profit-club-bonus.ru Open in urlscan Pro
92.53.96.213 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://profit-club-bonus.ru/
Submission Tags: falconsandbox
Submission: On May 27 via api (May 27th 2021, 7:08:22 am UTC) from US

Summary HTTP 69 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 13 domains to perform 69 HTTP transactions. The main IP is 92.53.96.213, located in Russian Federation and belongs to TIMEWEB-AS, RU. The main domain is profit-club-bonus.ru.

This is the only time profit-club-bonus.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	92.53.96.213 92.53.96.213	9123 (TIMEWEB-AS) (TIMEWEB-AS)
1	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3 8	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1 2	2606:4700:10:... 2606:4700:10::6816:13d0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
2	142.250.74.195 142.250.74.195	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.186.50 142.250.186.50	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2012	15169 (GOOGLE) (GOOGLE)
69	21

12 92.53.96.213 (Russian Federation)

ASN9123 (TIMEWEB-AS, RU)
PTR: vh142.timeweb.ru

profit-club-bonus.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

informer.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:13d0 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.free-kassa.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net

p4-ezx444gs6xul2-qhv7i5a3b3xp44ob-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.50 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f18.1e100.net

p4-ezx444gs6xul2-qhv7i5a3b3xp44ob-583669-i1-v6exp3.v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2012 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

p4-ezx444gs6xul2-qhv7i5a3b3xp44ob-583669-i2-v6exp3.ds.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	275 KB
12	profit-club-bonus.ru profit-club-bonus.ru	797 KB
8	doubleclick.net googleads.g.doubleclick.net	56 KB
8	gstatic.com www.gstatic.com p4-ezx444gs6xul2-qhv7i5a3b3xp44ob-if-v6exp3-v4.metric.gstatic.com fonts.gstatic.com p4-ezx444gs6xul2-qhv7i5a3b3xp44ob-583669-i1-v6exp3.v4.metric.gstatic.com p4-ezx444gs6xul2-qhv7i5a3b3xp44ob-583669-i2-v6exp3.ds.metric.gstatic.com	392 KB
5	yandex.com 2 redirects mc.yandex.com	2 KB
4	googleapis.com ajax.googleapis.com fonts.googleapis.com	32 KB
4	google.com 1 redirects www.google.com adservice.google.com	2 KB
3	googletagservices.com www.googletagservices.com	101 KB
3	yandex.ru 1 redirects informer.yandex.ru mc.yandex.ru	46 KB
2	free-kassa.ru 1 redirects www.free-kassa.ru	4 KB
1	google.de adservice.google.de	799 B
1	googleadservices.com partner.googleadservices.com	645 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	10 KB
69	13

	Domain	Requested by
13	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	profit-club-bonus.ru	profit-club-bonus.ru
9	pagead2.googlesyndication.com	profit-club-bonus.ru pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	mc.yandex.com	2 redirects profit-club-bonus.ru
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	fonts.googleapis.com	profit-club-bonus.ru googleads.g.doubleclick.net
3	www.google.com	1 redirects profit-club-bonus.ru tpc.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	p4-ezx444gs6xul2-qhv7i5a3b3xp44ob-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-ezx444gs6xul2-qhv7i5a3b3xp44ob-if-v6exp3-v4.metric.gstatic.com
2	mc.yandex.ru	1 redirects profit-club-bonus.ru
2	www.gstatic.com	www.google.com googleads.g.doubleclick.net
2	www.free-kassa.ru	1 redirects profit-club-bonus.ru
1	p4-ezx444gs6xul2-qhv7i5a3b3xp44ob-583669-i2-v6exp3.ds.metric.gstatic.com
1	p4-ezx444gs6xul2-qhv7i5a3b3xp44ob-583669-i1-v6exp3.v4.metric.gstatic.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	maxcdn.bootstrapcdn.com	profit-club-bonus.ru
1	ajax.googleapis.com	profit-club-bonus.ru
1	informer.yandex.ru	profit-club-bonus.ru
69	21

This site contains links to these domains. Also see Links.

Domain
vip-skript.ru
metrika.yandex.ru
www.free-kassa.ru
payeer.com

Subject Issuer	Validity	Valid
www.google.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
free-kassa.ru Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.v4.metric.gstatic.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.ds.metric.gstatic.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh

This page contains 11 frames:

Primary Page: http://profit-club-bonus.ru/
Frame ID: 4E29A20D1BAFABE735BEE034C2186F87
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210524/r20190131/zrt_lookup.html
Frame ID: 32B8C9013AB72E391168ACEBF63701EB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7937406556070782&output=html&h=280&slotname=3352451376&adk=2004084722&adf=1299270868&pi=t.ma~as.3352451376&w=1200&fwrn=4&fwrnh=100&lmt=1622099283&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fprofit-club-bonus.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1622099283578&bpp=5&bdt=462&idt=94&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=791448276826&frm=20&pv=2&ga_vid=1884728560.1622099284&ga_sid=1622099284&ga_hid=329753658&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740386&oid=3&pvsid=1751520259212296&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeE%7Cp&abl=XS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=X6z3EWmnLt&p=http%3A//profit-club-bonus.ru&dtd=122
Frame ID: 1813AAB410DE26DEFC5F2D883AFDEE9F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7937406556070782&output=html&h=600&slotname=3352451376&adk=1234241252&adf=96407258&pi=t.ma~as.3352451376&w=300&fwrn=4&fwrnh=100&lmt=1622099283&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fprofit-club-bonus.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1622099283583&bpp=2&bdt=467&idt=139&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=791448276826&frm=20&pv=1&ga_vid=1884728560.1622099284&ga_sid=1622099284&ga_hid=329753658&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=51&ady=1309&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740386&oid=3&pvsid=1751520259212296&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=xsAZ6Kj8ux&p=http%3A//profit-club-bonus.ru&dtd=143
Frame ID: 9E081015F837E2B1D1281EEAAD38B1FA
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7937406556070782&output=html&adk=1812271804&adf=3025194257&lmt=1622099283&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fprofit-club-bonus.ru%2F&ea=0&flash=0&pra=7&wgl=1&dt=1622099283596&bpp=2&bdt=480&idt=180&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C300x600&nras=1&correlator=791448276826&frm=20&pv=1&ga_vid=1884728560.1622099284&ga_sid=1622099284&ga_hid=329753658&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740386&oid=3&pvsid=1751520259212296&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=186
Frame ID: 6EDD02E6D33F82AB4349B93F476B15C9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 9B03246648FAF04BA001797D6749995A
Requests: 2 HTTP requests in this frame

Frame: https://p4-ezx444gs6xul2-qhv7i5a3b3xp44ob-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 5680C2122BF84359C5D6DE8414B43276
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
Frame ID: E252471FE36A6A7764DB966384318805
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
Frame ID: 41D1480B31F4A6797AAC466F8BDF0DE1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: CB4B30347604C526AC46D330C244644D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C3F6CE70F6D1CBAFEDE643B99EFD53B8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /mc\.yandex\.ru\/metrika\/watch\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

script /\/recaptcha\/api\.js/i

Page Statistics

69
Requests

78 %
HTTPS

80 %
IPv6

13
Domains

21
Subdomains

21
IPs

3
Countries

1717 kB
Transfer

2788 kB
Size

9
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://vip-skript.ru/
Title: vip-skript.ru

Search URL Search Domain Scan URL

URL: https://metrika.yandex.ru/stat/?id=43576494&from=informer

Search URL Search Domain Scan URL

URL: http://www.free-kassa.ru/merchant/register.php?pid=d433bedebebfc3b76be44aeaef297889

Search URL Search Domain Scan URL

URL: https://payeer.com/?partner=1948919

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

http://www.free-kassa.ru/img/fk_btn/16.png HTTP 301
https://www.free-kassa.ru/img/fk_btn/16.png

Request Chain 29

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9286.2lA2HEDc5-AnF4ewlq9MORmOyjzCuDf7XHxmmnd5f57yh5oIFTO_HJtz7oiMlPst.O0ETA2a6wXXEdPTGwy1K3sNBGjM%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9286.5YHVnWrHaUr1S42UuBG1bXOVt1vnm1VG1agRoDMQ2UnOtgKbZ_CEvPGLR6-D-8ihz2069wAXR2ZXIEKEG0jWNg%2C%2C.R1-lM1afmXadd1F0NBwiaesOjiU%2C

