urlscan.io logo urlscan.io
SecurityTrails logo

freeu-vpn.ru Open in urlscan Pro
2a03:c980:5fb5:e518:95:181:229:24  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.freeu-vpn.ru/
Effective URL: http://freeu-vpn.ru/
Submission: On January 12 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 13 domains to perform 50 HTTP transactions. The main IP is 2a03:c980:5fb5:e518:95:181:229:24, located in Russian Federation and belongs to IHCRU Internet-Hosting Ltd, Moscow, Russia, RU. The main domain is freeu-vpn.ru.
This is the only time freeu-vpn.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    2a03:c980:5fb5:e518:95:181:229:24 (Russian Federation)

ASN203226 (IHCRU Internet-Hosting Ltd, Moscow, Russia, RU)
www.freeu-vpn.ru
freeu-vpn.ru
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
adservice.google.de
adservice.google.com
www.googletagservices.com
10    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
9    2a02:6b8::90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
an.yandex.ru
3    88.212.201.210 (Russian Federation)

ASN39134 (UNITEDNET, RU)
counter.yadro.ru
2    2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
1    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
partner.googleadservices.com
2    2a02:6b8:20::215 (Russian Federation)

ASN13238 (YANDEX, RU)
yastatic.net
4    2a02:6b8::184 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
avatars.mds.yandex.net
2    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
10 mc.yandex.ru 1 redirects freeu-vpn.ru
mc.yandex.ru
9 an.yandex.ru freeu-vpn.ru
an.yandex.ru
9 freeu-vpn.ru freeu-vpn.ru
5 pagead2.googlesyndication.com freeu-vpn.ru
pagead2.googlesyndication.com
4 avatars.mds.yandex.net
3 counter.yadro.ru 2 redirects freeu-vpn.ru
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 yastatic.net an.yandex.ru
yastatic.net
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 fonts.googleapis.com freeu-vpn.ru
1 www.freeu-vpn.ru 1 redirects
50 16

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2020-09-29 -
2021-03-11		 5 months crt.sh
counter.yadro.ru
Let's Encrypt Authority X3		 2020-10-29 -
2021-01-27		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
an.yandex.by
Yandex CA		 2020-10-01 -
2021-04-01		 6 months crt.sh
*.googleadservices.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.yastatic.net
Yandex CA		 2020-09-29 -
2021-03-30		 6 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh

This page contains 6 frames:

Primary Page: http://freeu-vpn.ru/
Frame ID: A142E5D831E390FB0B5637CF35305025
Requests: 46 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/gen_204?id=rmvasftr&type=false
Frame ID: A7F4737E6896EA6BB1EA677195B201C4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210107/r20190131/zrt_lookup.html
Frame ID: A02717DF02C0F74606AFC773477B07D4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4624560991582456&output=html&adk=1812271804&adf=3025194257&lmt=1610459116&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=http%3A%2F%2Ffreeu-vpn.ru%2F&ea=0&flash=0&pra=5&wgl=1&dt=1610459116348&bpp=14&bdt=148&idt=268&shv=r20210107&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5301041158121&frm=20&pv=2&ga_vid=1806116440.1610459117&ga_sid=1610459117&ga_hid=906278430&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068083%2C21068769&oid=3&pvsid=2206331610653356&pem=292&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=296
Frame ID: 7D5E0E71CA39054D5F1A688E99C32791
Requests: 1 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.69/1-1-0/render.html
Frame ID: B20DE19A51441B60B8A7BC8BF87BA5E3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: 8152004EF94797D0B62EFF13E4C21DFE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.freeu-vpn.ru/ HTTP 301
    http://freeu-vpn.ru/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i

Page Statistics

50
Requests

72 %
HTTPS

83 %
IPv6

13
Domains

16
Subdomains

13
IPs

3
Countries

661 kB
Transfer

2176 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.freeu-vpn.ru/ HTTP 301
    http://freeu-vpn.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • http://counter.yadro.ru/hit?t44.1;r;s1600*1200*24;uhttp%3A//freeu-vpn.ru/;0.5608062301846242 HTTP 302
  • https://counter.yadro.ru/hit?t44.1;r;s1600*1200*24;uhttp%3A//freeu-vpn.ru/;0.5608062301846242 HTTP 302
  • https://counter.yadro.ru/hit?q;t44.1;r;s1600*1200*24;uhttp%3A//freeu-vpn.ru/;0.5608062301846242
Request Chain 18
  • https://mc.yandex.ru/watch/65460268?wmode=7&page-url=http%3A%2F%2Ffreeu-vpn.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1610459115949%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210112144516%3Aet%3A1610459117%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1554707071681%3Arqn%3A1%3Arn%3A349072951%3Ahid%3A1030874626%3Ads%3A9%2C41%2C42%2C1%2C148%2C0%2C0%2C176%2C15%2C%2C%2C%2C427%3Afp%3A383%3Awn%3A34290%3Ahl%3A2%3Agdpr%3A14%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1610459117%3Au%3A1610459117218169716%3At%3AFreeU%20VPN%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%B4%D0%BB%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D1%8C%D1%8E%D1%82%D0%B5%D1%80%D0%B0 HTTP 302
  • https://mc.yandex.ru/watch/65460268/1?wmode=7&page-url=http%3A%2F%2Ffreeu-vpn.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1610459115949%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210112144516%3Aet%3A1610459117%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1554707071681%3Arqn%3A1%3Arn%3A349072951%3Ahid%3A1030874626%3Ads%3A9%2C41%2C42%2C1%2C148%2C0%2C0%2C176%2C15%2C%2C%2C%2C427%3Afp%3A383%3Awn%3A34290%3Ahl%3A2%3Agdpr%3A14%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1610459117%3Au%3A1610459117218169716%3At%3AFreeU%20VPN%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%B4%D0%BB%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D1%8C%D1%8E%D1%82%D0%B5%D1%80%D0%B0

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
freeu-vpn.ru/
Redirect Chain
  • https://www.freeu-vpn.ru/
  • http://freeu-vpn.ru/
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://freeu-vpn.ru/
Protocol
HTTP/1.1
Server
2a03:c980:5fb5:e518:95:181:229:24 , Russian Federation, ASN203226 (IHCRU Internet-Hosting Ltd, Moscow, Russia, RU),
Reverse DNS
Software
LiteSpeed / PHP/7.2.34
Resource Hash
b95b956d19610f0ce8022bbc7b6ef54c9eb63cf01549845511c1e2123349046d

Request headers

Host
freeu-vpn.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection
Keep-Alive
X-Powered-By
PHP/7.2.34
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Content-Encoding
gzip
Vary
Accept-Encoding
Date
Tue, 12 Jan 2021 13:45:16 GMT
Server
LiteSpeed

Redirect headers

content-type
text/html
content-length
706
date
Tue, 12 Jan 2021 13:45:16 GMT
server
LiteSpeed
location
http://freeu-vpn.ru/
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
main.css
freeu-vpn.ru/ 		2 KB
1019 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://freeu-vpn.ru/main.css
Requested by
Host: freeu-vpn.ru
URL: http://freeu-vpn.ru/
Protocol
HTTP/1.1
Server
2a03:c980:5fb5:e518:95:181:229:24 , Russian Federation, ASN203226 (IHCRU Internet-Hosting Ltd, Moscow, Russia, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
039cdb4b51945f142521effde58bc9d4db0d4133b8ee571964ba4d9337cafb16

