flibusta.site Open in urlscan Pro
185.238.168.83 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://flibusta.site/b/298360/read#anotelink121
Effective URL:
http://flibusta.site/b/298360/read
Submission: On December 13 via api (December 13th 2024, 8:20:46 pm UTC) from AE — Scanned from NL

Summary HTTP 36 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 16 domains to perform 36 HTTP transactions. The main IP is 185.238.168.83, located in Meppel, Netherlands and belongs to SCALAXY-AS Scalaxy B.V., LV. The main domain is flibusta.site.

This is the only time flibusta.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	5.61.56.204 5.61.56.204	58061 (SCALAXY-A...) (SCALAXY-AS Scalaxy B.V.)
6 7	185.238.168.83 185.238.168.83	58061 (SCALAXY-A...) (SCALAXY-AS Scalaxy B.V.)
9	5.45.87.206 5.45.87.206	58061 (SCALAXY-A...) (SCALAXY-AS Scalaxy B.V.)
3 7	87.250.250.119 87.250.250.119	13238 (YANDEX YA...) (YANDEX YANDEX LLC)
1 1	88.212.201.198 88.212.201.198	39134 (UNITEDNET...) (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY)
1 2	88.212.202.52 88.212.202.52	39134 (UNITEDNET...) (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY)
7	45.133.44.53 45.133.44.53	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS DataWeb Global Group B.V.)
1	88.198.200.22 88.198.200.22	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
1	172.67.174.51 172.67.174.51	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.90.84.242 157.90.84.242	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
1	168.119.25.102 168.119.25.102	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
4	116.202.249.56 116.202.249.56	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
4	45.133.44.25 45.133.44.25	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS DataWeb Global Group B.V.)
1 1	104.21.19.82 104.21.19.82	13335 (CLOUDFLAR...) (CLOUDFLARENET)
36	12

1 5.61.56.204 (Dronten, Netherlands) 1 redirects

ASN58061 (SCALAXY-AS Scalaxy B.V., LV)
PTR: mkt1.herminton.com

flibusta.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.238.168.83 (Meppel, Netherlands) 6 redirects

ASN58061 (SCALAXY-AS Scalaxy B.V., LV)
PTR: kinouz.club

flibusta.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 5.45.87.206 (Meppel, Netherlands)

ASN58061 (SCALAXY-AS Scalaxy B.V., LV)

flibusta.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 87.250.250.119 (Russian Federation) 3 redirects

ASN13238 (YANDEX YANDEX LLC, RU)
PTR: mc.yandex.ru

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.202.52 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 45.133.44.53 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)

5837941a19.d1f76eb5a4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.capndr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c99e557214.06cffaae87.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.200.22 (Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.88-198-200-22.clients.your-server.de

notification.tubecup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.174.51 (United States)

ASN13335 (CLOUDFLARENET, US)

storage.multstorage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.84.242 (Ismaning, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.242.84.90.157.clients.your-server.de

fp.metricswpsh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.25.102 (Düsseldorf, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.102.25.119.168.clients.your-server.de

nereserv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 116.202.249.56 (Nuremberg, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.56.249.202.116.clients.your-server.de

22f93ea046.c74632eb91.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.133.44.25 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)

static.bookmsg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gfxdn.pics	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.19.82 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

p.a64x.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	flibusta.site 7 redirects flibusta.site	590 KB
5	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 9443	4 KB
5	d1f76eb5a4.com 5837941a19.d1f76eb5a4.com	236 KB
4	c74632eb91.com 22f93ea046.c74632eb91.com	9 KB
3	yadro.ru 2 redirects counter.yadro.ru — Cisco Umbrella Rank: 15372	2 KB
2	gfxdn.pics gfxdn.pics — Cisco Umbrella Rank: 35583	9 KB
2	bookmsg.com static.bookmsg.com — Cisco Umbrella Rank: 41152	2 KB
2	metricswpsh.com fp.metricswpsh.com — Cisco Umbrella Rank: 34091	432 B
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 4577	55 KB
1	a64x.com 1 redirects p.a64x.com — Cisco Umbrella Rank: 41236	687 B
1	nereserv.com nereserv.com — Cisco Umbrella Rank: 31261	201 B
1	06cffaae87.com c99e557214.06cffaae87.com	225 B
1	multstorage.com storage.multstorage.com — Cisco Umbrella Rank: 29614
1	tubecup.net notification.tubecup.net — Cisco Umbrella Rank: 62038	1 KB
1	capndr.com js.capndr.com — Cisco Umbrella Rank: 37267	256 B
0	google.com Failed accounts.google.com — Cisco Umbrella Rank: 17 Failed
36	16

	Domain	Requested by
17	flibusta.site	7 redirects flibusta.site
5	mc.yandex.com	2 redirects flibusta.site
5	5837941a19.d1f76eb5a4.com	flibusta.site 5837941a19.d1f76eb5a4.com
4	22f93ea046.c74632eb91.com	5837941a19.d1f76eb5a4.com
3	counter.yadro.ru	2 redirects flibusta.site
2	gfxdn.pics
2	static.bookmsg.com
2	fp.metricswpsh.com	5837941a19.d1f76eb5a4.com
2	mc.yandex.ru	1 redirects flibusta.site
1	p.a64x.com	1 redirects
1	nereserv.com	5837941a19.d1f76eb5a4.com
1	c99e557214.06cffaae87.com	5837941a19.d1f76eb5a4.com
1	storage.multstorage.com	5837941a19.d1f76eb5a4.com
1	notification.tubecup.net	5837941a19.d1f76eb5a4.com
1	js.capndr.com	5837941a19.d1f76eb5a4.com
0	accounts.google.com Failed	flibusta.site
36	16

This site contains links to these domains. Also see Links.

Domain
booktracker.org
www.liveinternet.ru

Subject Issuer	Validity	Valid
flibusta.site E6	`2024-12-07` - `2025-03-07`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2024-10-20` - `2025-04-01`	5 months	crt.sh
5837941a19.d1f76eb5a4.com R10	`2024-12-10` - `2025-03-10`	3 months	crt.sh
js.capndr.com R11	`2024-10-18` - `2025-01-16`	3 months	crt.sh
notification.tubecup.net E6	`2024-11-07` - `2025-02-05`	3 months	crt.sh
multstorage.com WE1	`2024-11-08` - `2025-02-06`	3 months	crt.sh
c99e557214.06cffaae87.com R10	`2024-12-10` - `2025-03-10`	3 months	crt.sh
c74632eb91.com E6	`2024-12-09` - `2025-03-09`	3 months	crt.sh
static.bookmsg.com R10	`2024-12-01` - `2025-03-01`	3 months	crt.sh
gfxdn.pics R11	`2024-11-30` - `2025-02-28`	3 months	crt.sh

This page contains 3 frames:

Primary Page: http://flibusta.site/b/298360/read
Frame ID: F6E94DDBA4E4DA2770B5114EF06EBA29
Requests: 31 HTTP requests in this frame

Frame: https://storage.multstorage.com/log/count.html
Frame ID: 5A9CAA4E067AC120B2377733DAF28097
Requests: 1 HTTP requests in this frame

Frame: https://gfxdn.pics/m/p/0/877/877619/conversions/obAKzJND-in-page-ad-icons.jpg
Frame ID: 405B89E4C3CFD2D2679D50987B967B3F
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Скелеты в шкафу истории (fb2) | Флибуста

Page URL History Show full URLs

http://flibusta.site/b/298360/read HTTP 307
https://flibusta.site/b/298360/read HTTP 302
http://flibusta.site/b/298360/read HTTP 307
http://flibusta.site/b/298360/read Page URL

Detected technologies

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

36
Requests

67 %
HTTPS

0 %
IPv6

16
Domains

16
Subdomains

12
IPs

5
Countries

904 kB
Transfer

2609 kB
Size

20
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://booktracker.org/
Title: [Книжный торрент]

Search URL Search Domain Scan URL

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://flibusta.site/b/298360/read HTTP 307
https://flibusta.site/b/298360/read HTTP 302
http://flibusta.site/b/298360/read HTTP 307
http://flibusta.site/b/298360/read Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://flibusta.site/sites/default/files/css/css_96dc2b2360a2a902952acda2b7353264.css HTTP 302
https://flibusta.site/sites/default/files/css/css_96dc2b2360a2a902952acda2b7353264.css

Request Chain 1

http://flibusta.site/sites/default/files/js/js_38da4b3058a476fa69101d044220c361.js HTTP 302
https://flibusta.site/sites/default/files/js/js_38da4b3058a476fa69101d044220c361.js

Request Chain 2

http://flibusta.site/caa/script.js HTTP 302
https://flibusta.site/caa/script.js

Request Chain 3

http://flibusta.site/sites/default/files/bluebreeze_logo.png HTTP 302
https://flibusta.site/sites/default/files/bluebreeze_logo.png

Request Chain 4

http://flibusta.site/img/znak.gif HTTP 302
https://flibusta.site/img/znak.gif

Request Chain 8

http://counter.yadro.ru/hit?t26.6;r;s1600*1200*24;uhttp%3A//flibusta.site/b/298360/read%23anotelink121;0.27254701623268773 HTTP 302
https://counter.yadro.ru/hit?t26.6;r;s1600*1200*24;uhttp%3A//flibusta.site/b/298360/read%23anotelink121;0.27254701623268773 HTTP 302
https://counter.yadro.ru/hit?q;t26.6;r;s1600*1200*24;uhttp%3A//flibusta.site/b/298360/read%23anotelink121;0.27254701623268773

