urlscan.io logo urlscan.io
SecurityTrails logo

compromat.t30p.ru Open in urlscan Pro
84.201.139.218  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://biography.t30p.ru/
Effective URL: https://compromat.t30p.ru/
Submission Tags: falconsandbox
Submission: On April 18 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 62 IPs in 9 countries across 58 domains to perform 244 HTTP transactions. The main IP is 84.201.139.218, located in Russian Federation and belongs to YANDEXCLOUD, RU. The main domain is compromat.t30p.ru.
TLS certificate: Issued by R3 on March 28th 2021. Valid for: 3 months.
This is the only time compromat.t30p.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 84.201.139.218 200350 (YANDEXCLOUD)
15 2a00:1450:400... 15169 (GOOGLE)
11 84.201.143.211 200350 (YANDEXCLOUD)
1 2a00:1450:400... 15169 (GOOGLE)
1 95.181.171.231 50214 (QWARTA)
1 142.250.186.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 212.193.146.233 34879 (CCT-AS NG...)
1 151.101.128.134 54113 (FASTLY)
3 9 2a02:6b8::1:119 13238 (YANDEX)
2 2a00:1450:400... 15169 (GOOGLE)
1 21 46.4.121.26 24940 (HETZNER-AS)
1 4 157.90.6.171 24940 (HETZNER-AS)
1 2a02:6ea0:c70... 60068 (CDN77 (^_^)/)
2 3 188.42.196.115 7979 (SERVERS-COM)
3 195.201.243.71 24940 (HETZNER-AS)
2 2 193.232.148.157 48061 (UMA-TECH-AS)
1 2a00:1148:db0... 47764 (MAILRU-AS...)
2 2 195.209.108.37 52007 (ADRIVER-AS)
2 81.222.128.215 20597 (ELTEL-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 194.190.117.93 204600 (REPUBLER-AS)
2 4 31.172.81.172 44066 (DE-FIRSTC...)
2 2 31.172.81.158 44066 (DE-FIRSTC...)
1 37.18.16.16 205675 (HYBRID-AS)
2 185.15.175.147 43226 (SAFEDATA ...)
1 148.251.9.22 24940 (HETZNER-AS)
1 32 142.250.186.162 15169 (GOOGLE)
1 1 109.248.237.36 201009 (SUPPORTIT-AS)
1 95.211.66.35 60781 (LEASEWEB-...)
1 95.163.37.253 47764 (MAILRU-AS...)
3 3 188.34.131.130 24940 (HETZNER-AS)
2 3 78.46.100.125 24940 (HETZNER-AS)
3 3 35.190.16.14 15169 (GOOGLE)
3 5 89.108.120.76 197695 (AS-REG)
1 1 80.64.106.149 20764 (RASCOM-AS...)
1 37.9.245.57 16345 (BEE-AS Ru...)
4 7 89.108.97.2 197695 (AS-REG)
4 4 217.66.147.169 29209 (SPBMTS-AS...)
2 2 213.87.44.207 13174 (MTSNET Mo...)
1 3 2a02:6b8::90 13238 (YANDEX)
2 3 148.251.156.238 24940 (HETZNER-AS)
1 1 31.220.27.134 39572 (ADVANCEDH...)
1 217.65.2.150 29076 (CITYTELEC...)
1 93.95.102.105 48347 (MTW-AS)
1 1 88.212.201.216 39134 (UNITEDNET)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 95.213.133.114 49505 (SELECTEL)
1 176.99.9.147 49352 (LOGOL-AS)
1 2 88.212.233.108 7979 (SERVERS-COM)
1 35.244.223.69 15169 (GOOGLE)
1 176.99.5.169 49352 (LOGOL-AS)
2 4 185.15.175.148 43226 (SAFEDATA ...)
8 2a00:1450:400... 15169 (GOOGLE)
27 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
5 2620:116:800d... 16509 (AMAZON-02)
1 1 52.57.98.174 16509 (AMAZON-02)
3 34.98.67.61 15169 (GOOGLE)
5 5 35.186.253.211 15169 (GOOGLE)
6 6 185.64.190.78 62713 (AS-PUBMATIC)
5 5 69.173.144.138 26667 (RUBICONPR...)
6 6 23.218.208.246 16625 (AKAMAI-AS)
2 3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 194.176.118.216 49352 (LOGOL-AS)
1 82.202.224.34 49505 (SELECTEL)
1 1 34.246.227.69 16509 (AMAZON-02)
2 3 2a05:d01c:1d8... 16509 (AMAZON-02)
2 2 79.137.69.120 16276 (OVH)
2 2404:6800:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 35.244.174.68 15169 (GOOGLE)
244 62
12    84.201.139.218 (Russian Federation)

ASN200350 (YANDEXCLOUD, RU)
biography.t30p.ru
compromat.t30p.ru
15    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
11    84.201.143.211 (Russian Federation)

ASN200350 (YANDEXCLOUD, RU)
www.t30p.ru
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    95.181.171.231 (Russian Federation)

ASN50214 (QWARTA, RU)
PTR: asrv231.qwarta.ru
cdn-rtb.sape.ru
1    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
6    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
www.googletagservices.com
18    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    212.193.146.233 (Russian Federation)

ASN34879 (CCT-AS NGENIX, RU)
PTR: cdn.ngenix.net
static.life.ru
1    151.101.128.134 (United States)

ASN54113 (FASTLY, US)
disqus.com
9    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
21    46.4.121.26 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz1271109.aucourant.info
www.acint.net
4    157.90.6.171 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz1359720.sapientru.net
ssp-rtb.sape.ru
1    2a02:6ea0:c700::4 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
p1.dircont3.com
3    188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
3    195.201.243.71 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: ingolstadt.aucourant.info
acint.net
2    193.232.148.157 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
px.adhigh.net
1    2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
ad.mail.ru
2    195.209.108.37 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)
ad.adriver.ru
2    81.222.128.215 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad15.adriver.ru
ssp.adriver.ru
1    2606:4700:3039::6815:c023 (United States)

ASN13335 (CLOUDFLARENET, US)
a.utraff.com
2    194.190.117.93 (Russian Federation)

ASN204600 (REPUBLER-AS, RU)
sync.republer.com
4    31.172.81.172 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
2    31.172.81.158 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync3.adsniper.ru
1    37.18.16.16 (Netherlands)

ASN205675 (HYBRID-AS, RU)
dm.hybrid.ai
2    185.15.175.147 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
tag.digitaltarget.ru
1    148.251.9.22 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.22.9.251.148.clients.your-server.de
sync.dmp.otm-r.com
32    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
1    109.248.237.36 (Moscow, Russian Federation)

ASN201009 (SUPPORTIT-AS, RU)
stat.adlabs.ru
1    95.211.66.35 (Wjelsryp, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com
adlmerge.com
1    95.163.37.253 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: relap.io
relap.io
3    188.34.131.130 (Germany)

ASN24940 (HETZNER-AS, DE)
adx.com.ru
3    78.46.100.125 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.125.100.46.78.clients.your-server.de
sync.1dmp.io
3    35.190.16.14 (Kansas City, United States)

ASN15169 (GOOGLE, US)
redirect.frontend.weborama.fr
5    89.108.120.76 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51804.reg.regrucolo.ru
x01.aidata.io
1    80.64.106.149 (Russian Federation)

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
sape-sync.rutarget.ru
1    37.9.245.57 (Russian Federation)

ASN16345 (BEE-AS Russia, RU)
0100007f5bf87b60f40287bb0278c742-sp.ops.beeline.ru
7    89.108.97.2 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d50603.reg.regrucolo.ru
ut.rktch.com
4    217.66.147.169 (St Petersburg, Russian Federation)

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
sm.rtb.mts.ru
2    213.87.44.207 (Moscow, Russian Federation)

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-207-44.mts.ru
tech.rtb.mts.ru
3    2a02:6b8::90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
an.yandex.ru
3    148.251.156.238 (Germany)

ASN24940 (HETZNER-AS, DE)
exchange.buzzoola.com
1    31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
1    217.65.2.150 (Moscow, Russian Federation)

ASN29076 (CITYTELECOM-AS Filanco LTD, RU)
match.new-programmatic.com
1    93.95.102.105 (Podolsk, Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru
fcgi4.gnezdo.ru
1    88.212.201.216 (Russian Federation)

ASN39134 (UNITEDNET, RU)
counter.yadro.ru
2    2606:4700:10::6816:557 (United States)

ASN13335 (CLOUDFLARENET, US)
s3.advarkads.com
1    95.213.133.114 (Russian Federation)

ASN49505 (SELECTEL, RU)
ps.ntvk1.ru
1    176.99.9.147 (Russian Federation)

ASN49352 (LOGOL-AS, RU)
PTR: d42291.acod.regrucolo.ru
co9.rktch.com
2    88.212.233.108 (Russian Federation)

ASN7979 (SERVERS-COM, US)
api.advarkads.com
1    35.244.223.69 (Kansas City, United States)

ASN15169 (GOOGLE, US)
wf.frontend.weborama.fr
1    176.99.5.169 (Russian Federation)

ASN49352 (LOGOL-AS, RU)
PTR: d41257.acod.regrucolo.ru
tg.rktch.com
4    185.15.175.148 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
dmg.digitaltarget.ru
8    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
27    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
5    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    52.57.98.174 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
d.agkn.com
3    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
odr.mookie1.com
5    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
rtb.openx.net
6    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
5    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
6    23.218.208.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
3    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn2.gstatic.com
7    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn1.gstatic.com
1    194.176.118.216 (Russian Federation)

ASN49352 (LOGOL-AS, RU)
ps5.ntvk1.ru
1    82.202.224.34 (Russian Federation)

ASN49505 (SELECTEL, RU)
rtb.beroll.ru
1    34.246.227.69 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pixel.everesttech.net
3    2a05:d01c:1d8:8101:ac20:41f1:bf24:9b3 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
2    79.137.69.120 (France)