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 12 Jan 2021 13:45:16 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Jul 2020 15:10:01 GMT
Server
LiteSpeed
Etag
"746-5f049049-44a262fbf729a7a3;gz"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
718
css
fonts.googleapis.com/ 		2 KB
652 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300
Requested by
Host: freeu-vpn.ru
URL: http://freeu-vpn.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a0a2d0ec76113bd8d1be2ae8c448e60b9524cf6e2ddcfeff13b8b4c9c20331e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 12 Jan 2021 11:47:35 GMT
server
ESF
date
Tue, 12 Jan 2021 13:45:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Jan 2021 13:45:16 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		134 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: freeu-vpn.ru
URL: http://freeu-vpn.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c908a287be5297337a4516cf899eca2023de83254ae4edbbcbc5a0fec68e4cfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 13:45:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
47588
x-xss-protection
0
server
cafe
etag
16364074688873936899
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 12 Jan 2021 13:45:16 GMT
one.png
freeu-vpn.ru/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://freeu-vpn.ru/images/one.png
Requested by
Host: freeu-vpn.ru
URL: http://freeu-vpn.ru/
Protocol
HTTP/1.1
Server
2a03:c980:5fb5:e518:95:181:229:24 , Russian Federation, ASN203226 (IHCRU Internet-Hosting Ltd, Moscow, Russia, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
439868bc829553932856c331e679addfe47509e4f45acb00265d29aec6ec5c4f

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 12 Jan 2021 13:45:16 GMT
Last-Modified
Tue, 07 Jul 2020 15:10:01 GMT
Server
LiteSpeed
Etag
"2fa2-5f049049-8df8f227aa9e63e0;;;"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
12194
two.png
freeu-vpn.ru/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://freeu-vpn.ru/images/two.png
Requested by
Host: freeu-vpn.ru
URL: http://freeu-vpn.ru/
Protocol
HTTP/1.1
Server
2a03:c980:5fb5:e518:95:181:229:24 , Russian Federation, ASN203226 (IHCRU Internet-Hosting Ltd, Moscow, Russia, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
b417cd69b04e809cc182b81deb7efd25d4e204e546269fa80dbc9321739b6ca8

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 12 Jan 2021 13:45:16 GMT
Last-Modified
Tue, 07 Jul 2020 15:10:01 GMT
Server
LiteSpeed
Etag
"246f-5f049049-35986df8e56eeac1;;;"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
9327
three.png
freeu-vpn.ru/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://freeu-vpn.ru/images/three.png
Requested by
Host: freeu-vpn.ru
URL: http://freeu-vpn.ru/
Protocol
HTTP/1.1
Server
2a03:c980:5fb5:e518:95:181:229:24 , Russian Federation, ASN203226 (IHCRU Internet-Hosting Ltd, Moscow, Russia, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
00bce1b28687e2a0c3ddcf2f2a5eb87fe44e38e191066a13231a358ed1e2aa8a

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 12 Jan 2021 13:45:16 GMT
Last-Modified
Tue, 07 Jul 2020 15:10:01 GMT
Server
LiteSpeed
Etag
"2651-5f049049-c66f9f2cbf6953e6;;;"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
9809
jquery.min.js
freeu-vpn.ru/js/rek_fixed/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://freeu-vpn.ru/js/rek_fixed/jquery.min.js
Requested by
Host: freeu-vpn.ru
URL: http://freeu-vpn.ru/
Protocol
HTTP/1.1
Server
2a03:c980:5fb5:e518:95:181:229:24 , Russian Federation, ASN203226 (IHCRU Internet-Hosting Ltd, Moscow, Russia, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 12 Jan 2021 13:45:16 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Apr 2019 06:57:44 GMT
Server
LiteSpeed
Etag
"1762a-5ca5aae8-15600d0b481f0acb;gz"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
33351
rek_fixed.js
freeu-vpn.ru/js/rek_fixed/ 		903 B
782 B 		Script
General
Check archive.org
Download Go to
Full URL
http://freeu-vpn.ru/js/rek_fixed/rek_fixed.js
Requested by
Host: freeu-vpn.ru
URL: http://freeu-vpn.ru/
Protocol
HTTP/1.1
Server
2a03:c980:5fb5:e518:95:181:229:24 , Russian Federation, ASN203226 (IHCRU Internet-Hosting Ltd, Moscow, Russia, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
ed3e99d063eb384623fab30a413716f865aa6735b7478ae428fe7ac0c8f2e9f8

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 12 Jan 2021 13:45:16 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Sep 2017 14:12:31 GMT
Server
LiteSpeed
Etag
"387-59b699cf-f20563c672451cbb;gz"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
467
rek_fixed.css
freeu-vpn.ru/js/rek_fixed/ 		546 B
666 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://freeu-vpn.ru/js/rek_fixed/rek_fixed.css
Requested by
Host: freeu-vpn.ru
URL: http://freeu-vpn.ru/
Protocol
HTTP/1.1
Server
2a03:c980:5fb5:e518:95:181:229:24 , Russian Federation, ASN203226 (IHCRU Internet-Hosting Ltd, Moscow, Russia, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
ca212bcaddd7a7d3b5a84729ae4ce9522ea5bf337e63bcad764c9abd9c7cf0e2

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 12 Jan 2021 13:45:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 May 2018 13:41:02 GMT
Server
LiteSpeed
Etag
"222-5afed7ee-8646d19e13d6c1bf;gz"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
365
tag.js
mc.yandex.ru/metrika/ 		369 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: freeu-vpn.ru
URL: http://freeu-vpn.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
92a8c052c24889d39ddee3617dad8f31b6f036451afefdad1334b0fcd4694794
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 13:45:16 GMT
content-encoding
br
last-modified
Wed, 30 Dec 2020 19:28:34 GMT
etag
"5fd23012-17727"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
96039
expires
Tue, 12 Jan 2021 14:45:16 GMT
context.js
an.yandex.ru/system/ 		131 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://an.yandex.ru/system/context.js
Requested by
Host: freeu-vpn.ru
URL: http://freeu-vpn.ru/
Protocol
HTTP/1.1
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
902c4ccbb658e374153d5a5a19383086ec94a9f62e124ad15d2fae448f102f12

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Tue, 12 Jan 2021 13:45:16 GMT
Content-Encoding
gzip
Server
nginx/1.12.2
ETag
2579181295
X-Yandex-Req-Id
1610459116317723-668148536602091083900103-production-app-host-vla-pcode-11
Transfer-Encoding
chunked
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, noarchive, nofollow
Expires
Tue, 12 Jan 2021 14:45:16 GMT
hit
counter.yadro.ru/
Redirect Chain
  • http://counter.yadro.ru/hit?t44.1;r;s1600*1200*24;uhttp%3A//freeu-vpn.ru/;0.5608062301846242
  • https://counter.yadro.ru/hit?t44.1;r;s1600*1200*24;uhttp%3A//freeu-vpn.ru/;0.5608062301846242
  • https://counter.yadro.ru/hit?q;t44.1;r;s1600*1200*24;uhttp%3A//freeu-vpn.ru/;0.5608062301846242
140 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t44.1;r;s1600*1200*24;uhttp%3A//freeu-vpn.ru/;0.5608062301846242
Requested by
Host: freeu-vpn.ru
URL: http://freeu-vpn.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
a92f2b3edb0d9f5e017eaf110749e21ce9aea2121cc492145837afd222a8416e
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Jan 2021 13:45:16 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
140
Expires
Sun, 12 Jan 2020 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 12 Jan 2021 13:45:16 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;t44.1;r;s1600*1200*24;uhttp%3A//freeu-vpn.ru/;0.5608062301846242
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Sun, 12 Jan 2020 21:00:00 GMT
logo.png
freeu-vpn.ru/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://freeu-vpn.ru/images/logo.png
Requested by
Host: freeu-vpn.ru
URL: http://freeu-vpn.ru/main.css
Protocol
HTTP/1.1
Server
2a03:c980:5fb5:e518:95:181:229:24 , Russian Federation, ASN203226 (IHCRU Internet-Hosting Ltd, Moscow, Russia, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
095a5b41688fbbe3e05aeb032b64356b0468fd68d45c6fa27a1c511774043993