Request Chain 14

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10592.QB1BAqnF6DaVLBLmCYSEJXkrqXJBg6N1TxrSkwzYrju8zr5spRloBdOs4eiWO2dd.tw4opOW_ZlPlqHg78kOxLYkxmJc%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10592.KliqIljp7N5OgC_vWt_IL0ZyIc5QOORY9IUxlFT1NaWzAvRy5ZbYuYhLgH8ge5wPOXLWdnfNtd2iGbyrlZrDknJWMH58fCDRDgmj3EHZ4Dk8WL7dUDDUcrMdygMIWoK-w_88I4V__DXE4gitPG4hPbIVMI8fTFhxPnjFGGSO0v0aNu2XkhG9MgaqfebwK3hkWIyMS0iYzL1P2zuR87oc7afqbuibM6nVezvvNJsQM_M%2C.KpCXGydkQWo2o93NV-xptCg_HAw%2C

Request Chain 22

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AeZLP9_J2fTBgugJ04NrhAjT6V5_Ae56O3ujDwQIyDNNj5DnvLo7xhgujgTeZS5EfBKNKI_YDaI81A HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeZLP9_h_ehzeNkI0O4U_X79VfhcBFgCck3k8W2O9C6kOmxKu-zOGLyg7H0NJuM1UL8ms6sCGQxkTA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-769121084%3A1734121241495297&ddm=1

Request Chain 27

https://mc.yandex.com/watch/46512705?wmode=7&page-url=http%3A%2F%2Fflibusta.site%2Fb%2F298360%2Fread%23anotelink121&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Afqngs4ku2psd4e9m0lq0o0a6g7v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1541%3Acn%3A1%3Adp%3A0%3Als%3A1525758368215%3Ahid%3A954417309%3Az%3A60%3Ai%3A20241213212041%3Aet%3A1734121241%3Ac%3A1%3Arn%3A734670295%3Arqn%3A1%3Au%3A173412124152303084%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A660%3Ads%3A0%2C0%2C221%2C1420%2C106%2C0%2C%2C17%2C4%2C%2C%2C%2C1765%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1734121239065%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1734121241%3At%3A%D0%A1%D0%BA%D0%B5%D0%BB%D0%B5%D1%82%D1%8B%20%D0%B2%20%D1%88%D0%BA%D0%B0%D1%84%D1%83%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20(fb2)%20%7C%20%D0%A4%D0%BB%D0%B8%D0%B1%D1%83%D1%81%D1%82%D0%B0&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(3178752)ti(1) HTTP 302
https://mc.yandex.com/watch/46512705/1?wmode=7&page-url=http%3A%2F%2Fflibusta.site%2Fb%2F298360%2Fread%23anotelink121&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Afqngs4ku2psd4e9m0lq0o0a6g7v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1541%3Acn%3A1%3Adp%3A0%3Als%3A1525758368215%3Ahid%3A954417309%3Az%3A60%3Ai%3A20241213212041%3Aet%3A1734121241%3Ac%3A1%3Arn%3A734670295%3Arqn%3A1%3Au%3A173412124152303084%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A660%3Ads%3A0%2C0%2C221%2C1420%2C106%2C0%2C%2C17%2C4%2C%2C%2C%2C1765%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1734121239065%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1734121241%3At%3A%D0%A1%D0%BA%D0%B5%D0%BB%D0%B5%D1%82%D1%8B%20%D0%B2%20%D1%88%D0%BA%D0%B0%D1%84%D1%83%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%28fb2%29%20%7C%20%D0%A4%D0%BB%D0%B8%D0%B1%D1%83%D1%81%D1%82%D0%B0&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283178752%29ti%281%29

Request Chain 28

http://flibusta.site/sites/default/files/bluebreeze_favicon.ico HTTP 302
https://flibusta.site/sites/default/files/bluebreeze_favicon.ico

Request Chain 33

https://p.a64x.com/in/tip_shows/?katds_ep=75Ut6MdPK_oYNxFDllY_fha2UNVPahz5g0zIH0zU44133RPnvdAQA9Wb5Q5LR0lXW0_lhhS0pEuFgxrDe0nof5Nw5NnUxEyJBCi1ahBC2IvUeoOiwiBxuK6ualRbHF2SYV2HYlhNmQhcc7bc2FKkfqI3dhtCwvH_X93t5JxH79G6OFIbsXPls1xCo3Q2bLLVpiJjnv7Ba0p24anlOoP1WpS-vgPWfEBxj132S3MJTKbzgVtwvVIlxSibN_Z70buuKthqyMIKAv6rMEKFP_GpZKqvjDJSOFhSgytYNrI7ruBGO22IWGGuwEoKaOydDVaKkEZV_7SbDug1x5uo231LMyHt7ERNc8n8otooi9ZfHqLPDsiHT9DUJKgeBe_zt7_cOamY2Z5P3mHS-Ulvd0beQUnvkNGr-RxQ7dpVsfVEW1M76TIfO2_IF74gecDsgxiQUWcydjZLgOGKSXs4AzC553yfRhr3OjcZezTRAvPBy3DD97HtLrkEInrj0ugvTn_Ysv0HDm_NKPUQ-bZavKBhFybWghKVSpXy31rkMiUleAViv-yB_p91DE12Ib932URtzcmTvnrUr3giAfXr_21nACPD3DmLbXMFeLoEgI7KD3UuW_gvSof_JXm-NcalHSePnGB7tB0LC0fUOemkWXk6suzVyRVDxsFZGJUTCwJ0djTtfFSA_RW8QimslNJvJELryZtZdQAM4vWxZLkMfQURbkPyw2hoKU0BClsskUFXDs8fcfolGYv-rlgaOxiOqcXQQu6U4GDciLwH4IFqp7RX_dqLoAyNC71n0MwdwJt3Fc6fEIz0hUxe4IjVF9gInSMKXs2bliDrEvrG28BUdXgZ0EOxVCB8IlaQOBMbkDO6IgGdu_S7JVQSFmxbIN4bSrmXoq6rjBajxk1GvdPOaB-Yr1kwhLhISAiA0jfrLL_6MiXJIWtWGxsp56FyE2ync3rr&bid=0.0028 HTTP 302
https://gfxdn.pics/m/p/0/877/877619/conversions/obAKzJND-in-page-ad-icons.jpg

36 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request read Show response
flibusta.site/b/298360/
Redirect Chain

http://flibusta.site/b/298360/read
https://flibusta.site/b/298360/read
http://flibusta.site/b/298360/read
http://flibusta.site/b/298360/read

1 MB
382 KB

221ms
221ms

Document
text/html

185.238.168.83
SCALAXY-AS Scalax...

General

Check archive.org

Show headers Download Go to

Full URL: http://flibusta.site/b/298360/read
Protocol: HTTP/1.1
Server: 185.238.168.83 Meppel, Netherlands, ASN58061 (SCALAXY-AS Scalaxy B.V., LV),
Reverse DNS: kinouz.club
Software: nginx /
Resource Hash: 7f5c2165028f75b6373bc0680cc46b582beed0d6c258fb5236c5324c98250df8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Age: 231
Cache-Control: public, max-age=600
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 13 Dec 2024 20:20:39 GMT
ETag: W/"1734121008"
Expires: Sun, 11 Mar 1984 12:00:00 GMT
Keep-Alive: timeout=35
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding

Redirect headers

Location: http://flibusta.site/b/298360/read#anotelink121
Non-Authoritative-Reason: HttpsUpgrades

GET
H2

200

css_96dc2b2360a2a902952acda2b7353264.css
flibusta.site/sites/default/files/css/
Redirect Chain

http://flibusta.site/sites/default/files/css/css_96dc2b2360a2a902952acda2b7353264.css
https://flibusta.site/sites/default/files/css/css_96dc2b2360a2a902952acda2b7353264.css

26 KB
7 KB

137ms
73ms

Stylesheet
text/css

5.45.87.206
SCALAXY-AS Scalax...

General

Check archive.org

Show headers Download Go to

Full URL: https://flibusta.site/sites/default/files/css/css_96dc2b2360a2a902952acda2b7353264.css
Requested by: Host: flibusta.site
URL: http://flibusta.site/b/298360/read
Protocol: H2
Server: 5.45.87.206 Meppel, Netherlands, ASN58061 (SCALAXY-AS Scalaxy B.V., LV),
Reverse DNS
Software: nginx /
Resource Hash: ad6a82ffd7fc8f8c1f7af1c930c742bf93b19fd5da3584087ebd0672a23f3a38

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

cache-control: max-age=315360000
content-encoding: gzip
etag: W/"596320ae-683f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Fri, 13 Dec 2024 20:20:39 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
server: nginx

Redirect headers

Location: https://flibusta.site/sites/default/files/css/css_96dc2b2360a2a902952acda2b7353264.css
Content-Length: 138
Keep-Alive: timeout=35
Date: Fri, 13 Dec 2024 20:20:39 GMT
Content-Type: text/html
Server: nginx
Connection: keep-alive

GET
H2

200

js_38da4b3058a476fa69101d044220c361.js Show response
flibusta.site/sites/default/files/js/
Redirect Chain

http://flibusta.site/sites/default/files/js/js_38da4b3058a476fa69101d044220c361.js
https://flibusta.site/sites/default/files/js/js_38da4b3058a476fa69101d044220c361.js

130 KB
130 KB

164ms
101ms

Script
application/javascript

5.45.87.206
SCALAXY-AS Scalax...

General

Check archive.org

Show headers Download Go to

Full URL: https://flibusta.site/sites/default/files/js/js_38da4b3058a476fa69101d044220c361.js
Requested by: Host: flibusta.site
URL: http://flibusta.site/b/298360/read
Protocol: H2
Server: 5.45.87.206 Meppel, Netherlands, ASN58061 (SCALAXY-AS Scalaxy B.V., LV),
Reverse DNS
Software: nginx /
Resource Hash: 0ce15a8f257959b2f4e39c9d2eaa5e7ca98ac78d9740851aa1b1d9d0c56f3009