ASN16276 (OVH, FR)
PTR: gcm10.host.hit.gemius.pl
googlecm.hit.gemius.pl
2    2404:6800:4007:809::2003 (Australia)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
redirector.gvt1.com
1    2a00:1450:4001:61::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r1---sn-4g5e6nsd.gvt1.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
id.rlcdn.com
Apex Domain
Subdomains		 Transfer
49 doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
180 KB
42 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
363 KB
27 gstatic.com
fonts.gstatic.com
www.gstatic.com
encrypted-tbn3.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
csi.gstatic.com
648 KB
24 acint.net
www.acint.net
acint.net
17 KB
23 t30p.ru
biography.t30p.ru
compromat.t30p.ru
www.t30p.ru
361 KB
9 rktch.com
ut.rktch.com
co9.rktch.com
tg.rktch.com
6 KB
8 googleapis.com
fonts.googleapis.com
5 KB
7 yandex.com
mc.yandex.com
2 KB
7 google.com
adservice.google.com
www.google.com
445 B
6 casalemedia.com
ssum-sec.casalemedia.com
6 KB
6 pubmatic.com
image6.pubmatic.com
4 KB
6 mts.ru
sm.rtb.mts.ru
tech.rtb.mts.ru
4 KB
6 digitaltarget.ru
tag.digitaltarget.ru
dmg.digitaltarget.ru
22 KB
6 googletagservices.com
www.googletagservices.com
207 KB
5 rubiconproject.com
pixel.rubiconproject.com
2 KB
5 openx.net
rtb.openx.net
1 KB
5 quantserve.com
cms.quantserve.com
1 KB
5 aidata.io
x01.aidata.io
2 KB
5 yandex.ru
mc.yandex.ru
an.yandex.ru
70 KB
5 sape.ru
cdn-rtb.sape.ru
ssp-rtb.sape.ru
56 KB
4 advarkads.com
s3.advarkads.com
api.advarkads.com
8 KB
4 weborama.fr
redirect.frontend.weborama.fr
wf.frontend.weborama.fr
1 KB
4 bumlam.com
sync.bumlam.com
2 KB
4 adriver.ru
ad.adriver.ru
ssp.adriver.ru
2 KB
3 innovid.com
ag.innovid.com
1 KB
3 mookie1.com
odr.mookie1.com
536 B
3 buzzoola.com
exchange.buzzoola.com
726 B
3 1dmp.io
sync.1dmp.io
2 KB
3 com.ru
adx.com.ru
2 KB
3 betweendigital.com
ads.betweendigital.com
1014 B
3 google.de
adservice.google.de
409 B
2 rlcdn.com
id.rlcdn.com
885 B
2 gvt1.com
redirector.gvt1.com
r1---sn-4g5e6nsd.gvt1.com
850 KB
2 gemius.pl
googlecm.hit.gemius.pl
607 B
2 ntvk1.ru
ps.ntvk1.ru
ps5.ntvk1.ru
5 KB
2 adsniper.ru
sync3.adsniper.ru
1 KB
2 republer.com
sync.republer.com
950 B
2 adhigh.net
px.adhigh.net
827 B
1 everesttech.net
pixel.everesttech.net
375 B
1 beroll.ru
rtb.beroll.ru
86 B
1 agkn.com
d.agkn.com
759 B
1 yadro.ru
counter.yadro.ru
287 B
1 gnezdo.ru
fcgi4.gnezdo.ru
173 B
1 new-programmatic.com
match.new-programmatic.com
215 B
1 uuidksinc.net
s.uuidksinc.net
325 B
1 beeline.ru
0100007f5bf87b60f40287bb0278c742-sp.ops.beeline.ru
627 B
1 rutarget.ru
sape-sync.rutarget.ru
416 B
1 relap.io
relap.io
1 KB
1 adlmerge.com
adlmerge.com
115 B
1 adlabs.ru
stat.adlabs.ru
109 B
1 otm-r.com
sync.dmp.otm-r.com
69 B
1 hybrid.ai
dm.hybrid.ai
238 B
1 utraff.com
a.utraff.com
760 B
1 mail.ru
ad.mail.ru
635 B
1 dircont3.com
p1.dircont3.com
9 KB
1 disqus.com
disqus.com
2 KB
1 life.ru
static.life.ru
13 MB
1 googleadservices.com
partner.googleadservices.com
259 B
244 58
Domain Requested by
32 cm.g.doubleclick.net 1 redirects googleads.g.doubleclick.net
compromat.t30p.ru
27 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
21 www.acint.net 1 redirects cdn-rtb.sape.ru
compromat.t30p.ru
www.acint.net
17 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
15 pagead2.googlesyndication.com compromat.t30p.ru
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
11 www.t30p.ru compromat.t30p.ru
11 compromat.t30p.ru compromat.t30p.ru
8 fonts.googleapis.com googleads.g.doubleclick.net
7 encrypted-tbn0.gstatic.com googleads.g.doubleclick.net
7 ut.rktch.com 4 redirects www.acint.net
compromat.t30p.ru
7 mc.yandex.com 2 redirects compromat.t30p.ru
mc.yandex.ru
6 ssum-sec.casalemedia.com 6 redirects
6 image6.pubmatic.com 6 redirects
6 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
5 pixel.rubiconproject.com 5 redirects
5 rtb.openx.net 5 redirects
5 cms.quantserve.com googleads.g.doubleclick.net
5 www.gstatic.com googleads.g.doubleclick.net
5 fonts.gstatic.com fonts.googleapis.com
5 x01.aidata.io 3 redirects www.acint.net
4 encrypted-tbn3.gstatic.com googleads.g.doubleclick.net
4 www.google.com 2 redirects googleads.g.doubleclick.net
4 dmg.digitaltarget.ru 2 redirects www.acint.net
4 sm.rtb.mts.ru 4 redirects
4 sync.bumlam.com 2 redirects www.acint.net
4 ssp-rtb.sape.ru 1 redirects cdn-rtb.sape.ru
3 ag.innovid.com 2 redirects googleads.g.doubleclick.net
3 odr.mookie1.com googleads.g.doubleclick.net
3 exchange.buzzoola.com 2 redirects compromat.t30p.ru
3 an.yandex.ru 1 redirects www.acint.net
compromat.t30p.ru
3 redirect.frontend.weborama.fr 3 redirects
3 sync.1dmp.io 2 redirects www.acint.net
3 adx.com.ru 3 redirects
3 acint.net www.acint.net
3 ads.betweendigital.com 2 redirects www.acint.net
3 adservice.google.com pagead2.googlesyndication.com
3 adservice.google.de pagead2.googlesyndication.com
2 id.rlcdn.com 2 redirects
2 csi.gstatic.com www.gstatic.com
2 googlecm.hit.gemius.pl 2 redirects
2 encrypted-tbn1.gstatic.com googleads.g.doubleclick.net
2 encrypted-tbn2.gstatic.com googleads.g.doubleclick.net
2 api.advarkads.com 1 redirects compromat.t30p.ru
2 s3.advarkads.com www.acint.net
s3.advarkads.com
2 tech.rtb.mts.ru 2 redirects
2 tag.digitaltarget.ru www.acint.net
tag.digitaltarget.ru
2 sync3.adsniper.ru 2 redirects
2 sync.republer.com 2 redirects
2 ssp.adriver.ru www.acint.net
2 ad.adriver.ru 2 redirects
2 px.adhigh.net 2 redirects
2 mc.yandex.ru 1 redirects compromat.t30p.ru
1 r1---sn-4g5e6nsd.gvt1.com googleads.g.doubleclick.net
1 redirector.gvt1.com 1 redirects
1 pixel.everesttech.net 1 redirects
1 rtb.beroll.ru compromat.t30p.ru
1 ps5.ntvk1.ru compromat.t30p.ru
1 d.agkn.com 1 redirects
1 tg.rktch.com co9.rktch.com
1 wf.frontend.weborama.fr s3.advarkads.com
1 co9.rktch.com cdn-rtb.sape.ru
1 ps.ntvk1.ru p1.dircont3.com
1 counter.yadro.ru 1 redirects
1 fcgi4.gnezdo.ru www.acint.net
1 match.new-programmatic.com www.acint.net
1 s.uuidksinc.net 1 redirects
1 0100007f5bf87b60f40287bb0278c742-sp.ops.beeline.ru www.acint.net
1 sape-sync.rutarget.ru 1 redirects
1 relap.io www.acint.net
1 adlmerge.com www.acint.net
1 stat.adlabs.ru 1 redirects
1 sync.dmp.otm-r.com www.acint.net
1 dm.hybrid.ai www.acint.net
1 a.utraff.com www.acint.net
1 ad.mail.ru www.acint.net
1 p1.dircont3.com cdn-rtb.sape.ru
1 disqus.com compromat.t30p.ru
1 static.life.ru compromat.t30p.ru
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cdn-rtb.sape.ru compromat.t30p.ru
1 biography.t30p.ru 1 redirects
244 81

This site contains links to these domains. Also see Links.

Domain
www.dotnetkicks.com
www.dzone.com
del.icio.us
rtb.sape.ru
Subject Issuer Validity Valid
compromat.t30p.ru
R3		 2021-03-28 -
2021-06-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
www.t30p.ru
R3		 2021-04-10 -
2021-07-09		 3 months crt.sh
*.sape.ru
R3		 2021-04-17 -
2021-07-16		 3 months crt.sh
*.googleadservices.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.life.ru
AlphaSSL CA - SHA256 - G2		 2020-07-30 -
2021-08-14		 a year crt.sh
*.disqus.com
DigiCert SHA2 Secure Server CA		 2020-04-20 -
2022-05-09		 2 years crt.sh
mc.yandex.ru
Yandex CA		 2021-02-27 -
2021-08-09		 5 months crt.sh
*.acint.net
R3		 2021-04-16 -
2021-07-15		 3 months crt.sh
1088415191.rsc.cdn77.org
R3		 2021-03-09 -
2021-06-07		 3 months crt.sh
ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-19 -
2021-12-20		 a year crt.sh
*.mail.ru
GeoTrust ECC CA 2018		 2020-11-13 -
2021-11-17		 a year crt.sh
*.adriver.ru
RapidSSL RSA CA 2018		 2020-04-03 -
2022-04-24		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-19 -
2021-07-19		 a year crt.sh
*.bumlam.com
R3		 2021-04-02 -
2021-07-01		 3 months crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA		 2020-07-07 -
2022-10-05		 2 years crt.sh
tag.digitaltarget.ru
R3		 2021-04-04 -
2021-07-03		 3 months crt.sh
sync.dmp.otm-r.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-07 -
2021-08-07		 a year crt.sh
adlmerge.com
R3		 2021-01-20 -
2021-04-20		 3 months crt.sh
relap.io
GeoTrust RSA CA 2018		 2020-10-01 -
2021-10-06		 a year crt.sh
my.aidata.me
Sectigo RSA Domain Validation Secure Server CA		 2020-02-25 -
2022-02-25		 2 years crt.sh
sync.1dmp.io
R3		 2021-03-27 -
2021-06-25		 3 months crt.sh
*.ops.beeline.ru
Sectigo RSA Domain Validation Secure Server CA		 2020-06-23 -
2022-06-24		 2 years crt.sh
ut.rktch.com
R3		 2021-03-06 -
2021-06-04		 3 months crt.sh
bs.yandex.ru
Yandex CA		 2020-12-17 -
2021-06-17		 6 months crt.sh
new-programmatic.com
R3		 2021-02-19 -
2021-05-20		 3 months crt.sh
fcgi4.gnezdo.ru
R3		 2021-02-07 -
2021-05-08		 3 months crt.sh
advarkads.com
Cloudflare Inc ECC CA-3		 2020-07-04 -
2021-07-04		 a year crt.sh
*.ntvk1.ru
Sectigo RSA Domain Validation Secure Server CA		 2020-05-11 -
2021-08-09		 a year crt.sh
co9.rktch.com
R3		 2021-04-08 -
2021-07-07		 3 months crt.sh
*.frontend.weborama.fr
Go Daddy Secure Certificate Authority - G2		 2021-02-20 -
2022-03-24		 a year crt.sh
tg.rktch.com
R3		 2021-03-22 -
2021-06-20		 3 months crt.sh
dmg.digitaltarget.ru
R3		 2021-03-24 -
2021-06-22		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
*.buzzoola.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-30 -
2022-09-28		 2 years crt.sh
*.advarkads.com
GlobalSign GCC R3 DV TLS CA 2020		 2020-12-03 -
2022-01-04		 a year crt.sh
*.beroll.ru
AlphaSSL CA - SHA256 - G2		 2021-02-11 -
2022-03-15		 a year crt.sh
*.innovid.com
RapidSSL RSA CA 2018		 2020-02-07 -
2022-04-07		 2 years crt.sh
*.c.docs.google.com
GTS CA 1O1		 2021-04-06 -
2021-06-15		 2 months crt.sh

