block
expires: Mon, 15-Mar-2021 21:32:01 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/199955/ 43 B
73 B 46ms
46ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/199955/1?page-url=https%3A%2F%2Fficbook.net%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A1d7r6ah8uksa0119%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A1%3Adp%3A1%3Als%3A1499898664037%3Ahid%3A585117050%3Az%3A60%3Ai%3A20210315223201%3Aet%3A1615843921%3Ac%3A1%3Arn%3A419972219%3Au%3A1615843921100630755%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1615843919397%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1615843921

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:01 GMT
last-modified: Mon, 15-Mar-2021 21:32:01 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ficbook.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 15-Mar-2021 21:32:01 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/199955/ 43 B
73 B 54ms
54ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/199955/1?page-url=https%3A%2F%2Fficbook.net%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A1d7r6ah8uksa0119%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A1%3Adp%3A1%3Als%3A1499898664037%3Ahid%3A585117050%3Az%3A60%3Ai%3A20210315223201%3Aet%3A1615843921%3Ac%3A1%3Arn%3A943993432%3Au%3A1615843921100630755%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1615843919397%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1615843921

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:01 GMT
last-modified: Mon, 15-Mar-2021 21:32:01 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ficbook.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 15-Mar-2021 21:32:01 GMT

GET
H3-Q050 200 pubads_impl_2021031001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 66B3 284 KB
100 KB 53ms
53ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

cc54d49a204cf8a8440884a769b3bc5a01030ce4f1d45582adc2170c95752ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Mar 2021 09:39:15 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102356
x-xss-protection: 0
expires: Mon, 15 Mar 2021 21:32:01 GMT

GET
H/1.1 200
Ok d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame BAA7 95 B
400 B 147ms
46ms Image
image/png 2a02:6b8::5:114
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Requested by

Host: ficbook.net
URL: https://ficbook.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::5:114 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 21:32:01 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=315360000; includeSubDomains
X-RT-IH: 0.0002
Content-Type: image/png
Cache-Control: private
Connection: close
X-RT-IQ: 0.0001
Content-Length: 95
Expires: Tue, 16 Mar 2021 21:32:01 GMT

GET
H2 200 shadow.svg
yastatic.net/pcode-static/resources/42/leaderboard/ 333 B
769 B 41ms
41ms Image
image/svg+xml 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yastatic.net/pcode-static/resources/42/leaderboard/shadow.svg

Requested by

Host: ficbook.net
URL: https://ficbook.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

f1e572871055c1d0e152936f664d5fb075f505b99b412a4776f65a7abe80b505

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:01 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 224
last-modified: Mon, 29 Jun 2020 12:10:53 GMT
server: nginx/1.17.9
etag: "3138ca97d43c761e6ae0b4965549eec1"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=216013
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Mar 2021 09:29:39 GMT

GET
H2 200 y180
avatars.mds.yandex.net/get-direct/1520687/Xh3Ysb0uk-48VVJsusmF4g/ 10 KB
11 KB 210ms
121ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/1520687/Xh3Ysb0uk-48VVJsusmF4g/y180
Requested by: Host: ficbook.net
URL: https://ficbook.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6bfb79df3b0467cf01641d0d529263b5857c6d97812110c6a1de8d239e759126

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:01 GMT
last-modified: Fri, 04 Dec 2020 15:07:05 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 10652
x-request-id: 442f5ef1031f8580

GET
H2 200 y300
avatars.mds.yandex.net/get-direct/1612413/GVtywxtf6v-jcEzTnRolNA/ 16 KB
16 KB 169ms
81ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/1612413/GVtywxtf6v-jcEzTnRolNA/y300
Requested by: Host: ficbook.net
URL: https://ficbook.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: a4012f526954ddff3c2c91c5c89ffe0ec0abb515b022b254b843208166288a42

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:01 GMT
last-modified: Wed, 11 Dec 2019 14:56:57 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 16442
x-request-id: 9c5aaa948caaed33

GET
H2 200 y300
avatars.mds.yandex.net/get-direct/2815966/Bg4mc8PXBpfmKuiZeWrFoQ/ 9 KB
9 KB 170ms
82ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/2815966/Bg4mc8PXBpfmKuiZeWrFoQ/y300
Requested by: Host: ficbook.net
URL: https://ficbook.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 77e997d473078ede5952521d688b293746a01f8650c7edf4dda080ac8e2d7034

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:01 GMT
last-modified: Thu, 25 Jun 2020 18:50:12 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 8874
x-request-id: 9bad83d4f94846c2

GET
H2 200 y180
avatars.mds.yandex.net/get-direct/1567644/nyOemqHH_Qb1cmHrcqKk7g/ 12 KB
13 KB 170ms
82ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/1567644/nyOemqHH_Qb1cmHrcqKk7g/y180
Requested by: Host: ficbook.net
URL: https://ficbook.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: a1dc55abda7c4a73858812a18775b971464e6153bb97a7ef636540ed5b2df068

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:01 GMT
last-modified: Mon, 09 Sep 2019 13:43:44 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 12656
x-request-id: 89ef55c43302c75e

GET
H2 200 widget.js Show response
yastatic.net/pcode-native-bundles/1128/ 243 KB
57 KB 52ms
51ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode-native-bundles/1128/widget.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

d23f4cdd778348253180da8a3f9ea2909f48d80691e01e0b772888e3aa2d63df

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:01 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 57421
last-modified: Tue, 09 Mar 2021 12:30:33 GMT
server: nginx/1.17.9
etag: "1d467042e3a59efa5f5c7b16767e7579"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Mar 2051 04:06:43 GMT

POST
H2 200 jstracer Show response
an.yandex.ru/ 2 B
262 B 136ms
50ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/jstracer?pcode_native=1128&values=performance&adb=false&verison=1128&bundle_version=1128&widget_pf=no

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2
x-xss-protection: 1; mode=block

GET
H2 200 136261 Show response
mc.yandex.ru/watch/ 43 B
73 B 43ms
43ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/136261?page-url=https%3A%2F%2Fficbook.net%2F&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A1d7r6ah8uksa0119%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A3%3Adp%3A1%3Als%3A1153395393230%3Ahid%3A585117050%3Az%3A60%3Ai%3A20210315223201%3Aet%3A1615843921%3Ac%3A1%3Arn%3A366268945%3Au%3A1615843921100630755%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1615843919397%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1615843921%3At%3A%D0%9A%D0%BD%D0%B8%D0%B3%D0%B0%20%D0%A4%D0%B0%D0%BD%D1%84%D0%B8%D0%BA%D0%BE%D0%B2%20-%20%D0%B1%D0%BE%D0%BB%D0%B5%D0%B5%2025000%20%D1%84%D0%B5%D0%BD%D0%B4%D0%BE%D0%BC%D0%BE%D0%B2%2C%20%D0%BE%D1%80%D0%B8%D0%B4%D0%B6%D0%B8%D0%BD%D0%B0%D0%BB%D1%8B%20%D0%BE%D1%82%20%D0%BF%D0%BE%D0%BF%D1%83%D0%BB%D1%8F%D1%80%D0%BD%D1%8B%D1%85%20%D0%B0%D0%B2%D1%82%D0%BE%D1%80%D0%BE%D0%B2