Request Chain 33

https://mc.yandex.com/watch/43576494?wmode=7&page-url=http%3A%2F%2Fprofit-club-bonus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry6%3Afp%3A595%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A530%3Acn%3A1%3Adp%3A0%3Als%3A1546615430940%3Ahid%3A31929025%3Az%3A120%3Ai%3A20210527090803%3Aet%3A1622099284%3Ac%3A1%3Arn%3A679040553%3Au%3A1622099284672935299%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1622099282883%3Ads%3A86%2C15%2C128%2C1%2C0%2C0%2C%2C438%2C0%2C%2C%2C%2C671%3Adsn%3A86%2C15%2C128%2C1%2C%2C0%2C%2C440%2C0%2C%2C%2C%2C671%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1622099284%3At%3A%D0%A1%D0%BE%D0%B7%D0%B4%D0%B0%D0%BD%D0%B8%D0%B5%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2%20%D0%BF%D0%BE%D0%B4%20%D0%BA%D0%BB%D1%8E%D1%87%20%7C%20%D0%9A%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%2C%20%D1%86%D0%B5%D0%BD%D1%8B%2C%20%D0%BE%D1%82%D0%B7%D1%8B%D0%B2%D1%8B HTTP 302
https://mc.yandex.com/watch/43576494/1?wmode=7&page-url=http%3A%2F%2Fprofit-club-bonus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry6%3Afp%3A595%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A530%3Acn%3A1%3Adp%3A0%3Als%3A1546615430940%3Ahid%3A31929025%3Az%3A120%3Ai%3A20210527090803%3Aet%3A1622099284%3Ac%3A1%3Arn%3A679040553%3Au%3A1622099284672935299%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1622099282883%3Ads%3A86%2C15%2C128%2C1%2C0%2C0%2C%2C438%2C0%2C%2C%2C%2C671%3Adsn%3A86%2C15%2C128%2C1%2C%2C0%2C%2C440%2C0%2C%2C%2C%2C671%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1622099284%3At%3A%D0%A1%D0%BE%D0%B7%D0%B4%D0%B0%D0%BD%D0%B8%D0%B5%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2%20%D0%BF%D0%BE%D0%B4%20%D0%BA%D0%BB%D1%8E%D1%87%20%7C%20%D0%9A%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%2C%20%D1%86%D0%B5%D0%BD%D1%8B%2C%20%D0%BE%D1%82%D0%B7%D1%8B%D0%B2%D1%8B

Request Chain 45

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

69 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
profit-club-bonus.ru/ 47 KB
8 KB 230ms
128ms Document
text/html 92.53.96.213
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://profit-club-bonus.ru/
Protocol: HTTP/1.1
Server: 92.53.96.213 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh142.timeweb.ru
Software: nginx/1.14.1 /
Resource Hash: 87aa07d922fe22d86d7dc425f54bc47d24c9146bc8e7a64d235b583b22465c82

Request headers

Host: profit-club-bonus.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx/1.14.1
Date: Thu, 27 May 2021 07:08:03 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=0d422f62433191f2a5463aa4a1498881; path=/; domain=.profit-club-bonus.ru referer=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip

GET
H/1.1 200
OK bootstrap.min.css
profit-club-bonus.ru/assets/css/ 117 KB
19 KB 65ms
64ms Stylesheet
text/css 92.53.96.213
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://profit-club-bonus.ru/assets/css/bootstrap.min.css
Requested by: Host: profit-club-bonus.ru
URL: http://profit-club-bonus.ru/
Protocol: HTTP/1.1
Server: 92.53.96.213 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh142.timeweb.ru
Software: nginx/1.14.1 /
Resource Hash: 765fe58725f7a114cf7d5592d2ee40c5a925ecea6c02087bf7785a903a1dfd4b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: profit-club-bonus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://profit-club-bonus.ru/
Cookie: PHPSESSID=0d422f62433191f2a5463aa4a1498881
Connection: keep-alive
Cache-Control: no-cache
Referer: http://profit-club-bonus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 07:08:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Dec 2020 15:29:22 GMT
Server: nginx/1.14.1
ETag: W/"5fd0ed52-1d3f8"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2678400
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 27 Jun 2021 07:08:03 GMT

GET
H/1.1 200
OK main.css
profit-club-bonus.ru/assets/css/ 28 KB
7 KB 154ms
138ms Stylesheet
text/css 92.53.96.213
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://profit-club-bonus.ru/assets/css/main.css
Requested by: Host: profit-club-bonus.ru
URL: http://profit-club-bonus.ru/
Protocol: HTTP/1.1
Server: 92.53.96.213 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh142.timeweb.ru
Software: nginx/1.14.1 /
Resource Hash: f2ce703bad09a9c17ec73c310cab86fb0ae2f468bd56edd247a323cae64fbfa0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: profit-club-bonus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://profit-club-bonus.ru/
Cookie: PHPSESSID=0d422f62433191f2a5463aa4a1498881
Connection: keep-alive
Cache-Control: no-cache
Referer: http://profit-club-bonus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 07:08:03 GMT
Content-Encoding: gzip
Last-Modified: Fri, 15 Jan 2021 19:19:29 GMT
Server: nginx/1.14.1
ETag: W/"6001eac1-6e73"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2678400
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 27 Jun 2021 07:08:03 GMT

GET
H/1.1 200
OK functions.js Show response
profit-club-bonus.ru/assets/js/ 2 KB
1021 B 129ms
114ms Script
application/x-javascript 92.53.96.213
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://profit-club-bonus.ru/assets/js/functions.js
Requested by: Host: profit-club-bonus.ru
URL: http://profit-club-bonus.ru/
Protocol: HTTP/1.1
Server: 92.53.96.213 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh142.timeweb.ru
Software: nginx/1.14.1 /
Resource Hash: 219cf402db5fb744deaee4a467006dd26fb5b84d51d9b6953978cd679084d10e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: profit-club-bonus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://profit-club-bonus.ru/
Cookie: PHPSESSID=0d422f62433191f2a5463aa4a1498881
Connection: keep-alive
Cache-Control: no-cache
Referer: http://profit-club-bonus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 07:08:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Dec 2020 15:29:23 GMT
Server: nginx/1.14.1
ETag: W/"5fd0ed53-84b"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=2678400
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 27 Jun 2021 07:08:03 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
647 B 17ms
16ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: profit-club-bonus.ru
URL: http://profit-club-bonus.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e537fa335a26b92c75b2de6ca558361ad08b656727a0d5fb362abfa4b2a5b403

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://profit-club-bonus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 07:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 555
x-xss-protection: 1; mode=block
expires: Thu, 27 May 2021 07:08:03 GMT

GET
H/1.1 200
OK jquery.min.js Show response
profit-club-bonus.ru/assets/js/ 84 KB
30 KB 160ms
144ms Script
application/x-javascript 92.53.96.213
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://profit-club-bonus.ru/assets/js/jquery.min.js
Requested by: Host: profit-club-bonus.ru
URL: http://profit-club-bonus.ru/
Protocol: HTTP/1.1
Server: 92.53.96.213 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh142.timeweb.ru
Software: nginx/1.14.1 /
Resource Hash: 28ecdad07946397f0dc5f2235b75de9bad64173081b5886cec57c058b15dc750

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: profit-club-bonus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://profit-club-bonus.ru/
Cookie: PHPSESSID=0d422f62433191f2a5463aa4a1498881
Connection: keep-alive
Cache-Control: no-cache
Referer: http://profit-club-bonus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 07:08:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Dec 2020 15:29:23 GMT
Server: nginx/1.14.1
ETag: W/"5fd0ed53-15153"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=2678400
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 27 Jun 2021 07:08:03 GMT