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

cache-control: max-age=315360000
etag: "596320ae-20848"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
date: Fri, 13 Dec 2024 20:20:39 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
server: nginx

Redirect headers

Location: https://flibusta.site/sites/default/files/js/js_38da4b3058a476fa69101d044220c361.js
Content-Length: 138
Keep-Alive: timeout=35
Date: Fri, 13 Dec 2024 20:20:39 GMT
Content-Type: text/html
Server: nginx
Connection: keep-alive

GET
H2

200

script.js Show response
flibusta.site/caa/
Redirect Chain

http://flibusta.site/caa/script.js
https://flibusta.site/caa/script.js

6 KB
6 KB

88ms
29ms

Script
application/javascript

5.45.87.206
SCALAXY-AS Scalax...

General

Check archive.org

Show headers Download Go to

Full URL: https://flibusta.site/caa/script.js
Requested by: Host: flibusta.site
URL: http://flibusta.site/b/298360/read
Protocol: H2
Server: 5.45.87.206 Meppel, Netherlands, ASN58061 (SCALAXY-AS Scalaxy B.V., LV),
Reverse DNS
Software: nginx /
Resource Hash: 6e1e9110e10d479af4d8c76ca8712249a858ae8a03b215ebe18d37f34950f985

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

accept-ranges: bytes
content-length: 6403
date: Fri, 13 Dec 2024 20:20:39 GMT
etag: "6759a489-1903"
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 14:41:13 GMT
server: nginx

Redirect headers

Location: https://flibusta.site/caa/script.js
Content-Length: 138
Keep-Alive: timeout=35
Date: Fri, 13 Dec 2024 20:20:39 GMT
Content-Type: text/html
Server: nginx
Connection: keep-alive

GET
H2

200

bluebreeze_logo.png
flibusta.site/sites/default/files/
Redirect Chain

http://flibusta.site/sites/default/files/bluebreeze_logo.png
https://flibusta.site/sites/default/files/bluebreeze_logo.png

13 KB
13 KB

131ms
72ms

Image
image/png

5.45.87.206
SCALAXY-AS Scalax...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flibusta.site/sites/default/files/bluebreeze_logo.png
Requested by: Host: flibusta.site
URL: http://flibusta.site/b/298360/read
Protocol: H2
Server: 5.45.87.206 Meppel, Netherlands, ASN58061 (SCALAXY-AS Scalaxy B.V., LV),
Reverse DNS
Software: nginx /
Resource Hash: 6ebb99f44b593382de6cfbf5a66e1e4eb5f56c4061dcbb889c4e741bda853cb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
cache-control: max-age=315360000
date: Fri, 13 Dec 2024 20:20:39 GMT
etag: "4b1ad767-3374"
content-type: image/png
server: nginx

Redirect headers

Location: https://flibusta.site/sites/default/files/bluebreeze_logo.png
Content-Length: 138
Keep-Alive: timeout=35
Date: Fri, 13 Dec 2024 20:20:39 GMT
Content-Type: text/html
Server: nginx
Connection: keep-alive

GET
H2

200

znak.gif
flibusta.site/img/
Redirect Chain

http://flibusta.site/img/znak.gif
https://flibusta.site/img/znak.gif

924 B
1 KB

70ms
70ms

Image
image/gif

5.45.87.206
SCALAXY-AS Scalax...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flibusta.site/img/znak.gif
Requested by: Host: flibusta.site
URL: http://flibusta.site/b/298360/read
Protocol: H2
Server: 5.45.87.206 Meppel, Netherlands, ASN58061 (SCALAXY-AS Scalaxy B.V., LV),
Reverse DNS
Software: nginx /
Resource Hash: 2dd383c5239714ef03d7c008981db637b769e016c8ea943ba1a0dc5b8487942d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
cache-control: max-age=315360000
date: Fri, 13 Dec 2024 20:20:39 GMT
etag: "4f2bdef4-39c"
content-type: image/gif
server: nginx

Redirect headers

Location: https://flibusta.site/img/znak.gif
Content-Length: 138
Keep-Alive: timeout=35
Date: Fri, 13 Dec 2024 20:20:39 GMT
Content-Type: text/html
Server: nginx
Connection: keep-alive

GET
H2 200 bg-header.gif
flibusta.site/themes/bluebreeze/images/ 40 KB
41 KB 70ms
70ms Image
image/gif 5.45.87.206
SCALAXY-AS Scalax...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flibusta.site/themes/bluebreeze/images/bg-header.gif
Requested by: Host: flibusta.site
URL: https://flibusta.site/sites/default/files/css/css_96dc2b2360a2a902952acda2b7353264.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 5.45.87.206 Meppel, Netherlands, ASN58061 (SCALAXY-AS Scalaxy B.V., LV),
Reverse DNS
Software: nginx /
Resource Hash: d5382a54699a1e6984f8d16c12b2874c57d7da68e7dc4999a2423cbe1f56a419

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://flibusta.site/sites/default/files/css/css_96dc2b2360a2a902952acda2b7353264.css

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
cache-control: max-age=315360000
date: Fri, 13 Dec 2024 20:20:39 GMT
etag: "549911f8-a151"
content-type: image/gif
server: nginx

GET
H2 200 bg-primary.gif
flibusta.site/themes/bluebreeze/images/ 146 B
292 B 68ms
68ms Image
image/gif 5.45.87.206
SCALAXY-AS Scalax...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flibusta.site/themes/bluebreeze/images/bg-primary.gif
Requested by: Host: flibusta.site
URL: https://flibusta.site/sites/default/files/css/css_96dc2b2360a2a902952acda2b7353264.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 5.45.87.206 Meppel, Netherlands, ASN58061 (SCALAXY-AS Scalaxy B.V., LV),
Reverse DNS
Software: nginx /
Resource Hash: dfcea52ba20178b53f04aa15dd3ac627061def92702459e3afdf5dc2910138a6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://flibusta.site/sites/default/files/css/css_96dc2b2360a2a902952acda2b7353264.css

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
cache-control: max-age=315360000
date: Fri, 13 Dec 2024 20:20:39 GMT
etag: "4f2bdef0-92"
content-type: image/gif
server: nginx

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 153 KB
55 KB 271ms
135ms Script
application/javascript 87.250.250.119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: flibusta.site
URL: http://flibusta.site/b/298360/read

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

6d5c75279c80c9829a98894b094dd97fe778341184894855358b55d7527756a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
content-encoding: br
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "674f133a-d85d"
expires: Fri, 13 Dec 2024 21:20:40 GMT
access-control-allow-origin: *
content-length: 55389
date: Fri, 13 Dec 2024 20:20:40 GMT
last-modified: Tue, 03 Dec 2024 14:18:34 GMT
content-type: application/javascript

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?t26.6;r;s1600*1200*24;uhttp%3A//flibusta.site/b/298360/read%23anotelink121;0.27254701623268773
https://counter.yadro.ru/hit?t26.6;r;s1600*1200*24;uhttp%3A//flibusta.site/b/298360/read%23anotelink121;0.27254701623268773
https://counter.yadro.ru/hit?q;t26.6;r;s1600*1200*24;uhttp%3A//flibusta.site/b/298360/read%23anotelink121;0.27254701623268773

111 B
597 B

69ms
69ms

Image
image/gif

88.212.202.52
UNITEDNET EDINAYA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t26.6;r;s1600*1200*24;uhttp%3A//flibusta.site/b/298360/read%23anotelink121;0.27254701623268773

Requested by

Host: flibusta.site
URL: http://flibusta.site/b/298360/read

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

771258edf682e442c71c3f6e2e6efdb65fb985307663a5f4819818120a3cceec

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

Strict-Transport-Security: max-age=86400
Cache-control: no-cache
Pragma: no-cache
Connection: keep-alive
Expires: Wed, 13 Dec 2023 21:00:00 GMT
Access-Control-Allow-Origin: *
Content-Length: 111
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Date: Fri, 13 Dec 2024 20:20:41 GMT
Content-Type: image/gif
Server: nginx/1.17.9

Redirect headers

Strict-Transport-Security: max-age=86400
Cache-control: no-cache
Location: https://counter.yadro.ru/hit?q;t26.6;r;s1600*1200*24;uhttp%3A//flibusta.site/b/298360/read%23anotelink121;0.27254701623268773
Pragma: no-cache
Connection: keep-alive
Expires: Wed, 13 Dec 2023 21:00:00 GMT
Content-Length: 32
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Date: Fri, 13 Dec 2024 20:20:41 GMT
Content-Type: text/html
Server: nginx/1.17.9

GET
H2 200 bg-footer.gif
flibusta.site/themes/bluebreeze/images/ 187 B
333 B 71ms
71ms Image
image/gif 5.45.87.206
SCALAXY-AS Scalax...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flibusta.site/themes/bluebreeze/images/bg-footer.gif
Requested by: Host: flibusta.site
URL: https://flibusta.site/sites/default/files/css/css_96dc2b2360a2a902952acda2b7353264.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 5.45.87.206 Meppel, Netherlands, ASN58061 (SCALAXY-AS Scalaxy B.V., LV),
Reverse DNS
Software: nginx /
Resource Hash: f739d2729f1fd478c855bef64b16d83ab8524e6068651ca4325e47ccca7aa1bc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://flibusta.site/sites/default/files/css/css_96dc2b2360a2a902952acda2b7353264.css