Request headers

Referer
http://freeu-vpn.ru/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 12 Jan 2021 13:45:16 GMT
Last-Modified
Tue, 07 Jul 2020 15:10:01 GMT
Server
LiteSpeed
Etag
"8e2-5f049049-be280ceaa5f491ff;;;"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2274
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://freeu-vpn.ru
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 06 Jan 2021 12:48:41 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:16 GMT
server
sffe
age
521795
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9016
x-xss-protection
0
expires
Thu, 06 Jan 2022 12:48:41 GMT
mem5YaGs126MiZpBA-UN_r8OVuhpKKSTj5PW.woff2
fonts.gstatic.com/s/opensans/v18/ 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OVuhpKKSTj5PW.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67eb785a2a8ba50388be15f88d34507786441641ac3ff36dbbef6c1f08981626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://freeu-vpn.ru
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 09 Jan 2021 18:46:22 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:19 GMT
server
sffe
age
241134
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5552
x-xss-protection
0
expires
Sun, 09 Jan 2022 18:46:22 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A7F4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=rmvasftr&type=false
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/gen_204?id=rmvasftr&type=false
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://freeu-vpn.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://freeu-vpn.ru/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 12 Jan 2021 13:45:16 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
image/gif
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210107/r20190131/ 		226 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210107/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b9cdc6393e9b4c9a23e7d7c94ae3b58562509dda50b4345793ad7c7e7aaa9212
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 13:45:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
86362
x-xss-protection
0
server
cafe
etag
10863011108655135941
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Jan 2021 13:45:16 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210107/r20190131/ Frame A027 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210107/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210107/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://freeu-vpn.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://freeu-vpn.ru/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 12 Jan 2021 03:56:58 GMT
expires
Tue, 26 Jan 2021 03:56:58 GMT
content-type
text/html; charset=UTF-8
etag
10807049716293534881
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4578
x-xss-protection
0
age
35298
cache-control
public, max-age=1209600
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
1
mc.yandex.ru/watch/65460268/
Redirect Chain
  • https://mc.yandex.ru/watch/65460268?wmode=7&page-url=http%3A%2F%2Ffreeu-vpn.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1610459115949%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%...
  • https://mc.yandex.ru/watch/65460268/1?wmode=7&page-url=http%3A%2F%2Ffreeu-vpn.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1610459115949%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A21661362610...
186 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/65460268/1?wmode=7&page-url=http%3A%2F%2Ffreeu-vpn.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1610459115949%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210112144516%3Aet%3A1610459117%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1554707071681%3Arqn%3A1%3Arn%3A349072951%3Ahid%3A1030874626%3Ads%3A9%2C41%2C42%2C1%2C148%2C0%2C0%2C176%2C15%2C%2C%2C%2C427%3Afp%3A383%3Awn%3A34290%3Ahl%3A2%3Agdpr%3A14%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1610459117%3Au%3A1610459117218169716%3At%3AFreeU%20VPN%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%B4%D0%BB%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D1%8C%D1%8E%D1%82%D0%B5%D1%80%D0%B0
Requested by
Host: freeu-vpn.ru
URL: http://freeu-vpn.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
06e8469bc8fc6ffcc83fe9174067ac79f350646b1f2ad86a7d729b2dc9a3ef9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jan 2021 13:45:16 GMT
x-content-type-options
nosniff
last-modified
Tue, 12-Jan-2021 13:45:16 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
http://freeu-vpn.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
186
x-xss-protection
1; mode=block
expires
Tue, 12-Jan-2021 13:45:16 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Jan 2021 13:45:16 GMT
last-modified
Tue, 12-Jan-2021 13:45:16 GMT
location
/watch/65460268/1?wmode=7&page-url=http%3A%2F%2Ffreeu-vpn.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1610459115949%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210112144516%3Aet%3A1610459117%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1554707071681%3Arqn%3A1%3Arn%3A349072951%3Ahid%3A1030874626%3Ads%3A9%2C41%2C42%2C1%2C148%2C0%2C0%2C176%2C15%2C%2C%2C%2C427%3Afp%3A383%3Awn%3A34290%3Ahl%3A2%3Agdpr%3A14%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1610459117%3Au%3A1610459117218169716%3At%3AFreeU%20VPN%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%B4%D0%BB%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D1%8C%D1%8E%D1%82%D0%B5%D1%80%D0%B0
strict-transport-security
max-age=31536000
access-control-allow-origin
http://freeu-vpn.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
x-xss-protection
1; mode=block
expires
Tue, 12-Jan-2021 13:45:16 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: freeu-vpn.ru
URL: http://freeu-vpn.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 13:45:16 GMT
last-modified
Wed, 30 Dec 2020 19:28:30 GMT
etag
"5feccf70-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Tue, 12 Jan 2021 14:45:16 GMT
647337
an.yandex.ru/meta/ 		78 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/meta/647337?grab=dEZyZWVVIFZQTiDRgdC60LDRh9Cw0YLRjCDQsdC10YHQv9C70LDRgtC90L4g0LTQu9GPINC60L7QvNC_0YzRjtGC0LXRgNCwCjFGcmVlVSBWUE4g0YHQutCw0YfQsNGC0Ywg0LHQtdGB0L_Qu9Cw0YLQvdC-IAoy0LHQtdGB0L_Qu9Cw0YLQvdGL0LkgVlBOLdC60LvQuNC10L3RgiDQtNC70Y8g0L7QsdGF0L7QtNCwINCx0LvQvtC60LjRgNC-0LLQvtC6INCS0LrQvtC90YLQsNC60YLQtSwg0J7QtNC90L7QutC70LDRgdGB0L3QuNC6LCBNYWlsLnJ1IAo%3D&target-ref=http%3A%2F%2Ffreeu-vpn.ru%2F&charset=utf-8&duid=MTYxMDQ1OTExNzIxODE2OTcxNg%3D%3D&imp-id=1&enable-flat-highlight=1&test-tag=111050674405378&ad-session-id=575891610459116572&target-id=59110552&tga-with-creatives=1&pcode-test-ids=310448%2C0%2C15%3B310460%2C0%2C23%3B315635%2C0%2C39%3B310656%2C0%2C25%3B312576%2C0%2C64&pcode-flags=%7B%22RMP_MOTION%22%3A%22ctl%22%2C%22RMP_ADAPTIVE%22%3A%22ctl%22%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22motion%22%2C%22zen%22%2C%22300x300%22%2C%22320x100%22%2C%22300x250%22%2C%22336x280%22%2C%22250x250%22%2C%221000x120%22%2C%22240x400%22%2C%22300x600%22%2C%22970x90%22%2C%22160x600%22%2C%22970x250%22%2C%22720x90%22%2C%22300x500%22%2C%22adaptive0418%22%5D%2C%22DEFAULT_BLACKLIST_PAGES%22%3A%5B%22419507%22%2C%22419506%22%2C%22106253%22%2C%22188382%22%2C%22189903%22%2C%2249688%22%2C%22288427%22%2C%22623051%22%5D%2C%22SKIP_TOKEN_SLIDER%22%3A%22ctl%22%2C%22SLIDER_ARROWS_EXP%22%3A%22ctl%22%7D&server-side-rendering-enabled-formats=posterVertical%0AposterHorizontal%0Amotion%0Azen%0A300x300%0A320x100%0A300x250%0A336x280%0A250x250%0A1000x120%0A240x400%0A300x600%0A970x90%0A160x600%0A970x250%0A720x90%0A300x500%0Aadaptive0418&pcode-version=13514&flash-ver=0&pcode-icookie=7237586641610459116&available-width=800&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A800%2C%22h%22%3A0%2C%22width%22%3A800%2C%22height%22%3A0%2C%22left%22%3A400%2C%22top%22%3A399%2C%22visible%22%3A1%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&callback=Ya%5B8583695080477%5D
Requested by
Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
36244e98fa55f0ada504425b7b212615549b59dab7445f6194243a617dfc8142
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 12 Jan 2021 13:45:16 GMT
content-encoding
gzip
last-modified
Tue, 12 Jan 2021 13:45:16 GMT
server
nginx/1.12.2
timing-allow-origin
*
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
http://freeu-vpn.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/x-javascript; charset=utf-8
x-xss-protection
1; mode=block
expires
Tue, 12 Jan 2021 13:45:16 GMT
e674e8fa960a81366e41.js
an.yandex.ru/partner-code-bundles/13514/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/partner-code-bundles/13514/e674e8fa960a81366e41.js
Requested by
Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
a99acbeda3217b72c789ce461021954cf3a1a0198b25c7a27366d69d8aa46116
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;, max-age=31536000