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:01 GMT
last-modified: Mon, 15-Mar-2021 21:32:01 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ficbook.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 15-Mar-2021 21:32:01 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 66B3 107 B
799 B 34ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ficbook.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Mar 2021 21:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 66B3 107 B
553 B 35ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ficbook.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Mar 2021 21:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 66B3 8 KB
4 KB 317ms
317ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1588488472136872&correlator=1131048752170240&output=ldjh&impl=fifs&eid=31060010%2C31060296%2C31060344&vrg=2021031001&ptt=17&sc=1&sfv=1-0-38&ecs=20210315&iu_parts=21666642277%2CNA_DESKTOP-ficbook.net-970x250-nextbutton&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&cust_params=AdfoxBid%3D0.12&cookie_enabled=1&cdm=ficbook.net&bc=31&abxe=1&lmt=1615843921&dt=1615843921293&dlt=1615843921105&idt=171&ea=0&frm=23&biw=1600&bih=1200&isw=970&ish=250&oid=3&adxs=315&adys=273&adks=5671228&ucis=ghzvgsa7y1t1&ifi=1&ifk=3503359875&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fficbook.net%2F&top=https%3A%2F%2Fficbook.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x250&msz=970x-1&ga_vid=1691409138.1615843921&ga_sid=1615843921&ga_hid=834736826&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

965ffb21931f163f4f8866698b536dd22db484744fdaaad11e615cc22086cfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3651
x-xss-protection: 0
google-lineitem-id: 5619979597
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138339664253
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ficbook.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
95ad313bde6c4125f4477b6514e01c83.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 66B3 0
0 84ms
38ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://95ad313bde6c4125f4477b6514e01c83.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 66B3 0
0 25ms
6ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H2 200 jstracer Show response
an.yandex.ru/ 2 B
31 B 50ms
50ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/jstracer?pcode_native=1128&values=block_render&adb=false&verison=1128&bundle_version=1128&widget_pf=no

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2
x-xss-protection: 1; mode=block

POST
H2 200 jstracer Show response
an.yandex.ru/ 2 B
31 B 50ms
50ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/jstracer?pcode_native=1128&values=performance&adb=false&verison=1128&bundle_version=1128&widget_pf=no

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1

204
No Content

/
sync.bumlam.com/ Frame 47DE
Redirect Chain

https://sync.bumlam.com/?src=aid0
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjRpL-CBlIFl4XSlAY*
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjRpL-CBlIFl4XSlAaiARDhI4zuhdUR66bpACWQyCQ3
https://sync.bumlam.com/?src=aid0&s_data=CAIQABjRpL-CBqIBEOEjjO6F1RHrpukAJZDIJDc*
https://sync.bumlam.com/?src=aid0&s_data=CAIQARjRpL-CBqIBEOEjjO6F1RHrpukAJZDIJDc*

0
103 B

1045ms
1044ms

Image
text/plain

31.172.81.172
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=aid0&s_data=CAIQARjRpL-CBqIBEOEjjO6F1RHrpukAJZDIJDc*
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.172 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Mon, 15 Mar 2021 21:32:04 GMT
Server: nginx

Redirect headers

Date: Mon, 15 Mar 2021 21:32:03 GMT
Server: nginx
ETag: e1238cee-85d5-11eb-a6e9-002590c82437
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=aid0&s_data=CAIQARjRpL-CBqIBEOEjjO6F1RHrpukAJZDIJDc*
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame EB5D 0
0 81ms
81ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbzRgo6AVvMZlvTaZ7_Etjwb82rc9m9KU8IA4lAOq07ANPKJb0IaqRUy-wJ-AL_qhPV-TkihbY1MRh46josHf5O7rI7sIfTTVws5Daz-KrjWT3VOpl-3qb3rII32T6NxvZiISwmUzAjh8L0NE1hQDVgt7EWIU6g8_WLVr-9HV7ce3aLdDtBAui8uOHL6ufEfKjrTDvKFx1KIMvic13frI4Ys6Wv9pORvOUfeTgOR_ck3CS--v6nJECSYbUFFzRj6DjpDinsclgB7FQk-ACYrcwvOimqWQqhXm7ffIgPT7LX-Cx6PKnWEM_DcWk7iI4Xcs4blMbvV14fTsNf5hP6Q&sai=AMfl-YRiIM75ZKGHasXaYy8asjq-L-_jc0AwADlJvHxHqF6z1mkWfrjNIL0EWSGK0It5eWJ8YCbJ_xnFmJLF_0-OgZbcrofIgNsqBTYSQ7P6kq9_t82g-Bi7HrwM4h5-kSw&sig=Cg0ArKJSzDUkc7JnfG7sEAE&urlfix=1&adurl=

Requested by

Host: ficbook.net
URL: https://ficbook.net/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Mar 2021 21:32:01 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 15 Mar 2021 21:32:01 GMT

GET
H2 200 adfox-adx-stub.js Show response
yastatic.net/pcode/adfox/ Frame EB5D 60 KB
15 KB 49ms
48ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode/adfox/adfox-adx-stub.js

Requested by

Host: ficbook.net
URL: https://ficbook.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

fcc94a5496346d9bdec25ec013c3ee1665221c7ee963a0e264737c7f129b6c75

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:01 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 15037
last-modified: Fri, 12 Mar 2021 09:56:19 GMT
server: nginx/1.17.9
etag: "1e571663e081efce6f589c3101d29332"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Mar 2021 22:28:00 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EB5D 112 KB
34 KB 41ms
28ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76f8ebf46fa95c31efb8a764b15a3a0849c11346454a026f003cdda43add1749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615551985310811"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34604
x-xss-protection: 0
expires: Mon, 15 Mar 2021 21:32:01 GMT

GET
H2 204 event
ads.adfox.ru/264596/ 0
14 B 123ms
123ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/264596/event?hash=34d87151094ccbee&pm=bmv&pxo=wKcj7uJdmTfs6W4xD2Fdo1Kz7vOk0T4L10RsmO0ZEzV6iA-XPUyBNMLxbr3HFUsRLmAoO1RdNI2fg9VD2sMqfNVStEC7dPcj5sE8Qo5JzvAKiirsaG7qKdknTVLHXNM4G3mryw13clJyB6QNgBLKEiZrK0cekKdeB2onNz-gqFJhcxvz3g%3D%3D&p5=jepnk&rand=bzkxcbo&sj=XSxSCNyKQEyQ8vYTewGRs01lhdRfOZ1Zz3fpmkshnzSFMVKmQIRK8KRHGLBV1Q%3D%3D&ad-session-id=4144041615843920798&lts=ffzyrrc&ytt=549755818608661&ybv=0.3048&ylv=0.3049&dl=https%3A%2F%2Fficbook.net%2F&pr=bulkojx&p1=cltfs&rqs=UDZO-L1mEjNQ0k9gB30c8Q6HexLUFsXE&rtb-si=b&p2=grju&resp-time=529&creative-id=138339664253&google-width=970&google-height=250

Requested by

Host: ficbook.net
URL: https://ficbook.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 15 Mar 2021 21:32:01 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 66B3 73 KB
28 KB 36ms
30ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab62fe971dd4b318621de81bfd9315f50f36bd50791512128cea651f3ef136d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615552002806803"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28222
x-xss-protection: 0
expires: Mon, 15 Mar 2021 21:32:01 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 66B3 8 KB
7 KB 38ms
18ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8c1822039fda3c8c5f026d486d697574cab9a0c4b259fcea172bd17f56caa98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Mar 2021 21:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6534
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame EB5D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2f077e19119f919b2fd2c0c8efe2fd6275c7d1f3ec44a7e4413ae0d6ce913fe

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET sodar2.js
tpc.googlesyndication.com/sodar/ Frame 66B3 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame EB5D 0
0

