flibusta.site Open in urlscan Pro
185.238.168.83 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://flibusta.site/b/298360/read#anotelink123
Effective URL:
http://flibusta.site/b/298360/read
Submission: On December 13 via api (December 13th 2024, 8:20:38 pm UTC) from AE — Scanned from NL

Summary HTTP 36 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 16 domains to perform 36 HTTP transactions. The main IP is 185.238.168.83, located in Meppel, Netherlands and belongs to SCALAXY-AS Scalaxy B.V., LV. The main domain is flibusta.site.

This is the only time flibusta.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7 17	185.238.168.83 185.238.168.83	58061 (SCALAXY-A...) (SCALAXY-AS Scalaxy B.V.)
4 8	77.88.21.119 77.88.21.119	13238 (YANDEX YA...) (YANDEX YANDEX LLC)
1 1	88.212.201.204 88.212.201.204	39134 (UNITEDNET...) (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET...) (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY)
6	45.133.44.52 45.133.44.52	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS DataWeb Global Group B.V.)
1	78.47.199.204 78.47.199.204	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
1	172.67.174.51 172.67.174.51	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	45.133.44.53 45.133.44.53	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS DataWeb Global Group B.V.)
2	157.90.84.242 157.90.84.242	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
1	116.202.249.56 116.202.249.56	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
4	168.119.25.102 168.119.25.102	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
2	45.133.44.25 45.133.44.25	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS DataWeb Global Group B.V.)
1 1	172.67.185.171 172.67.185.171	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	45.133.44.24 45.133.44.24	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS DataWeb Global Group B.V.)
36	13

17 185.238.168.83 (Meppel, Netherlands) 7 redirects

ASN58061 (SCALAXY-AS Scalaxy B.V., LV)
PTR: kinouz.club

flibusta.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 77.88.21.119 (Russian Federation) 4 redirects

ASN13238 (YANDEX YANDEX LLC, RU)
PTR: mc.yandex.ru

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 45.133.44.52 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)

5837941a19.d1f76eb5a4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.capndr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.47.199.204 (Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.204.199.47.78.clients.your-server.de

notification.tubecup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.174.51 (United States)

ASN13335 (CLOUDFLARENET, US)

storage.multstorage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.53 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)

c99e557214.06cffaae87.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.84.242 (Ismaning, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.242.84.90.157.clients.your-server.de

fp.metricswpsh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.249.56 (Nuremberg, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.56.249.202.116.clients.your-server.de

nereserv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 168.119.25.102 (Düsseldorf, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.102.25.119.168.clients.your-server.de

22f93ea046.c74632eb91.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.133.44.25 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)

static.bookmsg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.185.171 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

p.a64x.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.133.44.24 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)

gfxdn.pics	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	flibusta.site 7 redirects flibusta.site	590 KB
5	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 9443	3 KB
5	d1f76eb5a4.com 5837941a19.d1f76eb5a4.com	236 KB
4	c74632eb91.com 22f93ea046.c74632eb91.com	9 KB
3	yadro.ru 2 redirects counter.yadro.ru — Cisco Umbrella Rank: 15372	2 KB
3	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 4577	56 KB
2	gfxdn.pics gfxdn.pics — Cisco Umbrella Rank: 35583	9 KB
2	bookmsg.com static.bookmsg.com — Cisco Umbrella Rank: 41152	2 KB
2	metricswpsh.com fp.metricswpsh.com — Cisco Umbrella Rank: 34091	432 B
1	a64x.com 1 redirects p.a64x.com — Cisco Umbrella Rank: 41236	694 B
1	nereserv.com nereserv.com — Cisco Umbrella Rank: 31261	201 B
1	06cffaae87.com c99e557214.06cffaae87.com	225 B
1	multstorage.com storage.multstorage.com — Cisco Umbrella Rank: 29614
1	tubecup.net notification.tubecup.net — Cisco Umbrella Rank: 62038	1 KB
1	capndr.com js.capndr.com — Cisco Umbrella Rank: 37267	256 B
0	google.com Failed accounts.google.com — Cisco Umbrella Rank: 17 Failed
36	16

	Domain	Requested by
17	flibusta.site	7 redirects flibusta.site
5	mc.yandex.com	3 redirects flibusta.site
5	5837941a19.d1f76eb5a4.com	flibusta.site 5837941a19.d1f76eb5a4.com
4	22f93ea046.c74632eb91.com	5837941a19.d1f76eb5a4.com
3	counter.yadro.ru	2 redirects flibusta.site
3	mc.yandex.ru	1 redirects flibusta.site
2	gfxdn.pics
2	static.bookmsg.com
2	fp.metricswpsh.com	5837941a19.d1f76eb5a4.com
1	p.a64x.com	1 redirects
1	nereserv.com	5837941a19.d1f76eb5a4.com
1	c99e557214.06cffaae87.com	5837941a19.d1f76eb5a4.com
1	storage.multstorage.com	5837941a19.d1f76eb5a4.com
1	notification.tubecup.net	5837941a19.d1f76eb5a4.com
1	js.capndr.com	5837941a19.d1f76eb5a4.com
0	accounts.google.com Failed	flibusta.site
36	16

This site contains links to these domains. Also see Links.

Domain
booktracker.org
www.liveinternet.ru

Subject Issuer	Validity	Valid
flibusta.site E6	`2024-12-07` - `2025-03-07`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2024-10-20` - `2025-04-01`	5 months	crt.sh
5837941a19.d1f76eb5a4.com R10	`2024-12-10` - `2025-03-10`	3 months	crt.sh
js.capndr.com R11	`2024-10-18` - `2025-01-16`	3 months	crt.sh
notification.tubecup.net E6	`2024-11-07` - `2025-02-05`	3 months	crt.sh
multstorage.com WE1	`2024-11-08` - `2025-02-06`	3 months	crt.sh
c99e557214.06cffaae87.com R10	`2024-12-10` - `2025-03-10`	3 months	crt.sh
c74632eb91.com E6	`2024-12-09` - `2025-03-09`	3 months	crt.sh
static.bookmsg.com R10	`2024-12-01` - `2025-03-01`	3 months	crt.sh
gfxdn.pics R11	`2024-11-30` - `2025-02-28`	3 months	crt.sh

This page contains 3 frames:

Primary Page: http://flibusta.site/b/298360/read
Frame ID: 9D535DBCA12BB759EF105B5ABF3F444D
Requests: 31 HTTP requests in this frame

Frame: https://storage.multstorage.com/log/count.html
Frame ID: 4D6D5B106A8AA3285414A0B1F85C360B
Requests: 1 HTTP requests in this frame

Frame: https://gfxdn.pics/m/p/0/877/877619/conversions/obAKzJND-in-page-ad-icons.jpg
Frame ID: 0FF0B5B105898F8B667233B1CDA02D63
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Скелеты в шкафу истории (fb2) | Флибуста

Page URL History Show full URLs

http://flibusta.site/b/298360/read HTTP 307
https://flibusta.site/b/298360/read HTTP 302
http://flibusta.site/b/298360/read HTTP 307
http://flibusta.site/b/298360/read Page URL

Detected technologies

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

36
Requests

67 %
HTTPS

0 %
IPv6

16
Domains

16
Subdomains

13
IPs

4
Countries

904 kB
Transfer

2609 kB
Size

22
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://booktracker.org/
Title: [Книжный торрент]

Search URL Search Domain Scan URL

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://flibusta.site/b/298360/read HTTP 307
https://flibusta.site/b/298360/read HTTP 302
http://flibusta.site/b/298360/read HTTP 307
http://flibusta.site/b/298360/read Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://flibusta.site/sites/default/files/css/css_96dc2b2360a2a902952acda2b7353264.css HTTP 302
https://flibusta.site/sites/default/files/css/css_96dc2b2360a2a902952acda2b7353264.css

Request Chain 1

http://flibusta.site/sites/default/files/js/js_38da4b3058a476fa69101d044220c361.js HTTP 302
https://flibusta.site/sites/default/files/js/js_38da4b3058a476fa69101d044220c361.js

Request Chain 2

http://flibusta.site/caa/script.js HTTP 302
https://flibusta.site/caa/script.js

Request Chain 3

http://flibusta.site/sites/default/files/bluebreeze_logo.png HTTP 302
https://flibusta.site/sites/default/files/bluebreeze_logo.png

Request Chain 4

http://flibusta.site/img/znak.gif HTTP 302
https://flibusta.site/img/znak.gif

Request Chain 8

http://counter.yadro.ru/hit?t26.6;r;s1600*1200*24;uhttp%3A//flibusta.site/b/298360/read%23anotelink123;0.6846006818775345 HTTP 302
https://counter.yadro.ru/hit?t26.6;r;s1600*1200*24;uhttp%3A//flibusta.site/b/298360/read%23anotelink123;0.6846006818775345 HTTP 302
https://counter.yadro.ru/hit?q;t26.6;r;s1600*1200*24;uhttp%3A//flibusta.site/b/298360/read%23anotelink123;0.6846006818775345

Request Chain 20

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AeZLP98QCCnVWDCeebj_sosjINcrlbVtp2vkSkh_-D9ffkCuG2x7F8RJ_2GRmsHws78zSSp3sQLkTA HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeZLP9_yLPf_3sOcNMChty3LBXisjFVL7Q3XWEWugxKhHb7P2b7oB9-JGQ7eK5gGY0gdYJDJvsQPlA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1355298178%3A1734121233347917&ddm=1