This page contains 25 frames:

Primary Page: https://compromat.t30p.ru/
Frame ID: 0BB3CFE592876319C26EA092639C9AE0
Requests: 78 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210414/r20190131/zrt_lookup.html
Frame ID: 1C226973B97F2CF991FFE0BDE0BC675E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&adk=1812271804&adf=3025194257&lmt=1618737243&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcompromat.t30p.ru%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243652&bpp=12&bdt=46&idt=62&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1321637884387&frm=20&pv=2&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=83
Frame ID: 10E41C078D08FAF0BA0CC2DE70EF98EB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4212762552&pi=t.aa~a.758506006~i.1~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0&nras=2&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3009&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=L8JTqIp7uT&p=https%3A//compromat.t30p.ru&dtd=13
Frame ID: E4985F5BC339CF44A2752BF5EB882EC5
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4114440736&pi=t.aa~a.758506006~i.2~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280&nras=3&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=zpcoRVoPDu&p=https%3A//compromat.t30p.ru&dtd=17
Frame ID: 02BEC5878B13A75946AE7D913EEBCD72
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=314&adk=3059992655&adf=813075226&pi=t.aa~a.1953385413~rp.4&w=910&lmt=1618737243&nsk=4329a9a6&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x314&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280&nras=4&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=2011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=ZfFuPwDdKx&p=https%3A//compromat.t30p.ru&dtd=20
Frame ID: FE79C0E9716B36D747D25E213A90ACAA
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=335&adk=3003695246&adf=2471313025&pi=t.aa~a.1953384399~rp.4&w=910&lmt=1618737243&nsk=28d7dc0&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x335&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=4590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=U85wftuzZQ&p=https%3A//compromat.t30p.ru&dtd=22
Frame ID: 4FAAD16680950D6D4CAC77B6A723F2F7
Requests: 12 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=14
Frame ID: A007B4BDECDDC386BD504139AEF5288D
Requests: 31 HTTP requests in this frame

Frame: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F5BF87B60F40287BB0278C742
Frame ID: 61E1238A4C8D8E666EC817DEE50F2A02
Requests: 3 HTTP requests in this frame

Frame: https://co9.rktch.com/static/rb.js
Frame ID: 3676123C3CC54359A425AEC8E8A827DF
Requests: 1 HTTP requests in this frame

Frame: https://tg.rktch.com/v0?i=11695&p=1&vw=728&vh=90&sw=1600&sh=1200&rk=Xn8JOD&url=https%3A%2F%2Fcompromat.t30p.ru%2F&siteid=161271916
Frame ID: E6BB2B0A8CB35D650C87A6B803CE9140
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 49772F79E944276752306066B6557B3D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 596885AFCCEC2628F8D58A8FC0C62432
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 78728152935EAE67B915690286008894
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 07DC19E570FAC6C5A17510BD8DA3D739
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E0B298B78AE57F637D9E1F4BE295363D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
Frame ID: 1B0043C9D5BCA124517EAEFD9D79036E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=250&slotname=5661874658&adk=584091248&adf=4137922100&pi=t.ma~as.5661874658&w=332&fwrn=4&fwrnh=100&lmt=1618737244&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737244860&bpp=8&bdt=1254&idt=8&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314%2C910x335&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1102&ady=4020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&psts=AGkb-H80eFA4BWSaL_zLlcOZJt3JSYiAxNYTB8FDsZenRJpo88lwXHvkYvq1IC6WTrXv7QzjRJS-S_Em%2CAGkb-H_Y8bL9gMv1gReoxOyr4Tj8g_o8Ma4DnEFf_vRg2bGc_D3I10PbugSRqqhx8Oldfys8pSkEd9dULkU%2CAGkb-H9FLYd7HSz-oOWOhDa-KhzaVbtSfmZzUjQZufakGBA6TjknaCxqSWZh0DXOQ967i2lX6gJ5J7IrPEk&pvsid=3766037551808549&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=7HWD7ojd7u&p=https%3A//compromat.t30p.ru&dtd=12
Frame ID: A6261B3C6720DF22E5E807988B1E0CAA
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 51B3F4B2FEE564AC3E38AD986E1FF425
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
Frame ID: 4CDDC901D8846F04E48121F0E01C348F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
Frame ID: 4E246209E685E39CE305561ED734DC28
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
Frame ID: 923A235084DF0D506C65BCB84E940096
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 18321CE62A4D2E8FD665FC8E15BDCF9B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
Frame ID: C6C9298AFC1F1566A202CD2605B51E70
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 8C2EA9B800CD7EC822757FEB21FE456B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://biography.t30p.ru/ HTTP 301
    https://compromat.t30p.ru/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