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
cache-control: max-age=315360000
date: Fri, 13 Dec 2024 20:20:40 GMT
etag: "4f2bdef0-bb"
content-type: image/gif
server: nginx

GET
H2 200 cb1a8456623bec0e059bf79f62907e7c.js Show response
5837941a19.d1f76eb5a4.com/ 119 KB
37 KB 84ms
28ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://5837941a19.d1f76eb5a4.com/cb1a8456623bec0e059bf79f62907e7c.js
Requested by: Host: flibusta.site
URL: http://flibusta.site/caa/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 78c30b418896961856ee26e09ac3990b9e790852ad1333a0d30e8ede9f771a6f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: http://flibusta.site
Referer: http://flibusta.site/

Response headers

cache-control: max-age=300
content-encoding: gzip
etag: W/"6751bce7-1dc9f"
expires: Fri, 13 Dec 2024 20:25:40 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
date: Fri, 13 Dec 2024 20:20:40 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 05 Dec 2024 14:47:03 GMT
server: nginx/1.18.0
x-cdn-host-id: ah1742

GET
H2 200 6129 Show response
5837941a19.d1f76eb5a4.com/5ce4de96e7c142609c333432ff448299/ 3 KB
3 KB 28ms
28ms XHR
application/json 45.133.44.53
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://5837941a19.d1f76eb5a4.com/5ce4de96e7c142609c333432ff448299/6129?version_name=b&domain=flibusta.site
Requested by: Host: 5837941a19.d1f76eb5a4.com
URL: https://5837941a19.d1f76eb5a4.com/cb1a8456623bec0e059bf79f62907e7c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 16217b05e7c78179d3757ea45c227f1a974c2d7fc7741d0197a4489b839fa463

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

cache-control: max-age=300
expires: Fri, 13 Dec 2024 20:25:40 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
date: Fri, 13 Dec 2024 20:20:40 GMT
content-type: application/json
server: nginx/1.18.0
x-cdn-host-id: ah1742

GET
H2 200 advertising.js Show response
js.capndr.com/ 0
256 B 82ms
27ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.capndr.com/advertising.js
Requested by: Host: 5837941a19.d1f76eb5a4.com
URL: https://5837941a19.d1f76eb5a4.com/cb1a8456623bec0e059bf79f62907e7c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

cache-control: max-age=300
etag: "64b105fd-0"
expires: Fri, 13 Dec 2024 20:25:41 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
content-length: 0
date: Fri, 13 Dec 2024 20:20:41 GMT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
server: nginx/1.18.0
x-cdn-host-id: ah1747

GET
H2 200 tags Show response
notification.tubecup.net/ 3 KB
1 KB 158ms
56ms XHR
application/json 88.198.200.22
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://notification.tubecup.net/tags?tag_id=6129&timezone_olson=Europe/Amsterdam&version_name=b&med_script_id=59&page=http%3A//flibusta.site/b/298360/read%23anotelink121
Requested by: Host: 5837941a19.d1f76eb5a4.com
URL: https://5837941a19.d1f76eb5a4.com/cb1a8456623bec0e059bf79f62907e7c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 88.198.200.22 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.88-198-200-22.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 0f444cdaa586c5f9d9925e0060a39c440390de117dc2fec0e3b29f50a1a156f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

cache-control: no-transform, no-cache, no-store, must-revalidate
content-encoding: br
pragma: no-cache
access-control-allow-methods: *
access-control-allow-origin: *
content-length: 1179
date: Fri, 13 Dec 2024 20:20:41 GMT
content-type: application/json
vary: Origin
server: nginx/1.18.0
access-control-allow-headers: Content-Type

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10592.QB1BAqnF6DaVLBLmCYSEJXkrqXJBg6N1TxrSkwzYrju8zr5spRloBdOs4eiWO2dd.tw4opOW_ZlPlqHg78kOxLYkxmJc%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10592.KliqIljp7N5OgC_vWt_IL0ZyIc5QOORY9IUxlFT1NaWzAvRy5ZbYuYhLgH8ge5wPOXLWdnfNtd2iGbyrlZrDknJWMH58fCDRDgmj3EHZ4Dk8WL7dUDDUcrMdygMIWoK-w_88I4V__D...

43 B
670 B

72ms
72ms

Image
image/gif

87.250.250.119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10592.KliqIljp7N5OgC_vWt_IL0ZyIc5QOORY9IUxlFT1NaWzAvRy5ZbYuYhLgH8ge5wPOXLWdnfNtd2iGbyrlZrDknJWMH58fCDRDgmj3EHZ4Dk8WL7dUDDUcrMdygMIWoK-w_88I4V__DXE4gitPG4hPbIVMI8fTFhxPnjFGGSO0v0aNu2XkhG9MgaqfebwK3hkWIyMS0iYzL1P2zuR87oc7afqbuibM6nVezvvNJsQM_M%2C.KpCXGydkQWo2o93NV-xptCg_HAw%2C

Requested by

Host: flibusta.site
URL: http://flibusta.site/b/298360/read

Protocol

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
date: Fri, 13 Dec 2024 20:20:41 GMT
content-type: image/gif

Redirect headers

strict-transport-security: max-age=31536000
location: https://mc.yandex.com/sync_cookie_image_decide?token=10592.KliqIljp7N5OgC_vWt_IL0ZyIc5QOORY9IUxlFT1NaWzAvRy5ZbYuYhLgH8ge5wPOXLWdnfNtd2iGbyrlZrDknJWMH58fCDRDgmj3EHZ4Dk8WL7dUDDUcrMdygMIWoK-w_88I4V__DXE4gitPG4hPbIVMI8fTFhxPnjFGGSO0v0aNu2XkhG9MgaqfebwK3hkWIyMS0iYzL1P2zuR87oc7afqbuibM6nVezvvNJsQM_M%2C.KpCXGydkQWo2o93NV-xptCg_HAw%2C
x-xss-protection: 1; mode=block
date: Fri, 13 Dec 2024 20:20:41 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
594 B 69ms
69ms Image
image/gif 87.250.250.119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: flibusta.site
URL: http://flibusta.site/b/298360/read

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "674f133a-2b"
expires: Fri, 13 Dec 2024 21:20:41 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43
date: Fri, 13 Dec 2024 20:20:41 GMT
last-modified: Tue, 03 Dec 2024 14:18:34 GMT
content-type: image/gif

GET
H3 200 count.html
storage.multstorage.com/log/ Frame 5A9C 0
0 92ms
57ms Document
text/html 172.67.174.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.multstorage.com/log/count.html
Requested by: Host: 5837941a19.d1f76eb5a4.com
URL: https://5837941a19.d1f76eb5a4.com/cb1a8456623bec0e059bf79f62907e7c.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.174.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://flibusta.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f18a7fdee64a02e-FRA
content-encoding: zstd
content-type: text/html
date: Fri, 13 Dec 2024 20:20:41 GMT
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r%2F7lMaat6P73zt7WPDe75OmOWFn9%2BBBadg4ZygyDRtengM1huOvkRcguFu9WBhCaFFmlNpAfaPea9ZdugR0BJZ8OymO6EbOI%2FTP5XEuBTkMxjlotJRdLb%2Bx%2FCXGaVGCG9%2BUaElBLFQURrg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=32646&min_rtt=32641&rtt_var=12249&sent=9&recv=7&lost=0&retrans=0&sent_bytes=4048&recv_bytes=4376&delivery_rate=99558&cwnd=12000&unsent_bytes=0&cid=eed4bc27e1ccae9c&ts=60&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding
x-request-id: 24c3e4a937862dd0075eab9a521687f5

GET
H2 200 track Show response
c99e557214.06cffaae87.com/in/ 0
225 B 119ms
63ms XHR
text/plain 45.133.44.53
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://c99e557214.06cffaae87.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI0ODI4OTY0NDc2NjI0ODg0MDAwIiwidGltZXpvbmUiOjEsInZlciI6IjMuMTM2LjAiLCJ0YWdfaWQiOjYxMjksInNjcmVlbl9yZXNvbHV0aW9uIjoiMTYwMHgxMjAwIiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJFdXJvcGUvQW1zdGVyZGFtIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuMjUsImlzX3YyIjoxLCJpc192Ml9lbXB0eSI6bnVsbH0=
Requested by: Host: 5837941a19.d1f76eb5a4.com
URL: https://5837941a19.d1f76eb5a4.com/cb1a8456623bec0e059bf79f62907e7c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-methods: *
access-control-allow-origin: *
content-length: 0
date: Fri, 13 Dec 2024 20:20:41 GMT
vary: Origin
server: nginx/1.18.0
x-cdn-host-id: ah1742
access-control-allow-headers: Content-Type

GET
H2 200 e0d4c9ec4c75d3243730e7a2a770d178.js Show response
5837941a19.d1f76eb5a4.com/ 185 KB
51 KB 81ms
27ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://5837941a19.d1f76eb5a4.com/e0d4c9ec4c75d3243730e7a2a770d178.js
Requested by: Host: 5837941a19.d1f76eb5a4.com
URL: https://5837941a19.d1f76eb5a4.com/cb1a8456623bec0e059bf79f62907e7c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 7c00201e3af3d0d4022425c32a6c0e8139dfa0343f3fbf1d7a8fc3f8b5734fba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

cache-control: max-age=300
content-encoding: gzip
etag: W/"67331771-2e53c"
expires: Fri, 13 Dec 2024 20:25:41 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
date: Fri, 13 Dec 2024 20:20:41 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 12 Nov 2024 08:53:05 GMT
server: nginx/1.18.0
x-cdn-host-id: ah1742