GET
H2 200 v2 Show response
an.yandex.ru/adfox/264596/getBulk/ 100 KB
31 KB 84ms
83ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/264596/getBulk/v2?bids=W3siY2FtcGFpZ25faWQiOjEyNDY1MjAsInJlc3BvbnNlX3RpbWUiOjMwOCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjgwNjI4MCJ9LHsiY2FtcGFpZ25faWQiOjEyNDY1MjMsInJlc3BvbnNlX3RpbWUiOjMxMSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjM5MzA1NDQifSx7ImNhbXBhaWduX2lkIjoxMjQ2NTE4LCJyZXNwb25zZV90aW1lIjozMTQsImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiJWOVBrQWl1UW5DV1VMd3hsa3c2SSJ9LHsiY2FtcGFpZ25faWQiOjEyNDY1MjIsInJlc3BvbnNlX3RpbWUiOjQ5NCwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IjUzOkRFU0tUT1AtZmljYm9vay5uZXQtOTcweDI1MC1BVEYtQklMTEJPQVJEIn0seyJjYW1wYWlnbl9pZCI6MTI0NjUxOSwicmVzcG9uc2VfdGltZSI6NTYzLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTUyNzkyNiJ9XQ%3D%3D&date=2021-03-15T22%3A32%3A00.793%2B01%3A00&dl=https%3A%2F%2Fficbook.net%2F&duid=MTYxNTg0MzkyMTEwMDYzMDc1NQ%3D%3D&enable-flat-highlight=1&extid_loader=MTYxNTg0MzkyMTEwMDYzMDc1NQ%3D%3D&extid_tag_loader=ficbook.net&grab=dNCa0L3QuNCz0LAg0KTQsNC90YTQuNC60L7QsiAtINCx0L7Qu9C10LUgMjUwMDAg0YTQtdC90LTQvtC80L7Qsiwg0L7RgNC40LTQttC40L3QsNC70Ysg0L7RgiDQv9C-0L_Rg9C70Y_RgNC90YvRhSDQsNCy0YLQvtGA0L7Qsgox0JrQvdC40LPQsCDRhNCw0L3RhNC40LrQvtCyIAoy0JzQuNC70LvQuNC-0L3RiyDQuNGB0YLQvtGA0LjQuSDQviDRgtCy0L7QuNGFINC70Y7QsdC40LzRi9GFINC_0LXRgNGB0L7QvdCw0LbQsNGFIAoy0JvRg9GH0YjQtdC1INC80LXRgdGC0L4g0LTQu9GPINGC0LLQvtC10Lkg0LjRgdGC0L7RgNC40LggCjLQmtCw0YLQtdCz0L7RgNC40LggCjLQndCw0L_RgNCw0LLQu9C10L3QvdC-0YHRgtC4IAoy0JPQvtGA0Y_Rh9C40LUg0YDQsNCx0L7RgtGLIAoy0JPQvtGA0Y_Rh9C40LUg0LfQsNGP0LLQutC4IAozQXF1YSBldCBpZ25pcyAKM01lbiwgZG9ncyBhbmQgS2VuIAoz0KHQtNC10LvQutCwINC90LAg0LbQuNC30L3RjCAKM9Cc0L7RjyDQrdC70LjRgSAKM9Ca0L7Qs9C00LAg0LzQvdC1INCx0YvQu9C-IDE0Li4uIAoz0KHRgtC40LLQuCwg0YLRiyDRgtCw0Log0LTQvtC70LPQviDRgdC_0LDQuyEgCjPQpNGR0LTQvtGAINCU0L7RgdGC0L7QtdCy0YHQutC40Lkg0LIg0LrQsNGH0LXRgdGC0LLQtSDQvtGC0YbQsCAKM9Cg0L7QutGB0Lgg4oCUIDcg0YTQtdGPINCyINCa0LvRg9Cx0LUg0JLQuNC90LrRgSAKM9Ck0YPRgtCw0L3QsNGA0LgsINC_0L7Qv9Cw0LTQsNC90LXRhiDQsiDRhNGD0YLQsNC90LDRgNC4IAoz0JLQvtC50LTQuNGC0LUg0LIg0LDQutC60LDRg9C90YIgCg%3D%3D&is-turbo=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1123%2C%22h%22%3A0%2C%22width%22%3A1123%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A239%2C%22top%22%3A273%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&matchid-direct=1&p1=cltfs&p2=grju&pcode-version=0&pd=15&pdh=1200&pdw=1600&pr=551755513&pr1=3670243156&prr=&pv=22&pw=1&sign=7d31e7e4a110bd7522137305437c5142&skip-token=&slotNumber=1&utf8=%E2%9C%93&yandexuid=14075020392218463565&ybv=0.3048&ylv=0.3049&ytt=549755818608661&lvlfrom=20&rqs=UDZO-L1mEjNQ0k9gB30c8Q6HexLUFsXE&rtb-si=1&dmv=2&hb-conversion-disabled=1&csl=&ad-session-id=4144041615843920798&rtb-answer-hash=13535788868394448139&usgn=ATNPJ8Q-A2ltT1b1rHEJlc_I63A5wJrvFWf-gNYokYWr&resp-time=688

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

04aa362b3547466e68c8075bf5fa19735ca86f373d78d646d854c2b66526cd48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:01 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 21:32:01 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://ficbook.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 15 Mar 2021 21:32:01 GMT

GET
H2 204 event
ads.adfox.ru/264596/ 0
14 B 121ms
121ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/264596/event?hash=6ef429face522cb8&pm=bmt&pxo=wKcj7uJdmTfs6W4xD2Fdo1Kz7vOk0T4L10RsmO0ZEzV6iA-XPUyBNMLxbr3HFUsRLmAoO1RdNI2fg9VD2sMqfNVStEC7dPcj5sE8Qo5JzvAKiirsaG7qKdknTVLHXNM4G3mryw13clJyB6QNgBLKEiZrK0cekKdeB2onNz-gqFJhcxvz3g%3D%3D&p5=jepnk&rand=llbrpdu&sj=XSxSCNyKQEyQ8vYTewGRs01lhdRfOZ1Zz3fpmkshnzSFMVKmQIRK8KRHGLBV1Q%3D%3D&ad-session-id=4144041615843920798&lts=ffzyrrc&ytt=549755818608661&ybv=0.3048&ylv=0.3049&dl=https%3A%2F%2Fficbook.net%2F&pr=bulkojx&p1=cltfs&rqs=UDZO-L1mEjNQ0k9gB30c8Q6HexLUFsXE&rtb-si=b&p2=grju

Requested by

Host: ficbook.net
URL: https://ficbook.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 15 Mar 2021 21:32:01 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 200 y300
avatars.mds.yandex.net/get-direct/1520687/Yq5m0FCKwBySKwVEKtfSNQ/ 9 KB
10 KB 42ms
41ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/1520687/Yq5m0FCKwBySKwVEKtfSNQ/y300
Requested by: Host: ficbook.net
URL: https://ficbook.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 09cd78d927dcb725c0a40c0fa03a201c211c37b4ff700de66088a0d75da44cfb

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:01 GMT
last-modified: Wed, 16 Sep 2020 06:07:29 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 9570
x-request-id: c5cb296697914dbf

GET
H2 200 y450
avatars.mds.yandex.net/get-direct/2771799/c55VUFbDLh0druNcvdht8w/ 29 KB
30 KB 42ms
42ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/2771799/c55VUFbDLh0druNcvdht8w/y450
Requested by: Host: ficbook.net
URL: https://ficbook.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0431f8c753f8bba3181b2037842eb6b56f6e5806c60c8db55c684fcf9044979d

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:01 GMT
last-modified: Tue, 17 Dec 2019 15:32:47 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 29914
x-request-id: 1f06e34444a874d