244
Requests

100 %
HTTPS

34 %
IPv6

58
Domains

81
Subdomains

62
IPs

9
Countries

16468 kB
Transfer

18405 kB
Size

38
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://biography.t30p.ru/ HTTP 301
    https://compromat.t30p.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9247.st3cAxo_7NOwqHroUcpcak3diQjLkTPdxbkDYG1kWgT1D2o1Z1uTfZClMLh0XD0d.YeJKLYwOf-1CgBnAiBwlrhQ-eaU%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9247.Vfb3O-cbSsCEuWCoeEdmTzaurA8T8OFkH61F7vXGNCoLpNGgXKGAaXqI9GEEQIgS1s5ZDe_Yoec_ebRA3RNtNQ%2C%2C.1vYPWAIVLH86K4-pp4hNlLElqUs%2C
Request Chain 58
  • https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F5BF87B60F40287BB0278C742 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F5BF87B60F40287BB0278C742&crf=1
Request Chain 59
  • https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
  • https://acint.net/match?dp=14&euid=0100007F5CF87B6028007D1902CC6D2D
Request Chain 60
  • https://px.adhigh.net/p/cm/sape?u=0100007F5BF87B60F40287BB0278C742 HTTP 302
  • https://px.adhigh.net/p/cm/sape?u=0100007F5BF87B60F40287BB0278C742&bounced=1 HTTP 302
  • https://acint.net/match?dp=17&euid=u0l3fFO2HFAl.AikABlF45EIn9A
Request Chain 62
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-6311598386 HTTP 302
  • https://www.acint.net/rmatch?dp=45&euid=AtOsyCbXV8xMY-f3o3H0WLQ&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F5BF87B60F40287BB0278C742
Request Chain 64
  • https://sync.republer.com/match?dsp=sape HTTP 307
  • https://sync.republer.com/match?dsp=sape&qset=1 HTTP 307
  • https://sync.bumlam.com/?src=rp1&uid=503f1c3a-6f79-408e-9531-2ee6fefb2aa0 HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjc8O-DBlIEioaQK2IkNTAzZjFjM2EtNmY3OS00MDhlLTk1MzEtMmVlNmZlZmIyYWEw HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjc8O-DBlIEioaQK2IkNTAzZjFjM2EtNmY3OS00MDhlLTk1MzEtMmVlNmZlZmIyYWEwogEQa8rCCKAmEeug1wAlkORcOA** HTTP 302
  • https://sync.bumlam.com/?src=rp1&s_data=CAIQABjc8O-DBmIkNTAzZjFjM2EtNmY3OS00MDhlLTk1MzEtMmVlNmZlZmIyYWEwogEQa8rCCKAmEeug1wAlkORcOA** HTTP 302
  • https://sync.bumlam.com/?src=rp1&s_data=CAIQARjc8O-DBmIkNTAzZjFjM2EtNmY3OS00MDhlLTk1MzEtMmVlNmZlZmIyYWEwogEQa8rCCKAmEeug1wAlkORcOA**
Request Chain 68
  • https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf1v4e2D0Aoe7AnjHQg HTTP 302
  • https://www.acint.net/match?dp=77&euid=
Request Chain 69
  • https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F5BF87B60F40287BB0278C742 HTTP 302
  • https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F5BF87B60F40287BB0278C742
Request Chain 72
  • https://adx.com.ru/sape-sync?uid=0100007F5BF87B60F40287BB0278C742 HTTP 302
  • https://adx.com.ru/sync?sspKey=25&sspUserID=0100007F5BF87B60F40287BB0278C742 HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=607bf85ca897d8f20b001d37&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru%252Fweborama-sync%253Furl%253Dhttps%25253A%25252F%25252Fx01.aidata.io%25252F0.gif%25253Fpid%25253DYABBI%252526id%25253D607bf85ca897d8f20b001d37%252526dest%25253D%2526webouid%253D%7BWEBO_CID%7D HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=607bf85ca897d8f20b001d37&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru%252Fweborama-sync%253Furl%253Dhttps%25253A%25252F%25252Fx01.aidata.io%25252F0.gif%25253Fpid%25253DYABBI%252526id%25253D607bf85ca897d8f20b001d37%252526dest%25253D%2526webouid%253D%7BWEBO_CID%7D&cs=1 HTTP 302
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253DYABBI%2526id%253D607bf85ca897d8f20b001d37%2526dest%253D%26webouid%3D{WEBO_CID} HTTP 302
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253DYABBI%2526id%253D607bf85ca897d8f20b001d37%2526dest%253D%26webouid%3D%7BWEBO_CID%7D&bounce=1&random=4256689707 HTTP 302
  • https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3DYABBI%26id%3D607bf85ca897d8f20b001d37%26dest%3D&webouid=uAQjSDKag8LsIKAXttrpTu HTTP 302
  • https://x01.aidata.io/0.gif?pid=YABBI&id=607bf85ca897d8f20b001d37&dest= HTTP 302
  • https://x01.aidata.io/0.gif?pid=YABBI&id=607bf85ca897d8f20b001d37&dest=&bounce=1
Request Chain 74
  • https://sape-sync.rutarget.ru/sync HTTP 302
  • https://www.acint.net/match?dp=104&euid=v2XpzwAgFSXL
Request Chain 75
  • https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
  • https://acint.net/match?dp=107&euid=d9aa594c-1856-526c-82d2-ee81e2a916dd
Request Chain 78
  • https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F5BF87B60F40287BB0278C742 HTTP 301
  • https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D8675d940-c6c3-4b83-89e8-64cefda3e2da&ssp=sape&exu=0100007F5BF87B60F40287BB0278C742 HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=8675d940-c6c3-4b83-89e8-64cefda3e2da&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FhnXZQMbDS4OJ6GTO_aPi2g%3Flocation%3Dhttps%253A%252F%252Fwww.acint.net%252Fmatch%253Fdp%253D125%2526euid%253D8675d940-c6c3-4b83-89e8-64cefda3e2da%26sign%3D1403020836 HTTP 302
  • https://an.yandex.ru/setud/mts_banner/hnXZQMbDS4OJ6GTO_aPi2g?location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D8675d940-c6c3-4b83-89e8-64cefda3e2da&sign=1403020836 HTTP 302
  • https://an.yandex.ru/setud/mts_banner/hnXZQMbDS4OJ6GTO_aPi2g?redir-setuniq=1&location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D8675d940-c6c3-4b83-89e8-64cefda3e2da&sign=1403020836
Request Chain 79
  • https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
  • https://www.acint.net/match?dp=126&euid=448b10cd-fcb2-4cbd-64bc-5be15eabfb0e
Request Chain 80
  • https://s.uuidksinc.net/match/396/0100007F5BF87B60F40287BB0278C742 HTTP 302
  • https://www.acint.net/match?dp=127&euid=APUttBnNZfzVdSieAHbA
Request Chain 83
  • https://x01.aidata.io/0.gif?pid=9401454&id=0100007F5BF87B60F40287BB0278C742 HTTP 302
  • https://x01.aidata.io/0.gif?pid=9401454&id=0100007F5BF87B60F40287BB0278C742&bounce=1 HTTP 302
  • https://counter.yadro.ru/id-redir/aidata.gif?back=STOP HTTP 302
  • https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Request Chain 93
  • https://api.advarkads.com/api/statistic/match?id=8113-1-1&uid=0100007F5BF87B60F40287BB0278C742 HTTP 302
  • https://wf.frontend.weborama.fr/streampixel/?wamid=8179&Wvar=%7B%22userid%22%3A%2286dc7101-bfa6-47a4-b728-c478e2abb39e%22%7D&d.r=345811
Request Chain 95
  • https://mc.yandex.com/watch/41655969?wmode=7&page-url=https%3A%2F%2Fcompromat.t30p.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2qfickvpx9rcbpmn%3Afp%3A571%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A490%3Acn%3A1%3Adp%3A0%3Als%3A299419991645%3Ahid%3A998436773%3Az%3A120%3Ai%3A20210418111404%3Aet%3A1618737244%3Ac%3A1%3Arn%3A387871183%3Au%3A1618737244573416477%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1618737243194%3Ads%3A0%2C0%2C107%2C97%2C231%2C0%2C%2C237%2C6%2C%2C%2C%2C649%3Adsn%3A0%2C0%2C107%2C96%2C231%2C0%2C%2C142%2C7%2C%2C%2C%2C648%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1618737244%3At%3A%D0%9D%D0%B0%D0%B8%D0%B1%D0%BE%D0%BB%D0%B5%D0%B5%20%D0%BF%D0%BE%D0%BB%D0%BD%D1%8B%D0%B5%20%D0%B1%D0%B8%D0%BE%D0%B3%D1%80%D0%B0%D1%84%D0%B8%D0%B8%20%D1%80%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B8%D1%85%20%D0%BA%D0%BE%D1%80%D1%80%D1%83%D0%BF%D1%86%D0%B8%D0%BE%D0%BD%D0%B5%D1%80%D0%BE%D0%B2%20%D0%B8%20%D0%B2%D0%BE%D1%80%D0%BE%D0%B2%20%D0%B2%20%D0%B7%D0%B0%D0%BA%D0%BE%D0%BD%D0%B5 HTTP 302
  • https://mc.yandex.com/watch/41655969/1?wmode=7&page-url=https%3A%2F%2Fcompromat.t30p.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2qfickvpx9rcbpmn%3Afp%3A571%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A490%3Acn%3A1%3Adp%3A0%3Als%3A299419991645%3Ahid%3A998436773%3Az%3A120%3Ai%3A20210418111404%3Aet%3A1618737244%3Ac%3A1%3Arn%3A387871183%3Au%3A1618737244573416477%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1618737243194%3Ads%3A0%2C0%2C107%2C97%2C231%2C0%2C%2C237%2C6%2C%2C%2C%2C649%3Adsn%3A0%2C0%2C107%2C96%2C231%2C0%2C%2C142%2C7%2C%2C%2C%2C648%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1618737244%3At%3A%D0%9D%D0%B0%D0%B8%D0%B1%D0%BE%D0%BB%D0%B5%D0%B5%20%D0%BF%D0%BE%D0%BB%D0%BD%D1%8B%D0%B5%20%D0%B1%D0%B8%D0%BE%D0%B3%D1%80%D0%B0%D1%84%D0%B8%D0%B8%20%D1%80%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B8%D1%85%20%D0%BA%D0%BE%D1%80%D1%80%D1%83%D0%BF%D1%86%D0%B8%D0%BE%D0%BD%D0%B5%D1%80%D0%BE%D0%B2%20%D0%B8%20%D0%B2%D0%BE%D1%80%D0%BE%D0%B2%20%D0%B2%20%D0%B7%D0%B0%D0%BA%D0%BE%D0%BD%D0%B5
Request Chain 100
  • https://dmg.digitaltarget.ru/1/1093/i/i?i=946351511853465.854314697476288&a=77&e=0100007F5BF87B60F40287BB0278C742&pref=https%3A%2F%2Fcompromat.t30p.ru%2F&c=ss:77.up:0100007F5BF87B60F40287BB0278C742.sync:up.xdua:duSyV8znwj2okrpDwQSYXk4c.xps:xpssJKdOU5gFW6DMJ1pxwkH_E.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=946351511853465.854314697476288&a=77&e=0100007F5BF87B60F40287BB0278C742&pref=https%3A%2F%2Fcompromat.t30p.ru%2F&c=ss:77.up:0100007F5BF87B60F40287BB0278C742.sync:up.xdua:duSyV8znwj2okrpDwQSYXk4c.xps:xpssJKdOU5gFW6DMJ1pxwkH_E.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Request Chain 101
  • https://dmg.digitaltarget.ru/1/1093/i/i?i=946351511853465.154461700892584&a=77&e=0100007F5BF87B60F40287BB0278C742&pref=https%3A%2F%2Fcompromat.t30p.ru%2F&c=ss:77.up:0100007F5BF87B60F40287BB0278C742.sync:up.xdua:duSyV8znwj2okrpDwQSYXk4c.xps:xpssJKdOU5gFW6DMJ1pxwkH_E.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=946351511853465.154461700892584&a=77&e=0100007F5BF87B60F40287BB0278C742&pref=https%3A%2F%2Fcompromat.t30p.ru%2F&c=ss:77.up:0100007F5BF87B60F40287BB0278C742.sync:up.xdua:duSyV8znwj2okrpDwQSYXk4c.xps:xpssJKdOU5gFW6DMJ1pxwkH_E.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Request Chain 131
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEFxHsPIOzv0xkkAQMBCvIiI&google_cver=1&google_push=AQvitUIvEV8y4UhkdQWr_xOf4zPZz3wDYR4i2v_6Og5QRQoncS0KQN_NRb44Vn50x_-2zqmqn02tc3eikOCmLvKq_yTlr6PthmH0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitUIvEV8y4UhkdQWr_xOf4zPZz3wDYR4i2v_6Og5QRQoncS0KQN_NRb44Vn50x_-2zqmqn02tc3eikOCmLvKq_yTlr6PthmH0&google_hm=Q0FFU0VGeEhzUElPenYweGtrQVFNQkN2SWlJ
Request Chain 133
  • https://rtb.openx.net/sync/dds?google_gid=CAESEJUwp2yolXuEdeXJOidvw8w&google_cver=1&google_push=AQvitUJpu8DvfjcEmEFY13ccvQ68ZsxojDhvUJm8Tm_2X0HpzS7dYAWqGx8sB92wpcv4Bu2dv8E2ORauFbpEeCbykyEe0w0E8fhB HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESEJUwp2yolXuEdeXJOidvw8w&google_cver=1&google_push=AQvitUJpu8DvfjcEmEFY13ccvQ68ZsxojDhvUJm8Tm_2X0HpzS7dYAWqGx8sB92wpcv4Bu2dv8E2ORauFbpEeCbykyEe0w0E8fhB&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJpu8DvfjcEmEFY13ccvQ68ZsxojDhvUJm8Tm_2X0HpzS7dYAWqGx8sB92wpcv4Bu2dv8E2ORauFbpEeCbykyEe0w0E8fhB&google_hm=RwsIidqJxUgHCC_2gnnvmg==
Request Chain 134
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELehvV6psn8LAgdrvVQEtzg&google_cver=1&google_push=AQvitULTUfSrpkNqSVOCXlcs7K4JySuq4UoIvcZ7qnfDq00P0v5eG8zqsJ3zNDjiPfPl_QF3t68FkS_niQDQGRkzDuXUAV9jdw89 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELehvV6psn8LAgdrvVQEtzg&google_cver=1&google_push=AQvitULTUfSrpkNqSVOCXlcs7K4JySuq4UoIvcZ7qnfDq00P0v5eG8zqsJ3zNDjiPfPl_QF3t68FkS_niQDQGRkzDuXUAV9jdw89&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JFDlrVb-SlWFdkjk88qMxA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULTUfSrpkNqSVOCXlcs7K4JySuq4UoIvcZ7qnfDq00P0v5eG8zqsJ3zNDjiPfPl_QF3t68FkS_niQDQGRkzDuXUAV9jdw89
Request Chain 135
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIuYorASR7-8H9LCOiK_xC4&google_cver=1&google_push=AQvitULDkKtLHlJ2fbDYyDxnfAkG38N4rzPk45ptValDPIKNRNb9gqqd2fQskZwHl-FB9Y7wyGHwQcUB9QtUuD9ktVxoDVHCSoE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05NWUNaUlotUy1JVUdY&google_push=AQvitULDkKtLHlJ2fbDYyDxnfAkG38N4rzPk45ptValDPIKNRNb9gqqd2fQskZwHl-FB9Y7wyGHwQcUB9QtUuD9ktVxoDVHCSoE
Request Chain 136