GET
H2 200 861f27cdf4e5d14b97bc0713552cbea4.js Show response
5837941a19.d1f76eb5a4.com/ 53 KB
16 KB 135ms
81ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://5837941a19.d1f76eb5a4.com/861f27cdf4e5d14b97bc0713552cbea4.js
Requested by: Host: 5837941a19.d1f76eb5a4.com
URL: https://5837941a19.d1f76eb5a4.com/cb1a8456623bec0e059bf79f62907e7c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 251dcf6d1d09f96d3c48595d83c035ba2580192a82fdaf6e9e74d9a8b57f158e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

cache-control: max-age=300
content-encoding: gzip
etag: W/"66a7da28-d2e9"
expires: Fri, 13 Dec 2024 20:25:41 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
date: Fri, 13 Dec 2024 20:20:41 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 29 Jul 2024 18:06:32 GMT
server: nginx/1.18.0
x-cdn-host-id: ah1742

POST
H/1.1 200
OK fp Show response
fp.metricswpsh.com/ 60 B
432 B 156ms
52ms XHR
application/json 157.90.84.242
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=6129
Requested by: Host: 5837941a19.d1f76eb5a4.com
URL: https://5837941a19.d1f76eb5a4.com/cb1a8456623bec0e059bf79f62907e7c.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 157.90.84.242 Ismaning, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.242.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 340ed23facddf4b6ff809dbd77b5a0333b333f0b2459544688658613c8d1c040

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Referer: http://flibusta.site/

Response headers

Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://flibusta.site
Content-Length: 60
Date: Fri, 13 Dec 2024 20:20:41 GMT
Content-Type: application/json; charset=UTF-8
Vary: Origin
Server: nginx/1.20.1

OPTIONS
H/1.1 204
No Content fp
fp.metricswpsh.com/ Frame 0
0 154ms
51ms Preflight 157.90.84.242
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=6129
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 157.90.84.242 Ismaning, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.242.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://flibusta.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: http://flibusta.site
Connection: keep-alive
Date: Fri, 13 Dec 2024 20:20:41 GMT
Server: nginx/1.20.1
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AeZLP9_J2fTBgugJ04NrhAjT6V5_Ae56O3ujDwQIyDNNj5DnvLo7xhgujgTeZ...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeZLP9_h_ehzeNkI0O4U_X79VfhcBFgCck3k8W2O9C6kOmxKu-zOGLyg7H0NJuM1UL8ms6sCGQxkTA&passive...

0
0

GET
H2 200 657c555086293c18b74ae2d12e25d795.js Show response
5837941a19.d1f76eb5a4.com/ 539 KB
129 KB 31ms
31ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://5837941a19.d1f76eb5a4.com/657c555086293c18b74ae2d12e25d795.js
Requested by: Host: 5837941a19.d1f76eb5a4.com
URL: https://5837941a19.d1f76eb5a4.com/e0d4c9ec4c75d3243730e7a2a770d178.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 672ed964c28cd87d6396cc8fc306efae3f88823829f9aec3970df2a60cfe7667

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

cache-control: max-age=300
content-encoding: gzip
etag: W/"6733176b-86d5a"
expires: Fri, 13 Dec 2024 20:25:41 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
date: Fri, 13 Dec 2024 20:20:41 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 12 Nov 2024 08:52:59 GMT
server: nginx/1.18.0
x-cdn-host-id: ah1742

GET
H2 200 dip Show response
nereserv.com/in/ 0
201 B 156ms
51ms XHR
text/plain 168.119.25.102
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://nereserv.com/in/dip?site=native-push&wl=1&event_id=70dcc20c-b675-4bf8-8589-57c7cf962723&subid=166187950&sid=821361958&spot_id=335648&created_at=2024-12-13&timezone=1&ver=8.198.1&is_native=1
Requested by: Host: 5837941a19.d1f76eb5a4.com
URL: https://5837941a19.d1f76eb5a4.com/e0d4c9ec4c75d3243730e7a2a770d178.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 168.119.25.102 Düsseldorf, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.102.25.119.168.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-methods: *
access-control-allow-origin: *
content-length: 0
date: Fri, 13 Dec 2024 20:20:41 GMT
vary: Origin
server: nginx/1.18.0
access-control-allow-headers: Content-Type

POST
H2 200 multy Show response
22f93ea046.c74632eb91.com/in/ 61 KB
9 KB 360ms
359ms XHR
application/json 116.202.249.56
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://22f93ea046.c74632eb91.com/in/multy
Requested by: Host: 5837941a19.d1f76eb5a4.com
URL: https://5837941a19.d1f76eb5a4.com/e0d4c9ec4c75d3243730e7a2a770d178.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.249.56 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.56.249.202.116.clients.your-server.de
Software: nginx/1.24.0 /
Resource Hash: 2394fb7beaaca85958c3415dc54251286befdd01a9ea2aa18203ae06c8103364

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Referer: http://flibusta.site/

Response headers

cache-control: no-transform, no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-methods: *
access-control-allow-origin: *
content-length: 8667
date: Fri, 13 Dec 2024 20:20:41 GMT
content-type: application/json
vary: Origin
server: nginx/1.24.0
access-control-allow-headers: Content-Type

OPTIONS
H2 204 multy
22f93ea046.c74632eb91.com/in/ Frame 0
0 152ms
49ms Preflight 116.202.249.56
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://22f93ea046.c74632eb91.com/in/multy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.249.56 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.56.249.202.116.clients.your-server.de
Software: nginx/1.24.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://flibusta.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
date: Fri, 13 Dec 2024 20:20:41 GMT
pragma: no-cache
server: nginx/1.24.0
vary: Origin

GET
H2

200

1 Show response
mc.yandex.com/watch/46512705/
Redirect Chain

https://mc.yandex.com/watch/46512705?wmode=7&page-url=http%3A%2F%2Fflibusta.site%2Fb%2F298360%2Fread%23anotelink121&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Afqngs4ku2psd4e9m0lq0o0a6g7v%...
https://mc.yandex.com/watch/46512705/1?wmode=7&page-url=http%3A%2F%2Fflibusta.site%2Fb%2F298360%2Fread%23anotelink121&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Afqngs4ku2psd4e9m0lq0o0a6g7...

615 B
707 B

72ms
72ms

Fetch
application/json

87.250.250.119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/46512705/1?wmode=7&page-url=http%3A%2F%2Fflibusta.site%2Fb%2F298360%2Fread%23anotelink121&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Afqngs4ku2psd4e9m0lq0o0a6g7v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1541%3Acn%3A1%3Adp%3A0%3Als%3A1525758368215%3Ahid%3A954417309%3Az%3A60%3Ai%3A20241213212041%3Aet%3A1734121241%3Ac%3A1%3Arn%3A734670295%3Arqn%3A1%3Au%3A173412124152303084%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A660%3Ads%3A0%2C0%2C221%2C1420%2C106%2C0%2C%2C17%2C4%2C%2C%2C%2C1765%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1734121239065%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1734121241%3At%3A%D0%A1%D0%BA%D0%B5%D0%BB%D0%B5%D1%82%D1%8B%20%D0%B2%20%D1%88%D0%BA%D0%B0%D1%84%D1%83%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%28fb2%29%20%7C%20%D0%A4%D0%BB%D0%B8%D0%B1%D1%83%D1%81%D1%82%D0%B0&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283178752%29ti%281%29

Requested by

Host: flibusta.site
URL: http://flibusta.site/b/298360/read

Protocol

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

2c5b064b277599573a020842ce06849597aa712b0830fdc0c2172bd8e05ced70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma: no-cache
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 13-Dec-2024 20:20:41 GMT
access-control-allow-origin: http://flibusta.site
content-length: 615
x-xss-protection: 1; mode=block
date: Fri, 13 Dec 2024 20:20:41 GMT
content-type: application/json; charset=utf-8
last-modified: Fri, 13-Dec-2024 20:20:41 GMT

Redirect headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
location: /watch/46512705/1?wmode=7&page-url=http%3A%2F%2Fflibusta.site%2Fb%2F298360%2Fread%23anotelink121&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Afqngs4ku2psd4e9m0lq0o0a6g7v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1541%3Acn%3A1%3Adp%3A0%3Als%3A1525758368215%3Ahid%3A954417309%3Az%3A60%3Ai%3A20241213212041%3Aet%3A1734121241%3Ac%3A1%3Arn%3A734670295%3Arqn%3A1%3Au%3A173412124152303084%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A660%3Ads%3A0%2C0%2C221%2C1420%2C106%2C0%2C%2C17%2C4%2C%2C%2C%2C1765%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1734121239065%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1734121241%3At%3A%D0%A1%D0%BA%D0%B5%D0%BB%D0%B5%D1%82%D1%8B%20%D0%B2%20%D1%88%D0%BA%D0%B0%D1%84%D1%83%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%28fb2%29%20%7C%20%D0%A4%D0%BB%D0%B8%D0%B1%D1%83%D1%81%D1%82%D0%B0&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283178752%29ti%281%29
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma: no-cache
access-control-allow-credentials: true
expires: Fri, 13-Dec-2024 20:20:41 GMT
access-control-allow-origin: http://flibusta.site
x-xss-protection: 1; mode=block
date: Fri, 13 Dec 2024 20:20:41 GMT
last-modified: Fri, 13-Dec-2024 20:20:41 GMT

GET
H2

200

bluebreeze_favicon.ico
flibusta.site/sites/default/files/
Redirect Chain

http://flibusta.site/sites/default/files/bluebreeze_favicon.ico
https://flibusta.site/sites/default/files/bluebreeze_favicon.ico