GET
H2 200 y180
avatars.mds.yandex.net/get-direct/1524269/7kat5yB1QIlNit3PL7ezvw/ 12 KB
12 KB 43ms
42ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/1524269/7kat5yB1QIlNit3PL7ezvw/y180
Requested by: Host: ficbook.net
URL: https://ficbook.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 108e9d4a01d138ce470c2f28736e948b17ef958b72f0ce83d9010bae12d29eb1

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:01 GMT
last-modified: Tue, 23 Apr 2019 13:29:38 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 12354
x-request-id: 38bc8289644ad969

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame E1AE 0
150 B 39ms
13ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=ficbook.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=ficbook.net
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ficbook.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ficbook.net/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 1414
date: Mon, 15 Mar 2021 21:32:02 GMT
content-length: 0

GET
H2 200 bundle.js Show response
yastatic.net/q/set/s/rsya-tag-users/ Frame BAA7 105 KB
106 KB 48ms
48ms Script
application/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Requested by: Host: ficbook.net
URL: https://ficbook.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash: e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Request headers

Referer: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:03 GMT
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
server: nginx/1.17.9
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1213
timing-allow-origin: *
content-length: 107764
expires: Mon, 15 Mar 2021 21:50:48 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame BAA7 123 KB
43 KB 43ms
42ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

a83a4b91b9d7e6f311543068b7c65291d001cd2fb17f19ab8e5a0adb1a0d01e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:03 GMT
content-encoding: br
last-modified: Tue, 09 Mar 2021 18:36:29 GMT
etag: "60472f6c-aa82"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 43650
expires: Mon, 15 Mar 2021 22:32:03 GMT

GET
H2 200 data Show response
yandex.ru/set/s/rsya-tag-users/ Frame BAA7 403 B
976 B 243ms
149ms Fetch
application/json 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Fficbook.net%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

98566876dae2680d7858f0a9a46ca1cbc809800ddfb7cca3f5249143533751b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:03 GMT
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: public,max-age=300
access-control-allow-credentials: true
content-length: 403
x-xss-protection: 1; mode=block

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame BAA7 32 KB
13 KB 144ms
54ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

f6ac3c8e6ce2149cb393c789e9640b78cfb6626380e872a605c1c5fb1df3981e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12620
x-xss-protection: 0
server: cafe
etag: 4454677202539371103
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 21:32:03 GMT

GET
H3-Q050

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame BAA7
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=U9JPYPGNH9mKgQecvqugBg...
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1941852700&crd=&is_vtc=1&random=3362585237
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1941852700&crd=&is_vtc=1&random=3362585237&ipr=y

42 B
530 B

45ms
32ms

Image
image/gif

2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1941852700&crd=&is_vtc=1&random=3362585237&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:03 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1941852700&crd=&is_vtc=1&random=3362585237&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame BAA7
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=U9JPYMaUH5W0gAe9sabgBA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2146429531&crd=&is_vtc=1&random=1499667811
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2146429531&crd=&is_vtc=1&random=1499667811&ipr=y

42 B
66 B

20ms
20ms

Image
image/gif

2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2146429531&crd=&is_vtc=1&random=1499667811&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:03 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2146429531&crd=&is_vtc=1&random=1499667811&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3 Show response
mc.yandex.ru/watch/ Frame BAA7 35 B
260 B 62ms
61ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fficbook.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3A2z9ezuq74honwal%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A1%3Adp%3A0%3Als%3A655838085832%3Ahid%3A90019540%3Az%3A60%3Ai%3A20210315223203%3Aet%3A1615843923%3Ac%3A1%3Arn%3A462541582%3Au%3A1615843923905095382%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1615843921087%3Ads%3A0%2C0%2C44%2C1%2C0%2C0%2C%2C24%2C0%2C83%2C83%2C0%2C82%3Adsn%3A0%2C0%2C44%2C1%2C0%2C0%2C%2C36%2C0%2C83%2C83%2C0%2C82%3Ati%3A2%3Ast%3A1615843923

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:03 GMT
x-content-type-options: nosniff
last-modified: Mon, 15-Mar-2021 21:32:03 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 35
x-xss-protection: 1; mode=block
expires: Mon, 15-Mar-2021 21:32:03 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ Frame BAA7 43 B
112 B 43ms
42ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:03 GMT
last-modified: Thu, 11 Mar 2021 18:32:00 GMT
etag: "60472f6c-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 15 Mar 2021 22:32:03 GMT

GET
H2 200 37412095 Show response
mc.yandex.ru/watch/ Frame BAA7 186 B
244 B 43ms
42ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fficbook.net%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3A2z9ezuq74honwal%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A2%3Adp%3A1%3Als%3A264954733686%3Ahid%3A90019540%3Az%3A60%3Ai%3A20210315223203%3Aet%3A1615843923%3Ac%3A1%3Arn%3A452302021%3Au%3A1615843923187304504%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1615843921087%3Ads%3A0%2C0%2C44%2C1%2C0%2C0%2C%2C24%2C0%2C83%2C83%2C0%2C82%3Adsn%3A0%2C0%2C44%2C1%2C0%2C0%2C%2C36%2C0%2C83%2C83%2C0%2C82%3Arqnl%3A1%3Ati%3A2%3Ast%3A1615843923%3At%3A