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEO7GF8J4MO1Id-AOyviaT4M&google_cver=1&google_push=AQvitUIjCv7E7XrVqLF-VlJjNMUHn8V0yWWrBWLZvWYjN3rgXqwnwtwhge7gXldH5IHiadNn_5R3Dn9W3LwbEtLpRqhKzaV4LKc HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEO7GF8J4MO1Id-AOyviaT4M&google_cver=1&google_push=AQvitUIjCv7E7XrVqLF-VlJjNMUHn8V0yWWrBWLZvWYjN3rgXqwnwtwhge7gXldH5IHiadNn_5R3Dn9W3LwbEtLpRqhKzaV4LKc&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHv4XPfpIJI6cQm3QXMrewAABE4AAAAB&google_gid=CAESEO7GF8J4MO1Id-AOyviaT4M&google_push=AQvitUIjCv7E7XrVqLF-VlJjNMUHn8V0yWWrBWLZvWYjN3rgXqwnwtwhge7gXldH5IHiadNn_5R3Dn9W3LwbEtLpRqhKzaV4LKc&google_cver=1
Request Chain 139
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 148
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID} HTTP 302
  • https://ut.rktch.com/matchspm?pi=1000006&pui=uAQjSDKag8LsIKAXttrpTu
Request Chain 150
  • https://ut.rktch.com/matchbt?bi=29 HTTP 302
  • https://sm.rtb.mts.ru/p?ssp=natimatica&id=547f5d04b2cb5456e1bacecdca9b1deccede HTTP 301
  • https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3D8675d940-c6c3-4b83-89e8-64cefda3e2da&ssp=natimatica&exu=547f5d04b2cb5456e1bacecdca9b1deccede HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=8675d940-c6c3-4b83-89e8-64cefda3e2da&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FhnXZQMbDS4OJ6GTO_aPi2g%3Flocation%3Dhttps%253A%252F%252Fut.rktch.com%252Fmatchsbm%253Fbi%253D29%2526bui%253D8675d940-c6c3-4b83-89e8-64cefda3e2da%26sign%3D2368136995 HTTP 302
  • https://an.yandex.ru/setud/mts_banner/hnXZQMbDS4OJ6GTO_aPi2g?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3D8675d940-c6c3-4b83-89e8-64cefda3e2da&sign=2368136995
Request Chain 151
  • https://ut.rktch.com/matchbt?bi=27 HTTP 302
  • https://exchange.buzzoola.com/cookiesync/ssp/natimatica?uid=547f5d04b2cb5456e1bacecdca9b1deccede HTTP 307
  • https://exchange.buzzoola.com/cookiesync/ssp/natimatica?set_buzzoola_cookie=t&uid=547f5d04b2cb5456e1bacecdca9b1deccede
Request Chain 152
  • https://ut.rktch.com/matchbt?bi=50 HTTP 302
  • https://api.advarkads.com/api/statistic/match?id=8067-1-1&uid=547f5d04b2cb5456e1bacecdca9b1deccede
Request Chain 153
  • https://ut.rktch.com/matchbt?bi=39 HTTP 302
  • https://rtb.beroll.ru/uuid?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D39%26bui%3D
Request Chain 184
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUKlSpCmrbmc3FSOW6Ldww3--fdHPLw9xVfAuZAcqD5qIMAtVm2XY9lt6kD8HizcelKxcj_RJGvRfPPjbd5fcqyqrujm28E&google_gid=CAESEK-7LSd0t2Xcwi4bdH5vZwQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUh2NFhBQUFBUW1pZmxoMQ&google_push=AQvitUKlSpCmrbmc3FSOW6Ldww3--fdHPLw9xVfAuZAcqD5qIMAtVm2XY9lt6kD8HizcelKxcj_RJGvRfPPjbd5fcqyqrujm28E
Request Chain 185
  • https://rtb.openx.net/sync/dds?google_gid=CAESEGRwxPYZ8GsXi_DKZ3kr0NY&google_cver=1&google_push=AQvitULwdmijv5G59u-0901R5-lsyH4z3FcneI8LcSOk7Hi70PG6Y6Yi28Whm-mZ7FJmgehPW0-bOIMRkZGOpVz5HLOF5A0t6uYw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULwdmijv5G59u-0901R5-lsyH4z3FcneI8LcSOk7Hi70PG6Y6Yi28Whm-mZ7FJmgehPW0-bOIMRkZGOpVz5HLOF5A0t6uYw&google_hm=RwsIidqJxUgHCC_2gnnvmg==
Request Chain 186
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPljDz0R613-8yJiX2btwn8&google_cver=1&google_push=AQvitUKMuUChpMAFqwNy9QmYZvENKQ6WtVSQdrb0di2hOZTNBftzSm9pGokaMZTpXKCBjA5js5yriHSboB8-SEtHFcWhwalJN4VI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JFDlrVb-SlWFdkjk88qMxA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKMuUChpMAFqwNy9QmYZvENKQ6WtVSQdrb0di2hOZTNBftzSm9pGokaMZTpXKCBjA5js5yriHSboB8-SEtHFcWhwalJN4VI
Request Chain 187
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJwfGu5-LPC2zT8stfJDugo&google_cver=1&google_push=AQvitUIJCyF825cwcRk3WfpLw4eWf6GsGwEqhnEBKe5t90CwZo-bz_TNeFj7broXxPWEjd4hBxPgvSd4rsvqrAjO46Jc5NX7qKsO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05NWUNaWEotMS1MTzVC&google_push=AQvitUIJCyF825cwcRk3WfpLw4eWf6GsGwEqhnEBKe5t90CwZo-bz_TNeFj7broXxPWEjd4hBxPgvSd4rsvqrAjO46Jc5NX7qKsO
Request Chain 188
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGhAXZxfokQxLOTm36lD6Q4&google_cver=1&google_push=AQvitUJDhKrJ3dpYLl35hgRYlj-rvvLfs8F0SC9VL7sUSqx-KOfIBbUet7o14wpC1zHlP7A4UqhifDO1uUrVREZz97bgvjimSzR7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHv4XPfpIJI6cQm3QXMrewAABE4AAAAB&google_cver=1&google_push=AQvitUJDhKrJ3dpYLl35hgRYlj-rvvLfs8F0SC9VL7sUSqx-KOfIBbUet7o14wpC1zHlP7A4UqhifDO1uUrVREZz97bgvjimSzR7&google_gid=CAESEGhAXZxfokQxLOTm36lD6Q4
Request Chain 196
  • https://rtb.openx.net/sync/dds?google_gid=CAESEFWXdB624oNyK0b9sr2sRs8&google_cver=1&google_push=AQvitULAQc-K9D6gO9wPbGYYJW0cD6nykFXFYVRAWmqgniyam9tbv1lh3R7dgdPOHwig9UiueYS9nJ-go1Gl7UacGCLL2cYNCULN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULAQc-K9D6gO9wPbGYYJW0cD6nykFXFYVRAWmqgniyam9tbv1lh3R7dgdPOHwig9UiueYS9nJ-go1Gl7UacGCLL2cYNCULN&google_hm=RwsIidqJxUgHCC_2gnnvmg==
Request Chain 197
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOEqtA527DVIACpb6YOkVIc&google_cver=1&google_push=AQvitULeoc66IU2s88p3Ue69hTP3JPMlEwHvXtM3CoeSDTRl859MBM5vCFh50utwihs4okx9D4cosyB0_GpZzvkrpGG9ZpR8RDNG HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JFDlrVb-SlWFdkjk88qMxA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULeoc66IU2s88p3Ue69hTP3JPMlEwHvXtM3CoeSDTRl859MBM5vCFh50utwihs4okx9D4cosyB0_GpZzvkrpGG9ZpR8RDNG
Request Chain 198
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDa5LflwI3fh0fzPNg938cU&google_cver=1&google_push=AQvitUIVPsptrOJz4xji4Ux7S7B8k3b_KiIi3qIo0fN1Y1SRvKDbwjSDLkhxHi-JHKj_6lS0Vdtp3cG_nmYrx43P3SDGg-SIbqZl HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05NWUNaWVUtMjAtNk9KRw==&google_push=AQvitUIVPsptrOJz4xji4Ux7S7B8k3b_KiIi3qIo0fN1Y1SRvKDbwjSDLkhxHi-JHKj_6lS0Vdtp3cG_nmYrx43P3SDGg-SIbqZl
Request Chain 199
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHDlD97jd3mgPiYRV3gTiKI&google_cver=1&google_push=AQvitUILWTo89wGi_QtsrCdpn3WA2v_SWyWGvIS6nqVxvo1iDck0gQWbIoSaeEo0Ko4ob8NkTHXun6jy7x_4cD20I7u6IG6WEX-Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHv4XPfpIJI6cQm3QXMrewAABE4AAAAB&google_push=AQvitUILWTo89wGi_QtsrCdpn3WA2v_SWyWGvIS6nqVxvo1iDck0gQWbIoSaeEo0Ko4ob8NkTHXun6jy7x_4cD20I7u6IG6WEX-Q&google_gid=CAESEHDlD97jd3mgPiYRV3gTiKI&google_cver=1
Request Chain 200
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEIhTkS8GCHoHEf6ErEYabnM&google_cver=1&google_push=AQvitUKUNsAyV4elV1mv_poaceRh1H-Ydtsfx1k-ji1wFT47IGE1YVquR2ZzNWAQG07iGg13n2i-uTl9ERxl9pIgi8bGdlQSEv4v_A HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUKUNsAyV4elV1mv_poaceRh1H-Ydtsfx1k-ji1wFT47IGE1YVquR2ZzNWAQG07iGg13n2i-uTl9ERxl9pIgi8bGdlQSEv4v_A&google_hm=
Request Chain 202
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 206
  • https://rtb.openx.net/sync/dds?google_gid=CAESENAhOBeptyrxRdcHMe9PuAE&google_cver=1&google_push=AQvitUKo_qqVHnkKs5xAL1wV2XW3ln7boozdMPbNft93AYMD0rJzoRTkBhZg-sF99siKCqY3_SxlSh3zT3umqj7N9j4aQH2i6pk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKo_qqVHnkKs5xAL1wV2XW3ln7boozdMPbNft93AYMD0rJzoRTkBhZg-sF99siKCqY3_SxlSh3zT3umqj7N9j4aQH2i6pk&google_hm=RwsIidqJxUgHCC_2gnnvmg==
Request Chain 207
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMHxbaQElGFvqcmSJWXzZkg&google_cver=1&google_push=AQvitUIFcNpvOWRk26p_3NW4U38Dbn9eQAuOlz0QMdWFI_JtiyaoqmvmsmBlEx6mWKkzbj9C1j9Zb_Vpyy8iB58cTZ-EVtEu2Kc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JFDlrVb-SlWFdkjk88qMxA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIFcNpvOWRk26p_3NW4U38Dbn9eQAuOlz0QMdWFI_JtiyaoqmvmsmBlEx6mWKkzbj9C1j9Zb_Vpyy8iB58cTZ-EVtEu2Kc
Request Chain 208
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEI4gvJfve-MWqkN3V995ROI&google_cver=1&google_push=AQvitUKGqJHoS4rqgWsufEWWK9Bj9c9qUfFu7gyZwHrGtowXyENXDNrHdzsVcwRL4fOhdjHSx1JhUUBcg_ODNdES7wf4EufdONY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05NWUQwNUYtMy1BSlk2&google_push=AQvitUKGqJHoS4rqgWsufEWWK9Bj9c9qUfFu7gyZwHrGtowXyENXDNrHdzsVcwRL4fOhdjHSx1JhUUBcg_ODNdES7wf4EufdONY
Request Chain 209
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGEQR9nYaNugRafOkw1o3WE&google_cver=1&google_push=AQvitUJBqPREe5qbxPzboN47Ks-elB28L5BH9kih6oRUEPmcIl3f39-aCNGB_Ffy6PwupA3zp_s172Blwggy8A7u6f6th2gjwgs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHv4XPfpIJI6cQm3QXMrewAABE4AAAAB&google_cver=1&google_push=AQvitUJBqPREe5qbxPzboN47Ks-elB28L5BH9kih6oRUEPmcIl3f39-aCNGB_Ffy6PwupA3zp_s172Blwggy8A7u6f6th2gjwgs&google_gid=CAESEGEQR9nYaNugRafOkw1o3WE
Request Chain 210
  • https://ag.innovid.com/trk?tid=11711&google_gid=CAESELaIH2U9O_Lm3r3XpxuKrhA&google_cver=1&google_push=AQvitUJSHQ01rkJCXaWCe9z4w5lL_zMCurysJR6Nvz3PF0Mvdu3zVDKIR7xx9Ju1AY_cdqsiME9VUgbkNa6r_rl5DbiotJJVFkc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AQvitUJSHQ01rkJCXaWCe9z4w5lL_zMCurysJR6Nvz3PF0Mvdu3zVDKIR7xx9Ju1AY_cdqsiME9VUgbkNa6r_rl5DbiotJJVFkc&google_hm=aflWwBQJS-KUpCqN4CfEaQ
Request Chain 211
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEF3ll6B833bWLppzmXAdECk&google_cver=1&google_push=AQvitUInLnIhA4NNr7QEc-yaEFPH0S_n-QgsML9_enqwLkPeeM2y73x2onuibrVeKPY-KZv5-dhVC30Sd7_NsR6TPeEa8TdkaTrJ HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUInLnIhA4NNr7QEc-yaEFPH0S_n-QgsML9_enqwLkPeeM2y73x2onuibrVeKPY-KZv5-dhVC30Sd7_NsR6TPeEa8TdkaTrJ&google_hm=
Request Chain 232
  • https://redirector.gvt1.com/videoplayback?id=f88da2793e589ae1&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1618744445&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=522206E270B6F9F92CBE6801AEDA3FBAEFA8E761.2F834F8C68607518C8D0AF24C101A81CB2B6A683&key=ck2 HTTP 302
  • https://r1---sn-4g5e6nsd.gvt1.com/videoplayback?id=f88da2793e589ae1&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1618744445&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=05CB6E7633FEC468F83C0B522288C04C567DDD7B.17EA9FD6A761BBA085D8FFCFBA2440C241677ED1&key=cms1&cms_redirect=yes&mh=VW&mip=2a01:4f8:192:5414::2&mm=28&mn=sn-4g5e6nsd&ms=nvh&mt=1618736631&mv=u&mvi=1&pl=47
Request Chain 237
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUL4MDJ8OsyvSaTyaS_FAwSxzHl61Yo_kBzLne2MDfSsOW6tXnxWBLXQgx9xr3hO0mXse3gYDyG75WAHZvpJf4XIobI1mUiE&google_gid=CAESEK16pb6lx_RSwS6-IkFIuD8&google_cver=1 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCN3w74MGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BUXZpdFVMNE1ESjhPc3l2U2FUeWFTX0ZBd1N4ekhsNjFZb19rQnpMbmUyTURmU3NPVzZ0WG54V0JMWFFneDl4cjNoTzBtWHNlM2dZRHlHNzVXQUhadnBKZjRYSW9iSTFtVWlF HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcweW1CTnczcUhfYUdKekVjRDR5Qi1oWndMdWxYd2VBa01HdXNmdTFCZnhqdw==&google_push
Request Chain 239
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMHxbaQElGFvqcmSJWXzZkg&google_cver=1&google_push=AQvitUI6mgQmHKjwMGlPU_1hO9Q6LtoHj3SbdMx85y6FCsItcpagOfw284ruyg-3lqrWfOR856qu68w-lLThcqvzoQRmYNgxRKo5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JFDlrVb-SlWFdkjk88qMxA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUI6mgQmHKjwMGlPU_1hO9Q6LtoHj3SbdMx85y6FCsItcpagOfw284ruyg-3lqrWfOR856qu68w-lLThcqvzoQRmYNgxRKo5
Request Chain 240
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEI4gvJfve-MWqkN3V995ROI&google_cver=1&google_push=AQvitUIWs7xgTlvVgx3bUjPJe2Z2VK_82K3atSM9Z_Qi1NEPYLcFVErcoBj4TkeXRnycWZ2I3k1DY_GSsRqGDn3M-S7psUXA1o0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05NWUQwRlYtMUUtQjdE&google_push=AQvitUIWs7xgTlvVgx3bUjPJe2Z2VK_82K3atSM9Z_Qi1NEPYLcFVErcoBj4TkeXRnycWZ2I3k1DY_GSsRqGDn3M-S7psUXA1o0
Request Chain 241
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGEQR9nYaNugRafOkw1o3WE&google_cver=1&google_push=AQvitUJ2vAot5C7djZPaqZAVpZhO-6QA3GvRT-v9QbD7tzxb6aUQBr5zeHPQnmZyOGpSp-gbkPIC0oBVdtttLA1qkdj-1JhZ-gFB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHv4XPfpIJI6cQm3QXMrewAABE4AAAAB&google_cver=1&google_push=AQvitUJ2vAot5C7djZPaqZAVpZhO-6QA3GvRT-v9QbD7tzxb6aUQBr5zeHPQnmZyOGpSp-gbkPIC0oBVdtttLA1qkdj-1JhZ-gFB&google_gid=CAESEGEQR9nYaNugRafOkw1o3WE
Request Chain 242
  • https://ag.innovid.com/trk?tid=11711&google_gid=CAESELaIH2U9O_Lm3r3XpxuKrhA&google_cver=1&google_push=AQvitUICQGqwymYyrV-M4VFR8FdP_4MwHagaBBE5pdKnfYA536ah2U1pyO-hnbRyKPlX6t-1hYllMUOTojzbbUa3ad6oQx74rU7t HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AQvitUICQGqwymYyrV-M4VFR8FdP_4MwHagaBBE5pdKnfYA536ah2U1pyO-hnbRyKPlX6t-1hYllMUOTojzbbUa3ad6oQx74rU7t&google_hm=aflWwBQJS-KUpCqN4CfEaQ