Request Chain 25

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10592.wWpvoFDBohSPtvukXZORKrUFvcgAkR3wItB5WyZMHRJ49kHknDS2XTgiyzvQZcyD.gHt3caucrBiByvm19PJ2yxrYdfg%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10592.1TOOGkH7rvfWTUaq5G4zvu25Q8rU7oFOBKjvi9ePbpCgfQjuKMCgBS0wOdfsZhXXrDMEcnNmAUmvpwGgj10e3WmdFBtqrFRgPGd0ZV0m_5zgyJBeXoJMqbQql2bXr-W6ijgQWj1g65PkHIyxVOOV0grNtbi0tl8AX02mYFXBmE1h2pmy8WUMyviv0zVFNVRZB1c7r0PX7sHn9_flev8r62AtDrOmqmcQyxTeoeOsows%2C.O5Yl-5WL8BUiqzCA3hG-LhORfVU%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10592.O1w6_N3N8nrfS5fMX8fIJF7cFCJ_qHjBkvgnIPZF55qgjZInITkcmfbSMRR-JbzUBcrECpVno88t2OdSbm-JvtDKYoRqoXOP-Cgd-iplhZ-WV9E7HnoueJRgBz_kUe0FqEy-mO0A9OZunWUKdcTQ6hQCD8BbRlQ1sK79o-zRQDsLANyNjQcLjwp-hVn5GZ6lQhq5_sXSERBacuV87_J_dA%2C%2C.40l4u2C8IS8ExhWCGwC5oIUj7n8%2C

Request Chain 27

https://mc.yandex.com/watch/46512705?wmode=7&page-url=http%3A%2F%2Fflibusta.site%2Fb%2F298360%2Fread%23anotelink123&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Afqngs4ku2psd4e9m0lq0o0a6g7v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1541%3Acn%3A1%3Adp%3A0%3Als%3A1668719868828%3Ahid%3A252086831%3Az%3A60%3Ai%3A20241213212033%3Aet%3A1734121233%3Ac%3A1%3Arn%3A319329347%3Arqn%3A1%3Au%3A1734121233714518780%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1947%3Ads%3A0%2C0%2C407%2C2345%2C361%2C0%2C%2C13%2C17%2C%2C%2C%2C3126%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1734121229448%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1734121234%3At%3A%D0%A1%D0%BA%D0%B5%D0%BB%D0%B5%D1%82%D1%8B%20%D0%B2%20%D1%88%D0%BA%D0%B0%D1%84%D1%83%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20(fb2)%20%7C%20%D0%A4%D0%BB%D0%B8%D0%B1%D1%83%D1%81%D1%82%D0%B0&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(3178752)ti(1) HTTP 302
https://mc.yandex.com/watch/46512705/1?wmode=7&page-url=http%3A%2F%2Fflibusta.site%2Fb%2F298360%2Fread%23anotelink123&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Afqngs4ku2psd4e9m0lq0o0a6g7v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1541%3Acn%3A1%3Adp%3A0%3Als%3A1668719868828%3Ahid%3A252086831%3Az%3A60%3Ai%3A20241213212033%3Aet%3A1734121233%3Ac%3A1%3Arn%3A319329347%3Arqn%3A1%3Au%3A1734121233714518780%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1947%3Ads%3A0%2C0%2C407%2C2345%2C361%2C0%2C%2C13%2C17%2C%2C%2C%2C3126%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1734121229448%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1734121234%3At%3A%D0%A1%D0%BA%D0%B5%D0%BB%D0%B5%D1%82%D1%8B%20%D0%B2%20%D1%88%D0%BA%D0%B0%D1%84%D1%83%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%28fb2%29%20%7C%20%D0%A4%D0%BB%D0%B8%D0%B1%D1%83%D1%81%D1%82%D0%B0&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283178752%29ti%281%29

Request Chain 28

http://flibusta.site/sites/default/files/bluebreeze_favicon.ico HTTP 302
https://flibusta.site/sites/default/files/bluebreeze_favicon.ico

Request Chain 33

https://p.a64x.com/in/tip_shows/?katds_ep=ipxYELrH1vCDFPfxuuZ42DbXQzadpH2ZkFTNmUXOT7BB0XdQJngdezn9kaJO4FATlG5_-lLUAMHgxoDp06tDnYcMDdei3pZYX_1wjP1YWbnqHtOlh_0qKPN7U2-BYHBqA6zkY_gsAzQAonRzMPBKDYn-ASZOl32DEznBBlUDM_3P4axn0syOv9Y8C5dpxRghbKnX1X3iI6thMvjgIqierTG6-16xh88Jvf_0C5JFbf_2magLv27X11I4Pd6bwpgCxgiNxkex_4hps2Ypg6JWnUgtIcoOUMgRknyUFT2W_j2MXqYEhmtTsidiqSo6Y7NXQ6MT-OWyZX4j_4TkMJS_9TeNlkI78_MZS9zuidX4bv9cRtXKdgqVX4mH7rCyr-3hlfs1OobdPs5xFRAVhjhJPg6xOz8hU7Lgnj1bxUJkImiw-jTX_6ht-nhp7CylCZlUhnew8XansZ62cfU2712mxNttJlX-tSvuMeSOwGnBchvFCf1-d3uj3xAxe-8nKcv5d6woafaMEbHUu2AYqWkJ_CzmMdy2dChtaGS62YpHAsiDwSXt0R3WP41VPJLe3H021GLm5OxsZ_GddDYgmO0VbQLrPIf4GQVzK2q0KluBCMJtw_UVJqv6ILLWBO-YX3F_im2qPTFloYIxazBHTJXOoKaUQQISuX5462lttYMZAYYttCq57rxjMNNzSIsxa506sZotINhrtN3D0SPYsSfzyuMkwr8Kc-Ty5ZY0monBzMJyBsy2Dk9HTRMAyNY6GSO9QEjkJxR5FeOSyu5o8AsU3YU6d5g9E6iMDtJMhj9_ubujea3FiYKtiwT55LVkeNkbtxax0JqrPsZlyfZYOJGBmnSgwKJF6QTXKhuDwuMZL2c7qWBlvzx0u7CASjhLCIf2_Jzar9evZoAngBwdZkYNkKecz_Nxj8uwKUoD8Pe-o1Z3VnnFqIpER8QKX5ccVa30Eg&bid=0.0028 HTTP 302
https://gfxdn.pics/m/p/0/877/877619/conversions/obAKzJND-in-page-ad-icons.jpg

36 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request read Show response
flibusta.site/b/298360/
Redirect Chain

http://flibusta.site/b/298360/read
https://flibusta.site/b/298360/read
http://flibusta.site/b/298360/read
http://flibusta.site/b/298360/read

1 MB
382 KB

408ms
408ms

Document
text/html

185.238.168.83
SCALAXY-AS Scalax...

General

Check archive.org

Show headers Download Go to

Full URL: http://flibusta.site/b/298360/read
Protocol: HTTP/1.1
Server: 185.238.168.83 Meppel, Netherlands, ASN58061 (SCALAXY-AS Scalaxy B.V., LV),
Reverse DNS: kinouz.club
Software: nginx /
Resource Hash: 7f5c2165028f75b6373bc0680cc46b582beed0d6c258fb5236c5324c98250df8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Age: 221
Cache-Control: public, max-age=600
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 13 Dec 2024 20:20:29 GMT
ETag: W/"1734121008"
Expires: Sun, 11 Mar 1984 12:00:00 GMT
Keep-Alive: timeout=35
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding

Redirect headers

Location: http://flibusta.site/b/298360/read#anotelink123
Non-Authoritative-Reason: HttpsUpgrades

GET
H2

200

css_96dc2b2360a2a902952acda2b7353264.css
flibusta.site/sites/default/files/css/
Redirect Chain

http://flibusta.site/sites/default/files/css/css_96dc2b2360a2a902952acda2b7353264.css
https://flibusta.site/sites/default/files/css/css_96dc2b2360a2a902952acda2b7353264.css

26 KB
7 KB

415ms
80ms

Stylesheet
text/css

185.238.168.83
SCALAXY-AS Scalax...

General

Check archive.org

Show headers Download Go to

Full URL: https://flibusta.site/sites/default/files/css/css_96dc2b2360a2a902952acda2b7353264.css
Requested by: Host: flibusta.site
URL: http://flibusta.site/b/298360/read
Protocol: H2
Server: 185.238.168.83 Meppel, Netherlands, ASN58061 (SCALAXY-AS Scalaxy B.V., LV),
Reverse DNS: kinouz.club
Software: nginx /
Resource Hash: ad6a82ffd7fc8f8c1f7af1c930c742bf93b19fd5da3584087ebd0672a23f3a38

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

cache-control: max-age=315360000
content-encoding: gzip
etag: W/"596320ae-683f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Fri, 13 Dec 2024 20:20:30 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
server: nginx

Redirect headers

Location: https://flibusta.site/sites/default/files/css/css_96dc2b2360a2a902952acda2b7353264.css
Content-Length: 138
Keep-Alive: timeout=35
Date: Fri, 13 Dec 2024 20:20:30 GMT
Content-Type: text/html
Server: nginx
Connection: keep-alive

GET
H2

200

js_38da4b3058a476fa69101d044220c361.js Show response
flibusta.site/sites/default/files/js/
Redirect Chain

http://flibusta.site/sites/default/files/js/js_38da4b3058a476fa69101d044220c361.js
https://flibusta.site/sites/default/files/js/js_38da4b3058a476fa69101d044220c361.js

130 KB
130 KB

391ms
56ms

Script
application/javascript

185.238.168.83
SCALAXY-AS Scalax...

General

Check archive.org

Show headers Download Go to

Full URL: https://flibusta.site/sites/default/files/js/js_38da4b3058a476fa69101d044220c361.js
Requested by: Host: flibusta.site
URL: http://flibusta.site/b/298360/read
Protocol: H2
Server: 185.238.168.83 Meppel, Netherlands, ASN58061 (SCALAXY-AS Scalaxy B.V., LV),
Reverse DNS: kinouz.club
Software: nginx /
Resource Hash: 0ce15a8f257959b2f4e39c9d2eaa5e7ca98ac78d9740851aa1b1d9d0c56f3009