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

1fa689793fcfa73086ec5a3b202e37fddf30a7cdc7d01d836ab593f1f3545049

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:03 GMT
x-content-type-options: nosniff
last-modified: Mon, 15-Mar-2021 21:32:03 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 186
x-xss-protection: 1; mode=block
expires: Mon, 15-Mar-2021 21:32:03 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame BAA7 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1615843923563&cv=9&fst=1615843923563&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fficbook.net%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1ea0ce61faa5b8ac2fda8bacbe98f14c0ad874ca75e001a8b6c76df0787059d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1106
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame BAA7 3 KB
2 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1615843923567&cv=9&fst=1615843923567&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fficbook.net%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f8616d7ce225257bdaebe00056c8fa1415915501d20b74410fb64464ec32d7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1105
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame BAA7 3 KB
1 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1615843923569&cv=9&fst=1615843923569&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fficbook.net%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99719e9ab52f3faec4046b11354951bc88c2748018ba10dfbab2342c975b51de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1102
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame BAA7 3 KB
1 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1615843923570&cv=9&fst=1615843923570&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fficbook.net%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ddde2f18a5be67584141ed8164326e63ef40246381910ee97440d30370fde23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1107
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame BAA7 42 B
138 B 21ms
20ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1615843923567&cv=9&fst=1615842000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fficbook.net%2F&async=1&fmt=3&is_vtc=1&random=386733834&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame BAA7 42 B
154 B 19ms
18ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1615843923567&cv=9&fst=1615842000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fficbook.net%2F&async=1&fmt=3&is_vtc=1&random=386733834&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame BAA7 42 B
108 B 21ms
20ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1615843923563&cv=9&fst=1615842000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fficbook.net%2F&async=1&fmt=3&is_vtc=1&random=3835708766&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame BAA7 42 B
108 B 21ms
21ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1615843923563&cv=9&fst=1615842000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fficbook.net%2F&async=1&fmt=3&is_vtc=1&random=3835708766&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame BAA7 42 B
66 B 49ms
34ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1615843923569&cv=9&fst=1615842000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fficbook.net%2F&async=1&fmt=3&is_vtc=1&random=1510154180&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame BAA7 42 B
66 B 48ms
34ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1615843923569&cv=9&fst=1615842000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fficbook.net%2F&async=1&fmt=3&is_vtc=1&random=1510154180&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame BAA7 42 B
530 B 36ms
33ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1615843923570&cv=9&fst=1615842000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fficbook.net%2F&async=1&fmt=3&is_vtc=1&random=2814493325&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame BAA7 42 B
66 B 38ms
35ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1615843923570&cv=9&fst=1615842000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fficbook.net%2F&async=1&fmt=3&is_vtc=1&random=2814493325&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1TppUXjq0Qq100000000U9nJ333p-x4tJSZOi3PkXv1IWgEWPS0b_mG68F24YOJMtUhrYtKLOM98PGIAPzR6tG2Bbte2URKWjQsC878gK5Q1OIRZ3dq6C5Z8o2S0OQraNC0EOMq4cS0G2SHx6VFgEHYEWcMkCeA4xp8os30m_6MSnSJ0C9S99BAKwHGp0yDQfbz0z...
an.yandex.ru/rtbcount/ 43 B
161 B 50ms
50ms Image
image/gif 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/rtbcount/1TppUXjq0Qq100000000U9nJ333p-x4tJSZOi3PkXv1IWgEWPS0b_mG68F24YOJMtUhrYtKLOM98PGIAPzR6tG2Bbte2URKWjQsC878gK5Q1OIRZ3dq6C5Z8o2S0OQraNC0EOMq4cS0G2SHx6VFgEHYEWcMkCeA4xp8os30m_6MSnSJ0C9S99BAKwHGp0yDQfbz0zbcc_q3mbEa5KEGLay3S6SdRQkCO6AgKNlsQkPULuIyJAyWXp22obraHv1nca15pcPb03c1cSbI0E81v7lU5VK-cDrcUP8Rv_IfOvLqm-PFPmOaVh78MYqAeIvI_hezXhckMNw11jcMwax51iaMWcKTgXK-eMt64wqAMqBkkOCKhM7R4Rs1XtC72T825yGBBuwjRUm-lNx5Dx2OBnDyVx1-of871FVktB20_Js2TEc51KqD3xG9MpfEiZdeGTLzPGRwSm7RXpOv3zw_Fx3HUmBPxqyCtNIy-_LdF203UwNoQ?confirmTime=2100000&confirmRatio=1000000&test-tag=457946592968706&format-type=110&actual-format=78&rnd=5577096485122&renderWidth=1123&renderHeight=250

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:04 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 21:32:04 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 15 Mar 2021 21:32:04 GMT

GET
H2 200 WJ8ejI_zO9e0HGa0f0zEZTf-aA8OIGK0cW4GW8200J5GqazW000003YAqH280acv0eyrIYlXwOKby0AhmPEB2F050Q06m0791b0sJlYzPX8psGO00000MG000Aa7VLxO4Y9WGH701w2TlfCAW0e1Y0g52gWAw0U82v81gWiGFxjludrU003GvUhwcRtm2mRW3OA2W...
an.yandex.ru/count/ 43 B
80 B 50ms
50ms Image
image/gif 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/count/WJ8ejI_zO9e0HGa0f0zEZTf-aA8OIGK0cW4GW8200J5GqazW000003YAqH280acv0eyrIYlXwOKby0AhmPEB2F050Q06m0791b0sJlYzPX8psGO00000MG000Aa7VLxO4Y9WGH701w2TlfCAW0e1Y0g52gWAw0U82v81gWiGFxjludrU003GvUhwcRtm2mRW3OA2WG6O3j3ikCBVrvc9CwWF_RpXbQ64sA0Ha135zAIu_vNiZ_y1q8xVYGNW507O5S6AzkoZZxpyO_205fMGe8A0W7t95l0_WHUe5mcP6D0O8VWOW1cm6RWPqXaIUM5YSrzpPN9sPN8lSZKmEIqnw1dZ2F0PWC833W1sRAmq1KF1HYWQ9j4jX50JmtFPQhFCBRrcykgZN3j6AXTCs3d4I-5l8me0~1=WYuejI_zOB419H40P1mJ0khiiGBAz-gGYnQ00V6en6U80OV_dhHNa07Wf8EioO20W0AO0U2aWwn9e07Ug07Uk066l8Q_8DW1dgEqbG7W0OIRj9K1w05G-06SYDw-0Q02ofIj69W3m8Gzi0FZ48W5XDS6a0M8ynom1T2q2BW5qBG8m0MBjjm2o0Mrj6NG1Tg-0-05TvW6kgpoXGke1i01k0U01QGFyGS00CAbofOCJiKkivbFh3_9u0g0YNhP2trUs18YO44Hw0k4rmQ839o8thu1w0oR1fWDrlqpe0x0X3s04C_FWXkQ41i9003uFnc6YQzVeU0HrRgN0kWHwf2_Wlw0cD_btCT04NeEG0c9n3-O4mAe4-FLjOt3hwYs5k0JqBG8Y1IWny-Wr8_reHoW5D2q2AWKYFCSm1I0tg3BhlBrFzWKdj2ZWWRe58m2q1MUqAE21jWLmOhsxAEFlFnZe1RGyhc21h0MsWJ95j0Md8ZUlW615vWNXFJ9AxWN0S0NjGBO5y24FUWN0PaOe1WLi1YxXx-21hWO0VWO-DRLmf6jjuXbW1c96K4ka1a1e1d00RWP____0U0P0UWPumZm6O320u4Q__zNloUsLrEG6e10k1e17W3XXgCenf4wY6ieer14q11fxIFQR1GsDhGXSNDB0iwKs24zHKt2nHngoC3I3FnN7QdlwWPPnAO9N_hBM7N09P3TYa2EruX1Y7WbX8IUOq3QIkaim3hK93hO9k00~1=WXWejI_zOAe1TH00T1gb3w-sgWBszlAIWWI00OICqfIihBJOd0680RNxwDDVa070_-Jtou20W0AO0S3_vFTBe06Yg06Yk06SZiQB8TW1WEQrbm7W0TAZrXde0UW3e0AEoQG8W0Evdg_q38W3hfhckmoO0vNc0Q031B030kigY0MEZ0AG1SIK0h05fqQu1QT6iY7W1Jwe1i01k0U01V470032nwII1EOr47kcATm_oTaBVLxO4Y9WGH7e2uwC0fi6c0tM_JEmFg0Em8GzW120iOCSW8CGeU0HrRgN0kWHwf2_Wlw0cD_btCT0PdCMLbAZcZ-O4mAe4-FLjOt3hwYs5k0JfqQ85A37pw3KZ_MX7A0KfqQe5CIKeRkoIjWKYERaW0Re58m2q1M8vkI01jWLmOhsxAEFlFnZe1RGyhc21h0MsWJ95j0Mik_VlW615m3mFvWNze-z7RWN0S0NjGBO5y24FUWN19aOe1W6i1YxXx-21hWO1FWO-DRLmf6jjuXbW1c96K4ka1a1e1d00RWP____0U0P5UWPumZm6O320u4Q___hsDouWSsG6e10g1hF-Iwu6W4X0E66GoZ6aJg8QoWZeGZ3xSuPKfex7qCt6nBNjYImJ8a5qbEG7aBMmwiGk15G0u5128aHqPbI9hjNoYe9ReACbGJojaUCXdNEkUev1d7XascPCkDici3XIAOKSm3hN9FeO9k00m00~1=WYqejI_zOAm17H40n1o60WQlh0BwzjNXfWs00Qx7ZVkIa-hMXG680TcJqfrFa06smx6ynO20W0AO0RR3iRn5e06qg06qk06ucUdG7zW1wAQG8E01jDoV7-W1gWNu0OBxthu1e0BKZTyMc0F0X3sW0mQm0-SFY0Npw0EG1SMX1h05vCi1k0Naom701Qh01iW5pjC1q0NbOE05TwW6m06u1u05yGS00CBgngywtQKC1z7kFydP2trUs18YO44Hw0lpw0E83ApXuhu1w0oR1fWDrlqpS3sW3i24FO0GZUEq6S2Y4A7W4TMwbmBe4UgGluB-W9ZVvTp7GAHtNjCXDBG_c1C2g1FZrRMDmw-ejXRW4-JB0OWKeCVFeDIFzQ4Se1Jaom6e5CMX1i0KWBli3SWK0j0K-R7LETWK_8sdW0Re58m2o1MifjQAzmRG5VoDfu06s1N1YlRieu-y_6EW5j3okO86i1RQ1CaMq1QiuUA-0O4N0F0_c1Vac8eek1S1m1Ur0jWNm8Gzw1S1cHYW61Mm6Bk7lu86k1W5-1ZurjN2aQstY6M06OaPGIwG6G6W6S01k1d___y1u1aCw1dZ2F0PWC83-1cvifmYWHh___EYlRBxH90QW801k1e1700EnJXI1t4DPIGKORWT9mqvmuR4PIqJQ2KJQwEd83E4h89N8I0Ze0O2Rq4Wpa4RVD1om1YGtOr0ZkE8WPLutGJfEGPv29_yx2kbim3hN9FeO9k00m00~1=WZCejI_zOBa1JH4051qRZSZfkGAocD2YfGg00PZRFOW1ovIltJsG0T2VsT4pc070zA6PDw01qf_PqJEe0UZ8ePatk07Wxu-b7DW1WkBQ6E01-87P6EW1aWMW0k2BlXU00zB-aSCDY0FkxExD3PW3yim2e0C8i0EO4eW5uUq3a0Nm-WEm1U-00RW5xu01cptW1JwO1hI0_g41g0R00RW7W0Nn1m00ml25tyaAPEou9jd_u3_P2trUs18YO44Hw0lXxGE83DAUthu1gGnsOUyFGkFRl-WCcmQO3TRzCp0ye0x0X3tP3_ikW9vJcTu_W12eoxCKcX0RPcPcPcPcyZyPo10CeU0HrRgN0kWHwf2_Wlw0cD_btCT0e2nqqaInn3-O4mAe4-FLjOt3hwYs5k0Jxu01Y1IWny-Wr8_reHoW5E-00QWKyFe3lFl5xWNe58m2q1N3WR-21jWLmOhsxAEFlFnZe1RGyhc21h0MsWIu5W705c395l0_q1RIdjw-0O4Nc1VMxkqRk1S1m1Ur0jWNm8Gzw1S4cHYW61Am6Ag5lu86k1WM-1ZurjN2aQstY6M06OaPGIwG6G6W6S01k1d___y1u1a8w1dZ2F0PWC83WHh__mVDwKDyV90QW42u6W4R02B5E587CGvb58e86Z8TUuE6NpzpPni-LxXyS4sV7M5LavhaXAVO3ch4Fj1QE0YVlXI4Ev03t7iHo74RCR3IEHD7pp4iYpBZpLufdRt8fHIp2RO9E000~1?stat-id=73&test-tag=457946987280897&format-type=110&actual-format=78&pcodever=14145&banner-test-tags=eyI3MjA1NzYwMzg4MTk4NjM1MiI6IjU3MzYwIiwiNzIwNTc2MDQyMjk4NjU0NDAiOiI1NzM2MCIsIjcyMDU3NjAzMzYyMjcxNDUxIjoiNTczNjAiLCI2OTMwNzY5ODk2IjoiNTczNjAifQ%3D%3D&renderWidth=1123&renderHeight=250&confirmTime=2101000&confirmRatio=1000000&wmode=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ficbook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:04 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 21:32:04 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 15 Mar 2021 21:32:04 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 6E6F
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