244 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
compromat.t30p.ru/
Redirect Chain
  • https://biography.t30p.ru/
  • https://compromat.t30p.ru/
199 KB
68 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.201.139.218 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ce55fa14a1e5796563d9ce954a0971ae72ec86d2e044991aa84212a25f7f2f32

Request headers

:method
GET
:authority
compromat.t30p.ru
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
private, max-age=900
content-type
text/html;charset=utf-8
content-encoding
gzip
expires
Sun, 18 Apr 2021 09:29:03 GMT
etag
vary
Accept-Encoding
server
Microsoft-IIS/10.0
content-style-type
text/css
content-script-type
text/javascript
date
Sun, 18 Apr 2021 09:14:03 GMT
content-length
69398

Redirect headers

cache-control
private
content-type
text/html; charset=utf-8
etag
location
https://compromat.t30p.ru/
server
Microsoft-IIS/10.0
date
Sun, 18 Apr 2021 09:14:03 GMT
content-length
143
css
compromat.t30p.ru/Content/Auto/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://compromat.t30p.ru/Content/Auto/css
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.201.139.218 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
6ce3cf753c5f29aec1c04cd2c948c3222a1f1b0753628215e1b6c409be65ace4

Request headers

:path
/Content/Auto/css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
compromat.t30p.ru
referer
https://compromat.t30p.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:03 GMT
content-encoding
gzip
last-modified
Sat, 17 Apr 2021 06:43:12 GMT
server
Microsoft-IIS/10.0
etag
"-924286390",
vary
Accept-Encoding, User-Agent
content-type
text/css; charset=utf-8
cache-control
public, must-revalidate, max-age=31440548
content-length
1306
expires
Mon, 17 May 2021 06:43:12 GMT
style.min.css
compromat.t30p.ru/Custom/Themes/TitaniumX/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://compromat.t30p.ru/Custom/Themes/TitaniumX/style.min.css
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.201.139.218 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
0c88728e21e2eef44451fa9a777cd094ba424c107acb5225a3e3f907afcf2be6

Request headers

:path
/Custom/Themes/TitaniumX/style.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
compromat.t30p.ru
referer
https://compromat.t30p.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:03 GMT
content-encoding
gzip
last-modified
Mon, 12 Aug 2019 10:41:01 GMT
server
Microsoft-IIS/10.0
etag
"466b596ffa50d51:0",
vary
Accept-Encoding
content-type
text/css
cache-control
public,max-age=31536000
accept-ranges
bytes
content-length
3932
ru.res.axd
compromat.t30p.ru/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://compromat.t30p.ru/ru.res.axd
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.201.139.218 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
48803ecb715231d76a8556bd61d19953b067ed8042380d79aa6882bd355bc069

Request headers

:path
/ru.res.axd
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
compromat.t30p.ru
referer
https://compromat.t30p.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:03 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
etag
"-414673008",
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, must-revalidate, max-age=2592000
content-length
1055
expires
Tue, 18 May 2021 09:14:03 GMT
js
compromat.t30p.ru/Scripts/Auto/ 		116 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://compromat.t30p.ru/Scripts/Auto/js
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.201.139.218 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d5487ba7090c60a9a00626d507574e5bad25b510cec783e44f8de523c3e353d5

Request headers

:path
/Scripts/Auto/js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
compromat.t30p.ru
referer
https://compromat.t30p.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:03 GMT
content-encoding
gzip
last-modified
Sat, 17 Apr 2021 06:43:12 GMT
server
Microsoft-IIS/10.0
etag
"1324852465",
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=utf-8
cache-control
public, must-revalidate, max-age=31440548
content-length
54013
expires
Mon, 17 May 2021 06:43:12 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		134 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dad2ac3f093b8cdcca3bfce4fb4d0d7c2e72bd3247ea05ec5e383559d4c3a77f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48646
x-xss-protection
0
server
cafe
etag
9885252380620520250
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 18 Apr 2021 09:14:03 GMT
rssButton.png
compromat.t30p.ru/pics/ 		552 B
660 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://compromat.t30p.ru/pics/rssButton.png
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.201.139.218 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
98ea718868bb9a520da4777cd8a5ed5c76d123b77aa2e0289ab4bad638439b73

Request headers

:path
/pics/rssButton.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
compromat.t30p.ru
referer
https://compromat.t30p.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:03 GMT
last-modified
Wed, 05 Dec 2018 05:34:43 GMT
server
Microsoft-IIS/10.0
etag
"e3b113a5c8cd41:0",
content-type
image/png
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
552
WebResource.axd
compromat.t30p.ru/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://compromat.t30p.ru/WebResource.axd?d=SfzNfs6T2R3ClRyR9bnOOLOGaUTYi_xULeHNYVdoLftY7WmgOW5vKJXmhe-7S6bWR8OvQX5N-b_Mefs8epEGtwq_TSA1&t=637297685819849385
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.201.139.218 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