Request headers

Origin
http://freeu-vpn.ru
Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 13:45:16 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4196
last-modified
Mon, 11 Jan 2021 16:26:01 GMT
server
nginx/1.12.2
etag
"a1e07a8ec3e4b434e07457122aa2a99e"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;, max-age=31536000
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Jan 2051 14:57:12 GMT
ac2ef36d69ccd6b5809c.js
an.yandex.ru/partner-code-bundles/13514/ 		390 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/partner-code-bundles/13514/ac2ef36d69ccd6b5809c.js
Requested by
Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
fd1427a63478ddbe6b00104c2e13827b0c11a0493c2b356deb4368837677f129
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;, max-age=31536000

Request headers

Origin
http://freeu-vpn.ru
Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 13:45:16 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
85539
last-modified
Mon, 11 Jan 2021 16:26:00 GMT
server
nginx/1.12.2
etag
"2ba70cd2e51bc58b98ebc5000642ccd1"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;, max-age=31536000
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Jan 2051 14:57:12 GMT
f09f9174fddf3856a4f8.js
an.yandex.ru/partner-code-bundles/13514/ 		494 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/partner-code-bundles/13514/f09f9174fddf3856a4f8.js
Requested by
Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
26665583f45ba71b6928a1e112b4dfe0125cc69f38f4b7715867db69ab3d64ce
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;, max-age=31536000

Request headers

Origin
http://freeu-vpn.ru
Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 13:45:16 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
79156
last-modified
Mon, 11 Jan 2021 16:26:01 GMT
server
nginx/1.12.2
etag
"d34be790c45be5b76877758896473d97"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;, max-age=31536000
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Jan 2051 14:57:12 GMT
cookie.js
partner.googleadservices.com/gampad/ 		202 B
638 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=freeu-vpn.ru&callback=_gfp_s_&client=ca-pub-4624560991582456
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210107/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
2ec8f788991859c4b99f62ebc120fa472039437e9c58e371f60af9eb4a08e0f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 13:45:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
190
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		109 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=freeu-vpn.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210107/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Jan 2021 13:45:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=freeu-vpn.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210107/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Jan 2021 13:45:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7D5E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4624560991582456&output=html&adk=1812271804&adf=3025194257&lmt=1610459116&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=http%3A%2F%2Ffreeu-vpn.ru%2F&ea=0&flash=0&pra=5&wgl=1&dt=1610459116348&bpp=14&bdt=148&idt=268&shv=r20210107&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5301041158121&frm=20&pv=2&ga_vid=1806116440.1610459117&ga_sid=1610459117&ga_hid=906278430&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068083%2C21068769&oid=3&pvsid=2206331610653356&pem=292&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=296
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210107/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4624560991582456&output=html&adk=1812271804&adf=3025194257&lmt=1610459116&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=http%3A%2F%2Ffreeu-vpn.ru%2F&ea=0&flash=0&pra=5&wgl=1&dt=1610459116348&bpp=14&bdt=148&idt=268&shv=r20210107&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5301041158121&frm=20&pv=2&ga_vid=1806116440.1610459117&ga_sid=1610459117&ga_hid=906278430&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068083%2C21068769&oid=3&pvsid=2206331610653356&pem=292&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=296
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://freeu-vpn.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://freeu-vpn.ru/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 12 Jan 2021 13:45:16 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 12-Jan-2021 14:00:16 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210107/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a2c24123bf9e2d278064a1c1596653f626b24deeda2c4422de8882840f82e83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 13:45:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1609936916402840"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28340
x-xss-protection
0
expires
Tue, 12 Jan 2021 13:45:16 GMT
1
mc.yandex.ru/watch/65460268/ 		43 B
73 B 		Other
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/65460268/1?page-url=http%3A%2F%2Ffreeu-vpn.ru%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1610459115949%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Az%3A60%3Ai%3A20210112144516%3Aet%3A1610459117%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Apa%3A1%3Als%3A1554707071681%3Arqn%3A2%3Arn%3A680994167%3Ahid%3A1030874626%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1610459117%3Au%3A1610459117218169716
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 12 Jan 2021 13:45:16 GMT
last-modified
Tue, 12-Jan-2021 13:45:16 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
http://freeu-vpn.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 12-Jan-2021 13:45:16 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210107&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210107/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f5ba1a998b5287aa504136f1de763862f97765bf5603f4becd3686f07c57644a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Jan 2021 13:45:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6579
x-xss-protection
0
host.js
yastatic.net/safeframe-bundles/0.69/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.69/host.js
Requested by
Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
9fa8c2bb49f0e9e391d87f70459663c0e3898f32d4506c81239151b9c0b870d6
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Origin
http://freeu-vpn.ru
Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 13:45:16 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8104
last-modified
Tue, 20 Aug 2019 11:55:41 GMT
server
nginx/1.17.9
etag
"901e860c36afb614c88b40352db2214f"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Jan 2051 20:21:00 GMT
truncated
/ 		333 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f1e572871055c1d0e152936f664d5fb075f505b99b412a4776f65a7abe80b505