7 KB
7 KB

74ms
74ms

Other
image/x-icon

5.45.87.206
SCALAXY-AS Scalax...

General

Check archive.org

Show headers Download Go to

Full URL: https://flibusta.site/sites/default/files/bluebreeze_favicon.ico
Protocol: H2
Server: 5.45.87.206 Meppel, Netherlands, ASN58061 (SCALAXY-AS Scalaxy B.V., LV),
Reverse DNS
Software: nginx /
Resource Hash: 2acabe7af8813c05542ce5ce3c0c61249e63c7d890a88890e1d6a4f6dc2783e2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
cache-control: max-age=315360000
date: Fri, 13 Dec 2024 20:20:41 GMT
etag: "4b1b8208-1cee"
content-type: image/x-icon
server: nginx

Redirect headers

Location: https://flibusta.site/sites/default/files/bluebreeze_favicon.ico
Content-Length: 138
Keep-Alive: timeout=35
Date: Fri, 13 Dec 2024 20:20:41 GMT
Content-Type: text/html
Server: nginx
Connection: keep-alive

GET
H2 200 SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp
static.bookmsg.com/creatives/SG/ 486 B
716 B 85ms
29ms Image
image/webp 45.133.44.25
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

cache-control: max-age=31536000
etag: "6572ed5b-1e6"
expires: Sat, 13 Dec 2025 20:20:41 GMT
x-proxy-cache: HIT
accept-ranges: bytes
content-length: 486
date: Fri, 13 Dec 2024 20:20:41 GMT
content-type: image/webp
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
server: nginx/1.24.0
x-cdn-host-id: ah1747

GET
H2 200 SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
static.bookmsg.com/creatives/SG/ 1 KB
1 KB 84ms
28ms Image
image/webp 45.133.44.25
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

cache-control: max-age=31536000
etag: "6572ed5b-42a"
expires: Sat, 13 Dec 2025 20:20:41 GMT
x-proxy-cache: HIT
accept-ranges: bytes
content-length: 1066
date: Fri, 13 Dec 2024 20:20:41 GMT
content-type: image/webp
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
server: nginx/1.24.0
x-cdn-host-id: ah1747

GET
H2 200 /
22f93ea046.c74632eb91.com/in/show/ 0
201 B 148ms
49ms Image
text/plain 116.202.249.56
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://22f93ea046.c74632eb91.com/in/show/?tag_ab=b&site_id=31335648&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&user_keywords=&device_theme=light&v2_track=0&v2=1&conditions=dch_ip,all&ssp=3963&page=http%3A%2F%2Fflibusta.site%2Fb%2F298360%2Fread%23anotelink121&refdom=flibusta.site&auction_time=1734121241&subid=166187950&sid=821361958&tcid=0&ver=8.198.1&ver_c=&spot_id=335648&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-12-13&iabcat=IAB25-3&keywords=vr&user_fp=11507761114193238442&score=87.46186241281937&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D166187950%26spot_id%3D335648%26is_adult%3D1%26p%3Dhttp%253A%252F%252Fflibusta.site%252Fb%252F298360%252Fread%2523anotelink121%26idzone%3D0%26sid%3D1546&is_cpm=0&resp_type=popunderAd&crid=159176_106912050&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fs.optvz.com%2Fcimp.php%3Fdata%3DTVRjek5ERXlNVEkwTVh4a05HVTVNemN4T1RNd1ptSXpNVEZpTVdFeU16Z3hZVEZtWTJSbFpHWXdPQS0tfGh0dHBzOi8vbHVraWV4b3IuY29tL2luZGV4LnBocD9pZD1mYzM3YzZjZWYyYTMzZmE1ZjgwOCZleD1vcWROWlJIUFRWSFBMWEhSUzRIMnpxcWFLS3FxM1RTMTNUVHkxU3VsYzZxYXAxRnpwM1RWT2xkSzZWMU5kRjExMUZycDdLYnJiTG5UMlZYV1hVdWxkTTZWMHJwWFN1bWRLNlYwenJaNXFLNXJxclhiYjd6NjF5N1QxN1VVN1hYVXk1N1V6OGJVOFhUN1dTMXVtbm1vbm1yc21keDkzb2NwczR5OW0zYzUwcnBYU3VsZEs2VjBycFhTdW1zb3Btbm1ucG1jNTBycFhTdWxkSzZWMHJwWFN1bGRNNlYwN2lHMGozVUhYN3ZYMlBVUDdxNnBjN2Q2OUtxNXM2N05wOTZLdUtiZEp1TmE2YnM3ZDNCOWdBLS0mY3Q9MC41NSZ6ZD01NDMzNTU2JnNobj1jbGlja2FkaWxsYS5vcmcmY2Q9NzA0ODMxNiZ2ZD0xMDY5MTIwNTAmdGdzPXZyJmVlYz0mY2F0PTUxNSZjdnQ9b3FkTlpSSFBUVkhQTFhIUlM0SDJ6cXFhS0txcTNUUzEzVFR5MVN1bGM2cWFwMUZ6cDNUVk9sZEs2VjFOZEYxMTFGcnA3S2JyYkxuVDJWWFdYVXVsZE02VjBycFhTdW1kSzZWMHpyWjVxSzVycXJYYmI3ejYxeTdUMTdVVTdYWFV5NTdVejhiVThYVDdXUzF1bW5tb25tcnNtZHg5M29jcHM0eTltM2M1MHJwWFN1bGRLNlYwcnBYU3Vtc29wbW5tbnBtYzUwcnBYU3VsZEs2VjBycFhTdWxkTTZWMDdpRzBqM1VIWDd2WDJQVVA3cTZwYzdkNjlLcTVzNjdOcDk2S3VLYmRKdU5hNmJzN2QzQjlnQS0tJnNpPTEwNDE0ODQmc3U9MTIxMzIxNjcxJmtleWlkPTF8aHR0cHN8MTczLjI0NS4yMDYuMzR8TkxEfDM5fGNsaWNrYWRpbGxhLm9yZ3wxNTkxNzZ8NjY2MTczfDEwNDE0ODR8NTQzMzU1Nnw1MTV8NzA0ODMxNnwxMDY5MTIwNTB8MTV8MnwwfDB8NDYzOTk5Mzh8MTIxMzIxNjcxfDU1fDcwfEVVUnxVU0R8MC45NDkxfDF8MjJ8fDF8TkxEfDE3My4yNDUuMjA2LjM0fDIwfDR8MXx8ODIxMzYxOTU4fGRlZTJjNjBkMjZkMzRkOTk0MGFkNDJmZDRmOTJkNzA2fDF8MHxmbGlidXN0YS5zaXRlfDB8MHwwfDAuMDF8MXwwfGV4Y2hhbmdlX2xpbmt8MHwwfDI3NDk4Nzl8MHwwfDI3NTk3OTR8aG9zdGluZ3x2cG58MXwxNDQwfHwwfDB8MHwwfDB8MHwxfDB8fDh8MXxNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMzEuMC4wLjAgU2FmYXJpLzUzNy4zNnx8MjR8N3wzfDF8MHx8fDB8MHwwfDB8MHwwfDB8MHwwfDB8MHw0LjUxMjYwNTA0fDAuNXwwLjE3OTEzNzU4NzQyODU3fDAuNTV8MXwyfDB8cnRiLmV4b2NsaWNrLmNvbXxPS3xiYjljOWRiZmUzYjc4MTZjMzc4ZWI3MTg1MGM5ZTRiZQ--%26bs%3DTVRjek5ERXlNVEkwTVh4a05HVTVNemN4T1RNd1ptSXpNVEZpTVdFeU16Z3hZVEZtWTJSbFpHWXdPQS0tfDR8MTcuOTEzNzU4NzQyODU3fDU1fDU1fDB8T0t8MDU0ZjNlYmI2MTMwZmIzNmEzNGNmY2MwZWIxYTcwNmU-&icons=4oTTI8hQthIk3xFO6Xsc-q-Of3XPh0oC5C3dKUyMZcqVYI6MhMSvRsaDa-xA-VEWkl0Wsv4oSD1tpYsl23pVljNDBgnJ-xBLDcfvkiWL8wY2zAnPcaHRga4UannqkrbnaNeElUZinPpBqSV5A7LihyFab6iGKWvazD6-fy0DwMlJSFrDWA&ext_cid=7048316&px_id=121321671&min_cpm=0.0007413440228127191&out_id=1&campaign_type=lq-pop&aid=2140&cid=19219&uniq=&mid=9123416686578660469&skin_id=3&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.0023939587381045695&cpm=0&verify_hash=ea7ddaaf33afa2788c88aa3c81ca505c&is_native=2&real_bid=0.0003843314013000001&original_bid_usd=0.0003843314013000001&original_bid=0.00036540350000000005&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F131.0.0.0%20Safari%2F537.36&ip_mismatch=173.245.206.34&geo=NL&carrier=-&label_ids=0,4,89,20,27,108,70&need_redirect_show=0&applied_features=main-skins-settings,gf,coef_090&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0003843314013000001&hostname=auc-inpage-hz-1-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Amsterdam&topics=&historical_keywords=&pop_cpc=0.00000038433140130000007&ext_campaign_id_str=7048316&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&is_in_app=0&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=im-view-b_r-body&mlf=1&mlc=1&st=0.02&cpa=03f8e32d-25be-4c1c-bbab-db360215b34c&prev_step_diff=518
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.249.56 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.56.249.202.116.clients.your-server.de
Software: nginx/1.24.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-methods: *
access-control-allow-origin: *
content-length: 0
date: Fri, 13 Dec 2024 20:20:42 GMT
vary: Origin
server: nginx/1.24.0
access-control-allow-headers: Content-Type