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

cache-control: max-age=315360000
etag: "596320ae-20848"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
date: Fri, 13 Dec 2024 20:20:30 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
server: nginx

Redirect headers

Location: https://flibusta.site/sites/default/files/js/js_38da4b3058a476fa69101d044220c361.js
Content-Length: 138
Keep-Alive: timeout=35
Date: Fri, 13 Dec 2024 20:20:30 GMT
Content-Type: text/html
Server: nginx
Connection: keep-alive

GET
H2

200

script.js Show response
flibusta.site/caa/
Redirect Chain

http://flibusta.site/caa/script.js
https://flibusta.site/caa/script.js

6 KB
6 KB

352ms
17ms

Script
application/javascript

185.238.168.83
SCALAXY-AS Scalax...

General

Check archive.org

Show headers Download Go to

Full URL: https://flibusta.site/caa/script.js
Requested by: Host: flibusta.site
URL: http://flibusta.site/b/298360/read
Protocol: H2
Server: 185.238.168.83 Meppel, Netherlands, ASN58061 (SCALAXY-AS Scalaxy B.V., LV),
Reverse DNS: kinouz.club
Software: nginx /
Resource Hash: 6e1e9110e10d479af4d8c76ca8712249a858ae8a03b215ebe18d37f34950f985

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

accept-ranges: bytes
content-length: 6403
date: Fri, 13 Dec 2024 20:20:30 GMT
etag: "6759a489-1903"
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 14:41:13 GMT
server: nginx

Redirect headers

Location: https://flibusta.site/caa/script.js
Content-Length: 138
Keep-Alive: timeout=35
Date: Fri, 13 Dec 2024 20:20:30 GMT
Content-Type: text/html
Server: nginx
Connection: keep-alive

GET
H2

200

bluebreeze_logo.png
flibusta.site/sites/default/files/
Redirect Chain

http://flibusta.site/sites/default/files/bluebreeze_logo.png
https://flibusta.site/sites/default/files/bluebreeze_logo.png

13 KB
13 KB

391ms
55ms

Image
image/png

185.238.168.83
SCALAXY-AS Scalax...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flibusta.site/sites/default/files/bluebreeze_logo.png
Requested by: Host: flibusta.site
URL: http://flibusta.site/b/298360/read
Protocol: H2
Server: 185.238.168.83 Meppel, Netherlands, ASN58061 (SCALAXY-AS Scalaxy B.V., LV),
Reverse DNS: kinouz.club
Software: nginx /
Resource Hash: 6ebb99f44b593382de6cfbf5a66e1e4eb5f56c4061dcbb889c4e741bda853cb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
cache-control: max-age=315360000
date: Fri, 13 Dec 2024 20:20:30 GMT
etag: "4b1ad767-3374"
content-type: image/png
server: nginx

Redirect headers

Location: https://flibusta.site/sites/default/files/bluebreeze_logo.png
Content-Length: 138
Keep-Alive: timeout=35
Date: Fri, 13 Dec 2024 20:20:30 GMT
Content-Type: text/html
Server: nginx
Connection: keep-alive

GET
H2

200

znak.gif
flibusta.site/img/
Redirect Chain

http://flibusta.site/img/znak.gif
https://flibusta.site/img/znak.gif

924 B
1 KB

61ms
60ms

Image
image/gif

185.238.168.83
SCALAXY-AS Scalax...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flibusta.site/img/znak.gif
Requested by: Host: flibusta.site
URL: http://flibusta.site/b/298360/read
Protocol: H2
Server: 185.238.168.83 Meppel, Netherlands, ASN58061 (SCALAXY-AS Scalaxy B.V., LV),
Reverse DNS: kinouz.club
Software: nginx /
Resource Hash: 2dd383c5239714ef03d7c008981db637b769e016c8ea943ba1a0dc5b8487942d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
cache-control: max-age=315360000
date: Fri, 13 Dec 2024 20:20:31 GMT
etag: "4f2bdef4-39c"
content-type: image/gif
server: nginx

Redirect headers

Location: https://flibusta.site/img/znak.gif
Content-Length: 138
Keep-Alive: timeout=35
Date: Fri, 13 Dec 2024 20:20:30 GMT
Content-Type: text/html
Server: nginx
Connection: keep-alive

GET
H2 200 bg-header.gif
flibusta.site/themes/bluebreeze/images/ 40 KB
41 KB 58ms
57ms Image
image/gif 185.238.168.83
SCALAXY-AS Scalax...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flibusta.site/themes/bluebreeze/images/bg-header.gif
Requested by: Host: flibusta.site
URL: https://flibusta.site/sites/default/files/css/css_96dc2b2360a2a902952acda2b7353264.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 185.238.168.83 Meppel, Netherlands, ASN58061 (SCALAXY-AS Scalaxy B.V., LV),
Reverse DNS: kinouz.club
Software: nginx /
Resource Hash: d5382a54699a1e6984f8d16c12b2874c57d7da68e7dc4999a2423cbe1f56a419

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://flibusta.site/sites/default/files/css/css_96dc2b2360a2a902952acda2b7353264.css

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
cache-control: max-age=315360000
date: Fri, 13 Dec 2024 20:20:31 GMT
etag: "549911f8-a151"
content-type: image/gif
server: nginx

GET
H2 200 bg-primary.gif
flibusta.site/themes/bluebreeze/images/ 146 B
292 B 56ms
56ms Image
image/gif 185.238.168.83
SCALAXY-AS Scalax...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flibusta.site/themes/bluebreeze/images/bg-primary.gif
Requested by: Host: flibusta.site
URL: https://flibusta.site/sites/default/files/css/css_96dc2b2360a2a902952acda2b7353264.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 185.238.168.83 Meppel, Netherlands, ASN58061 (SCALAXY-AS Scalaxy B.V., LV),
Reverse DNS: kinouz.club
Software: nginx /
Resource Hash: dfcea52ba20178b53f04aa15dd3ac627061def92702459e3afdf5dc2910138a6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://flibusta.site/sites/default/files/css/css_96dc2b2360a2a902952acda2b7353264.css

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
cache-control: max-age=315360000
date: Fri, 13 Dec 2024 20:20:31 GMT
etag: "4f2bdef0-92"
content-type: image/gif
server: nginx

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 153 KB
55 KB 605ms
137ms Script
application/javascript 77.88.21.119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: flibusta.site
URL: http://flibusta.site/b/298360/read

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

6d5c75279c80c9829a98894b094dd97fe778341184894855358b55d7527756a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
content-encoding: br
etag: "674f133a-d85d"
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires: Fri, 13 Dec 2024 21:20:33 GMT
access-control-allow-origin: *
content-length: 55389
date: Fri, 13 Dec 2024 20:20:33 GMT
content-type: application/javascript
last-modified: Tue, 03 Dec 2024 14:18:34 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?t26.6;r;s1600*1200*24;uhttp%3A//flibusta.site/b/298360/read%23anotelink123;0.6846006818775345
https://counter.yadro.ru/hit?t26.6;r;s1600*1200*24;uhttp%3A//flibusta.site/b/298360/read%23anotelink123;0.6846006818775345
https://counter.yadro.ru/hit?q;t26.6;r;s1600*1200*24;uhttp%3A//flibusta.site/b/298360/read%23anotelink123;0.6846006818775345

111 B
597 B

63ms
63ms

Image
image/gif

88.212.201.198
UNITEDNET EDINAYA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t26.6;r;s1600*1200*24;uhttp%3A//flibusta.site/b/298360/read%23anotelink123;0.6846006818775345

Requested by

Host: flibusta.site
URL: http://flibusta.site/b/298360/read

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

771258edf682e442c71c3f6e2e6efdb65fb985307663a5f4819818120a3cceec

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

Strict-Transport-Security: max-age=86400
Cache-control: no-cache
Pragma: no-cache
Connection: keep-alive
Expires: Wed, 13 Dec 2023 21:00:00 GMT
Access-Control-Allow-Origin: *
Content-Length: 111
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Date: Fri, 13 Dec 2024 20:20:32 GMT
Content-Type: image/gif
Server: nginx/1.17.9

Redirect headers

Strict-Transport-Security: max-age=86400
Cache-control: no-cache
Location: https://counter.yadro.ru/hit?q;t26.6;r;s1600*1200*24;uhttp%3A//flibusta.site/b/298360/read%23anotelink123;0.6846006818775345
Pragma: no-cache
Connection: keep-alive
Expires: Wed, 13 Dec 2023 21:00:00 GMT
Content-Length: 32
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Date: Fri, 13 Dec 2024 20:20:32 GMT
Content-Type: text/html
Server: nginx/1.17.9

GET
H2 200 bg-footer.gif
flibusta.site/themes/bluebreeze/images/ 187 B
333 B 58ms
58ms Image
image/gif 185.238.168.83
SCALAXY-AS Scalax...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flibusta.site/themes/bluebreeze/images/bg-footer.gif
Requested by: Host: flibusta.site
URL: https://flibusta.site/sites/default/files/css/css_96dc2b2360a2a902952acda2b7353264.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 185.238.168.83 Meppel, Netherlands, ASN58061 (SCALAXY-AS Scalaxy B.V., LV),
Reverse DNS: kinouz.club
Software: nginx /
Resource Hash: f739d2729f1fd478c855bef64b16d83ab8524e6068651ca4325e47ccca7aa1bc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://flibusta.site/sites/default/files/css/css_96dc2b2360a2a902952acda2b7353264.css