GET
H/1.1 200
OK viber.png
profit-club-bonus.ru/img/ 521 KB
522 KB 78ms
78ms Image
image/png 92.53.96.213
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://profit-club-bonus.ru/img/viber.png
Requested by: Host: profit-club-bonus.ru
URL: http://profit-club-bonus.ru/
Protocol: HTTP/1.1
Server: 92.53.96.213 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh142.timeweb.ru
Software: nginx/1.14.1 /
Resource Hash: f4f48994a52e4ae10c9538de75af913986a2f4598d646d74efe390588bbb2c3a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: profit-club-bonus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://profit-club-bonus.ru/
Cookie: PHPSESSID=0d422f62433191f2a5463aa4a1498881
Connection: keep-alive
Cache-Control: no-cache
Referer: http://profit-club-bonus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 07:08:03 GMT
Last-Modified: Wed, 09 Dec 2020 15:29:32 GMT
Server: nginx/1.14.1
ETag: "5fd0ed5c-82588"
Content-Type: image/png
Cache-Control: max-age=2678400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 533896
Expires: Sun, 27 Jun 2021 07:08:03 GMT

GET
H/1.1 200
OK whatsapp.png
profit-club-bonus.ru/img/ 55 KB
55 KB 82ms
79ms Image
image/png 92.53.96.213
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://profit-club-bonus.ru/img/whatsapp.png
Requested by: Host: profit-club-bonus.ru
URL: http://profit-club-bonus.ru/
Protocol: HTTP/1.1
Server: 92.53.96.213 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh142.timeweb.ru
Software: nginx/1.14.1 /
Resource Hash: d39fa3a5a849342488308658bb072eeeddf96d456382dab2b912cf820c6cb169

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: profit-club-bonus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://profit-club-bonus.ru/
Cookie: PHPSESSID=0d422f62433191f2a5463aa4a1498881
Connection: keep-alive
Cache-Control: no-cache
Referer: http://profit-club-bonus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 07:08:03 GMT
Last-Modified: Wed, 09 Dec 2020 15:29:32 GMT
Server: nginx/1.14.1
ETag: "5fd0ed5c-da92"
Content-Type: image/png
Cache-Control: max-age=2678400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 55954
Expires: Sun, 27 Jun 2021 07:08:03 GMT

GET
H/1.1 200
OK telegram.png
profit-club-bonus.ru/img/ 53 KB
53 KB 68ms
65ms Image
image/png 92.53.96.213
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://profit-club-bonus.ru/img/telegram.png
Requested by: Host: profit-club-bonus.ru
URL: http://profit-club-bonus.ru/
Protocol: HTTP/1.1
Server: 92.53.96.213 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh142.timeweb.ru
Software: nginx/1.14.1 /
Resource Hash: 2209e44e28aa7c3acaef04f912d0ceca9f788555d52ed2d3d04f9a7422d6877d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: profit-club-bonus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://profit-club-bonus.ru/
Cookie: PHPSESSID=0d422f62433191f2a5463aa4a1498881
Connection: keep-alive
Cache-Control: no-cache
Referer: http://profit-club-bonus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 07:08:03 GMT
Last-Modified: Wed, 09 Dec 2020 15:29:32 GMT
Server: nginx/1.14.1
ETag: "5fd0ed5c-d2cc"
Content-Type: image/png
Cache-Control: max-age=2678400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 53964
Expires: Sun, 27 Jun 2021 07:08:03 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
48 KB 47ms
24ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: profit-club-bonus.ru
URL: http://profit-club-bonus.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff47eb1f953376d34de66f8e75b913034a9ed88ca290bcff2b3c943e8ad821d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://profit-club-bonus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 07:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48322
x-xss-protection: 0
server: cafe
etag: 9464164001252721547
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 27 May 2021 07:08:03 GMT

GET
H/1.1 200
OK zakazaty-sayt.png
profit-club-bonus.ru/img/ 22 KB
22 KB 63ms
60ms Image
image/png 92.53.96.213
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://profit-club-bonus.ru/img/zakazaty-sayt.png
Requested by: Host: profit-club-bonus.ru
URL: http://profit-club-bonus.ru/
Protocol: HTTP/1.1
Server: 92.53.96.213 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh142.timeweb.ru
Software: nginx/1.14.1 /
Resource Hash: 48646854296f9754b043015e08b20aebfffdaeb1a95cdb74f6844897e42c8c57

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: profit-club-bonus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://profit-club-bonus.ru/
Cookie: PHPSESSID=0d422f62433191f2a5463aa4a1498881
Connection: keep-alive
Cache-Control: no-cache
Referer: http://profit-club-bonus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 07:08:03 GMT
Last-Modified: Wed, 09 Dec 2020 15:29:32 GMT
Server: nginx/1.14.1
ETag: "5fd0ed5c-56f7"
Content-Type: image/png
Cache-Control: max-age=2678400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22263
Expires: Sun, 27 Jun 2021 07:08:03 GMT

GET
H2 200 3_0_20EC20FF_00CC00FF_0_pageviews
informer.yandex.ru/informer/43576494/ 1 KB
1 KB 148ms
49ms Image
image/png 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://informer.yandex.ru/informer/43576494/3_0_20EC20FF_00CC00FF_0_pageviews

Requested by

Host: profit-club-bonus.ru
URL: http://profit-club-bonus.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

0cf029140db1afa4876fd941a859f8b74247ea91ad2a0090e80b85a6ce6cedb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://profit-club-bonus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
last-modified: Thu, 27-May-2021 07:08:03 GMT
content-type: image/png
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 1291
x-xss-protection: 1; mode=block
expires: Thu, 27-May-2021 07:08:03 GMT

GET
H2

200

16.png
www.free-kassa.ru/img/fk_btn/
Redirect Chain

http://www.free-kassa.ru/img/fk_btn/16.png
https://www.free-kassa.ru/img/fk_btn/16.png

3 KB
3 KB

62ms
32ms

Image
image/png

2606:4700:10::6816:13d0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.free-kassa.ru/img/fk_btn/16.png
Requested by: Host: profit-club-bonus.ru
URL: http://profit-club-bonus.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:13d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbc56f395f77d153150b1b7fed67ffec03dc73522a2f879610cbb25a95ba02fd

Request headers

Referer: http://profit-club-bonus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 07:08:03 GMT
cf-cache-status: HIT
last-modified: Wed, 09 Dec 2015 10:32:35 GMT
server: cloudflare
age: 2980263
etag: "1be0c75-c5e-526749bd042b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 655d68e9da7dbed3-FRA
content-length: 3166
cf-request-id: 0a4e3fe6290000bed332071000000001
expires: Mon, 21 Jun 2021 19:17:00 GMT

Redirect headers

Date: Thu, 27 May 2021 07:08:03 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://www.free-kassa.ru/img/fk_btn/16.png
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 655d68e92f3a4a85-FRA
cf-request-id: 0a4e3fe5bb00004a851b2a4000000001
Expires: Thu, 27 May 2021 08:08:03 GMT

GET
H/1.1 200
OK payeer2.png
profit-club-bonus.ru/img/ 3 KB
3 KB 120ms
103ms Image
image/png 92.53.96.213
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://profit-club-bonus.ru/img/payeer2.png
Requested by: Host: profit-club-bonus.ru
URL: http://profit-club-bonus.ru/
Protocol: HTTP/1.1
Server: 92.53.96.213 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh142.timeweb.ru
Software: nginx/1.14.1 /
Resource Hash: d537ecb9e6732f721fa7bb7df1f8997968f00ae5870f58ee0565ec00679187a2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: profit-club-bonus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://profit-club-bonus.ru/
Cookie: PHPSESSID=0d422f62433191f2a5463aa4a1498881
Connection: keep-alive
Cache-Control: no-cache
Referer: http://profit-club-bonus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 07:08:03 GMT
Last-Modified: Wed, 09 Dec 2020 16:12:12 GMT
Server: nginx/1.14.1
ETag: "5fd0f75c-c8b"
Content-Type: image/png
Cache-Control: max-age=2678400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3211
Expires: Sun, 27 Jun 2021 07:08:03 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: profit-club-bonus.ru
URL: http://profit-club-bonus.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://profit-club-bonus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 09:16:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78708
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 May 2022 09:16:15 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 32ms
18ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: profit-club-bonus.ru
URL: http://profit-club-bonus.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://profit-club-bonus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 07:08:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 617
age: 5652513
cdn-cachedat: 2021-03-11 11:57:50
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a4e3fe5a000004a74ebb75000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 3033c5b7ea34684b20a8f4234fea378f
cf-ray: 655d68e90f864a74-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H/1.1 200
OK font-awesome.min.css
profit-club-bonus.ru/assets/css/ 28 KB
7 KB 79ms
79ms Stylesheet
text/css 92.53.96.213
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://profit-club-bonus.ru/assets/css/font-awesome.min.css
Requested by: Host: profit-club-bonus.ru
URL: http://profit-club-bonus.ru/assets/css/main.css
Protocol: HTTP/1.1
Server: 92.53.96.213 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh142.timeweb.ru
Software: nginx/1.14.1 /
Resource Hash: ed0f05101d480726c58bcd4956a1e7b02f12b538d02058f1b0ebfdabe8a7ef42