:path
/WebResource.axd?d=SfzNfs6T2R3ClRyR9bnOOLOGaUTYi_xULeHNYVdoLftY7WmgOW5vKJXmhe-7S6bWR8OvQX5N-b_Mefs8epEGtwq_TSA1&t=637297685819849385
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
compromat.t30p.ru
referer
https://compromat.t30p.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:03 GMT
last-modified
Wed, 08 Jul 2020 01:29:41 GMT
server
Microsoft-IIS/10.0
etag
content-type
application/x-javascript
cache-control
public
content-length
23063
expires
Fri, 15 Apr 2022 07:16:13 GMT
img.ashx
www.t30p.ru/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.t30p.ru/img.ashx?70372.jpg
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.201.143.211 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d87880fb15aa4c2b3cfa441ba18c25216522a3f29e5208a3d2aa6b05eb0be14d

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:03 GMT
server
Microsoft-IIS/10.0
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=15552000
access-control-allow-headers
Content-Type, Accept, X-Requested-With
content-length
11871
expires
Mon, 18 Oct 2021 09:14:03 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/ 		222 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4719916758394716&plah=compromat.t30p.ru&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11d5cc5bb3db6c56fb91f9068e7f4741f6212c8e2e5546b17039c1c58720fb83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84747
x-xss-protection
0
server
cafe
etag
7950800710615234990
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 18 Apr 2021 09:14:03 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210414/r20190131/ Frame 1C22 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210414/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210414/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://compromat.t30p.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://compromat.t30p.ru/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 17 Apr 2021 14:17:37 GMT
expires
Sat, 01 May 2021 14:17:37 GMT
content-type
text/html; charset=UTF-8
etag
10446291943670460780
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4644
x-xss-protection
0
age
68186
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
img.ashx
www.t30p.ru/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.t30p.ru/img.ashx?70373.jpg
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.201.143.211 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
1b5aaa29981dd00553838adc596ec5719ff636f480894a0604c1fa101f574201

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:03 GMT
server
Microsoft-IIS/10.0
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=15552000
access-control-allow-headers
Content-Type, Accept, X-Requested-With
content-length
27779
expires
Mon, 18 Oct 2021 09:14:03 GMT
img.ashx
www.t30p.ru/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.t30p.ru/img.ashx?70374.jpg
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.201.143.211 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
43df78108997ef68a89a865d15618a5f0d5c493b91983031a1f86cc7b533c008

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:03 GMT
server
Microsoft-IIS/10.0
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=15552000
access-control-allow-headers
Content-Type, Accept, X-Requested-With
content-length
51521
expires
Mon, 18 Oct 2021 09:14:03 GMT
img.ashx
www.t30p.ru/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.t30p.ru/img.ashx?70370.jpg
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.201.143.211 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
31544956c3666ecda832f4aa462ede5a2af0b3d15295933c689f9314e1264232

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:03 GMT
server
Microsoft-IIS/10.0
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=15552000
access-control-allow-headers
Content-Type, Accept, X-Requested-With
content-length
12900
expires
Mon, 18 Oct 2021 09:14:03 GMT
img.ashx
www.t30p.ru/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.t30p.ru/img.ashx?70356.jpg
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.201.143.211 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
61f1a884fb9b9e3bf157498fb4496414eb9f7ba3d315c3d77dd9ddebd9794b4c

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:03 GMT
server
Microsoft-IIS/10.0
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=15552000
access-control-allow-headers
Content-Type, Accept, X-Requested-With
content-length
11921
expires
Mon, 18 Oct 2021 09:14:03 GMT
img.ashx
www.t30p.ru/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.t30p.ru/img.ashx?70355.jpg
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.201.143.211 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e78e618d5aa325568dd820fc1b1a67d65c7e57bbb833c2d15515037d81a597a1

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:03 GMT
server
Microsoft-IIS/10.0
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=15552000
access-control-allow-headers
Content-Type, Accept, X-Requested-With
content-length
12699
expires
Mon, 18 Oct 2021 09:14:03 GMT
img.ashx
www.t30p.ru/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.t30p.ru/img.ashx?70344.jpg
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.201.143.211 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
19ec91b31808f7b154c7b7a6bfd46fa2338dd0c3bfdc8022c7273be7f8902fd0

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:03 GMT
server
Microsoft-IIS/10.0
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=15552000
access-control-allow-headers
Content-Type, Accept, X-Requested-With
content-length
15883
expires
Mon, 18 Oct 2021 09:14:03 GMT
img.ashx
www.t30p.ru/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.t30p.ru/img.ashx?70351.jpg
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.201.143.211 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a2ca2af56b18c3fff5780274e6b3a8aa6c8c95880590d897b25be29083afabfc

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:03 GMT
server
Microsoft-IIS/10.0
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=15552000
access-control-allow-headers
Content-Type, Accept, X-Requested-With
content-length
23953
expires
Mon, 18 Oct 2021 09:14:03 GMT
img.ashx
www.t30p.ru/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.t30p.ru/img.ashx?70343.jpg
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.201.143.211 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
13b0e6d8616b7ce77d987b60af990b13d8a2cb70911935bc00ef3424c73c24e0

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:03 GMT
server
Microsoft-IIS/10.0
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=15552000
access-control-allow-headers
Content-Type, Accept, X-Requested-With
content-length
16007
expires
Mon, 18 Oct 2021 09:14:03 GMT
img.ashx
www.t30p.ru/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.t30p.ru/img.ashx?70340.jpg
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.201.143.211 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
621beaac25134f60943a7f0dbbe4c52c9d2a230ef0fe4d940ce36d65a0c3f68a

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:03 GMT
server
Microsoft-IIS/10.0
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=15552000
access-control-allow-headers
Content-Type, Accept, X-Requested-With
content-length
14330
expires
Mon, 18 Oct 2021 09:14:03 GMT
img.ashx
www.t30p.ru/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.t30p.ru/img.ashx?70341.jpg
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.201.143.211 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5d78ef4fc92df1a2d5948279cd24cba7b27c9a4dfae53283977d3b7ec99ad138

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:03 GMT
server
Microsoft-IIS/10.0
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=15552000
access-control-allow-headers
Content-Type, Accept, X-Requested-With
content-length
14506
expires
Mon, 18 Oct 2021 09:14:03 GMT
92351.js
cdn-rtb.sape.ru/rtb-b/js/351/2/ 		159 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-rtb.sape.ru/rtb-b/js/351/2/92351.js
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.181.171.231 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
asrv231.qwarta.ru
Software
openresty /
Resource Hash
9a1b4f5a95e9309e3eaa55b31ae613c7f41bd5e055f93685661eabc5891d5438
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection 1; mode=block

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:03 GMT
content-encoding
gzip
last-modified
Sun, 18 Apr 2021 07:33:31 GMT
server
openresty
x-amz-request-id
1676E375FD5321EB
etag
W/"203c63ec8d7e23ee5459500523ec0363"
x-cache-status
HIT
vary
Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=3600
content-security-policy
block-all-mixed-content
x-xss-protection
1; mode=block
expires
Sun, 18 Apr 2021 10:14:03 GMT
cookie.js
partner.googleadservices.com/gampad/ 		197 B
259 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=compromat.t30p.ru&callback=_gfp_s_&client=ca-pub-4719916758394716
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4719916758394716&plah=compromat.t30p.ru&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
b9302a66d23c0da4032b8ffebf301e70aad182c08161cdfdb3906233e91535de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
191
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=compromat.t30p.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4719916758394716&plah=compromat.t30p.ru&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Apr 2021 09:14:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=compromat.t30p.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4719916758394716&plah=compromat.t30p.ru&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Apr 2021 09:14:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 10E4 		8 KB
830 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&adk=1812271804&adf=3025194257&lmt=1618737243&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcompromat.t30p.ru%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243652&bpp=12&bdt=46&idt=62&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1321637884387&frm=20&pv=2&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=83
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4719916758394716&plah=compromat.t30p.ru&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5643cd3e2e4eaf98599c2e72914832a7cd4c0e0c642efabf35ed40ad8e896986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4719916758394716&output=html&adk=1812271804&adf=3025194257&lmt=1618737243&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcompromat.t30p.ru%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243652&bpp=12&bdt=46&idt=62&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1321637884387&frm=20&pv=2&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=83
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://compromat.t30p.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://compromat.t30p.ru/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 18 Apr 2021 09:14:03 GMT
server
cafe
content-length
807
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 18-Apr-2021 09:29:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 18 Apr 2021 09:14:03 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4719916758394716&plah=compromat.t30p.ru&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423639646658"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28266
x-xss-protection
0
expires
Sun, 18 Apr 2021 09:14:03 GMT
contentbg.png
compromat.t30p.ru/Custom/Themes/TitaniumX/img/ 		250 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://compromat.t30p.ru/Custom/Themes/TitaniumX/img/contentbg.png
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/Custom/Themes/TitaniumX/style.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.201.139.218 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
80ac89b9105bf1bcae22cded7d09c3544e59636adc2bc0160cb514fa6f02b132

Request headers

:path
/Custom/Themes/TitaniumX/img/contentbg.png
pragma
no-cache
cookie
__gads=ID=4efe7f166fc528ae-224b2e9593a70051:T=1618737243:RT=1618737243:S=ALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
compromat.t30p.ru
referer
https://compromat.t30p.ru/Custom/Themes/TitaniumX/style.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://compromat.t30p.ru/Custom/Themes/TitaniumX/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:03 GMT
last-modified
Wed, 05 Dec 2018 05:34:01 GMT
server
Microsoft-IIS/10.0
etag
"847ec0205c8cd41:0",
content-type
image/png
cache-control
public,max-age=31536000
accept-ranges
bytes
content-length
250
menubg.png
compromat.t30p.ru/Custom/Themes/TitaniumX/img/ 		165 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://compromat.t30p.ru/Custom/Themes/TitaniumX/img/menubg.png
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/Custom/Themes/TitaniumX/style.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.201.139.218 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a858592b252c2b7b159f1e61175268279c2fbcc3f52bccece775d26fe08d4a8e

Request headers

:path
/Custom/Themes/TitaniumX/img/menubg.png
pragma
no-cache
cookie
__gads=ID=4efe7f166fc528ae-224b2e9593a70051:T=1618737243:RT=1618737243:S=ALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
compromat.t30p.ru
referer
https://compromat.t30p.ru/Custom/Themes/TitaniumX/style.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://compromat.t30p.ru/Custom/Themes/TitaniumX/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:03 GMT
last-modified
Wed, 05 Dec 2018 05:34:01 GMT
server
Microsoft-IIS/10.0
etag
"f5aab3205c8cd41:0",
content-type
image/png
cache-control
public,max-age=31536000
accept-ranges
bytes
content-length
165
apml.png
compromat.t30p.ru/pics/ 		667 B
747 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://compromat.t30p.ru/pics/apml.png
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/Custom/Themes/TitaniumX/style.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.201.139.218 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
1983680021d05ff8389f26b4ea712750e503691814835e11ade55ac9622918bf