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
cache-control: max-age=315360000
date: Fri, 13 Dec 2024 20:20:32 GMT
etag: "4f2bdef0-bb"
content-type: image/gif
server: nginx

GET
H2 200 cb1a8456623bec0e059bf79f62907e7c.js Show response
5837941a19.d1f76eb5a4.com/ 119 KB
37 KB 65ms
27ms Script
application/javascript 45.133.44.52
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://5837941a19.d1f76eb5a4.com/cb1a8456623bec0e059bf79f62907e7c.js
Requested by: Host: flibusta.site
URL: http://flibusta.site/caa/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 78c30b418896961856ee26e09ac3990b9e790852ad1333a0d30e8ede9f771a6f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: http://flibusta.site
Referer: http://flibusta.site/

Response headers

cache-control: max-age=300
content-encoding: gzip
etag: W/"6751bce7-1dc9f"
expires: Fri, 13 Dec 2024 20:25:32 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
date: Fri, 13 Dec 2024 20:20:32 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 05 Dec 2024 14:47:03 GMT
server: nginx/1.18.0
x-cdn-host-id: ah1747

GET
H2 200 6129 Show response
5837941a19.d1f76eb5a4.com/5ce4de96e7c142609c333432ff448299/ 3 KB
3 KB 15ms
15ms XHR
application/json 45.133.44.52
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://5837941a19.d1f76eb5a4.com/5ce4de96e7c142609c333432ff448299/6129?version_name=c&domain=flibusta.site
Requested by: Host: 5837941a19.d1f76eb5a4.com
URL: https://5837941a19.d1f76eb5a4.com/cb1a8456623bec0e059bf79f62907e7c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 16217b05e7c78179d3757ea45c227f1a974c2d7fc7741d0197a4489b839fa463

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

cache-control: max-age=300
expires: Fri, 13 Dec 2024 20:25:32 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
date: Fri, 13 Dec 2024 20:20:32 GMT
content-type: application/json
server: nginx/1.18.0
x-cdn-host-id: ah1747

GET
H2 200 advertising.js Show response
js.capndr.com/ 0
256 B 51ms
14ms Script
application/javascript 45.133.44.52
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.capndr.com/advertising.js
Requested by: Host: 5837941a19.d1f76eb5a4.com
URL: https://5837941a19.d1f76eb5a4.com/cb1a8456623bec0e059bf79f62907e7c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

cache-control: max-age=300
etag: "64b105fd-0"
expires: Fri, 13 Dec 2024 20:25:32 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
content-length: 0
date: Fri, 13 Dec 2024 20:20:32 GMT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
server: nginx/1.18.0
x-cdn-host-id: ah1747

GET
H2 200 tags Show response
notification.tubecup.net/ 3 KB
1 KB 97ms
34ms XHR
application/json 78.47.199.204
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://notification.tubecup.net/tags?tag_id=6129&timezone_olson=Europe/Amsterdam&version_name=c&med_script_id=33&page=http%3A//flibusta.site/b/298360/read%23anotelink123
Requested by: Host: 5837941a19.d1f76eb5a4.com
URL: https://5837941a19.d1f76eb5a4.com/cb1a8456623bec0e059bf79f62907e7c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 78.47.199.204 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.204.199.47.78.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 7dfcff5744cef65e656024df24f3e7e3d36a7d4df3d6baf557deb40634605682

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

cache-control: no-transform, no-cache, no-store, must-revalidate
content-encoding: br
pragma: no-cache
access-control-allow-methods: *
access-control-allow-origin: *
content-length: 1180
date: Fri, 13 Dec 2024 20:20:32 GMT
content-type: application/json
vary: Origin
server: nginx/1.18.0
access-control-allow-headers: Content-Type

GET
H3 200 count.html
storage.multstorage.com/log/ Frame 4D6D 0
0 50ms
35ms Document
text/html 172.67.174.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.multstorage.com/log/count.html
Requested by: Host: 5837941a19.d1f76eb5a4.com
URL: https://5837941a19.d1f76eb5a4.com/cb1a8456623bec0e059bf79f62907e7c.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.174.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://flibusta.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f18a7c99958f5eb-AMS
content-encoding: zstd
content-type: text/html
date: Fri, 13 Dec 2024 20:20:32 GMT
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IT1zgaGO%2Fo8h1KztjsOt9swa4f7b2A2i%2Fh9qckjZXIzWpu73vDSutbADi%2BMKX09XrLePLzUF29HGda1a5oineuKx6PzYO2e%2FEyNTX%2Fea3UX8jUNyjgy3cfO%2B4z1p7BiEIELR2tOda3poyA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=13810&min_rtt=13578&rtt_var=3048&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4099&recv_bytes=4466&delivery_rate=42860&cwnd=12000&unsent_bytes=0&cid=fb289cd09b1e0659&ts=38&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding
x-request-id: 3ce138d3861877962e8840c199dca670

GET
H2 200 track Show response
c99e557214.06cffaae87.com/in/ 0
225 B 91ms
49ms XHR
text/plain 45.133.44.53
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://c99e557214.06cffaae87.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNjEyOTE2MDAwNTA3NjM4MjAwMCIsInRpbWV6b25lIjoxLCJ2ZXIiOiIzLjEzNi4wIiwidGFnX2lkIjo2MTI5LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjE2MDB4MTIwMCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiRXVyb3BlL0Ftc3RlcmRhbSIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjE5LCJpc192MiI6MSwiaXNfdjJfZW1wdHkiOm51bGx9
Requested by: Host: 5837941a19.d1f76eb5a4.com
URL: https://5837941a19.d1f76eb5a4.com/cb1a8456623bec0e059bf79f62907e7c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-methods: *
access-control-allow-origin: *
content-length: 0
date: Fri, 13 Dec 2024 20:20:32 GMT
vary: Origin
server: nginx/1.18.0
x-cdn-host-id: ah1747
access-control-allow-headers: Content-Type

GET
H2 200 e0d4c9ec4c75d3243730e7a2a770d178.js Show response
5837941a19.d1f76eb5a4.com/ 185 KB
51 KB 55ms
27ms Script
application/javascript 45.133.44.52
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://5837941a19.d1f76eb5a4.com/e0d4c9ec4c75d3243730e7a2a770d178.js
Requested by: Host: 5837941a19.d1f76eb5a4.com
URL: https://5837941a19.d1f76eb5a4.com/cb1a8456623bec0e059bf79f62907e7c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 7c00201e3af3d0d4022425c32a6c0e8139dfa0343f3fbf1d7a8fc3f8b5734fba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

cache-control: max-age=300
content-encoding: gzip
etag: W/"67331771-2e53c"
expires: Fri, 13 Dec 2024 20:25:32 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
date: Fri, 13 Dec 2024 20:20:32 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 12 Nov 2024 08:53:05 GMT
server: nginx/1.18.0
x-cdn-host-id: ah1747

GET
H2 200 861f27cdf4e5d14b97bc0713552cbea4.js Show response
5837941a19.d1f76eb5a4.com/ 53 KB
16 KB 72ms
45ms Script
application/javascript 45.133.44.52
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://5837941a19.d1f76eb5a4.com/861f27cdf4e5d14b97bc0713552cbea4.js
Requested by: Host: 5837941a19.d1f76eb5a4.com
URL: https://5837941a19.d1f76eb5a4.com/cb1a8456623bec0e059bf79f62907e7c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 251dcf6d1d09f96d3c48595d83c035ba2580192a82fdaf6e9e74d9a8b57f158e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

cache-control: max-age=300
content-encoding: gzip
etag: W/"66a7da28-d2e9"
expires: Fri, 13 Dec 2024 20:25:32 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
date: Fri, 13 Dec 2024 20:20:32 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 29 Jul 2024 18:06:32 GMT
server: nginx/1.18.0
x-cdn-host-id: ah1747

OPTIONS
H/1.1 204
No Content fp
fp.metricswpsh.com/ Frame 0
0 88ms
26ms Preflight 157.90.84.242
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=6129
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 157.90.84.242 Ismaning, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.242.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://flibusta.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: http://flibusta.site
Connection: keep-alive
Date: Fri, 13 Dec 2024 20:20:32 GMT
Server: nginx/1.20.1
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H/1.1 200
OK fp Show response
fp.metricswpsh.com/ 60 B
432 B 80ms
27ms XHR
application/json 157.90.84.242
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=6129
Requested by: Host: 5837941a19.d1f76eb5a4.com
URL: https://5837941a19.d1f76eb5a4.com/cb1a8456623bec0e059bf79f62907e7c.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 157.90.84.242 Ismaning, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.242.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 97d8618499ee578a101e9abc040b6c01627649d2dae70907eb9b714b9361e4ca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Referer: http://flibusta.site/

Response headers

Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://flibusta.site
Content-Length: 60
Date: Fri, 13 Dec 2024 20:20:33 GMT
Content-Type: application/json; charset=UTF-8
Vary: Origin
Server: nginx/1.20.1

GET

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AeZLP98QCCnVWDCeebj_sosjINcrlbVtp2vkSkh_-D9ffkCuG2x7F8RJ_2GRm...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeZLP9_yLPf_3sOcNMChty3LBXisjFVL7Q3XWEWugxKhHb7P2b7oB9-JGQ7eK5gGY0gdYJDJvsQPlA&passive...