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: profit-club-bonus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://profit-club-bonus.ru/assets/css/main.css
Cookie: PHPSESSID=0d422f62433191f2a5463aa4a1498881
Connection: keep-alive
Cache-Control: no-cache
Referer: http://profit-club-bonus.ru/assets/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 07:08:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Dec 2020 15:29:22 GMT
Server: nginx/1.14.1
ETag: W/"5fd0ed52-718b"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2678400
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 27 Jun 2021 07:08:03 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 2 KB
1 KB 20ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Source+Sans+Pro

Requested by

Host: profit-club-bonus.ru
URL: http://profit-club-bonus.ru/assets/css/main.css

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cb24bd99e8eec4f38b10f9c7cace42718f00618874ffc00abbd594667869e18b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://profit-club-bonus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 07:08:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 27 May 2021 06:59:25 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Thu, 27 May 2021 07:08:03 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 957 B
954 B 21ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Russo+One

Requested by

Host: profit-club-bonus.ru
URL: http://profit-club-bonus.ru/assets/css/main.css

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

726130af2420acdc2c363d3d369770467cca1d4c6f2a970071c3af4928a42063

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://profit-club-bonus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 07:08:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 27 May 2021 07:08:03 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Thu, 27 May 2021 07:08:03 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/eWmgPeIYKJsH2R2FrgakEIkq/ 335 KB
336 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/eWmgPeIYKJsH2R2FrgakEIkq/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8cb544f90b2c0399716bd41669bcef24768dd8c509a7c7d1c26ca9fe4efc0fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://profit-club-bonus.ru
Referer: http://profit-club-bonus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 17:04:45 GMT
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 02:05:30 GMT
server: sffe
age: 50598
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343376
x-xss-protection: 0
expires: Thu, 26 May 2022 17:04:45 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
profit-club-bonus.ru/assets/fonts/ 70 KB
71 KB 128ms
113ms Font
application/font-woff2 92.53.96.213
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://profit-club-bonus.ru/assets/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: profit-club-bonus.ru
URL: http://profit-club-bonus.ru/assets/css/font-awesome.min.css
Protocol: HTTP/1.1
Server: 92.53.96.213 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh142.timeweb.ru
Software: nginx/1.14.1 /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Pragma: no-cache
Origin: http://profit-club-bonus.ru
Accept-Encoding: gzip, deflate
Host: profit-club-bonus.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://profit-club-bonus.ru/assets/css/font-awesome.min.css
Cookie: PHPSESSID=0d422f62433191f2a5463aa4a1498881
Connection: keep-alive
Cache-Control: no-cache
Origin: http://profit-club-bonus.ru
Referer: http://profit-club-bonus.ru/assets/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 07:08:03 GMT
Last-Modified: Wed, 09 Dec 2020 15:29:23 GMT
Server: nginx/1.14.1
ETag: "5fd0ed53-118d8"
Content-Type: application/font-woff2
Cache-Control: max-age=2678400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 71896
Expires: Sun, 27 Jun 2021 07:08:03 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 127 KB
45 KB 46ms
45ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: profit-club-bonus.ru
URL: http://profit-club-bonus.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

b8eff192d078184d18190b1a814be21ed739691c05b1f9473a18d3b6e451ffd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://profit-club-bonus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 07:08:03 GMT
content-encoding: br
last-modified: Wed, 26 May 2021 12:18:34 GMT
etag: "60ae3a7b-b1f3"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 45555
expires: Thu, 27 May 2021 08:08:03 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/ 232 KB
86 KB 45ms
31ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7937406556070782&plah=profit-club-bonus.ru&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d7401bef80e31a1aa3a2d1daab189dfba7f02a21e7cfef216e011f0c05a74da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://profit-club-bonus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 07:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87658
x-xss-protection: 0
server: cafe
etag: 5316214545020586774
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 27 May 2021 07:08:03 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210524/r20190131/ Frame 32B8 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210524/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210524/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://profit-club-bonus.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://profit-club-bonus.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 26 May 2021 20:29:24 GMT
expires: Wed, 09 Jun 2021 20:29:24 GMT
content-type: text/html; charset=UTF-8
etag: 15349191498103243965
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4506
x-xss-protection: 0
age: 38319
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 210 B
645 B 96ms
33ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=profit-club-bonus.ru&callback=_gfp_s_&client=ca-pub-7937406556070782

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7937406556070782&plah=profit-club-bonus.ru&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

771088dc3285a4dab0a6c8bd62c9f83a9b3e3d9dede54622c85c2a88caf80464

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://profit-club-bonus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 07:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 41ms
14ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=profit-club-bonus.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://profit-club-bonus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 May 2021 07:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 41ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=profit-club-bonus.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://profit-club-bonus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 May 2021 07:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1813 73 KB
24 KB 656ms
655ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7937406556070782&output=html&h=280&slotname=3352451376&adk=2004084722&adf=1299270868&pi=t.ma~as.3352451376&w=1200&fwrn=4&fwrnh=100&lmt=1622099283&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fprofit-club-bonus.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1622099283578&bpp=5&bdt=462&idt=94&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=791448276826&frm=20&pv=2&ga_vid=1884728560.1622099284&ga_sid=1622099284&ga_hid=329753658&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740386&oid=3&pvsid=1751520259212296&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeE%7Cp&abl=XS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=X6z3EWmnLt&p=http%3A//profit-club-bonus.ru&dtd=122

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df69d0048d5920858d5159241e4488e380df38082da434644a44a64a0ad6ecb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7937406556070782&output=html&h=280&slotname=3352451376&adk=2004084722&adf=1299270868&pi=t.ma~as.3352451376&w=1200&fwrn=4&fwrnh=100&lmt=1622099283&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fprofit-club-bonus.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1622099283578&bpp=5&bdt=462&idt=94&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=791448276826&frm=20&pv=2&ga_vid=1884728560.1622099284&ga_sid=1622099284&ga_hid=329753658&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740386&oid=3&pvsid=1751520259212296&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeE%7Cp&abl=XS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=X6z3EWmnLt&p=http%3A//profit-club-bonus.ru&dtd=122
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://profit-club-bonus.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://profit-club-bonus.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 27 May 2021 07:08:04 GMT
server: cafe
content-length: 24695
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 27-May-2021 07:23:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 27 May 2021 07:08:04 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 47ms
16ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://profit-club-bonus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 07:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028727180027"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27990
x-xss-protection: 0
expires: Thu, 27 May 2021 07:08:03 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9E08 83 KB
26 KB 479ms
479ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7937406556070782&output=html&h=600&slotname=3352451376&adk=1234241252&adf=96407258&pi=t.ma~as.3352451376&w=300&fwrn=4&fwrnh=100&lmt=1622099283&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fprofit-club-bonus.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1622099283583&bpp=2&bdt=467&idt=139&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=791448276826&frm=20&pv=1&ga_vid=1884728560.1622099284&ga_sid=1622099284&ga_hid=329753658&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=51&ady=1309&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740386&oid=3&pvsid=1751520259212296&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=xsAZ6Kj8ux&p=http%3A//profit-club-bonus.ru&dtd=143