GET
H2 200 /
22f93ea046.c74632eb91.com/in/show/ 0
200 B 149ms
51ms Image
text/plain 116.202.249.56
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://22f93ea046.c74632eb91.com/in/show/?tag_ab=b&site_id=31335648&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&user_keywords=&device_theme=light&v2_track=0&v2=1&conditions=dch_ip,all&ssp=3963&page=http%3A%2F%2Fflibusta.site%2Fb%2F298360%2Fread%23anotelink121&refdom=flibusta.site&auction_time=1734121241&subid=166187950&sid=821361958&tcid=0&ver=8.198.1&ver_c=&spot_id=335648&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-12-13&iabcat=IAB25-3&keywords=vr&user_fp=11507761114193238442&score=87.46186241281937&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D166187950%26spot_id%3D335648%26is_adult%3D1%26p%3Dhttp%253A%252F%252Fflibusta.site%252Fb%252F298360%252Fread%2523anotelink121%26idzone%3D0%26sid%3D1546&is_cpm=1&resp_type=&crid=23970&crtid=7afd541cf0b2971930efcf1a43c6f94c&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DOSLSVN9qF3wUk9hRDXmIznaKH2CV4BsFEWrNpnK6oSpbh8oylymRxHdo8-1iZBJmq4w2j240fPPmF1hCQEa3hIJe5m8eOFveBi-80b3WOSJaFtkJugJW1LdeB1A49gmz3a9HkcjbVKyE8s-Oj7bz9DvsUvagv_9I9VU-uBmjNHqMUuAEEWpabdUa7PL1D2RoTHRIrpnFuwpfZZftCCkrSHeJDHU54_z9-rC0UP2j7B9ZTfJdYEBsURTdAXgbT2Y_s5g8GsjnOPduoKlbF6y947CWzyDz-QnvrzlokmFUkZ1qF8dSyitOyYn7haPFYIYHKhZocmR5yb2bU3soCFmR6bEP3idsxyIjXJdaq3n37a2c_8ceUWG9Q5SwOd1chueaGPhX4AeVBCIkPXzIFpOsn4TFfogca2ICHXv12_3XQNDWXIL_FUGYKkyNjYD3wypaYSRPoNWQvxsjPqTPWrdU1kfVgTHDIom_JWsqsEfZgicBBVt0k1vPGJ3vgLQnp5wJkFwbcrEqDIrwa8RN8BWL8fzp_ZPvIKzzvUq8uQrn4DxeIi1iTU6QCeFnw_v5yWJ6oACHRlWN5h-EcgJXqZeXrBHm3xR8KCS5roS4Lt0-5_0XpUacQMnUqS8DNCmnj68k-Rw1G2NRrQZjctQdpKzjhrsBOazHr7v1Pc45ghd4Nf-d9UkknUtwJYvRfE83mftev5czoOOrwdcwvQsZiHG6W7kx3i9Lp3NadNpQJm8cHxiVdA9jrRPKZybpPFDLXVnsQof4J84rDcUOgetMHk8yDcfW9tOkx3umfN7kPQHEPeTFCbF6C1sjs_Rt6SUow3w33FIxH4MdSby5Pje1K0lYurQG1X622-M2RsjqeNnfK1MonFJ2vP3IkWNTod2vRycNr-NFUirS1querpB0i4u87D748gYUbfKHsaAywzLpm1p7GK8hUgE6f-d58SX770SDUXu63Lus0ogM6LBUxDvRhBpJCg5SJ6Rwm1BKz1ud_dShKFieGxLWsLpJ3RMsKZGkPq9bqlsLZHcT8B6MpipKllTAC4U6zFyncf8MpgtEueHNDeN6Psg57kOCnb5LeI1SXtp8WHzJVHrKiv4EcdvRz0iOX8dFqlgo5GxuiAOV611NA72usdPRe4MYCtV1HUVQLo7IQjLQ-_6XJa2ty9ldu94GanVoSyZ-BVOUb9Qy4datQ284A1kG-_y8lUrxjf625va8e-yr3qTDR8dYh-ceM6ZCluGjo39tWwFraq7Dz9cRWLvrGZq4d0QxQ4cot0ryxV7ikPQvo6qiweQVdWKlo2p0Qm_qp-edRNpUpos_FHX_Bxq5CR2RMqwveA%26bid%3D0.0028&icons=FP1-yjBtEkoRhKlaT5JLTQWywdkHMHtP-zqkgZ3znvIz0wFkwnhV7KT_YZqe5L0TH9utWNAWB3aFmqYIX9625HaCgUuYVtxBY8ehx5fIk0Khi0SIRiRNQv8pafY_EpexEsuUdbhvFx_5FyyAOS4TDhTlCIZ9kBJG5HwG5puzUkpAbXBsxsmwBIYCvP18QVz3gAuc1DtxoluFkWG40QEfbEFUzXnKErbaF6Z_woQ5sJkTy_bJ_QI4ZRyRLfHdUczN3NuLJ-wl4_RDWANM0eSbIlu4MaaW55DFzZS5B78xCw0KYXjSCYw6xSne_vzpzDCmbnZuDGG3RnpkYEJ5a1jot9lfgq0yC7AtSFPtp8tVXHw9dOrfeXinUv_N4DR04fWe3RAzRbn4jZoZTB8l1HBbHBpIt01qx9iutot8io7ruAr3KwAJoLGzgzPbQaNqs7KN53SdC61wAErr-7N8k_9AKfrQvne6vA0bHlMzb2B8iUhF9B8k1ZE6XkKTfdpCRrTnVKgVYEul4pke8YEOWPs9vNB4EHJ0iwQIwRIDfC2xW7sPsrFtlE29G06rxbT4cetGiDkoGnI9YmAxesI3O89rgz93jyXbRpczQGf518x7zMsL38jMc3iQCifoq1eB-3ZblnOxz9ksszoVUUwEz6rOfjL4UBed12dSRwBp96BCxKSry9MPn0BIz89zZWoonD4oU34LJbNqtefyq9YmPQrSeUVPZGFjBkekWBKbR0cQf8MPASNoyaEQvrWpMbp8p8g6COYLZ8tkgbPYXc3SONoez6j4A77L5mCpZ_jMHlphE9XAy01YpkR_PMapMXFcb9zx5C8Sfq5cU2GMYgik-vqwBhGSUsA7ocNYmUDB513st45rZ-dvpwoFT_vIw5IamJ63deD3ECnwYrgD-mkbgqhMtIFpEeRzj7fxCf96gwGplDukxJXCqCoW3xA40vWd-epVe0SWwp5-oSSUrI2dYcIKXmiiSwAalQlzYZaf4o-qyFzIhKM5rvfnaHVz0Vpg8IjaXI1Od0jWk9G8hGt-N1zR_zQVdJ6nIXvUWos8uR-7zOurpuD3K1crlJO3gvmYLE8QaA93asxM6yEpUTQZ3Yik8MdA6ej06pqTbC9T56M2O3Zd6VZLvgsgDOo9a8_fjYcN4plqP6QqLyy-fOOwwWPSPuuOx7AHZbS_-PuBXPIoGw7vCrF0GNyNeHMKm7Lwb8O8MIWvQIn-Kn1i0KRxMtaJ2ThMRlRdVOBTPCXk1wy_2PdEtOOpFzpMd5ketpsEgCJZ6lfAtjcuDouqm-07cxhz3u3GIn12lEMrswUK_ouDNYbjhwrfJtAEzkYhFNun59YjKgVkkOIWccqX1wrHZLkdf6FDA2JueKDWwPWOsVx0qKyO77W8YPYFt0K_gXhA&ext_cid=296087&px_id=73335648&min_cpm=0.0007214643448100299&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=094cce19f9e8db558e55ba31bf7dd0f49b38acf975f06afaecfb682911a9a94d&mid=9123416686578660469&skin_id=3&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.002693319988250724&cpm=0.0028&verify_hash=8e736754468b01cff2de07b47f6508cb&is_native=1&real_bid=0.002693319988250724&original_bid_usd=0.0028&original_bid=0.0028&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F131.0.0.0%20Safari%2F537.36&ip_mismatch=173.245.206.34&geo=NL&carrier=-&label_ids=98,70,108,0,4,90,5,58&need_redirect_show=0&applied_features=gf,coef_090,main-skins-settings&show_count=1&expiration_timestamp=1734294041&image_url=https%3A%2F%2Fgfxdn.pics%2Fm%2Fp%2F0%2F877%2F877620%2Fconversions%2FRROVp3wz-in-page-ad-images.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-1-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Amsterdam&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=296087&is_webview=0&client_price=0.00384759998321532&direct_client_price=0&priority=0&client_payment_model=cpm&is_in_app=0&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=im-view-b_r-body&st=0.02&cpa=e0a3b24e-8753-4f91-ac47-0301e37c89c8&prev_step_diff=518
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.249.56 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.56.249.202.116.clients.your-server.de
Software: nginx/1.24.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-methods: *
access-control-allow-origin: *
content-length: 0
date: Fri, 13 Dec 2024 20:20:42 GMT
vary: Origin
server: nginx/1.24.0
access-control-allow-headers: Content-Type

GET
H2

200

obAKzJND-in-page-ad-icons.jpg
gfxdn.pics/m/p/0/877/877619/conversions/ Frame 405B
Redirect Chain

https://p.a64x.com/in/tip_shows/?katds_ep=75Ut6MdPK_oYNxFDllY_fha2UNVPahz5g0zIH0zU44133RPnvdAQA9Wb5Q5LR0lXW0_lhhS0pEuFgxrDe0nof5Nw5NnUxEyJBCi1ahBC2IvUeoOiwiBxuK6ualRbHF2SYV2HYlhNmQhcc7bc2FKkfqI3dht...
https://gfxdn.pics/m/p/0/877/877619/conversions/obAKzJND-in-page-ad-icons.jpg