0
0

GET
H2 200 657c555086293c18b74ae2d12e25d795.js Show response
5837941a19.d1f76eb5a4.com/ 539 KB
129 KB 15ms
15ms Script
application/javascript 45.133.44.52
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://5837941a19.d1f76eb5a4.com/657c555086293c18b74ae2d12e25d795.js
Requested by: Host: 5837941a19.d1f76eb5a4.com
URL: https://5837941a19.d1f76eb5a4.com/e0d4c9ec4c75d3243730e7a2a770d178.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 672ed964c28cd87d6396cc8fc306efae3f88823829f9aec3970df2a60cfe7667

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

cache-control: max-age=300
content-encoding: gzip
etag: W/"6733176b-86d5a"
expires: Fri, 13 Dec 2024 20:25:32 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
date: Fri, 13 Dec 2024 20:20:32 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 12 Nov 2024 08:52:59 GMT
server: nginx/1.18.0
x-cdn-host-id: ah1747

GET
H2 200 dip Show response
nereserv.com/in/ 0
201 B 92ms
26ms XHR
text/plain 116.202.249.56
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://nereserv.com/in/dip?site=native-push&wl=1&event_id=0c44bed5-a459-4540-ae8e-f687ff18d995&subid=166187950&sid=3548746419&spot_id=335648&created_at=2024-12-13&timezone=1&ver=8.198.1&is_native=1
Requested by: Host: 5837941a19.d1f76eb5a4.com
URL: https://5837941a19.d1f76eb5a4.com/e0d4c9ec4c75d3243730e7a2a770d178.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.249.56 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.56.249.202.116.clients.your-server.de
Software: nginx/1.24.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-methods: *
access-control-allow-origin: *
content-length: 0
date: Fri, 13 Dec 2024 20:20:33 GMT
vary: Origin
server: nginx/1.24.0
access-control-allow-headers: Content-Type

OPTIONS
H2 204 multy
22f93ea046.c74632eb91.com/in/ Frame 0
0 386ms
24ms Preflight 168.119.25.102
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://22f93ea046.c74632eb91.com/in/multy
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 168.119.25.102 Düsseldorf, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.102.25.119.168.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://flibusta.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
date: Fri, 13 Dec 2024 20:20:33 GMT
pragma: no-cache
server: nginx/1.18.0
vary: Origin

POST
H2 200 multy Show response
22f93ea046.c74632eb91.com/in/ 62 KB
9 KB 256ms
255ms XHR
application/json 168.119.25.102
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://22f93ea046.c74632eb91.com/in/multy
Requested by: Host: 5837941a19.d1f76eb5a4.com
URL: https://5837941a19.d1f76eb5a4.com/e0d4c9ec4c75d3243730e7a2a770d178.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 168.119.25.102 Düsseldorf, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.102.25.119.168.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 072ac8dd0eb3a9b5286ae230342c6a6be02a1041fd36ec302c29676fc229650e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Referer: http://flibusta.site/

Response headers

cache-control: no-transform, no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-methods: *
access-control-allow-origin: *
content-length: 8450
date: Fri, 13 Dec 2024 20:20:33 GMT
content-type: application/json
vary: Origin
server: nginx/1.18.0
access-control-allow-headers: Content-Type

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10592.wWpvoFDBohSPtvukXZORKrUFvcgAkR3wItB5WyZMHRJ49kHknDS2XTgiyzvQZcyD.gHt3caucrBiByvm19PJ2yxrYdfg%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10592.1TOOGkH7rvfWTUaq5G4zvu25Q8rU7oFOBKjvi9ePbpCgfQjuKMCgBS0wOdfsZhXXrDMEcnNmAUmvpwGgj10e3WmdFBtqrFRgPGd0ZV0m_5zgyJBeXoJMqbQql2bXr-W6ijgQWj1g65...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10592.O1w6_N3N8nrfS5fMX8fIJF7cFCJ_qHjBkvgnIPZF55qgjZInITkcmfbSMRR-JbzUBcrECpVno88t2OdSbm-JvtDKYoRqoXOP-Cgd-iplhZ-WV...

43 B
579 B

63ms
62ms

Image
image/gif

77.88.21.119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10592.O1w6_N3N8nrfS5fMX8fIJF7cFCJ_qHjBkvgnIPZF55qgjZInITkcmfbSMRR-JbzUBcrECpVno88t2OdSbm-JvtDKYoRqoXOP-Cgd-iplhZ-WV9E7HnoueJRgBz_kUe0FqEy-mO0A9OZunWUKdcTQ6hQCD8BbRlQ1sK79o-zRQDsLANyNjQcLjwp-hVn5GZ6lQhq5_sXSERBacuV87_J_dA%2C%2C.40l4u2C8IS8ExhWCGwC5oIUj7n8%2C

Requested by

Host: flibusta.site
URL: http://flibusta.site/b/298360/read

Protocol

Server

77.88.21.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
date: Fri, 13 Dec 2024 20:20:33 GMT
content-type: image/gif

Redirect headers

strict-transport-security: max-age=31536000
location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10592.O1w6_N3N8nrfS5fMX8fIJF7cFCJ_qHjBkvgnIPZF55qgjZInITkcmfbSMRR-JbzUBcrECpVno88t2OdSbm-JvtDKYoRqoXOP-Cgd-iplhZ-WV9E7HnoueJRgBz_kUe0FqEy-mO0A9OZunWUKdcTQ6hQCD8BbRlQ1sK79o-zRQDsLANyNjQcLjwp-hVn5GZ6lQhq5_sXSERBacuV87_J_dA%2C%2C.40l4u2C8IS8ExhWCGwC5oIUj7n8%2C
x-xss-protection: 1; mode=block
date: Fri, 13 Dec 2024 20:20:33 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
570 B 73ms
72ms Image
image/gif 77.88.21.119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: flibusta.site
URL: http://flibusta.site/b/298360/read

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
etag: "674f133a-2b"
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires: Fri, 13 Dec 2024 21:20:33 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43
date: Fri, 13 Dec 2024 20:20:33 GMT
content-type: image/gif
last-modified: Tue, 03 Dec 2024 14:18:34 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/46512705/
Redirect Chain

https://mc.yandex.com/watch/46512705?wmode=7&page-url=http%3A%2F%2Fflibusta.site%2Fb%2F298360%2Fread%23anotelink123&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Afqngs4ku2psd4e9m0lq0o0a6g7v%...
https://mc.yandex.com/watch/46512705/1?wmode=7&page-url=http%3A%2F%2Fflibusta.site%2Fb%2F298360%2Fread%23anotelink123&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Afqngs4ku2psd4e9m0lq0o0a6g7...

615 B
731 B

65ms
65ms

Fetch
application/json

77.88.21.119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/46512705/1?wmode=7&page-url=http%3A%2F%2Fflibusta.site%2Fb%2F298360%2Fread%23anotelink123&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Afqngs4ku2psd4e9m0lq0o0a6g7v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1541%3Acn%3A1%3Adp%3A0%3Als%3A1668719868828%3Ahid%3A252086831%3Az%3A60%3Ai%3A20241213212033%3Aet%3A1734121233%3Ac%3A1%3Arn%3A319329347%3Arqn%3A1%3Au%3A1734121233714518780%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1947%3Ads%3A0%2C0%2C407%2C2345%2C361%2C0%2C%2C13%2C17%2C%2C%2C%2C3126%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1734121229448%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1734121234%3At%3A%D0%A1%D0%BA%D0%B5%D0%BB%D0%B5%D1%82%D1%8B%20%D0%B2%20%D1%88%D0%BA%D0%B0%D1%84%D1%83%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%28fb2%29%20%7C%20%D0%A4%D0%BB%D0%B8%D0%B1%D1%83%D1%81%D1%82%D0%B0&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283178752%29ti%281%29

Protocol

Server

77.88.21.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

0f5350e807c22430fe24bc373f6194e3ce93e63a9471212d18260ffa07600dc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma: no-cache
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 13-Dec-2024 20:20:33 GMT
access-control-allow-origin: http://flibusta.site
content-length: 615
x-xss-protection: 1; mode=block
date: Fri, 13 Dec 2024 20:20:33 GMT
last-modified: Fri, 13-Dec-2024 20:20:33 GMT
content-type: application/json; charset=utf-8

Redirect headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
location: /watch/46512705/1?wmode=7&page-url=http%3A%2F%2Fflibusta.site%2Fb%2F298360%2Fread%23anotelink123&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Afqngs4ku2psd4e9m0lq0o0a6g7v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1541%3Acn%3A1%3Adp%3A0%3Als%3A1668719868828%3Ahid%3A252086831%3Az%3A60%3Ai%3A20241213212033%3Aet%3A1734121233%3Ac%3A1%3Arn%3A319329347%3Arqn%3A1%3Au%3A1734121233714518780%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1947%3Ads%3A0%2C0%2C407%2C2345%2C361%2C0%2C%2C13%2C17%2C%2C%2C%2C3126%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1734121229448%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1734121234%3At%3A%D0%A1%D0%BA%D0%B5%D0%BB%D0%B5%D1%82%D1%8B%20%D0%B2%20%D1%88%D0%BA%D0%B0%D1%84%D1%83%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%28fb2%29%20%7C%20%D0%A4%D0%BB%D0%B8%D0%B1%D1%83%D1%81%D1%82%D0%B0&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283178752%29ti%281%29
pragma: no-cache
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials: true
expires: Fri, 13-Dec-2024 20:20:33 GMT
access-control-allow-origin: http://flibusta.site
x-xss-protection: 1; mode=block
date: Fri, 13 Dec 2024 20:20:33 GMT
last-modified: Fri, 13-Dec-2024 20:20:33 GMT

GET
H2

200

bluebreeze_favicon.ico
flibusta.site/sites/default/files/
Redirect Chain

http://flibusta.site/sites/default/files/bluebreeze_favicon.ico
https://flibusta.site/sites/default/files/bluebreeze_favicon.ico