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3c274b7a71f7695b1de48f29fcaeaf38dd138587040b0d7badef2d039385ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7937406556070782&output=html&h=600&slotname=3352451376&adk=1234241252&adf=96407258&pi=t.ma~as.3352451376&w=300&fwrn=4&fwrnh=100&lmt=1622099283&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fprofit-club-bonus.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1622099283583&bpp=2&bdt=467&idt=139&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=791448276826&frm=20&pv=1&ga_vid=1884728560.1622099284&ga_sid=1622099284&ga_hid=329753658&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=51&ady=1309&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740386&oid=3&pvsid=1751520259212296&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=xsAZ6Kj8ux&p=http%3A//profit-club-bonus.ru&dtd=143
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://profit-club-bonus.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://profit-club-bonus.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 27 May 2021 07:08:04 GMT
server: cafe
content-length: 26893
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 27-May-2021 07:23:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 27 May 2021 07:08:04 GMT
cache-control: private

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9286.2lA2HEDc5-AnF4ewlq9MORmOyjzCuDf7XHxmmnd5f57yh5oIFTO_HJtz7oiMlPst.O0ETA2a6wXXEdPTGwy1K3sNBGjM%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9286.5YHVnWrHaUr1S42UuBG1bXOVt1vnm1VG1agRoDMQ2UnOtgKbZ_CEvPGLR6-D-8ihz2069wAXR2ZXIEKEG0jWNg%2C%2C.R1-lM1afmXadd1F0NBwiaesOjiU%2C

75 B
75 B

53ms
52ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9286.5YHVnWrHaUr1S42UuBG1bXOVt1vnm1VG1agRoDMQ2UnOtgKbZ_CEvPGLR6-D-8ihz2069wAXR2ZXIEKEG0jWNg%2C%2C.R1-lM1afmXadd1F0NBwiaesOjiU%2C

Requested by

Host: profit-club-bonus.ru
URL: http://profit-club-bonus.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://profit-club-bonus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 07:08:03 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9286.5YHVnWrHaUr1S42UuBG1bXOVt1vnm1VG1agRoDMQ2UnOtgKbZ_CEvPGLR6-D-8ihz2069wAXR2ZXIEKEG0jWNg%2C%2C.R1-lM1afmXadd1F0NBwiaesOjiU%2C
date: Thu, 27 May 2021 07:08:03 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ 0
459 B 44ms
38ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fprofit-club-bonus.ru%2F&tn=NAV&cls=navbar%20navbar-default%20background_color_1&ign=false

Requested by

Host: profit-club-bonus.ru
URL: http://profit-club-bonus.ru/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://profit-club-bonus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 May 2021 07:08:03 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6EDD 3 KB
693 B 57ms
57ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7937406556070782&output=html&adk=1812271804&adf=3025194257&lmt=1622099283&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fprofit-club-bonus.ru%2F&ea=0&flash=0&pra=7&wgl=1&dt=1622099283596&bpp=2&bdt=480&idt=180&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C300x600&nras=1&correlator=791448276826&frm=20&pv=1&ga_vid=1884728560.1622099284&ga_sid=1622099284&ga_hid=329753658&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740386&oid=3&pvsid=1751520259212296&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=186

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b75569ca5a6c4575952a89226a6f5eb316a849f088461b2faba74edfce8c90d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7937406556070782&output=html&adk=1812271804&adf=3025194257&lmt=1622099283&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fprofit-club-bonus.ru%2F&ea=0&flash=0&pra=7&wgl=1&dt=1622099283596&bpp=2&bdt=480&idt=180&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C300x600&nras=1&correlator=791448276826&frm=20&pv=1&ga_vid=1884728560.1622099284&ga_sid=1622099284&ga_hid=329753658&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740386&oid=3&pvsid=1751520259212296&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=186
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://profit-club-bonus.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://profit-club-bonus.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 27 May 2021 07:08:03 GMT
server: cafe
content-length: 670
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 27-May-2021 07:23:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 27 May 2021 07:08:03 GMT
cache-control: private

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 45ms
45ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: profit-club-bonus.ru
URL: http://profit-club-bonus.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://profit-club-bonus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 07:08:03 GMT
last-modified: Wed, 26 May 2021 12:18:34 GMT
etag: "60ae3a7b-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 27 May 2021 08:08:03 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/43576494/
Redirect Chain

https://mc.yandex.com/watch/43576494?wmode=7&page-url=http%3A%2F%2Fprofit-club-bonus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry6%3Afp%3A595%3Afu%3A0%3Aen%3Autf-8%3Ala...
https://mc.yandex.com/watch/43576494/1?wmode=7&page-url=http%3A%2F%2Fprofit-club-bonus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry6%3Afp%3A595%3Afu%3A0%3Aen%3Autf-8%3A...

203 B
370 B

49ms
48ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/43576494/1?wmode=7&page-url=http%3A%2F%2Fprofit-club-bonus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry6%3Afp%3A595%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A530%3Acn%3A1%3Adp%3A0%3Als%3A1546615430940%3Ahid%3A31929025%3Az%3A120%3Ai%3A20210527090803%3Aet%3A1622099284%3Ac%3A1%3Arn%3A679040553%3Au%3A1622099284672935299%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1622099282883%3Ads%3A86%2C15%2C128%2C1%2C0%2C0%2C%2C438%2C0%2C%2C%2C%2C671%3Adsn%3A86%2C15%2C128%2C1%2C%2C0%2C%2C440%2C0%2C%2C%2C%2C671%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1622099284%3At%3A%D0%A1%D0%BE%D0%B7%D0%B4%D0%B0%D0%BD%D0%B8%D0%B5%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2%20%D0%BF%D0%BE%D0%B4%20%D0%BA%D0%BB%D1%8E%D1%87%20%7C%20%D0%9A%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%2C%20%D1%86%D0%B5%D0%BD%D1%8B%2C%20%D0%BE%D1%82%D0%B7%D1%8B%D0%B2%D1%8B

Requested by

Host: profit-club-bonus.ru
URL: http://profit-club-bonus.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

798763f4b9d4e084645f9a39292d6a0d1079c7ec72bdd700ab3f60ea2a606550

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://profit-club-bonus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 07:08:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 27-May-2021 07:08:04 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://profit-club-bonus.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 203
x-xss-protection: 1; mode=block
expires: Thu, 27-May-2021 07:08:04 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 May 2021 07:08:04 GMT
last-modified: Thu, 27-May-2021 07:08:04 GMT
location: /watch/43576494/1?wmode=7&page-url=http%3A%2F%2Fprofit-club-bonus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry6%3Afp%3A595%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A530%3Acn%3A1%3Adp%3A0%3Als%3A1546615430940%3Ahid%3A31929025%3Az%3A120%3Ai%3A20210527090803%3Aet%3A1622099284%3Ac%3A1%3Arn%3A679040553%3Au%3A1622099284672935299%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1622099282883%3Ads%3A86%2C15%2C128%2C1%2C0%2C0%2C%2C438%2C0%2C%2C%2C%2C671%3Adsn%3A86%2C15%2C128%2C1%2C%2C0%2C%2C440%2C0%2C%2C%2C%2C671%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1622099284%3At%3A%D0%A1%D0%BE%D0%B7%D0%B4%D0%B0%D0%BD%D0%B8%D0%B5%20%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2%20%D0%BF%D0%BE%D0%B4%20%D0%BA%D0%BB%D1%8E%D1%87%20%7C%20%D0%9A%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%2C%20%D1%86%D0%B5%D0%BD%D1%8B%2C%20%D0%BE%D1%82%D0%B7%D1%8B%D0%B2%D1%8B
strict-transport-security: max-age=31536000
access-control-allow-origin: http://profit-club-bonus.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 27-May-2021 07:08:04 GMT