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
647337
mc.yandex.ru/watch/ 		35 B
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/647337?wmode=7&cnt-class=1&nohit=1&page-url=http%3A%2F%2Ffreeu-vpn.ru%2F&charset=utf-8&browser-info=ti%3A10%3Adp%3A1%3Ans%3A1610459115949%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A2%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210112144516%3Aet%3A1610459117%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aad%3A1%3Apv%3A1%3Als%3A1469238617381%3Arn%3A5218584%3Ahid%3A1030874626%3Agdpr%3A14%3Aeu%3A1%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1610459117%3Au%3A1610459117218169716%3At%3AFreeU%20VPN%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%B4%D0%BB%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D1%8C%D1%8E%D1%82%D0%B5%D1%80%D0%B0
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 12 Jan 2021 13:45:17 GMT
x-content-type-options
nosniff
last-modified
Tue, 12-Jan-2021 13:45:17 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
http://freeu-vpn.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
35
x-xss-protection
1; mode=block
expires
Tue, 12-Jan-2021 13:45:17 GMT
1
mc.yandex.ru/watch/647337/ 		43 B
73 B 		Other
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/647337/1?cnt-class=1&page-url=http%3A%2F%2Ffreeu-vpn.ru%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1610459115949%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A2%3Az%3A60%3Ai%3A20210112144517%3Aet%3A1610459117%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Apa%3A1%3Als%3A1469238617381%3Arqn%3A1%3Arn%3A825342977%3Ahid%3A1030874626%3Ads%3A9%2C41%2C42%2C1%2C148%2C0%2C0%2C176%2C15%2C932%2C932%2C9%2C427%3Afp%3A383%3Agdpr%3A14%3Aeu%3A1%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1610459117%3Au%3A1610459117218169716
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 12 Jan 2021 13:45:17 GMT
last-modified
Tue, 12-Jan-2021 13:45:17 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
http://freeu-vpn.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 12-Jan-2021 13:45:17 GMT
647337
mc.yandex.ru/watch/ 		43 B
73 B 		Other
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/647337?cnt-class=1&page-url=http%3A%2F%2Ffreeu-vpn.ru%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1610459115949%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A2%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210112144517%3Aet%3A1610459117%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Apv%3A1%3Als%3A1469238617381%3Arqn%3A2%3Arn%3A22600023%3Ahid%3A1030874626%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1610459117%3Au%3A1610459117218169716%3At%3AFreeU%20VPN%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%B4%D0%BB%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D1%8C%D1%8E%D1%82%D0%B5%D1%80%D0%B0
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 12 Jan 2021 13:45:17 GMT
last-modified
Tue, 12-Jan-2021 13:45:17 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
http://freeu-vpn.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 12-Jan-2021 13:45:17 GMT
647337
an.yandex.ru/meta/ 		142 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/meta/647337?grab=dEZyZWVVIFZQTiDRgdC60LDRh9Cw0YLRjCDQsdC10YHQv9C70LDRgtC90L4g0LTQu9GPINC60L7QvNC_0YzRjtGC0LXRgNCwCjFGcmVlVSBWUE4g0YHQutCw0YfQsNGC0Ywg0LHQtdGB0L_Qu9Cw0YLQvdC-IAoy0LHQtdGB0L_Qu9Cw0YLQvdGL0LkgVlBOLdC60LvQuNC10L3RgiDQtNC70Y8g0L7QsdGF0L7QtNCwINCx0LvQvtC60LjRgNC-0LLQvtC6INCS0LrQvtC90YLQsNC60YLQtSwg0J7QtNC90L7QutC70LDRgdGB0L3QuNC6LCBNYWlsLnJ1IAo%3D&target-ref=http%3A%2F%2Ffreeu-vpn.ru%2F&charset=utf-8&duid=MTYxMDQ1OTExNzIxODE2OTcxNg%3D%3D&imp-id=2&enable-flat-highlight=1&test-tag=111050674405378&ad-session-id=575891610459116572&target-id=56792689&tga-with-creatives=1&pcode-test-ids=310448%2C0%2C15%3B310460%2C0%2C23%3B315635%2C0%2C39%3B310656%2C0%2C25%3B312576%2C0%2C64&pcode-flags=%7B%22RMP_MOTION%22%3A%22ctl%22%2C%22RMP_ADAPTIVE%22%3A%22ctl%22%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22motion%22%2C%22zen%22%2C%22300x300%22%2C%22320x100%22%2C%22300x250%22%2C%22336x280%22%2C%22250x250%22%2C%221000x120%22%2C%22240x400%22%2C%22300x600%22%2C%22970x90%22%2C%22160x600%22%2C%22970x250%22%2C%22720x90%22%2C%22300x500%22%2C%22adaptive0418%22%5D%2C%22DEFAULT_BLACKLIST_PAGES%22%3A%5B%22419507%22%2C%22419506%22%2C%22106253%22%2C%22188382%22%2C%22189903%22%2C%2249688%22%2C%22288427%22%2C%22623051%22%5D%2C%22SKIP_TOKEN_SLIDER%22%3A%22ctl%22%2C%22SLIDER_ARROWS_EXP%22%3A%22ctl%22%7D&server-side-rendering-enabled-formats=posterVertical%0AposterHorizontal%0Amotion%0Azen%0A300x300%0A320x100%0A300x250%0A336x280%0A250x250%0A1000x120%0A240x400%0A300x600%0A970x90%0A160x600%0A970x250%0A720x90%0A300x500%0Aadaptive0418&pcode-version=13514&flash-ver=0&pcode-icookie=7237586641610459116&available-width=800&skip-token=yabs.NzIwNTc2MDM4ODE5ODYzNTIKNzIwNTc2MDM4NDU4NjI5MjQKNzIwNTc2MDQxNjk5NzM4NjYKNDQ5MDY3NTkxMw%3D%3D&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A800%2C%22h%22%3A0%2C%22width%22%3A800%2C%22height%22%3A0%2C%22left%22%3A400%2C%22top%22%3A1533%2C%22visible%22%3A0%2C%22ad_no%22%3A4%2C%22req_no%22%3A1%7D&callback=Ya%5B8728148318077%5D
Requested by
Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
e1666ef813c23b38e6e8cfe8711e32558963d7b89422dc12e2f75e1e97814bd5
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 12 Jan 2021 13:45:17 GMT
content-encoding
gzip
last-modified
Tue, 12 Jan 2021 13:45:17 GMT
server
nginx/1.12.2
timing-allow-origin
*
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
http://freeu-vpn.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
x-xss-protection
1; mode=block
expires
Tue, 12 Jan 2021 13:45:17 GMT
y300
avatars.mds.yandex.net/get-direct/1520687/Yq5m0FCKwBySKwVEKtfSNQ/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://avatars.mds.yandex.net/get-direct/1520687/Yq5m0FCKwBySKwVEKtfSNQ/y300
Protocol
HTTP/1.1
Server
2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
09cd78d927dcb725c0a40c0fa03a201c211c37b4ff700de66088a0d75da44cfb

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 12 Jan 2021 13:45:17 GMT
Last-Modified
Wed, 16 Sep 2020 06:07:29 GMT
Server
nginx
NEL
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
Report-To
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800,immutable
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Keep-Alive
timeout=60
Content-Length
9570
X-Request-Id
1ddda07f3695429
wy300
avatars.mds.yandex.net/get-direct/2799451/2iCtFogLRdC0RY-guJWQ9A/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://avatars.mds.yandex.net/get-direct/2799451/2iCtFogLRdC0RY-guJWQ9A/wy300
Protocol
HTTP/1.1
Server
2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
217d4a7d123332adefa351d8fe1fee7f4853a80be96b69612048e81380db2d7b

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 12 Jan 2021 13:45:17 GMT
Last-Modified
Wed, 28 Oct 2020 08:24:12 GMT
Server
nginx
NEL
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
Report-To
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800,immutable
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Keep-Alive
timeout=60
Content-Length
22820
X-Request-Id
f558c67bab4d58d7
y300
avatars.mds.yandex.net/get-direct/1619752/ciRuYjUUBN2WVn3cHWpaqw/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://avatars.mds.yandex.net/get-direct/1619752/ciRuYjUUBN2WVn3cHWpaqw/y300
Protocol
HTTP/1.1
Server
2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
06046e849bb28f51e26644f9d3f69ab569412bc1f1285bff43d4fee22fcdf5ea

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 12 Jan 2021 13:45:17 GMT
Last-Modified
Mon, 11 Jan 2021 21:22:17 GMT
Server
nginx
NEL
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
Report-To
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800,immutable
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Keep-Alive
timeout=60
Content-Length
22054
X-Request-Id
954bffe0c7b5100e
y300
avatars.mds.yandex.net/get-direct/196523/nrh9eFD_Eh-cBl_rJDb54Q/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://avatars.mds.yandex.net/get-direct/196523/nrh9eFD_Eh-cBl_rJDb54Q/y300
Protocol
HTTP/1.1
Server
2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
5ba75b02572716c12bb8c88a3f12a5d3da128620dd90abbd37e8b87f4d15b184

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 12 Jan 2021 13:45:17 GMT
Last-Modified
Sun, 03 Dec 2017 23:43:26 GMT
Server
nginx
NEL
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
Report-To
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800,immutable
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Keep-Alive
timeout=60
Content-Length
5676
X-Request-Id
bdf1ec66530e847e
sodar2.js
tpc.googlesyndication.com/sodar/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210107/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 13:45:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1607463675096825"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6146
x-xss-protection
0
expires
Tue, 12 Jan 2021 13:45:17 GMT
render.html
yastatic.net/safeframe-bundles/0.69/1-1-0/ Frame B20D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.69/1-1-0/render.html
Requested by
Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.69/host.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

:method
GET
:authority
yastatic.net
:scheme
https
:path
/safeframe-bundles/0.69/1-1-0/render.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://freeu-vpn.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://freeu-vpn.ru/