7 KB
7 KB

54ms
54ms

Other
image/x-icon

185.238.168.83
SCALAXY-AS Scalax...

General

Check archive.org

Show headers Download Go to

Full URL: https://flibusta.site/sites/default/files/bluebreeze_favicon.ico
Protocol: H2
Server: 185.238.168.83 Meppel, Netherlands, ASN58061 (SCALAXY-AS Scalaxy B.V., LV),
Reverse DNS: kinouz.club
Software: nginx /
Resource Hash: 2acabe7af8813c05542ce5ce3c0c61249e63c7d890a88890e1d6a4f6dc2783e2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
cache-control: max-age=315360000
date: Fri, 13 Dec 2024 20:20:33 GMT
etag: "4b1b8208-1cee"
content-type: image/x-icon
server: nginx

Redirect headers

Location: https://flibusta.site/sites/default/files/bluebreeze_favicon.ico
Content-Length: 138
Keep-Alive: timeout=35
Date: Fri, 13 Dec 2024 20:20:33 GMT
Content-Type: text/html
Server: nginx
Connection: keep-alive

GET
H2 200 SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp
static.bookmsg.com/creatives/SG/ 486 B
716 B 350ms
15ms Image
image/webp 45.133.44.25
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

cache-control: max-age=31536000
etag: "6659aceb-1e6"
expires: Sat, 13 Dec 2025 20:20:33 GMT
x-proxy-cache: HIT
accept-ranges: bytes
content-length: 486
date: Fri, 13 Dec 2024 20:20:33 GMT
content-type: image/webp
last-modified: Fri, 31 May 2024 10:56:43 GMT
server: nginx/1.24.0
x-cdn-host-id: ah1742

GET
H2 200 SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
static.bookmsg.com/creatives/SG/ 1 KB
1 KB 351ms
16ms Image
image/webp 45.133.44.25
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

cache-control: max-age=31536000
etag: "6659aceb-42a"
expires: Sat, 13 Dec 2025 20:20:33 GMT
x-proxy-cache: HIT
accept-ranges: bytes
content-length: 1066
date: Fri, 13 Dec 2024 20:20:33 GMT
content-type: image/webp
last-modified: Fri, 31 May 2024 10:56:43 GMT
server: nginx/1.24.0
x-cdn-host-id: ah1742

GET
H2 200 /
22f93ea046.c74632eb91.com/in/show/ 0
200 B 379ms
26ms Image
text/plain 168.119.25.102
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://22f93ea046.c74632eb91.com/in/show/?tag_ab=c&site_id=31335648&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&user_keywords=&device_theme=light&v2_track=0&v2=1&conditions=all,dch_ip&ssp=3963&page=http%3A%2F%2Fflibusta.site%2Fb%2F298360%2Fread%23anotelink123&refdom=flibusta.site&auction_time=1734121233&subid=166187950&sid=3548746419&tcid=0&ver=8.198.1&ver_c=&spot_id=335648&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-12-13&iabcat=IAB25-3&keywords=vr&user_fp=8456239565709668807&score=87.46186241281937&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D166187950%26spot_id%3D335648%26is_adult%3D1%26p%3Dhttp%253A%252F%252Fflibusta.site%252Fb%252F298360%252Fread%2523anotelink123%26idzone%3D0%26sid%3D1546&is_cpm=0&resp_type=popunderAd&crid=159176_106912050&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fs.optvz.com%2Fcimp.php%3Fdata%3DTVRjek5ERXlNVEl6TTN3MU9EQTROemxqWkRVMk1qSTNPV0kzWWpoa09USTFNRFV4TnpSaE9ESmtaUS0tfGh0dHBzOi8vbHVraWV4b3IuY29tL2luZGV4LnBocD9pZD1mYzM3YzZjZWYyYTMzZmE1ZjgwOCZleD1vcWROYlZIWFZITlJUSE5YUzRIMnpxcVphS0txWFRTMTNUVHkxU3VsYzZxYXAxRnpwM1RWT2xkSzZWMDFWRjFqcDdLYnJiTG5UMlZYV1hVdWxkTTZWMHJwWFN1bWRLNlYwenFLcWJiS2E2WnJuYmI3ejYxeTdUMTdVVTdYWFV5NTdVejhiVThYVDdXUzF1bW5tb25tcnNtZHg5M29jcHM0eTltM2M1MHJwWFN1bGRLNlYwcnBYU3Vtc29wbW5tbm9vYzUwcnBYU3VsZEs2VjBycFhTdWxkTTZWMDdpRzBqM1VIWDd2WDJQVVA3dEx0dDliS05adHJLclphcnEuTnFwNk5OTkpyYU02WlozQjlnLSZjdD0wLjU1JnpkPTU0MDMzNTQmc2huPWNsaWNrYWRpbGxhLm9yZyZjZD03MDQ4MzE2JnZkPTEwNjkxMjA1MCZ0Z3M9dnImZWVjPSZjYXQ9NTE1JmN2dD1vcWROYlZIWFZITlJUSE5YUzRIMnpxcVphS0txWFRTMTNUVHkxU3VsYzZxYXAxRnpwM1RWT2xkSzZWMDFWRjFqcDdLYnJiTG5UMlZYV1hVdWxkTTZWMHJwWFN1bWRLNlYwenFLcWJiS2E2WnJuYmI3ejYxeTdUMTdVVTdYWFV5NTdVejhiVThYVDdXUzF1bW5tb25tcnNtZHg5M29jcHM0eTltM2M1MHJwWFN1bGRLNlYwcnBYU3Vtc29wbW5tbm9vYzUwcnBYU3VsZEs2VjBycFhTdWxkTTZWMDdpRzBqM1VIWDd2WDJQVVA3dEx0dDliS05adHJLclphcnEuTnFwNk5OTkpyYU02WlozQjlnLSZzaT0xMDExNzQwJnN1PTEyMTMyMTY3MSZrZXlpZD0xfGh0dHBzfDE4NS42NS4xMzQuMTY0fE5MRHwzOXxjbGlja2FkaWxsYS5vcmd8MTU5MTc2fDY2NjE3M3wxMDExNzQwfDU0MDMzNTR8NTE1fDcwNDgzMTZ8MTA2OTEyMDUwfDE1fDJ8MHwwfDE1Mzk3fDEyMTMyMTY3MXw1NXw3MHxFVVJ8VVNEfDAuOTQ5MXwxfDIyfHwxfE5MRHwxODUuNjUuMTM0LjE2NHwyMHw0fDF8fDM1NDg3NDY0MTl8ZGVlMmM2MGQyNmQzNGQ5OTQwYWQ0MmZkNGY5MmQ3MDZ8MXwwfGZsaWJ1c3RhLnNpdGV8MHwwfDB8MC4wMXwxfDB8ZXhjaGFuZ2VfbGlua3wwfDB8Mjc0OTg3OXwwfDB8Mjc1OTc5NHxob3N0aW5nfHZwbnwxfDE0NDB8fDB8MHwwfDB8MHwwfDF8MHx8OHwxfE1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEzMS4wLjAuMCBTYWZhcmkvNTM3LjM2fHwyNHw3fDN8MXwwfHx8MHwwfDB8MHwwfDB8MHwwfDB8MHwwfDIuOTc1NjMwMjV8MC4xNzkxMzc1ODc0Mjg1N3wwLjE3OTEzNzU4NzQyODU3fDAuNTV8MXwyfDB8cnRiLmV4b2NsaWNrLmNvbXxPS3xiNGQ2ZWFiY2E5ODk1NjA5YzhiNjQ3M2NmMzMyMTBlOQ--%26bs%3DTVRjek5ERXlNVEl6TTN3MU9EQTROemxqWkRVMk1qSTNPV0kzWWpoa09USTFNRFV4TnpSaE9ESmtaUS0tfDR8MTcuOTEzNzU4NzQyODU3fDU1fDU1fDB8T0t8ZTI3MjA4MDg0ODM5OGU1Y2RhZmI0NjVmNTc4YWIwN2E-&icons=1AYpzQ8DFQIFLSreKSrWBlJCLONHV3qkJ9ISiKi4B_VwZnukRUk9qQMjo7z7pF9GBuMV-TdTZ8AwpqZfoSaTPBo5_z0wcWh-Opl9y8xcZzhxRVT-vrdofPjVV4PIaj8J3mS6nZNML-jOgUSY6U6RtDCMwt95NWLyDl4sL-i2208W_edklQ&ext_cid=7048316&px_id=121321671&min_cpm=0.0007413440228127191&out_id=1&campaign_type=lq-pop&aid=2140&cid=19057&uniq=&mid=6202495920728361608&skin_id=3&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.0023939587381045695&cpm=0&verify_hash=0be152b3a1a3e1442c929fdc210f2b68&is_native=2&real_bid=0.0003843314013000001&original_bid_usd=0.0003843314013000001&original_bid=0.00036540350000000005&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F131.0.0.0%20Safari%2F537.36&ip_mismatch=185.65.134.164&geo=NL&carrier=-&label_ids=4,89,20,27,70,108,0&need_redirect_show=0&applied_features=gf,coef_098,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0003843314013000001&hostname=auc-inpage-hz-7-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Amsterdam&topics=&historical_keywords=&pop_cpc=0.00000038433140130000007&ext_campaign_id_str=7048316&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&is_in_app=0&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=im-view-b_r-body&mlf=1&mlc=1&st=0.02&cpa=2654e33e-74eb-485b-9092-cdc43c0bcdef&prev_step_diff=649
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 168.119.25.102 Düsseldorf, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.102.25.119.168.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-methods: *
access-control-allow-origin: *
content-length: 0
date: Fri, 13 Dec 2024 20:20:33 GMT
vary: Origin
server: nginx/1.18.0
access-control-allow-headers: Content-Type