GET
H2 200 7520145693401784306
tpc.googlesyndication.com/simgad/ Frame 9E08 41 KB
41 KB 35ms
12ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7520145693401784306?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qk3fUilrmV-6x6PWOgJWUAsDmawKA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7937406556070782&output=html&h=600&slotname=3352451376&adk=1234241252&adf=96407258&pi=t.ma~as.3352451376&w=300&fwrn=4&fwrnh=100&lmt=1622099283&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fprofit-club-bonus.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1622099283583&bpp=2&bdt=467&idt=139&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=791448276826&frm=20&pv=1&ga_vid=1884728560.1622099284&ga_sid=1622099284&ga_hid=329753658&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=51&ady=1309&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740386&oid=3&pvsid=1751520259212296&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=xsAZ6Kj8ux&p=http%3A//profit-club-bonus.ru&dtd=143

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1f23090362438833e07c371a26b1f68a4794ad6c5b61638f3168510373a06c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 16:33:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 Aug 2020 09:44:06 GMT
server: sffe
age: 484504
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42163
x-xss-protection: 0
expires: Sat, 21 May 2022 16:33:00 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame 9E08 17 KB
7 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 07:05:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7025
x-xss-protection: 0
server: cafe
etag: 8821855511435206686
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 07:05:29 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 9E08 2 KB
1 KB 28ms
8ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 07:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 07:03:36 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 9E08 67 B
196 B 31ms
11ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 26 May 2021 10:13:28 GMT
x-content-type-options: nosniff
server: cafe
age: 75276
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Thu, 27 May 2021 10:13:28 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9E08 0
0 18ms
17ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CemuUU0WvYPWoLcyBx_APsqaEiALanIr7YreLy7f_C52i24--FxABILqemUpglQKgAbmr6MkDyAECqQK-e_krTHG0PqgDAcgDyQSqBMEBT9BFDAHfH3ToD_sfAj1lNO2RAz3NsdYlkBJLGDx7yw41oDRcLm-4tP3jtpMhl_nCL-TfFnPwn8NY9EnDElxr8LEUgO2kKArFXyTYbiPr6DzAPXjrpJyU_KQWjMAkTarudlykSR55UoGcHgjL3zJ2ZKPoHt4fajsAtlfud-rla3sUWTGiN86sT5zKFUpij9Ecg-L55NaKv8oY4QupFUOPIhJ26c6YMHSG-ak3Elt0tdDTgtFgnwEmyjxLNZBjiRJ8q8AEssSR140CkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB6_UlzaoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQnqoL0ggJCIDhgBAQARgfgAoByAsB2BMC0BUBmBYBgBcBshcaChgIABIUcHViLTc5Mzc0MDY1NTYwNzA3ODI&sigh=Ji6Z0nJizjU

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7937406556070782&output=html&h=600&slotname=3352451376&adk=1234241252&adf=96407258&pi=t.ma~as.3352451376&w=300&fwrn=4&fwrnh=100&lmt=1622099283&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fprofit-club-bonus.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1622099283583&bpp=2&bdt=467&idt=139&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=791448276826&frm=20&pv=1&ga_vid=1884728560.1622099284&ga_sid=1622099284&ga_hid=329753658&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=51&ady=1309&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740386&oid=3&pvsid=1751520259212296&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=xsAZ6Kj8ux&p=http%3A//profit-club-bonus.ru&dtd=143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 27 May 2021 07:08:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 27 May 2021 07:08:04 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9E08 121 KB
37 KB 29ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 07:08:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Thu, 27 May 2021 07:08:04 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 9E08 13 KB
6 KB 22ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 07:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1319581658596578636
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 07:02:27 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 9E08 25 KB
10 KB 27ms
11ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a656137c96d7c5550298220b3583603d6342a582bb53251bdcc52dace3716d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 19:29:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41917
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10532
x-xss-protection: 0
server: cafe
etag: 13485069350837860933
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Jun 2021 19:29:27 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9B03 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7937406556070782&output=html&h=600&slotname=3352451376&adk=1234241252&adf=96407258&pi=t.ma~as.3352451376&w=300&fwrn=4&fwrnh=100&lmt=1622099283&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fprofit-club-bonus.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1622099283583&bpp=2&bdt=467&idt=139&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=791448276826&frm=20&pv=1&ga_vid=1884728560.1622099284&ga_sid=1622099284&ga_hid=329753658&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=51&ady=1309&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740386&oid=3&pvsid=1751520259212296&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=xsAZ6Kj8ux&p=http%3A//profit-club-bonus.ru&dtd=143
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkO1yLYgUzRdAMMBzJ4yhwhAkYr2yQVTriuCBFCurEVVyeB-tA8VVVpYu93c8c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7937406556070782&output=html&h=600&slotname=3352451376&adk=1234241252&adf=96407258&pi=t.ma~as.3352451376&w=300&fwrn=4&fwrnh=100&lmt=1622099283&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fprofit-club-bonus.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1622099283583&bpp=2&bdt=467&idt=139&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=791448276826&frm=20&pv=1&ga_vid=1884728560.1622099284&ga_sid=1622099284&ga_hid=329753658&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=51&ady=1309&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740386&oid=3&pvsid=1751520259212296&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=xsAZ6Kj8ux&p=http%3A//profit-club-bonus.ru&dtd=143

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 27 May 2021 06:57:10 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 654
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 redir.html Show response
p4-ezx444gs6xul2-qhv7i5a3b3xp44ob-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 5680 247 B
789 B 110ms
32ms Document
text/html 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-ezx444gs6xul2-qhv7i5a3b3xp44ob-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

c3cd464f73d32f19c9acc6dd6df1acc718b430bf19bf7ae9038ef18d5b5faa7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: p4-ezx444gs6xul2-qhv7i5a3b3xp44ob-if-v6exp3-v4.metric.gstatic.com
:scheme: https
:path: /v6exp3/redir.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-6GA88O_ps-MgDL9eohQkvg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
content-length: 205
date: Thu, 27 May 2021 07:08:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 9E08 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f97a83592e54aa4f65e8178ff9b49c2aee18841f97e3937469ddb84809125ca9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9B03
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
39ms

Document
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkO1yLYgUzRdAMMBzJ4yhwhAkYr2yQVTriuCBFCurEVVyeB-tA8VVVpYu93c8c; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 27 May 2021 07:08:04 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 27-May-2021 08:08:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 27 May 2021 07:08:04 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 27 May 2021 07:08:04 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css
fonts.googleapis.com/ Frame 1813 3 KB
674 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7937406556070782&output=html&h=280&slotname=3352451376&adk=2004084722&adf=1299270868&pi=t.ma~as.3352451376&w=1200&fwrn=4&fwrnh=100&lmt=1622099283&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fprofit-club-bonus.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1622099283578&bpp=5&bdt=462&idt=94&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=791448276826&frm=20&pv=2&ga_vid=1884728560.1622099284&ga_sid=1622099284&ga_hid=329753658&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740386&oid=3&pvsid=1751520259212296&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeE%7Cp&abl=XS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=X6z3EWmnLt&p=http%3A//profit-club-bonus.ru&dtd=122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 May 2021 05:18:07 GMT
server: ESF
date: Thu, 27 May 2021 07:08:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 May 2021 07:08:04 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 1813 1 KB
909 B 28ms
12ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 07:04:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 07:04:48 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame 1813 17 KB
7 KB 26ms
10ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 07:05:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7025
x-xss-protection: 0
server: cafe
etag: 8821855511435206686
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 07:05:29 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 1813 2 KB
1 KB 21ms
11ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 07:05:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 07:05:51 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1813 121 KB
37 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 07:08:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Thu, 27 May 2021 07:08:04 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 1813 13 KB
6 KB 16ms
8ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 07:06:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1319581658596578636
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 07:06:26 GMT