Response headers

server
nginx/1.17.9
date
Tue, 12 Jan 2021 13:45:17 GMT
content-type
text/html
content-length
6026
access-control-allow-origin
*
cache-control
public, max-age=946708560
content-encoding
br
etag
"f883bd7781c332870c9968db60e89349"
expires
Thu, 12 Jan 2051 20:21:02 GMT
last-modified
Tue, 20 Aug 2019 11:55:41 GMT
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
vary
Accept-Encoding
x-robots-tag
noindex, noarchive, nofollow
accept-ranges
bytes
runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame 8152 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/220/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://freeu-vpn.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://freeu-vpn.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4868
date
Tue, 12 Jan 2021 12:40:10 GMT
expires
Wed, 12 Jan 2022 12:40:10 GMT
last-modified
Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3907
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
647337
an.yandex.ru/meta/ 		142 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/meta/647337?grab=dEZyZWVVIFZQTiDRgdC60LDRh9Cw0YLRjCDQsdC10YHQv9C70LDRgtC90L4g0LTQu9GPINC60L7QvNC_0YzRjtGC0LXRgNCwCjFGcmVlVSBWUE4g0YHQutCw0YfQsNGC0Ywg0LHQtdGB0L_Qu9Cw0YLQvdC-IAoy0LHQtdGB0L_Qu9Cw0YLQvdGL0LkgVlBOLdC60LvQuNC10L3RgiDQtNC70Y8g0L7QsdGF0L7QtNCwINCx0LvQvtC60LjRgNC-0LLQvtC6INCS0LrQvtC90YLQsNC60YLQtSwg0J7QtNC90L7QutC70LDRgdGB0L3QuNC6LCBNYWlsLnJ1IAo%3D&target-ref=http%3A%2F%2Ffreeu-vpn.ru%2F&charset=utf-8&duid=MTYxMDQ1OTExNzIxODE2OTcxNg%3D%3D&imp-id=3&enable-flat-highlight=1&test-tag=111050674405378&ad-session-id=575891610459116572&target-id=61888212&tga-with-creatives=1&pcode-test-ids=310448%2C0%2C15%3B310460%2C0%2C23%3B315635%2C0%2C39%3B310656%2C0%2C25%3B312576%2C0%2C64&pcode-flags=%7B%22RMP_MOTION%22%3A%22ctl%22%2C%22RMP_ADAPTIVE%22%3A%22ctl%22%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22motion%22%2C%22zen%22%2C%22300x300%22%2C%22320x100%22%2C%22300x250%22%2C%22336x280%22%2C%22250x250%22%2C%221000x120%22%2C%22240x400%22%2C%22300x600%22%2C%22970x90%22%2C%22160x600%22%2C%22970x250%22%2C%22720x90%22%2C%22300x500%22%2C%22adaptive0418%22%5D%2C%22DEFAULT_BLACKLIST_PAGES%22%3A%5B%22419507%22%2C%22419506%22%2C%22106253%22%2C%22188382%22%2C%22189903%22%2C%2249688%22%2C%22288427%22%2C%22623051%22%5D%2C%22SKIP_TOKEN_SLIDER%22%3A%22ctl%22%2C%22SLIDER_ARROWS_EXP%22%3A%22ctl%22%7D&server-side-rendering-enabled-formats=posterVertical%0AposterHorizontal%0Amotion%0Azen%0A300x300%0A320x100%0A300x250%0A336x280%0A250x250%0A1000x120%0A240x400%0A300x600%0A970x90%0A160x600%0A970x250%0A720x90%0A300x500%0Aadaptive0418&pcode-version=13514&flash-ver=0&pcode-icookie=7237586641610459116&available-width=250&skip-token=yabs.NzIwNTc2MDM4ODE5ODYzNTIKNzIwNTc2MDM4NDU4NjI5MjQKNzIwNTc2MDQxNjk5NzM4NjYKNDQ5MDY3NTkxMw%3D%3D&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A250%2C%22h%22%3A0%2C%22width%22%3A250%2C%22height%22%3A0%2C%22left%22%3A0%2C%22top%22%3A1200%2C%22visible%22%3A1%2C%22ad_no%22%3A4%2C%22req_no%22%3A2%7D&callback=Ya%5B6383003312643%5D
Requested by
Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
bbdf4eb205293eef9b188f917c16cd3c15e4fe97d672286074d8622539751604
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 12 Jan 2021 13:45:17 GMT
content-encoding
gzip
last-modified
Tue, 12 Jan 2021 13:45:17 GMT
server
nginx/1.12.2
timing-allow-origin
*
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
http://freeu-vpn.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
x-xss-protection
1; mode=block
expires
Tue, 12 Jan 2021 13:45:17 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gda_r20210107&jk=2206331610653356&bg=!2tml2fnNAAXKjztByljRKWBdZIZnRwIAAABwUgAAAA1oAQcKAQqcUjCu-xxffqVTM5ba4jJtM94jt0RwefJIpq-xEH5eSnaAXX0MFcf0q132P51912lc4lYHTUOzmMCaHFzZETXnfM_rrz6MJKuHRrWdbtRsMgmUBJxf_VK8LQAo8pN4W_dQ8RETqQkiJd1wmV7GlVwXTIB1DHMmmQPVunXjRHXP7YYlzpUznmxC0aglugsKO15ojcpJrZ0ZTu6AquMOkPx89IjigCxjrSB-NLcjtYnlN4rIJQIFEFtktcPi4cSdhDDqL89iUUhIg77cy-SOql3cBPoDjr5mZ0Rslid6eqN872euVSQHc_cAZX3HtXZ_E8jJKmV-a4z36S-Nat691ympMNTKzGQu67kKc5kBtHNrh_irZc6YVpBnblci23748zyP1vMC0MFViovVXywCHMrAC5aUN6YK7Kn8x62YnBFFDDu42Wu3I43Tn7OyJ77JNWcEBKo6hmK_X1Z2u6FD_DZi-D9NNmSIvjlcPYSyR75QmQALpCfN0M6ZlcGTCRR9e8TVyiYaCwYNqbaEGQjEaUc_0_2w7mrWxqDwUGoGWFMqzX-tMx65JPmPPpDRgKN66f-FQMj04WMgAnJXzgx6UXD2bAHtSA62eY4u7NhDCKixnFp0edk6eN4ek49czrO-U169csYzIsnRSVg7QqqM7oZ3p18xiCzp4LaFsQjBuMj8FggMvo-3WFjH3PlC6RhCYmUJM5h-3DUrtiPIJZw2CnjmEDMffwgI8eb_d-QtDbi_oVrHfeRJSdIU0PvXlyddulGqaf2eXTqJKIzhRTB7wBpFly9pG-2bj80bo-iZmAVX6pm6_rRjbPFshofkL6d4R4QrnUAEuZOudtUysPGTexsWNTYXU9H_p1aWgi_1fQwYBuvbA12kk60m_TMHVTUxZu3Dm06Fuh7EKbXjCl38UK_Vo6993wBrY3dAzL0RXBfU_Qs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jan 2021 13:45:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
65460268
mc.yandex.ru/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/65460268?wmode=0&rn=554963101&page-url=http%3A%2F%2Ffreeu-vpn.ru%2F&wv-type=3&wv-hit=1030874626&wv-part=1&browser-info=ti%3A8%3Aet%3A1610459117%3Aw%3A1600x1200%3Av%3A1988%3Az%3A60%3Ai%3A20210112144516%3Abt%3A1%3Ast%3A1610459119%3Au%3A1610459117218169716
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Jan 2021 13:45:18 GMT
last-modified
Tue, 12-Jan-2021 13:45:18 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
http://freeu-vpn.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 12-Jan-2021 13:45:18 GMT
65460268
mc.yandex.ru/webvisor/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/65460268?wmode=0&rn=507777261&page-url=http%3A%2F%2Ffreeu-vpn.ru%2F&wv-type=3&wv-hit=1030874626&wv-part=1&browser-info=ti%3A8%3Aet%3A1610459117%3Aw%3A1600x1200%3Av%3A1988%3Az%3A60%3Ai%3A20210112144516%3Ast%3A1610459119%3Au%3A1610459117218169716