GET
H2 200 /
22f93ea046.c74632eb91.com/in/show/ 0
201 B 379ms
26ms Image
text/plain 168.119.25.102
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://22f93ea046.c74632eb91.com/in/show/?tag_ab=c&site_id=31335648&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&user_keywords=&device_theme=light&v2_track=0&v2=1&conditions=all,dch_ip&ssp=3963&page=http%3A%2F%2Fflibusta.site%2Fb%2F298360%2Fread%23anotelink123&refdom=flibusta.site&auction_time=1734121233&subid=166187950&sid=3548746419&tcid=0&ver=8.198.1&ver_c=&spot_id=335648&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-12-13&iabcat=IAB25-3&keywords=vr&user_fp=8456239565709668807&score=87.46186241281937&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D166187950%26spot_id%3D335648%26is_adult%3D1%26p%3Dhttp%253A%252F%252Fflibusta.site%252Fb%252F298360%252Fread%2523anotelink123%26idzone%3D0%26sid%3D1546&is_cpm=1&resp_type=&crid=23970&crtid=7afd541cf0b2971930efcf1a43c6f94c&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3D2J9VSJJqGE7twj372F2BbMsiXrhZ14Iv_uok6vMFYPjpbB0K7SmLGvKUmNpSyjmgfsYEhzY5edUbJoB-M6zLrUmxwnolPKnkV_d968H1uGBG3x29rixTylDlhXMcbHZhUUBNTcN4bNYgCEwu9fVgdHjMcEWF06wQUP8GH6ApK_Gx1hpzdLkkFwhpxp2uy7gTBnJpPoym3y870T2_-_nvhaVCipmNIWzRq2EWsNz5o13AYyqgrScTubczl0GeHp7kGjz3xGWwJhulvtswBxD7bD9-PNRxiNXFoZFkPS2DBeLlC8YQ2uGaM6rq9ShIkB1ZsW3JdMUrPbGBVG6oOIdAw3qE27WL_cm3VHZwL1tsY4BypY9FKXqLR_SdGBGpa5QKP6I8Ata_GHkY2vOMuQ7t680eFG_DaAbGXijVaBeVuRXuqeffMN4dLBBCBTL0udKmMw6EvRutf1426QQ3V8e5BKItgaHJ0cgsMqs4BER0n2NRbvYTapKdx0PTp5FTrRdg8bIb_7cNjitJ3p0CcRr_SKaSKGWMiRyvseRgTD5RVHnKxY17cy5J-gz0Eu_kS4z1GCdrWbM0pT0Y8snVbA7w77LgUV3x0io6Nk7uY782fAuJH4qWg_UCsmx3j186eYefumfiIAb1dq0fZLOgBvCZJAaw4mJ3ed_vM-DZnz0SUhFzv_MCWHmrkaw7brXo6fmk-QDsuDq2JnGTQuHaWFTKhH7sWjfSMU_CDkSPexXYPOPTVtCz0mtfgp0pKF0NKzK9iTiROIsN6FM5yer2BauZpXLZ78fGqtkMgT0QIC7gwoImtG_GJ_ndRv2gR3TlMZFtYOziMqdewIOuunnW0m28C22xYsqVZOioXWL8TICVmx6A5lNgzldy6Xukk4_UDd4Zmdoi_5aMvpKIZoftjVBW0ReEamnvytSS16iR2YngXL10fcmpDf3hmUSBDa2MOcKZiBTVNC9l2KFDx9VutV33kIvk8dGZqrGJHYRLLk1rqrITJ5aG5Vcdlcwpl09KGgj-QIozUP7FPnIsjT1SioxXA7CKEYHXxTIezFMrUX8dgLSi6XgHpNUdAUg7zYsnSdquVmq9sY2Yu4b4PLYl15LSa3QCsUk_J_ssa6krBabqPegkJbdFBynrAsYmATy5kKsNQ_vkIUZzUEYvj014mBvAeLoQQBljH81m7ECtQ6tkb3r-8s6_OjXU1WI9-u_eAKa0wFht3xCp0_1TyPfaNv-DzYRFbmFm1Snc24FVMq4tfd6cu0ia1b950o_6XnZ2widXPhzpNfZ1KCA4czi1Ije3oJVD-9mwyVw2vpaL-w9K08zzxnGuRSXaandvLmo%26bid%3D0.0028&icons=MA-33_Nf68fnb573uW_RTHph2xo5a3Q92wGOBWn9Tbs27TNr9hOIkbms88u31ThMg0YofFc4cJUcp956RyAe5c1DFY1NwsbJ11G1Bt_-7qRiQWVn3hIQHyy-3aQQmqCLxnYWr44JIheMdpTF_46G-cxZbGtyNT_0dGuSFMN3RL1YkDR8S3uJXRg55cdXnc44s3TKSmpWFHt8ts4iPxPbwhUFfaHYOhurJJnjniOsSCl-ZMMURxq6koEZOxVmWlzFgCWsvPgik53pXl2KGosEIviAZ_9chzm7GERLHyl4dFq7mgeZ01e01W0HzbVbj8ME7TUouxJbstluLy70mc2HeN35RRq9Wq2Y9jfJ0py7WISbF49SPb_UVUjhxc67Xaui0mJvh8aoUjEeoD12hFburyEolENo5ivzjI4xKMBfTwsiBHos8GBNbsyBnQ8-vtusc4Gqs2ywkfaJDLAoCOCgioYgKHkCf4a903Z4qOIOq3MO0mxSGHc-AZGYPSnESTYv9d8upYzoYhggCSbMHDgjTqmjN0NqthlotTol5ocfAvmWdhk4lLqwdBSMgT7v3Q3LsjDJ-QtKV4y4vXJlWOxMcd4VEQaBYj4A4cO0duLAh161n7oxomDVniEBf_VVwkBkuAnK4MJp_3eULIPqPdayaoP4aRqeR_4Ax0wDOkqwV1A-48QIaVxZzEKT7mqVICOLicpEuX2VKxpFYBraWzyw6eVDWzpNgk7Kf361t8WQ92rVkbmC78q2HA_xSum06FRkKbi3xLeTqYHnh4gVlDZXAxfLxkeuLnABM_zridhtscgyZAvdehTlnrt1YBd4SZw0Dtm9i57pNyPXBEZcgFlNh6eQt-_iY-wX6YYMtyPYTtUi_7veYg6PBL8AipA9whree0a-1NE8rC1FXDE19FHp57Zex-PSv5OyLcwnqrxN-8SKljlU0vy-ZrcAQ31AJf1Gice2aynWwYHk9Pm2Lw9IgE1IHMzqXobg4xI4pjxXxmNPV7NvMynFHgzy5mreMsQoDYmXbjqvuSbWuRvUsYEtlML6yC_A2baJ6Q2OS16AhaU5Ltnj82H6uVfL5M-upG8GZlTMgKDo6ibcQ65Zm--fILh6EZ5SPCOaW_l7PhK2mDDrOK0ns-sEFZ2y9ccKVW7ehN7fl2zMKThD4ozdkq8F95mga0LRcQctuFpoVscilQqtrjPk3N58I1uEIDJBiZh7prGzo_XPxT99WW_1TEvTq8PFBDYWsLY-IPSutixzQDtI0XgQSG5JAgyT6bUhVbG6TeP30lyJ5XvEJh6dwSDIhjD0oTLdtMXugxC0QybY8PxTysKt6zBDZj3MQWOnmowqHPQg0phVj7XdxPF7MpUfWV_fycffn9FZRtZhPnHQMGl41jK_XwAqDhZEzREaxSE&ext_cid=296087&px_id=73335648&min_cpm=0.0007214643448100299&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=ac0b061ecfa0a113a32d08454258b55dab00a9f17c133fdb27dc27812b4a15b3&mid=6202495920728361608&skin_id=3&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.002693319988250724&cpm=0.0028&verify_hash=e38ead9df3505fe561863c74d45907bf&is_native=1&real_bid=0.002693319988250724&original_bid_usd=0.0028&original_bid=0.0028&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F131.0.0.0%20Safari%2F537.36&ip_mismatch=185.65.134.164&geo=NL&carrier=-&label_ids=90,58,5,108,98,70,0,4&need_redirect_show=0&applied_features=gf,coef_098,main-skins-settings&show_count=1&expiration_timestamp=1734294033&image_url=https%3A%2F%2Fgfxdn.pics%2Fm%2Fp%2F0%2F877%2F877620%2Fconversions%2FRROVp3wz-in-page-ad-images.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-7-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Amsterdam&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=296087&is_webview=0&client_price=0.00384759998321532&direct_client_price=0&priority=0&client_payment_model=cpm&is_in_app=0&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=im-view-b_r-body&st=0.02&cpa=b0b73b1c-77b9-4c61-8a16-668a171cec4f&prev_step_diff=649
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 168.119.25.102 Düsseldorf, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.102.25.119.168.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://flibusta.site/

Response headers

cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-methods: *
access-control-allow-origin: *
content-length: 0
date: Fri, 13 Dec 2024 20:20:33 GMT
vary: Origin
server: nginx/1.18.0
access-control-allow-headers: Content-Type

GET
H2

200

obAKzJND-in-page-ad-icons.jpg
gfxdn.pics/m/p/0/877/877619/conversions/ Frame 0FF0
Redirect Chain

https://p.a64x.com/in/tip_shows/?katds_ep=ipxYELrH1vCDFPfxuuZ42DbXQzadpH2ZkFTNmUXOT7BB0XdQJngdezn9kaJO4FATlG5_-lLUAMHgxoDp06tDnYcMDdei3pZYX_1wjP1YWbnqHtOlh_0qKPN7U2-BYHBqA6zkY_gsAzQAonRzMPBKDYn-ASZ...
https://gfxdn.pics/m/p/0/877/877619/conversions/obAKzJND-in-page-ad-icons.jpg