GET
H3-29 200 7d9aee27bee51cf015d1b4a8dc2025e1.js Show response
www.gstatic.com/mysidia/ Frame 1813 25 KB
10 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7d9aee27bee51cf015d1b4a8dc2025e1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6f0dd8206df9adfe84428c4f85f678b1a01270a8359bbeef265f69bd94560a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:53:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 May 2021 22:15:01 GMT
server: sffe
age: 515667
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10414
x-xss-protection: 0
expires: Thu, 19 Aug 2021 07:53:37 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1813 0
0 44ms
42ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CzNAnU0WvYJzMLI64x_APrceqgA3zi-uMYLrZqefPCruzp7axCBABILqemUpglQKgAcSS9f4DyAEJqQI_DOTCh3O0PqgDAcgDywSqBLcBT9CErxZTnySJDqQouPVP4LwZXYCPuoKUQ_mJrjFMpwyBy-aaTszq2iGxBI_iYbq1Xwz0zKIQarhwE37pCevq5O3uhOEI-KVeG96HPMkJ8oWqXLmoOjUrmLC5wmEAqQUix2msQFsCimXpxICgYMozZ_jAh2SB-3lZdC0DclZF0SajcVMkBQm61XcWdX1RzbUQerN6-6WisOwsTSa3skHfR6EvSlHLW7KZsdtQDn-CGAzIOKumLikcwASg8MXgnwGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHpO2KAagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCUlgHSCAkIgOGAEBABGB-ACgHICwG4E4gn2BMMiBQB0BUBgBcBshcaChgIABIUcHViLTc5Mzc0MDY1NTYwNzA3ODI&sigh=RA2b4S-cW7s&template_id=5000

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7937406556070782&output=html&h=280&slotname=3352451376&adk=2004084722&adf=1299270868&pi=t.ma~as.3352451376&w=1200&fwrn=4&fwrnh=100&lmt=1622099283&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fprofit-club-bonus.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1622099283578&bpp=5&bdt=462&idt=94&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=791448276826&frm=20&pv=2&ga_vid=1884728560.1622099284&ga_sid=1622099284&ga_hid=329753658&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740386&oid=3&pvsid=1751520259212296&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeE%7Cp&abl=XS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=X6z3EWmnLt&p=http%3A//profit-club-bonus.ru&dtd=122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 27 May 2021 07:08:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/10717427143325466677/ Frame 1813 25 KB
25 KB 17ms
11ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10717427143325466677/downsize_200k_v1?w=600&h=314

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

badd8a523abfdcc5d88bdee42a796b2a3716af06e282550f0c49db1eb3813b3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 11:41:17 GMT
x-content-type-options: nosniff
age: 415607
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25340
x-xss-protection: 0
last-modified: Fri, 01 Feb 2019 10:46:39 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 May 2022 11:41:17 GMT

GET
DATA 200
OK truncated
/ Frame 1813 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 iframe.html Show response
p4-ezx444gs6xul2-qhv7i5a3b3xp44ob-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 5680 4 KB
2 KB 66ms
32ms Document
text/html 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-ezx444gs6xul2-qhv7i5a3b3xp44ob-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-ezx444gs6xul2-qhv7i5a3b3xp44ob-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-ezx444gs6xul2-qhv7i5a3b3xp44ob-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

183ffe5bba6d24075bc0264e6c1a07b8ea3e948faa46a49a327c88e75512c24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: p4-ezx444gs6xul2-qhv7i5a3b3xp44ob-if-v6exp3-v4.metric.gstatic.com
:scheme: https
:path: /v6exp3/iframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://p4-ezx444gs6xul2-qhv7i5a3b3xp44ob-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://p4-ezx444gs6xul2-qhv7i5a3b3xp44ob-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-mJKkIspwnZxGxV6PqHO5rQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
content-length: 1863
date: Thu, 27 May 2021 07:08:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Thu, 29 Apr 2021 21:38:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 1813 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc1013e229e9d5a671cf124352e2e9311ab4a2f2f797b7b864c1f132ac9e7c5f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 1813 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 335066
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Mon, 23 May 2022 10:03:38 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 1813 21 KB
21 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 10:13:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 507277
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Sat, 21 May 2022 10:13:27 GMT

GET
H3-29 200 2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js Show response
pagead2.googlesyndication.com/bg/ Frame E252 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 13:20:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 323233
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5712
x-xss-protection: 0
expires: Mon, 23 May 2022 13:20:51 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 32ms
19ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210524&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

288723da1db7ea7816f2776f6dbbbdbb008bf0bd7a20ab1614991f5d4d9fa377

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://profit-club-bonus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 May 2021 07:08:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7671
x-xss-protection: 0

GET
H3-29 200 2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js Show response
pagead2.googlesyndication.com/bg/ Frame 41D1 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 13:20:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 323233
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5712
x-xss-protection: 0
expires: Mon, 23 May 2022 13:20:51 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://profit-club-bonus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 07:08:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Thu, 27 May 2021 07:08:04 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame CB4B 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://profit-club-bonus.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://profit-club-bonus.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 27 May 2021 06:17:13 GMT
expires: Fri, 27 May 2022 06:17:13 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3051
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C3F6 783 B
530 B 17ms
17ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0bae6db2e8ac5ea7a159b4381fc6eca8ff9e0145daee5044a1a6cff9fd02bfe0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OjxcklWIodFdTgz+IGbR8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://profit-club-bonus.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://profit-club-bonus.ru/

Response headers

expires: Thu, 27 May 2021 07:08:04 GMT
date: Thu, 27 May 2021 07:08:04 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-OjxcklWIodFdTgz+IGbR8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js Show response
pagead2.googlesyndication.com/bg/ Frame CB4B 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 13:20:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 323233
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5712
x-xss-protection: 0
expires: Mon, 23 May 2022 13:20:51 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210524&jk=1751520259212296&bg=!HxylHFjNAAaMan2LjGo7ACkAdvg8Wr81tF1tn969cCPznI0PzvLQNpkEuNXUbDo4YWZZmCQtTCy-xgIAAABbUgAAAA5oAQcKAGC7H2wUprIALDE8lClTBAEHdpFKqXrjqSEX840eQB51li_vi0Ucn8WNNYHpRDdJFuDtOCfdWc6uvWbRg0Y_TpiHMbV5rSFRAhSjTu84F2LYIVPJRJb2Y_W5FV6u-EJXasuZAk2IJVixzczj8pHMy_gNqCVfvXm9OOFSw4rlqtgPIk5VgDML3z_8kvJoAMx03YIJPz-QIOE8InrUCH4tDydFft7qUIKM6cLZu3w3KGW81BN8euY7itiPm-DaQ59KjNxYT95NXeBbLr4Sf6Mbcb7Nq3pDNQVwQbF8SyjIqGHZxwHHJS21NK2gU7kDlWDPDXqA5Hw5NDS945G--3EiTMSrcLqnheu6gW0pwIjyCUogeBmCKPTLokB1EmLm3r8CAjpKFwBgmMEISEOqsSeCWIbQFHitV1w71j797r6LxLvFLACnbwmsEOrcmtfeCvaOXODjARfUO5VBI2YQEzTWIu4QAsYPUL3izoBrMKQdGpmkmX1xD6RDfQiTYKAOkYK7UXMom1aUp2-k8lZo5s7roNPxIMgdVt68A5qMe7Aon7pzmaSMTzxUn24mhwrfcZ2LtMKzjGwCZlHFtZ8qeSwbo6oVHVm5piW0lFEp3v1-xZnpjzaCDhGZmmgwMyia338359Nz9yAwtnul4p31nNrW_FiJhI3uVCmjJhN6drZo0YVRz3fyZAbrqFw0kDAOWoDbSI2fGuZ17xWuLPZuDrZB0Zoba8fDqz2wBB4v9dOONbvSjyj7wWlKa17UHJLOHqfJ20YUF6jb99wIrutR9M4gpQXjecz37U7_VCQOgvtKV0HalmliExE54WQZpZ2O-FDBHr6mz0XPMFSfdrENDDpHKAKWIcv7hFmaQF44YbEKcMcnF_HJhAPWu_iFj1QIvs06nLwdq5jSSAXN8n5Lj2N9KR3q