281 B
554 B

153ms
51ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=6980b64b-9996-524b-85dc-6dcfe593bf9f&CACHEBUSTER=514332
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://cache.betweendigital.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 15 Mar 2021 21:32:04 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Date: Mon, 15 Mar 2021 21:32:04 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 6E6F 31 KB
10 KB 50ms
50ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e01b2c94a979c7f73e27503991c0087ddd4e3dc9b6920cae31ba9308db24bb9e

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 21:32:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=64665
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9439
Expires: Tue, 16 Mar 2021 15:29:49 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 6E6F 284 B
536 B 176ms
45ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/jpg

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 47DE
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=6980b64b-9996-524b-85dc-6dcfe593bf9f
https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=6980b64b-9996-524b-85dc-6dcfe593bf9f&cs=1

35 B
378 B

72ms
72ms

Image
image/gif

95.216.101.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=6980b64b-9996-524b-85dc-6dcfe593bf9f&cs=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.216.101.186 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.186.101.216.95.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:05 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=6980b64b-9996-524b-85dc-6dcfe593bf9f&cs=1
date: Mon, 15 Mar 2021 21:32:05 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2

200

514332
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 47DE
Redirect Chain

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/514332
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/514332

43 B
297 B

42ms
41ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/514332
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: tns-counter-3.1.0/1.18.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:05 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: tns-counter-3.1.0/1.18.0
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:05 GMT
server: tns-counter-3.1.0/1.18.0
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/514332
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 betweendata
api.rees46.com/profile/ Frame 47DE 43 B
158 B 140ms
45ms Image
image/gif 88.99.242.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.rees46.com/profile/betweendata?rand=514332
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.242.108 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: a02.smtp.rees46.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 21:32:05 GMT
access-control-allow-credentials: true
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2

200

m
cm.mgid.com/ Frame 47DE
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=429&user_id=6980b64b-9996-524b-85dc-6dcfe593bf9f&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=429&user_id=6980b64b-9996-524b-85dc-6dcfe593bf9f&expires=30
https://cm.mgid.com/m?cdsp=433145&c=3e92b1dc-97fa-4a14-aac2-cd974413d0ad&gdpr=&gdpr_consent=&us_privacy=

43 B
779 B

224ms
110ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=3e92b1dc-97fa-4a14-aac2-cd974413d0ad&gdpr=&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:05 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 5d0a80cb-a726-47b6-8afa-622558d8248a
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6308da38bcf01e75-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d966b77100001e750b8cf000000001
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=433145&c=3e92b1dc-97fa-4a14-aac2-cd974413d0ad&gdpr=&gdpr_consent=&us_privacy=
date: Mon, 15 Mar 2021 21:32:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 86DE 2 KB
818 B 141ms
46ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5d1628750185ace

Requested by

Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=6980b64b-9996-524b-85dc-6dcfe593bf9f&CACHEBUSTER=514332

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=5d1628750185ace
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cache.betweendigital.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cache.betweendigital.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2

200

6980b64b-9996-524b-85dc-6dcfe593bf9f
an.yandex.ru/mapuid/betweendigitalis/ Frame 47DE
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F6980b64b-9996-524b-85dc-6dcfe593bf9f
https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F6980b64b-9996-524b-85dc-6dcfe593bf9f&crf=1
https://an.yandex.ru/mapuid/betweendigitalis/6980b64b-9996-524b-85dc-6dcfe593bf9f
https://an.yandex.ru/mapuid/betweendigitalis/6980b64b-9996-524b-85dc-6dcfe593bf9f?redir-setuniq=1