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Jan 2021 13:45:18 GMT
last-modified
Tue, 12-Jan-2021 13:45:18 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
http://freeu-vpn.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 12-Jan-2021 13:45:18 GMT
1GvcXPWt0N8100000000U9nJV7FVJ76FRfAXuVbb1tuTJrhrr_BDyh_n343W2HC9LJD-nXoxyW4dGoeZK3pp_B88iHD0yL8GhpO1IBGoWiYfGBu2mqp6B1i6C5Z8E4CSmbh9MC09OMq4wJ5O32JsCixVpSjm52npbH4aV9UHGOQ1uI_ZB2O6XhbC896rJBz0UfZU5...
an.yandex.ru/rtbcount/ 		43 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/rtbcount/1GvcXPWt0N8100000000U9nJV7FVJ76FRfAXuVbb1tuTJrhrr_BDyh_n343W2HC9LJD-nXoxyW4dGoeZK3pp_B88iHD0yL8GhpO1IBGoWiYfGBu2mqp6B1i6C5Z8E4CSmbh9MC09OMq4wJ5O32JsCixVpSjm52npbH4aV9UHGOQ1uI_ZB2O6XhbC896rJBz0UfZU5EVC03doBDD_87Z5971Hfqpe_386XlUp9rjlsS7Ay9U91UGCPbOWsSii078CCyY0kSnC8Ek1f0B4UcOPaUwmk5z_sKyomtn-5QpoBfZyoUpWn0znFCkj9ZymQmNBgueDB8mxM9WEi31UOFdITc57R-E3DM8tMI1U-c3_a6NMJ12uQV-M1UIT1QoS9rdpTI7IDrdV7FTrsI9KcFAL5UHw05PrSC00?confirmTime=2100000&confirmRatio=1000000&test-tag=111050674405378&format-type=95&actual-format=78&rnd=6224986520061&renderWidth=800&renderHeight=290
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jan 2021 13:45:19 GMT
content-type
image/gif
last-modified
Tue, 12 Jan 2021 13:45:19 GMT
server
nginx/1.12.2
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 12 Jan 2021 13:45:19 GMT
WIKejI_zOBG0tGW0H0q3vZCcUCEGFGK0j04GW8200J7if_rV000003ZIWa-80W6v0amerT6sMWXjy0AryPIa2A0Py0K1e0R00Sa6xDys8RmjOZ7H1knpR9YyBM8ney-cM1R8Oghz_SyGHS-c003RKfGxjBZm2mQO3ko_sud2juknCQWFpys2rl_OcDNztQpZYfcTs...
an.yandex.ru/count/ 		43 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/count/WIKejI_zOBG0tGW0H0q3vZCcUCEGFGK0j04GW8200J7if_rV000003ZIWa-80W6v0amerT6sMWXjy0AryPIa2A0Py0K1e0R00Sa6xDys8RmjOZ7H1knpR9YyBM8ney-cM1R8Oghz_SyGHS-c003RKfGxjBZm2mQO3ko_sud2juknCQWFpys2rl_OcDNztQpZYfcTshfUa9FVZXZW507O5S6AzkoZZxpyO_395l0_WHUe5mcP6D0O4FWOW1cm6RWPm1diZxUYnDR4k6JI6H9vOM9pNtDbSdPbSYzoD3aoBJ7ey1O0BqRagNbjR4mq1OE2koeQ9j4jX50J0tFPYhJCBGQRGNv-b6ihgJnov3LkKkHXqBLpA9Qevg26FvP1OusA1yvoY0pk0G00~1=WYuejI_zOBK19H40D1om7Tu4jGBAz-gGYnQ00V6en6U80OV_dhHNa07Wf8EioO20W0AO0U2aWwn9e07Ug07Uk066l8Q_8DW1dgEqbG7W0OIRj9K1w06m0VW1_8hUlW6W0igKhHYO0y24FR03sXI81V7q4905qRKqi0MsrWwu1RRM3i05s9D5o0MEhXFG1Qgg1U05TwW6m06u1u05f0_n1m00mgNAbWnl7fDujolWFyaA6Lqs5oCwu3_W2e29UjaBpwPO5iXYglte2_7q48WCufxalW6f370wn1JxVCU_w0oR1fWDe-BPW13Fpu8RcX0I2GJuq12-XQzVeU0HseMw0kWHaQtxdfJnje9vyJNEG7aJB9J4LyO_c1C2g1FqXj2uZO7Wh1RW4xRM3eWKjVggw-VwdVlf0Q0KjjOEg1JHjJJ0582GlFskylK_s1I0bil_1UWKZ0BG5O2Mo_y5s1N1YlRieu-y_6EW5j2FmFe5i1Qz0yaMy3_G5kAUvBu1WHUO5uJqoIku5m705xK2s1V0X3te5m6P6A0O5R0OrhFs_mMu607u6BBEkD28owZ9im606OaPRosG6G6W6S01k1d___y1u1a1wF216l__hvM8sjPY7m0lHiWqtA8OP-eWiw6CGX51GwPjR-Wpde-neGt4aQV3TibaRR1Q5b1L77mjAh4sXxSK7YEslG7ky3GBea5m2MIt8f3ZDM8G8bu94NgEGR319vVUIkdKm3hK93hO9k00~1=WbWejI_zODW1TH80X1zHyO3is0B2kOcgxHw00Vt5qS_aaBhteG680Ot2r81La06OsCc9oO20W0AO0PZOoOb9e06urwW1kDV9YKcu0OgV-AGWs06UaigK0U01YCE78UW1zW7u0PJXtxu1c0AYagaOe0A-vgSOW0E3j-Et38W3mPJcbmYO0vjIe0C4i0F45eW5qvOAa0MQoG-m1OUe1RW5XwW5m0MQdX_81P7K2j05sSe1u0LQg0R00RW7W0Nn1m00mf_pamnh_oLbqUVVFyaA8mpmSoUUwZ_W2e29UjaBpwPO5iXYglte2zEM2eWCy9pZlW6f3FHccFjjASq_w0oR1fWDe-AW3i24FTc048_7pHh0i1AXu17QXRe2w16HhVkUbF6sWdarpa2k8ToMYt_5FvWJ0gWJz8RGk8s1uAmMu1E7g0M85BNwgkld-ftxwG6W58Ue1QWKciaFi1Ief8mFk1J0iPy5m1I0lC6M2yWK1D0KteAHIDWKWCA2_mNe58m2q1M0meB_1TWLmOhsxAEFlFnZe1RGZy3w1R0MlGF95j0My9pZlW615vWNskpLAhWN0S0NjGBO5y24FU0NYA7n-mNe5m7u5vpfwlm5cHYW61Em6DQpzly5k1W3-1YophZGYCkeoRC1W1c96Myja1a1e1d00RWP_m7W6GBey84Q__-tIyLuxPGR02z6o3GQHz3KGTP36OMA41eYR-mZCTj0HclAYqq9866r84g4hDApldl4rXiwEJpJWbWGN0BPRGdaU90O-50oCkbwZa5WmoUNH5fAv_YQkGJR11m0~1=WXGejI_zOBK1LH00D1iaNR_DjGBShR7opIE00QALqDVTuVZ_NeW1t_sForoG0TI1rhxBW8200fW1r87MlakW0TAe0TAu0OwdvFiWs07AhVkM0U01n9UR7kW1d0Bu0Uobthu1e0B0p8OOW0FRl_BY3OW3kQR1emwW0mQm0-D7Y0NTw0AG1V-80x05zMEu1VLZm0NDXWF81QTZq0Nx9-0539W6-kJ50gW6m06u1u05yGS0mg2cWmp92dxfyfmj6V0_sGlFfbWMo6Ag_UWBtUW2Y0pifTw-0QaCFiigk0UMsJ_e39i6c0sZug0Em8GzsG-04EMKvXkW8k0HseMw0kWHaQtxdfJnje9vDSv01xSSiJDri3-O4mAe4_I6qBYDWU2i5k0JzME85BNwgkld-ftxwG6W5FLZg1J_Y0EyeFF_1UWKZ0BG5RoWy_y5s1N1YlRieu-y_6EW5j2FmFe5i1Qz0yaM003mFz0MxANUlW615vWNkT-d9BWN0S0NjGBO5y24FUWN0PaOe1WHi1ZVglR_1RWO1lWOiiwuq8ZBgCcp0O0PYHblBP0P0Q0Pm06u6V___m7W6GJey84Q__zxGxO5310S02z6o3JSeXXdwY2peOn24K6JQ42W7wEmgfiDprMcBXWsU-s7IEY5r-08-21wd4NGWj35WswThNm8PBTeo0Ck3wXp9cvwZb7mM4hd1jQr9j71DW47~1=WY8ejI_zO9q1nH00D1mhOsCJdGAWbRMLpHs00P-gjhi7Y07utDIS9v01aflIkY6O0SQlle4Ye06kiyMw8QW1hA--WIAu0QpjZf8Ls07ysCyFu07M-fK3w07i0VW1rghUlW6W0fRldmI00yMnZB45Y0F6yuUg1PW3yza3e0C8i0El4uW5Z_G8a0Nm_Wgm1TVb0hW5r-K2m0Mto0x81O7Q0z05YOy1u0LQg0R00RW7W0Nn1m00miltZmAPlxHOeYNeFyaAAtZ-yjhxvJ_P2y-cM1R8Oghzw0kFz0Y83DQgthu1gGpm0HRUYQMkF-WCcmQO3QFYCA0Em8GzeG_mFzc04Alewmt08E0HseMw0kWHaQtxdfJnje9vyJNEG7xdKXaldia_c1C2g1FqXj2uZO7Wh1RW4zVb0eWKjVggw-VwdVlf0Q0Kr-K2g1Jm_We1s1JWi_7_1UWKZ0BG5U2pyVy5s1N1YlRieu-y_6EW5j2FmFe5i1Qz0yaMq1RMgjw-0O4Nc1Uyg4Iu5m705xK2s1V0X3te5mAP6A0O0R0OrhFs_mMu60Vu6BBEkD28owZ9im606OaPRosG6G6W6S01k1d___y1u1a1wF216l__DnyeLVEe6m0lHiWqt9yOP-eWhw4CGH51G-HqZ-W8DnZPm0RYYDEmlvHeF8I4BThT72j1ftF81u4K6tGjQ0bSfX786nmnMjCvPwNd60GZV79XVwLqZi4sKGG0~1?stat-id=1&test-tag=111051060313601&format-type=95&actual-format=78&banner-test-tags=eyI3MjA1NzYwMzg4MTk4NjM1MiI6IjU3MzYwIiwiNzIwNTc2MDM4NDU4NjI5MjQiOiI1NzM2MCIsIjcyMDU3NjA0MTY5OTczODY2IjoiNTczNjAiLCI0NDkwNjc1OTEzIjoiNTczNjAifQ%3D%3D&renderWidth=800&renderHeight=290&confirmTime=2100000&confirmRatio=1000000&wmode=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://freeu-vpn.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jan 2021 13:45:19 GMT
content-type
image/gif
last-modified
Tue, 12 Jan 2021 13:45:19 GMT
server
nginx/1.12.2
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 12 Jan 2021 13:45:19 GMT