2 KB
2 KB

15ms
14ms

Image
image/jpeg

45.133.44.24
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfxdn.pics/m/p/0/877/877619/conversions/obAKzJND-in-page-ad-icons.jpg
Protocol: H2
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 4481ddf8a93209e0d2da492224f3445ef940616f85d0b17ac83372db2cb080e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-request-id: f93c48d27898aa2f25ea41cfd215be48
cache-control: no-cache, no-store, must-revalidate
etag: "66c0597d-66f"
pragma: no-cache, no-cache
expires: 0
x-proxy-cache: HIT, HIT
accept-ranges: bytes
content-length: 1647
date: Fri, 13 Dec 2024 20:20:33 GMT
content-type: image/jpeg
last-modified: Sat, 17 Aug 2024 08:04:13 GMT
server: nginx

Redirect headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location: https://gfxdn.pics/m/p/0/877/877619/conversions/obAKzJND-in-page-ad-icons.jpg
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Aox5QK1udXnX7ratFI%2BxIykIJMP3NKlIakWb7Cos6V8%2B2zYzJM%2BiKk9y64wWiU3AUO%2FvMz1V%2B85GjaXhAQGvFYENl6NPUkb9FlDubeMMx45S4%2Fe4Eu5fdrfNTXBi"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f18a7ce5dca1c04-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=13978&min_rtt=13817&rtt_var=5296&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4104&recv_bytes=5075&delivery_rate=192168&cwnd=12000&unsent_bytes=0&cid=cacb3ff25d27be74&ts=33&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 13 Dec 2024 20:20:33 GMT
content-type: application/json
server: cloudflare
priority: u=1,i

GET
DATA 200
OK truncated
/ Frame 0FF0 453 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09a64fe657664c65fab31e300aa48959332ff665a54c6d904ef544b97c79a4ac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 RROVp3wz-in-page-ad-images.jpg
gfxdn.pics/m/p/0/877/877620/conversions/ Frame 0FF0 7 KB
7 KB 52ms
15ms Image
image/jpeg 45.133.44.24
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfxdn.pics/m/p/0/877/877620/conversions/RROVp3wz-in-page-ad-images.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 04fb5d9624f88585c3cd1b12f8674718e20b3ed6a604cfe0dbe04ee88aab7ce0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-request-id: dcc8a8ef8b5fd20e92731dd751f62277
cache-control: no-cache, no-store, must-revalidate
etag: "66c05981-1aa1"
pragma: no-cache, no-cache
expires: 0
x-proxy-cache: HIT, HIT
accept-ranges: bytes
content-length: 6817
date: Fri, 13 Dec 2024 20:20:33 GMT
content-type: image/jpeg
last-modified: Sat, 17 Aug 2024 08:04:17 GMT
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: accounts.google.com
URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeZLP9_yLPf_3sOcNMChty3LBXisjFVL7Q3XWEWugxKhHb7P2b7oB9-JGQ7eK5gGY0gdYJDJvsQPlA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1355298178%3A1734121233347917&ddm=1

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yadro.ru/	1970-01-21 10:26:13	Name: FTID Value: 1dN9SG0mf6Ow1dN9SG001PeF
.yadro.ru/	1970-01-21 10:26:13	Name: VID Value: 07-RUe13XZOw1dN9SG001Pex
fp.metricswpsh.com/	1970-01-21 10:27:37	Name: id Value: 3968976041974051365
.yandex.ru/	1970-01-21 10:27:37	Name: yashr Value: 4808660061734121233
.flibusta.site/	1970-01-21 10:27:37	Name: _ym_uid Value: 1734121233714518780
.flibusta.site/	1970-01-21 10:27:37	Name: _ym_d Value: 1734121233
.mc.yandex.com/	1970-01-21 01:42:01	Name: sync_cookie_csrf Value: 3674769893fake
.yandex.com/	1970-01-21 11:18:01	Name: i Value: ij9hDIgwd1Qp5/HNd7hSx0TcJ7S6BwYHeTOCvlrr4eL0KOjazx28D5VRM027l7DUHafNidbFUcFHUtBb+TaI+chhweE=
.yandex.com/	1970-01-21 10:27:37	Name: yandexuid Value: 5821056361734121233
.yandex.com/	1970-01-21 10:27:37	Name: yashr Value: 7720872031734121233
.flibusta.site/	1970-01-21 01:43:13	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-21 01:42:01	Name: sync_cookie_csrf Value: 528568149fake
.mc.yandex.com/	1970-01-21 01:43:27	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 11:18:01	Name: yandexuid Value: 5821056361734121233
.yandex.ru/	1970-01-21 11:18:01	Name: yuidss Value: 5821056361734121233
.yandex.ru/	1970-01-21 11:18:01	Name: i Value: ij9hDIgwd1Qp5/HNd7hSx0TcJ7S6BwYHeTOCvlrr4eL0KOjazx28D5VRM027l7DUHafNidbFUcFHUtBb+TaI+chhweE=
.yandex.ru/	1970-01-21 11:18:01	Name: yp Value: 1734207633.yu.218659201734121233
.yandex.ru/	1970-01-21 10:27:37	Name: ymex Value: 1736713233.oyu.218659201734121233
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2579559671734121233
.yandex.com/	1970-01-21 10:27:37	Name: yuidss Value: 5821056361734121233
.yandex.com/	1970-01-21 10:27:37	Name: ymex Value: 1765657233.yrts.1734121233
.yandex.com/	1970-01-21 10:27:37	Name: receive-cookie-deprecation Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: http://flibusta.site/b/298360/read#anotelink123 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0B0C40F7C280000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

22f93ea046.c74632eb91.com
5837941a19.d1f76eb5a4.com
accounts.google.com
c99e557214.06cffaae87.com
counter.yadro.ru
flibusta.site
fp.metricswpsh.com
gfxdn.pics
js.capndr.com
mc.yandex.com
mc.yandex.ru
nereserv.com
notification.tubecup.net
p.a64x.com
static.bookmsg.com
storage.multstorage.com
accounts.google.com
116.202.249.56
157.90.84.242
168.119.25.102
172.67.174.51
172.67.185.171
185.238.168.83
45.133.44.24
45.133.44.25
45.133.44.52
45.133.44.53
77.88.21.119
78.47.199.204
88.212.201.198
88.212.201.204
04fb5d9624f88585c3cd1b12f8674718e20b3ed6a604cfe0dbe04ee88aab7ce0
072ac8dd0eb3a9b5286ae230342c6a6be02a1041fd36ec302c29676fc229650e
09a64fe657664c65fab31e300aa48959332ff665a54c6d904ef544b97c79a4ac
0ce15a8f257959b2f4e39c9d2eaa5e7ca98ac78d9740851aa1b1d9d0c56f3009
0f5350e807c22430fe24bc373f6194e3ce93e63a9471212d18260ffa07600dc5
16217b05e7c78179d3757ea45c227f1a974c2d7fc7741d0197a4489b839fa463
1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56
251dcf6d1d09f96d3c48595d83c035ba2580192a82fdaf6e9e74d9a8b57f158e
2acabe7af8813c05542ce5ce3c0c61249e63c7d890a88890e1d6a4f6dc2783e2
2dd383c5239714ef03d7c008981db637b769e016c8ea943ba1a0dc5b8487942d
4481ddf8a93209e0d2da492224f3445ef940616f85d0b17ac83372db2cb080e8
50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
672ed964c28cd87d6396cc8fc306efae3f88823829f9aec3970df2a60cfe7667
6d5c75279c80c9829a98894b094dd97fe778341184894855358b55d7527756a4
6e1e9110e10d479af4d8c76ca8712249a858ae8a03b215ebe18d37f34950f985
6ebb99f44b593382de6cfbf5a66e1e4eb5f56c4061dcbb889c4e741bda853cb3
771258edf682e442c71c3f6e2e6efdb65fb985307663a5f4819818120a3cceec
78c30b418896961856ee26e09ac3990b9e790852ad1333a0d30e8ede9f771a6f
7c00201e3af3d0d4022425c32a6c0e8139dfa0343f3fbf1d7a8fc3f8b5734fba
7dfcff5744cef65e656024df24f3e7e3d36a7d4df3d6baf557deb40634605682
7f5c2165028f75b6373bc0680cc46b582beed0d6c258fb5236c5324c98250df8
97d8618499ee578a101e9abc040b6c01627649d2dae70907eb9b714b9361e4ca
ad6a82ffd7fc8f8c1f7af1c930c742bf93b19fd5da3584087ebd0672a23f3a38
d5382a54699a1e6984f8d16c12b2874c57d7da68e7dc4999a2423cbe1f56a419
dfcea52ba20178b53f04aa15dd3ac627061def92702459e3afdf5dc2910138a6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f739d2729f1fd478c855bef64b16d83ab8524e6068651ca4325e47ccca7aa1bc

flibusta.site Open in urlscan Pro 185.238.168.83 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

36 Requests

67 %HTTPS

0 %IPv6

16 Domains

16 Subdomains

13 IPs

4 Countries

904 kBTransfer

2609 kBSize

22 Cookies

2 Outgoing links

Page URL History

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

flibusta.site Open in urlscan Pro
185.238.168.83 Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

67 %
HTTPS

0 %
IPv6

16
Domains

16
Subdomains

13
IPs

4
Countries

904 kB
Transfer

2609 kB
Size

22
Cookies

36 HTTP transactions
1 data transactions