43 B
99 B

50ms
50ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/betweendigitalis/6980b64b-9996-524b-85dc-6dcfe593bf9f?redir-setuniq=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:06 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 21:32:06 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 15 Mar 2021 21:32:06 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Mar 2021 21:32:06 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 21:32:06 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/betweendigitalis/6980b64b-9996-524b-85dc-6dcfe593bf9f?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 15 Mar 2021 21:32:06 GMT

GET
H/1.1 200
OK sync.html
s.adtelligent.com/ Frame 47DE 0
0 94ms
24ms Image
text/html 2a0c:5c81:5160::2
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.adtelligent.com/sync.html?aid=582266
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5160::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://cache.betweendigital.com
Access-Control-Allow-Credentials: true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuTtPNWIkKyg_j5kj-Bb1Nb0nsbK6k_j69vK4rARcpUN5pgl_f0eSVWpvO5Bmng6nRJTjDKRwZ2AIBThBcaX4Fpok7Oi6NEtG637CWHUy0&sig=Cg0ArKJSzLV6z5oGRs3bEAE&id=osdim&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20210312&bin=7&avms=ns&bs=0,0&mc=0&app=0&itpl=19&adk=5671228&rs=4&la=1&cr=0&osd=1&vs=2&rst=1615843921635&dlt=0&rpt=0&isd=0&msd=0&r=u&uup=0

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.betweendigital.com/	1970-01-23 08:26:43	Name: ut Value: YE_SUAAFsQgOtFXnqVHmN345epTQDvYtQsa4JA==
yastatic.net/safeframe-bundles/0.80/1-1-0	1970-01-19 16:52:10	Name: afpix Value: 1
.ficbook.net/	1970-01-20 01:36:19	Name: _ym_d Value: 1615843921
.ficbook.net/	1970-01-19 16:51:55	Name: _ym_isad Value: 2
.betweendigital.com/	1970-01-23 08:26:43	Name: tuuid Value: 6980b64b-9996-524b-85dc-6dcfe593bf9f
.betweendigital.com/	1970-01-23 08:26:43	Name: ss Value: 1
.betweendigital.com/	1970-01-23 08:26:43	Name: unm Value: 1
.ficbook.net/	1970-01-19 17:33:55	Name: __cfduid Value: d0de37b7124b97441ada657fab99542341615843919
.ficbook.net/	1970-01-19 16:50:43	Name: _gat_gtag_UA_60182365_3 Value: 1
.ficbook.net/	1970-01-19 16:52:10	Name: _gid Value: GA1.2.946491699.1615843921
.betweendigital.com/	1970-01-23 08:26:43	Name: dc Value: lux1
.ficbook.net/	1970-01-20 10:21:55	Name: _ga Value: GA1.2.1691409138.1615843921
.ficbook.net/	1970-01-20 01:36:19	Name: _ym_uid Value: 1615843921100630755
.ficbook.net/	1970-01-20 02:12:19	Name: __gads Value: ID=64f98d41b733a7d0-22dc673bcaba001f:T=1615843921:S=ALNI_MbhjS_zyeU_St7vF1nxQbQDJMGlGw

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://static.ficbook.net/ficbook/assets/app.8b9d069d.js(Line 40) Message: jQuery.Deferred exception: Cannot read property 'getItem' of null TypeError: Cannot read property 'getItem' of null at t.getLocal (https://static.ficbook.net/ficbook/assets/app.8b9d069d.js:10:2676) at EVdn.C.fn.init.ZlgE.t.fn.hintHider (https://static.ficbook.net/ficbook/assets/app.8b9d069d.js:50:136724) at HTMLDocument.<anonymous> (https://static.ficbook.net/ficbook/assets/app.8b9d069d.js:50:136800) at l (https://static.ficbook.net/ficbook/assets/app.8b9d069d.js:40:26162) at u (https://static.ficbook.net/ficbook/assets/app.8b9d069d.js:40:26464) undefined
console-api	warning	URL: https://static.ficbook.net/ficbook/assets/app.8b9d069d.js(Line 40) Message: jQuery.Deferred exception: Cannot read property 'getItem' of null TypeError: Cannot read property 'getItem' of null at t.getLocal (https://static.ficbook.net/ficbook/assets/app.8b9d069d.js:10:2676) at HTMLDocument.<anonymous> (https://static.ficbook.net/ficbook/assets/app.8b9d069d.js:75:54149) at l (https://static.ficbook.net/ficbook/assets/app.8b9d069d.js:40:26162) at u (https://static.ficbook.net/ficbook/assets/app.8b9d069d.js:40:26464) undefined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