2 KB
2 KB

28ms
28ms

Image
image/jpeg

45.133.44.25
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfxdn.pics/m/p/0/877/877619/conversions/obAKzJND-in-page-ad-icons.jpg
Protocol: H2
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 4481ddf8a93209e0d2da492224f3445ef940616f85d0b17ac83372db2cb080e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-request-id: f93c48d27898aa2f25ea41cfd215be48
cache-control: no-cache, no-store, must-revalidate
etag: "66c0597d-66f"
pragma: no-cache, no-cache
expires: 0
x-proxy-cache: HIT, HIT
accept-ranges: bytes
content-length: 1647
date: Fri, 13 Dec 2024 20:20:41 GMT
content-type: image/jpeg
last-modified: Sat, 17 Aug 2024 08:04:13 GMT
server: nginx

Redirect headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location: https://gfxdn.pics/m/p/0/877/877619/conversions/obAKzJND-in-page-ad-icons.jpg
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nDQLp9pguwKvOVML4hlgPqN3BpvoDuMWkmP3TE3cMtSMz8Dwzk%2Fw2f9V8FJs9BRqrui0wEjSlrY96B13DHpUBDYIi0boXHjBeP1p0wvUrJgQ3lGg%2FqW8qa9VFrVL"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f18a8022c52dbd3-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=32025&min_rtt=31891&rtt_var=12055&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4122&recv_bytes=5075&delivery_rate=98126&cwnd=12000&unsent_bytes=0&cid=fb0ca01ad62943b9&ts=53&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 13 Dec 2024 20:20:41 GMT
content-type: application/json
server: cloudflare
priority: u=1,i

GET
DATA 200
OK truncated
/ Frame 405B 453 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09a64fe657664c65fab31e300aa48959332ff665a54c6d904ef544b97c79a4ac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 RROVp3wz-in-page-ad-images.jpg
gfxdn.pics/m/p/0/877/877620/conversions/ Frame 405B 7 KB
7 KB 85ms
30ms Image
image/jpeg 45.133.44.25
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfxdn.pics/m/p/0/877/877620/conversions/RROVp3wz-in-page-ad-images.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 04fb5d9624f88585c3cd1b12f8674718e20b3ed6a604cfe0dbe04ee88aab7ce0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-request-id: dcc8a8ef8b5fd20e92731dd751f62277
cache-control: no-cache, no-store, must-revalidate
etag: "66c05981-1aa1"
pragma: no-cache, no-cache
expires: 0
x-proxy-cache: HIT, HIT
accept-ranges: bytes
content-length: 6817
date: Fri, 13 Dec 2024 20:20:41 GMT
content-type: image/jpeg
last-modified: Sat, 17 Aug 2024 08:04:17 GMT
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: accounts.google.com
URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeZLP9_h_ehzeNkI0O4U_X79VfhcBFgCck3k8W2O9C6kOmxKu-zOGLyg7H0NJuM1UL8ms6sCGQxkTA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-769121084%3A1734121241495297&ddm=1

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yandex.ru/	1970-01-21 11:18:01	Name: i Value: QJw57HNlDIt4HPcFxBBDNggAkqK7LzpecQ+fGNDNK4BzzIVrzYbBhD6cn6a9goUzYCEJfEe4lT7hWRDAOZdzC8FL4/s=
.yandex.ru/	1970-01-21 11:18:01	Name: yandexuid Value: 9045064051734121240
.yandex.ru/	1970-01-21 10:27:37	Name: yashr Value: 6230205431734121240
.yadro.ru/	1970-01-21 10:26:13	Name: FTID Value: 1dN9SP0Yj6Ow1dN9SP003GuT
.flibusta.site/	1970-01-21 10:27:37	Name: _ym_uid Value: 173412124152303084
.flibusta.site/	1970-01-21 10:27:37	Name: _ym_d Value: 1734121241
.yadro.ru/	1970-01-21 10:26:13	Name: VID Value: 07-XAp1_v-ew1dN9SP003Gut
.mc.yandex.com/	1970-01-21 01:42:01	Name: sync_cookie_csrf Value: 2074707642fake
.yandex.com/	1970-01-21 10:27:37	Name: yashr Value: 9520878101734121241
.flibusta.site/	1970-01-21 01:43:13	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-21 01:42:01	Name: sync_cookie_csrf Value: 2131622875fake
.yandex.com/	1970-01-21 10:27:37	Name: yandexuid Value: 9045064051734121240
.yandex.com/	1970-01-21 10:27:37	Name: yuidss Value: 9045064051734121240
.yandex.com/	1970-01-21 11:18:01	Name: i Value: QJw57HNlDIt4HPcFxBBDNggAkqK7LzpecQ+fGNDNK4BzzIVrzYbBhD6cn6a9goUzYCEJfEe4lT7hWRDAOZdzC8FL4/s=
.yandex.com/	1970-01-21 11:18:01	Name: yp Value: 1734207641.yu.9644148431734121241
.mc.yandex.com/	1970-01-21 01:43:27	Name: sync_cookie_ok Value: synced
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 79197941734121241
.yandex.com/	1970-01-21 10:27:37	Name: ymex Value: 1736713241.oyu.9644148431734121241#1765657241.yrts.1734121241
.yandex.com/	1970-01-21 10:27:37	Name: receive-cookie-deprecation Value: 1
fp.metricswpsh.com/	1970-01-21 10:27:37	Name: id Value: 8709709348417311554

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: http://flibusta.site/b/298360/read#anotelink121 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0A0770114360000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

22f93ea046.c74632eb91.com
5837941a19.d1f76eb5a4.com
accounts.google.com
c99e557214.06cffaae87.com
counter.yadro.ru
flibusta.site
fp.metricswpsh.com
gfxdn.pics
js.capndr.com
mc.yandex.com
mc.yandex.ru
nereserv.com
notification.tubecup.net
p.a64x.com
static.bookmsg.com
storage.multstorage.com
accounts.google.com
104.21.19.82
116.202.249.56
157.90.84.242
168.119.25.102
172.67.174.51
185.238.168.83
45.133.44.25
45.133.44.53
5.45.87.206
5.61.56.204
87.250.250.119
88.198.200.22
88.212.201.198
88.212.202.52
04fb5d9624f88585c3cd1b12f8674718e20b3ed6a604cfe0dbe04ee88aab7ce0
09a64fe657664c65fab31e300aa48959332ff665a54c6d904ef544b97c79a4ac
0ce15a8f257959b2f4e39c9d2eaa5e7ca98ac78d9740851aa1b1d9d0c56f3009
0f444cdaa586c5f9d9925e0060a39c440390de117dc2fec0e3b29f50a1a156f7
16217b05e7c78179d3757ea45c227f1a974c2d7fc7741d0197a4489b839fa463
1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56
2394fb7beaaca85958c3415dc54251286befdd01a9ea2aa18203ae06c8103364
251dcf6d1d09f96d3c48595d83c035ba2580192a82fdaf6e9e74d9a8b57f158e
2acabe7af8813c05542ce5ce3c0c61249e63c7d890a88890e1d6a4f6dc2783e2
2c5b064b277599573a020842ce06849597aa712b0830fdc0c2172bd8e05ced70
2dd383c5239714ef03d7c008981db637b769e016c8ea943ba1a0dc5b8487942d
340ed23facddf4b6ff809dbd77b5a0333b333f0b2459544688658613c8d1c040
4481ddf8a93209e0d2da492224f3445ef940616f85d0b17ac83372db2cb080e8
50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
672ed964c28cd87d6396cc8fc306efae3f88823829f9aec3970df2a60cfe7667
6d5c75279c80c9829a98894b094dd97fe778341184894855358b55d7527756a4
6e1e9110e10d479af4d8c76ca8712249a858ae8a03b215ebe18d37f34950f985
6ebb99f44b593382de6cfbf5a66e1e4eb5f56c4061dcbb889c4e741bda853cb3
771258edf682e442c71c3f6e2e6efdb65fb985307663a5f4819818120a3cceec
78c30b418896961856ee26e09ac3990b9e790852ad1333a0d30e8ede9f771a6f
7c00201e3af3d0d4022425c32a6c0e8139dfa0343f3fbf1d7a8fc3f8b5734fba
7f5c2165028f75b6373bc0680cc46b582beed0d6c258fb5236c5324c98250df8
ad6a82ffd7fc8f8c1f7af1c930c742bf93b19fd5da3584087ebd0672a23f3a38
d5382a54699a1e6984f8d16c12b2874c57d7da68e7dc4999a2423cbe1f56a419
dfcea52ba20178b53f04aa15dd3ac627061def92702459e3afdf5dc2910138a6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f739d2729f1fd478c855bef64b16d83ab8524e6068651ca4325e47ccca7aa1bc

flibusta.site Open in urlscan Pro 185.238.168.83 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

36 Requests

67 %HTTPS

0 %IPv6

16 Domains

16 Subdomains

12 IPs

5 Countries

904 kBTransfer

2609 kBSize

20 Cookies

2 Outgoing links

Page URL History

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

flibusta.site Open in urlscan Pro
185.238.168.83 Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

67 %
HTTPS

0 %
IPv6

16
Domains

16
Subdomains

12
IPs

5
Countries

904 kB
Transfer

2609 kB
Size

20
Cookies

36 HTTP transactions
1 data transactions