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://profit-club-bonus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 07:08:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1813 42 B
64 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstB1lOKC7aNFepZSipy9-Qr-SDdgPjagzQq2g5cTaWkVuu-DRdVyucSz_6zo2uclgH9TuPXOPY7FsgQa9gYGnFSSjGNHWIywEhIJmtVSpkKpbQwMTZtXsItEjU49g&sai=AMfl-YQL_1flKTniI9mfFcU1bWqhlK5mVnO9KRsJrW5s6whZZZ2DudGMNmqC5vrwuTltsfByrdSf6_tyYU_8&sig=Cg0ArKJSzCzKFaKp07gpEAE&id=lidar2&mcvt=1000&p=256,200,536,1400&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210526&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2004084722&rs=2&met=mue&la=1&cr=0&osd=1&vs=4&eosm=0&rst=1622099283713&dlt=663&rpt=120&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 07:08:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6.gif
p4-ezx444gs6xul2-qhv7i5a3b3xp44ob-583669-i1-v6exp3.v4.metric.gstatic.com/v6exp3/ Frame 5680 35 B
410 B 291ms
36ms Image
image/gif 142.250.186.50
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p4-ezx444gs6xul2-qhv7i5a3b3xp44ob-583669-i1-v6exp3.v4.metric.gstatic.com/v6exp3/6.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.50 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f18.1e100.net

Software

sffe /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-ezx444gs6xul2-qhv7i5a3b3xp44ob-if-v6exp3-v4.metric.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 07:08:14 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6.gif
p4-ezx444gs6xul2-qhv7i5a3b3xp44ob-583669-i2-v6exp3.ds.metric.gstatic.com/v6exp3/ Frame 5680 35 B
410 B 53ms
14ms Image
image/gif 2a00:1450:4001:808::2012
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p4-ezx444gs6xul2-qhv7i5a3b3xp44ob-583669-i2-v6exp3.ds.metric.gstatic.com/v6exp3/6.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2012 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-ezx444gs6xul2-qhv7i5a3b3xp44ob-if-v6exp3-v4.metric.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 07:08:14 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 03:56:35	Name: IDE Value: AHWqTUkO1yLYgUzRdAMMBzJ4yhwhAkYr2yQVTriuCBFCurEVVyeB-tA8VVVpYu93c8c
.doubleclick.net/	1970-01-19 18:35:02	Name: DSID Value: NO_DATA
.profit-club-bonus.ru/	1970-01-20 03:20:35	Name: _ym_d Value: 1622099284
.profit-club-bonus.ru/	1970-01-19 18:36:11	Name: _ym_isad Value: 2
.profit-club-bonus.ru/	1970-01-20 03:56:35	Name: __gads Value: ID=28a93055f1dd66bc-22b94cf24bc80083:T=1622099283:RT=1622099283:S=ALNI_Mbp618eTepsr7TJMvH3ZbZj0mvvag
.profit-club-bonus.ru/	1970-01-19 18:35:01	Name: _ym_visorc Value: w
.profit-club-bonus.ru/	1970-01-20 03:20:35	Name: _ym_uid Value: 1622099284672935299
.doubleclick.net/	1970-01-19 18:35:00	Name: test_cookie Value: CheckForPermission
.profit-club-bonus.ru/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0d422f62433191f2a5463aa4a1498881

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
informer.yandex.ru
maxcdn.bootstrapcdn.com
mc.yandex.com
mc.yandex.ru
p4-ezx444gs6xul2-qhv7i5a3b3xp44ob-583669-i1-v6exp3.v4.metric.gstatic.com
p4-ezx444gs6xul2-qhv7i5a3b3xp44ob-583669-i2-v6exp3.ds.metric.gstatic.com
p4-ezx444gs6xul2-qhv7i5a3b3xp44ob-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
profit-club-bonus.ru
tpc.googlesyndication.com
www.free-kassa.ru
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.181.226
142.250.186.50
142.250.74.195
2606:4700:10::6816:13d0
2606:4700::6812:acf
2a00:1450:4001:800::2002
2a00:1450:4001:808::2002
2a00:1450:4001:808::2012
2a00:1450:4001:809::2001
2a00:1450:4001:809::2003
2a00:1450:4001:809::2004
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:827::2004
2a00:1450:4001:828::2002
2a00:1450:4001:831::200a
2a02:6b8::1:119
92.53.96.213
0bae6db2e8ac5ea7a159b4381fc6eca8ff9e0145daee5044a1a6cff9fd02bfe0
0cf029140db1afa4876fd941a859f8b74247ea91ad2a0090e80b85a6ce6cedb1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
183ffe5bba6d24075bc0264e6c1a07b8ea3e948faa46a49a327c88e75512c24b
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
1df69d0048d5920858d5159241e4488e380df38082da434644a44a64a0ad6ecb
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
219cf402db5fb744deaee4a467006dd26fb5b84d51d9b6953978cd679084d10e
2209e44e28aa7c3acaef04f912d0ceca9f788555d52ed2d3d04f9a7422d6877d
288723da1db7ea7816f2776f6dbbbdbb008bf0bd7a20ab1614991f5d4d9fa377
28ecdad07946397f0dc5f2235b75de9bad64173081b5886cec57c058b15dc750
48646854296f9754b043015e08b20aebfffdaeb1a95cdb74f6844897e42c8c57
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
726130af2420acdc2c363d3d369770467cca1d4c6f2a970071c3af4928a42063
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
765fe58725f7a114cf7d5592d2ee40c5a925ecea6c02087bf7785a903a1dfd4b
771088dc3285a4dab0a6c8bd62c9f83a9b3e3d9dede54622c85c2a88caf80464
798763f4b9d4e084645f9a39292d6a0d1079c7ec72bdd700ab3f60ea2a606550
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87aa07d922fe22d86d7dc425f54bc47d24c9146bc8e7a64d235b583b22465c82
8d7401bef80e31a1aa3a2d1daab189dfba7f02a21e7cfef216e011f0c05a74da
8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150
8ff47eb1f953376d34de66f8e75b913034a9ed88ca290bcff2b3c943e8ad821d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a656137c96d7c5550298220b3583603d6342a582bb53251bdcc52dace3716d4b
b1f23090362438833e07c371a26b1f68a4794ad6c5b61638f3168510373a06c9
b75569ca5a6c4575952a89226a6f5eb316a849f088461b2faba74edfce8c90d7
b8eff192d078184d18190b1a814be21ed739691c05b1f9473a18d3b6e451ffd1
badd8a523abfdcc5d88bdee42a796b2a3716af06e282550f0c49db1eb3813b3b
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c3c274b7a71f7695b1de48f29fcaeaf38dd138587040b0d7badef2d039385ef8
c3cd464f73d32f19c9acc6dd6df1acc718b430bf19bf7ae9038ef18d5b5faa7f
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6f0dd8206df9adfe84428c4f85f678b1a01270a8359bbeef265f69bd94560a4
cb24bd99e8eec4f38b10f9c7cace42718f00618874ffc00abbd594667869e18b
cc1013e229e9d5a671cf124352e2e9311ab4a2f2f797b7b864c1f132ac9e7c5f
d39fa3a5a849342488308658bb072eeeddf96d456382dab2b912cf820c6cb169
d537ecb9e6732f721fa7bb7df1f8997968f00ae5870f58ee0565ec00679187a2
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9
dbc56f395f77d153150b1b7fed67ffec03dc73522a2f879610cbb25a95ba02fd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e537fa335a26b92c75b2de6ca558361ad08b656727a0d5fb362abfa4b2a5b403
ed0f05101d480726c58bcd4956a1e7b02f12b538d02058f1b0ebfdabe8a7ef42
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f2ce703bad09a9c17ec73c310cab86fb0ae2f468bd56edd247a323cae64fbfa0
f4f48994a52e4ae10c9538de75af913986a2f4598d646d74efe390588bbb2c3a
f8cb544f90b2c0399716bd41669bcef24768dd8c509a7c7d1c26ca9fe4efc0fb
f97a83592e54aa4f65e8178ff9b49c2aee18841f97e3937469ddb84809125ca9

profit-club-bonus.ru Open in urlscan Pro 92.53.96.213 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

69 Requests

78 %HTTPS

80 %IPv6

13 Domains

21 Subdomains

21 IPs

3 Countries

1717 kBTransfer

2788 kBSize

9 Cookies

4 Outgoing links

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

profit-club-bonus.ru Open in urlscan Pro
92.53.96.213 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

78 %
HTTPS

80 %
IPv6

13
Domains

21
Subdomains

21
IPs

3
Countries

1717 kB
Transfer

2788 kB
Size

9
Cookies

69 HTTP transactions
3 data transactions