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated function| ym undefined| yandexContextAsyncCallbacks object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_operation_status object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map function| $ function| jQuery object| Ya object| yaCounter65460268 object| pcodeStaticJsonp13514 undefined| yandex_context_callbacks boolean| yandex_context_perf_logging function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| yaSafeFrameAsyncCallbacks object| yaCounter647337 object| GoogleGcLKhOms object| $sf object| google_image_requests

6 Cookies

Domain/Path Name / Value
.freeu-vpn.ru/ Name: _ym_visorc_65460268
Value: w
.freeu-vpn.ru/ Name: _ym_isad
Value: 2
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.freeu-vpn.ru/ Name: __gads
Value: ID=bdae6b7ff0ead553-229c27399ea600dd:T=1610459116:RT=1610459116:S=ALNI_MYWN4fGcvfLvYDfsdCQ7cIc0ieTag
.freeu-vpn.ru/ Name: _ym_d
Value: 1610459117
.freeu-vpn.ru/ Name: _ym_uid
Value: 1610459117218169716

1 Console Messages

Source Level URL
Text
console-api log URL: http://freeu-vpn.ru/js/rek_fixed/rek_fixed.js(Line 20)
Message:
undefined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
an.yandex.ru
avatars.mds.yandex.net
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
freeu-vpn.ru
googleads.g.doubleclick.net
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.freeu-vpn.ru
www.googletagservices.com
yastatic.net
172.217.16.130
2a00:1450:4001:800::200a
2a00:1450:4001:802::2002
2a00:1450:4001:803::2001
2a00:1450:4001:809::2002
2a00:1450:4001:824::2003
2a02:6b8:20::215
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::90
2a03:c980:5fb5:e518:95:181:229:24
88.212.201.210
00bce1b28687e2a0c3ddcf2f2a5eb87fe44e38e191066a13231a358ed1e2aa8a
039cdb4b51945f142521effde58bc9d4db0d4133b8ee571964ba4d9337cafb16
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06046e849bb28f51e26644f9d3f69ab569412bc1f1285bff43d4fee22fcdf5ea
06e8469bc8fc6ffcc83fe9174067ac79f350646b1f2ad86a7d729b2dc9a3ef9b
095a5b41688fbbe3e05aeb032b64356b0468fd68d45c6fa27a1c511774043993
09cd78d927dcb725c0a40c0fa03a201c211c37b4ff700de66088a0d75da44cfb
217d4a7d123332adefa351d8fe1fee7f4853a80be96b69612048e81380db2d7b
26665583f45ba71b6928a1e112b4dfe0125cc69f38f4b7715867db69ab3d64ce
2ec8f788991859c4b99f62ebc120fa472039437e9c58e371f60af9eb4a08e0f2
36244e98fa55f0ada504425b7b212615549b59dab7445f6194243a617dfc8142
439868bc829553932856c331e679addfe47509e4f45acb00265d29aec6ec5c4f
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5ba75b02572716c12bb8c88a3f12a5d3da128620dd90abbd37e8b87f4d15b184
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
67eb785a2a8ba50388be15f88d34507786441641ac3ff36dbbef6c1f08981626
7a2c24123bf9e2d278064a1c1596653f626b24deeda2c4422de8882840f82e83
902c4ccbb658e374153d5a5a19383086ec94a9f62e124ad15d2fae448f102f12
92a8c052c24889d39ddee3617dad8f31b6f036451afefdad1334b0fcd4694794
9fa8c2bb49f0e9e391d87f70459663c0e3898f32d4506c81239151b9c0b870d6
a0a2d0ec76113bd8d1be2ae8c448e60b9524cf6e2ddcfeff13b8b4c9c20331e2
a92f2b3edb0d9f5e017eaf110749e21ce9aea2121cc492145837afd222a8416e
a99acbeda3217b72c789ce461021954cf3a1a0198b25c7a27366d69d8aa46116
b417cd69b04e809cc182b81deb7efd25d4e204e546269fa80dbc9321739b6ca8
b95b956d19610f0ce8022bbc7b6ef54c9eb63cf01549845511c1e2123349046d
b9cdc6393e9b4c9a23e7d7c94ae3b58562509dda50b4345793ad7c7e7aaa9212
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
bbdf4eb205293eef9b188f917c16cd3c15e4fe97d672286074d8622539751604
c908a287be5297337a4516cf899eca2023de83254ae4edbbcbc5a0fec68e4cfe
ca212bcaddd7a7d3b5a84729ae4ce9522ea5bf337e63bcad764c9abd9c7cf0e2
e1666ef813c23b38e6e8cfe8711e32558963d7b89422dc12e2f75e1e97814bd5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed3e99d063eb384623fab30a413716f865aa6735b7478ae428fe7ac0c8f2e9f8
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
f1e572871055c1d0e152936f664d5fb075f505b99b412a4776f65a7abe80b505
f5ba1a998b5287aa504136f1de763862f97765bf5603f4becd3686f07c57644a
fd1427a63478ddbe6b00104c2e13827b0c11a0493c2b356deb4368837677f129