95ad313bde6c4125f4477b6514e01c83.safeframe.googlesyndication.com
ad.mail.ru
adfox-c2s-ams.creativecdn.com
ads.adfox.ru
ads.betweendigital.com
ads.creative-serving.com
adservice.google.com
adservice.google.de
an.yandex.ru
ap.lijit.com
api.rees46.com
avatars.mds.yandex.net
bidder.criteo.com
cache.betweendigital.com
cdn.jsdelivr.net
cm.mgid.com
eus.rubiconproject.com
ficbook.net
googleads.g.doubleclick.net
gum.criteo.com
matchid.adfox.yandex.ru
mc.webvisor.org
mc.yandex.ru
onetag-sys.com
pagead2.googlesyndication.com
pb.adriver.ru
pixel.quantserve.com
px.adhigh.net
s.adtelligent.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
static.criteo.net
static.ficbook.net
stats.g.doubleclick.net
sync.1dmp.io
sync.bumlam.com
sync3.adsniper.ru
token.rubiconproject.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.tns-counter.ru
x.bidswitch.net
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
pagead2.googlesyndication.com
tpc.googlesyndication.com
104.19.132.78
142.250.186.162
142.250.186.34
172.67.17.216
178.250.0.165
18.158.181.33
18.185.0.221
185.184.8.30
188.42.191.196
193.232.148.142
195.209.111.20
2001:6d0:4001::226
216.52.2.39
23.37.42.132
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1148:db00::17
2a00:1450:4001:800::2002
2a00:1450:4001:801::2001
2a00:1450:4001:801::200e
2a00:1450:4001:809::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:828::2002
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:400c:c09::9d
2a02:2638:1::13
2a02:2638::3
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
2a04:4e42:4a::621
2a0c:5c81:5160::2
31.172.81.160
31.172.81.172
5.254.23.213
51.89.9.252
69.173.144.139
77.88.21.179
80.239.201.120
88.99.242.108
95.216.101.186
0431f8c753f8bba3181b2037842eb6b56f6e5806c60c8db55c684fcf9044979d
04aa362b3547466e68c8075bf5fa19735ca86f373d78d646d854c2b66526cd48
07c70a9ccdd2c20e319a8d87011cda32bb31c6931b4c90dfe029e53159fa8caf
09cd78d927dcb725c0a40c0fa03a201c211c37b4ff700de66088a0d75da44cfb
0ddde2f18a5be67584141ed8164326e63ef40246381910ee97440d30370fde23
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
103ead0807ebdeb898e24777854a09558c2986f67006b3bf911a551a258f7f39
108e9d4a01d138ce470c2f28736e948b17ef958b72f0ce83d9010bae12d29eb1
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
193f4351ff27ff1fd162455c17bf362ee12c4be5e0c26e7fdb20e56b9c842096
19a45e21e52fcc6e2e14c40e7790ea724e76821b47d9065481db24d556c9cdb9
1a964a4c1c5aae43666478cf223a51bea27bfe87a91c157d63fa0d03e7a87459
1fa689793fcfa73086ec5a3b202e37fddf30a7cdc7d01d836ab593f1f3545049
20ab0affbc3d4d72fcdd8d98b9cc1998e431eee7f470fd20bec5ee1799fde36a
2977604c676963e549a66ff8c698e083609c0a9004b7e13cc46fb630004cb581
2a5be421dc7f222c63e678a2c065e1fe4d89a0ad71e8d12f65a91d5a89520269
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ab3032feeaca77436d8e4da413159243f5285be343a90ed4d56e4e7d887683a
2fec5da3fc8e519c5240ce9dc0e127eb1d6273f2ae67c12014ddc7918fbd0ce7
34cda760d049822a46bc242d964a326faaff2db4d996eec977ea86acef5772be
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3b3252017c164da70cf7978aede4f4720b671d8bb65cc734bdd1a5e1ca8041e2
3f77568b1fa6d6e0394f6b470907f580e3ba99d57cc8458ab4aa0ea651746442
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40cc818c8b06374b11230d18b2b54f8c7f2a7668b94ac9ee00d6a106cf0efd8b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4e56299438cce4c8a43dd66262991ddfeb792cb6b67b0ec63ac6d3451e6b8cbf
52a3909e9b909233d2bd349d2f1573f4d090c3ed042d19d579156bc67e811bf4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56bfc6e6f845f5aca103000cf061da1c9a623b0737db22ec2edeff646f3fb3de
634b10d372a7bfa3c6b1bc5246190e2318c83b1558be25d35acb9364fc483a9a
65d34930ca0e6ef1aa47fe5e4516a730a2bbb3b572c28e66641d99c083e8dc25
69e31d53d95f965695db3712f85925810e90cc839a793c87adfcb21eb637673e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bfb79df3b0467cf01641d0d529263b5857c6d97812110c6a1de8d239e759126
71229c58bce993d4516e509141695550d63051fab1ee351c2845405bc2056cde
76f8ebf46fa95c31efb8a764b15a3a0849c11346454a026f003cdda43add1749
772bd7eefd1c8a50aac62beb35d14aa5bf8b9c427b798b9954ac04d3bc14eb09
77e997d473078ede5952521d688b293746a01f8650c7edf4dda080ac8e2d7034
78378fda0852879be981cc2af6173dbf3b95813927c10c7abe73bf72e0d4d2e5
7f8616d7ce225257bdaebe00056c8fa1415915501d20b74410fb64464ec32d7a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
960d3c7144bd7d1695869610cb719fa0d30c5ca692eb76e1497a96f0c7ee001c
965ffb21931f163f4f8866698b536dd22db484744fdaaad11e615cc22086cfdf
96ad0e0ce48119cc7337f90b69c3698e307ca1355ca72a6cee7d8628310980d8
98566876dae2680d7858f0a9a46ca1cbc809800ddfb7cca3f5249143533751b5
99719e9ab52f3faec4046b11354951bc88c2748018ba10dfbab2342c975b51de
9a10b1418ae87e1667a44c85f39b5e1af9b8a24279d9a2743c0859d478f3f925
9ae863ce773e3b0e3634972b423aaa1595fcc0c087e60a85ab58f567676d5f96
a1c68fd2bd2ee4b4f547e60af04ee988f48aade799a957f6c82720b347620ad7
a1dc55abda7c4a73858812a18775b971464e6153bb97a7ef636540ed5b2df068
a1ea0ce61faa5b8ac2fda8bacbe98f14c0ad874ca75e001a8b6c76df0787059d
a35772189b1234fa7d83ef6856d9d30e4eb48f38dd7476438e316ee1c015077a
a3c80ac4f897d96ad1046d4d9ef2db2e8072f1af8c274c589d5942f79eb7da26
a4012f526954ddff3c2c91c5c89ffe0ec0abb515b022b254b843208166288a42
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a83a4b91b9d7e6f311543068b7c65291d001cd2fb17f19ab8e5a0adb1a0d01e1
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aad623ba53ddea046df9d96c937a4d31f8985d2dc84b8d99159109539ca8f661
ab62fe971dd4b318621de81bfd9315f50f36bd50791512128cea651f3ef136d1
ad555d55333db8ce11ef0e9cfc5d167e096fd1bca88b4a4a903cfc428dcb9963
b0e5fb353670c58b59abc29cbc929100570fb5be684928f9704373b0e6912c16
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b465ec538ad80ec1865094dd5bbfa70e08480e3b7b8a63d9ba920b0a393b532f
b4e8f0e8ec3598d4d2cdefd9aaf88dc6570451734fef0b11cda7c009f353d6a7
b85a1356108118c022e666d6ae622e52f4bdec3d33ee4494f0addf169a58c14b
bc62c7ec9f3d61384c7692db2cc00b913a0a50065620f504f06fd7d09d06cc9e
c274ca6ffb1e8a95e4ab838609e83a8007b0771421d40ba8c54b6864ad5510cc
c49f2db61c1a30d033de11a5f20324bf18d8ab1c23070c99bf45ae344dd5816e
c8c1822039fda3c8c5f026d486d697574cab9a0c4b259fcea172bd17f56caa98
cc54d49a204cf8a8440884a769b3bc5a01030ce4f1d45582adc2170c95752ee1
ce0adc53ee8c4c193da8d3334a5505d0ac4330672c538efdc69cff19e70b7207
ce417dbb60f9f1f514c7a650156c444044c28eea6190d8db1ac711ecc6a50f97
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1d1efd3323cc4ba879e4463b9c7c615ebe227533e94c197b27a1021bb56a142
d23f4cdd778348253180da8a3f9ea2909f48d80691e01e0b772888e3aa2d63df
dc4b6716b40b37133fb7e5ce9d388a331e67930340457d40b0849987cf20fcb3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e01b2c94a979c7f73e27503991c0087ddd4e3dc9b6920cae31ba9308db24bb9e
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e2f077e19119f919b2fd2c0c8efe2fd6275c7d1f3ec44a7e4413ae0d6ce913fe
e3829d9bdd934875b642c9b106ab61735a5b4855ba05b04b69aef236c7409e69
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e1f7c434d7cab19e663e0f8806e4523a3aa03a75b0a335702eea0ad406432e
e8f9fbf36ab648c60407a9c380744a75822391fc35d98f6d0e3193aac8aafddf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
f1e572871055c1d0e152936f664d5fb075f505b99b412a4776f65a7abe80b505
f4ed7b29c133624fce0e421cdeef28afc989067b734d8273b7ff6301e9580db7
f6ac3c8e6ce2149cb393c789e9640b78cfb6626380e872a605c1c5fb1df3981e
f90b37547193d618576705987bc9c3612289c508b9189656c0c3d574bcc35ac2
fbb7208095b55d497d8ed965e37183ffc0ab7443c53140ed1f38cdaa097b7027
fc96a273a5b65108f8b8a2414a93020eb3ac42bd6a850ce6caeeafc5bb54850a
fcc94a5496346d9bdec25ec013c3ee1665221c7ee963a0e264737c7f129b6c75

ficbook.net Open in urlscan Pro 172.67.17.216 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

140 Requests

99 %HTTPS

56 %IPv6

35 Domains

50 Subdomains

47 IPs

10 Countries

1991 kBTransfer

5614 kBSize

14 Cookies

7 Outgoing links

Redirected requests

140 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ficbook.net Open in urlscan Pro
172.67.17.216 Public Scan

Screenshot
Live screenshot

Full Image

140
Requests

99 %
HTTPS

56 %
IPv6

35
Domains

50
Subdomains

47
IPs

10
Countries

1991 kB
Transfer

5614 kB
Size

14
Cookies

140 HTTP transactions
1 data transactions