Request headers

:path
/pics/apml.png
pragma
no-cache
cookie
__gads=ID=4efe7f166fc528ae-224b2e9593a70051:T=1618737243:RT=1618737243:S=ALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
compromat.t30p.ru
referer
https://compromat.t30p.ru/Custom/Themes/TitaniumX/style.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://compromat.t30p.ru/Custom/Themes/TitaniumX/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:03 GMT
last-modified
Wed, 05 Dec 2018 05:34:42 GMT
server
Microsoft-IIS/10.0
etag
"ddcf2a395c8cd41:0",
content-type
image/png
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
667
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		381 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
1048601752427.334.mp4
static.life.ru/publications/2021/3/13/ 		13 MB
13 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.life.ru/publications/2021/3/13/1048601752427.334.mp4
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.193.146.233 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
cdn.ngenix.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; object-src 'self'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://compromat.t30p.ru/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-hcp-retention
0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline'; object-src 'self'; frame-ancestors 'self';
x-hcp-replicated
false
x-hcp-ingesttime
1618323244
x-hcp-type
object
x-hcp-gid
x-hcp-versioncreatetimemilliseconds
1618323244482
x-hcp-softwareversion
8.3.6.9
x-hcp-domain
x-dns-prefetch-control
off
x-hcp-time
1618323246
date
Sun, 18 Apr 2021 09:14:04 GMT
x-hcp-retentionstring
Deletion Allowed
x-hcp-dpl
1
x-hcp-atime
1618323244
x-hcp-retentionhold
false
x-hcp-servicedbysystem
storage2.cloud.rt.ru
Content-Range
bytes 0-13966017/13966018
x-hcp-versionid
103572687646849
etag
"fc3efa266e896075c2a255c02e0e315d"
x-frame-options
SAMEORIGIN
x-hcp-index
true
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=604800
x-hcp-owner
it@newsmedia.ru_c63c4ec156
x-hcp-changetimestring
2021-04-13T17:14:05+0300
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization
expires
Tue, 20 Apr 2021 14:14:06 GMT
x-hcp-shred
false
x-content-type-options
nosniff
x-requestid
828DCAAC164BAC87
x-hcp-ingestprotocol
S3
x-hcp-size
13966018
x-hcp-replicationcollision
false
x-hcp-custom-metadata
false
x-hcp-hash
SHA-256 68BA9E65D4553F89451BDC09BE451B85B479F89F3CF35A9C07D19A03F18368E2
x-hcp-custommetadataannotations
access-control-allow-methods
GET, POST, OPTIONS, PUT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Content-Length
13966018
x-hcp-retentionclass
server
nginx
x-hcp-changetimemilliseconds
1618323245353.00
x-ngenix-cache
HIT
last-modified
Tue, 13 Apr 2021 14:14:05 GMT
x-hcp-acl
false
x-download-options
noopen
strict-transport-security
max-age=31536000; includeSubDomains
x-hcp-mtime
1618323245
x-hcp-uid
x-xss-protection
1; mode=block
truncated
/ 		547 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		178 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		352 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f3592a8b8037ea064764a2815799612063c6722d314d1d66d3a9391c3c16d66

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		243 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
widgetbg.png
compromat.t30p.ru/Custom/Themes/TitaniumX/img/ 		215 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://compromat.t30p.ru/Custom/Themes/TitaniumX/img/widgetbg.png
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/Custom/Themes/TitaniumX/style.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.201.139.218 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
73bd0e97f947d846ac07f67aed5bcb6dff0287eee7b26c7c53aa544524170324

Request headers

:path
/Custom/Themes/TitaniumX/img/widgetbg.png
pragma
no-cache
cookie
__gads=ID=4efe7f166fc528ae-224b2e9593a70051:T=1618737243:RT=1618737243:S=ALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
compromat.t30p.ru
referer
https://compromat.t30p.ru/Custom/Themes/TitaniumX/style.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://compromat.t30p.ru/Custom/Themes/TitaniumX/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:03 GMT
last-modified
Wed, 05 Dec 2018 05:34:01 GMT
server
Microsoft-IIS/10.0
etag
"254bb2205c8cd41:0",
content-type
image/png
cache-control
public,max-age=31536000
accept-ranges
bytes
content-length
215
get_num_replies.js
disqus.com/forums/t30pru/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://disqus.com/forums/t30pru/get_num_replies.js?url17=https%3A%2F%2Fcompromat.t30p.ru%2Fpost.aspx%3Fid%3D888e25a3-436d-4c0a-a394-e67eaf4fe879%23disqus_thread&url32=https%3A%2F%2Fcompromat.t30p.ru%2Fpost.aspx%3Fid%3Df14a4bdb-c909-43a3-96c7-5348f8f573e9%23disqus_thread&url42=https%3A%2F%2Fcompromat.t30p.ru%2Fpost.aspx%3Fid%3Dfb2bf033-1202-4e71-8c2d-d38c6b8ec032%23disqus_thread&url51=https%3A%2F%2Fcompromat.t30p.ru%2Fpost.aspx%3Fid%3Dd36290b2-e9f7-4ca8-8d00-9d6fd3600357%23disqus_thread&url61=https%3A%2F%2Fcompromat.t30p.ru%2Fpost.aspx%3Fid%3D84154678-8c47-4fe3-8ab8-a1ada3d3eae3%23disqus_thread&url71=https%3A%2F%2Fcompromat.t30p.ru%2Fpost.aspx%3Fid%3Dc5a1451d-2534-4e93-b5b3-cbecf53b14ed%23disqus_thread&url84=https%3A%2F%2Fcompromat.t30p.ru%2Fpost.aspx%3Fid%3Da200b2ab-768e-4002-a4a0-68e7455e52b6%23disqus_thread&url95=https%3A%2F%2Fcompromat.t30p.ru%2Fpost.aspx%3Fid%3Dcbd2e68e-3822-4b48-911b-3bd074b5ca80%23disqus_thread&url105=https%3A%2F%2Fcompromat.t30p.ru%2Fpost.aspx%3Fid%3Dfb0a7969-437f-4ace-ae15-52332b76dd6b%23disqus_thread&url116=https%3A%2F%2Fcompromat.t30p.ru%2Fpost.aspx%3Fid%3D3844c4ed-1cea-4e42-b738-6e40eb3a86ff%23disqus_thread&
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fd2f205dc5169cb1850b8fbc43e04d30645e71518b1817b0f6e123cc427feb0c
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 18 Apr 2021 09:14:04 GMT
X-Content-Type-Options
nosniff
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Server
nginx
Age
0
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
Content-Language
en-us
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
Vary
Accept-Language, Cookie
Content-Length
1554
X-XSS-Protection
1; mode=block
tag.js
mc.yandex.ru/metrika/ 		215 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
5acd5b0aefec349b8c705422b293122bb2e0e1bf77777463f565180e77ef2115
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:03 GMT
content-encoding
br
last-modified
Fri, 16 Apr 2021 10:37:30 GMT
etag
"60705d6f-11096"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
69782
expires
Sun, 18 Apr 2021 10:14:03 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=compromat.t30p.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4719916758394716&plah=compromat.t30p.ru&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Apr 2021 09:14:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=compromat.t30p.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4719916758394716&plah=compromat.t30p.ru&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Apr 2021 09:14:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E498 		95 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4212762552&pi=t.aa~a.758506006~i.1~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0&nras=2&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3009&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=L8JTqIp7uT&p=https%3A//compromat.t30p.ru&dtd=13
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4719916758394716&plah=compromat.t30p.ru&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5fc2e797a15cd91f90fffff8592001fb02b449cf9fa77c6304f5565df0e4611d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4212762552&pi=t.aa~a.758506006~i.1~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0&nras=2&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3009&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=L8JTqIp7uT&p=https%3A//compromat.t30p.ru&dtd=13
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://compromat.t30p.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://compromat.t30p.ru/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 18 Apr 2021 09:14:04 GMT
server
cafe
content-length
28164
x-xss-protection
0
set-cookie
IDE=AHWqTUkBmvXGXsUz8sM4ZFK3CaT7lCg3o_tLwqKgvmINjDJlFR8qMGo69b5YlVUhBJU; expires=Fri, 13-May-2022 09:14:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 18 Apr 2021 09:14:04 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 02BE 		116 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4114440736&pi=t.aa~a.758506006~i.2~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280&nras=3&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=zpcoRVoPDu&p=https%3A//compromat.t30p.ru&dtd=17
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4719916758394716&plah=compromat.t30p.ru&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cd0137e482f2ab6d0eb4b41849c70f3da3ace5bc2404a63dd5e6ef8eedfda2e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4114440736&pi=t.aa~a.758506006~i.2~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280&nras=3&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=zpcoRVoPDu&p=https%3A//compromat.t30p.ru&dtd=17
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://compromat.t30p.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://compromat.t30p.ru/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 18 Apr 2021 09:14:04 GMT
server
cafe
content-length
29796
x-xss-protection
0
set-cookie
IDE=AHWqTUkD0keq8Bt-zfXrQFUouDUdpU1BOBG-uDFiMsTHWyRFKK01f0Xw56GqeXiYfDM; expires=Fri, 13-May-2022 09:14:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 18 Apr 2021 09:14:04 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame FE79 		104 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=314&adk=3059992655&adf=813075226&pi=t.aa~a.1953385413~rp.4&w=910&lmt=1618737243&nsk=4329a9a6&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x314&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280&nras=4&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=2011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=ZfFuPwDdKx&p=https%3A//compromat.t30p.ru&dtd=20
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4719916758394716&plah=compromat.t30p.ru&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd8c9ac4309a5e9ac3225b7154adbf9598236f48de317e80670ae4364ad83a06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4719916758394716&output=html&h=314&adk=3059992655&adf=813075226&pi=t.aa~a.1953385413~rp.4&w=910&lmt=1618737243&nsk=4329a9a6&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x314&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280&nras=4&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=2011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=ZfFuPwDdKx&p=https%3A//compromat.t30p.ru&dtd=20
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://compromat.t30p.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://compromat.t30p.ru/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 18 Apr 2021 09:14:04 GMT
server
cafe
content-length
38506
x-xss-protection
0
set-cookie
IDE=AHWqTUl4ecabhAd91lcB3Ea_YKSlqdD2o4MXWaw4-EnqdEQx9heqtT2Gr8qfA-5inxI; expires=Fri, 13-May-2022 09:14:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 18 Apr 2021 09:14:04 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 4FAA 		104 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=335&adk=3003695246&adf=2471313025&pi=t.aa~a.1953384399~rp.4&w=910&lmt=1618737243&nsk=28d7dc0&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x335&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=4590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=U85wftuzZQ&p=https%3A//compromat.t30p.ru&dtd=22
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4719916758394716&plah=compromat.t30p.ru&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d58c9ff4125a23ad0e9ee052b3898a93733b5b16f68fdfc7a85762c17cf1976
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4719916758394716&output=html&h=335&adk=3003695246&adf=2471313025&pi=t.aa~a.1953384399~rp.4&w=910&lmt=1618737243&nsk=28d7dc0&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x335&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=4590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=U85wftuzZQ&p=https%3A//compromat.t30p.ru&dtd=22
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://compromat.t30p.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://compromat.t30p.ru/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 18 Apr 2021 09:14:04 GMT
server
cafe
content-length
38288
x-xss-protection
0
set-cookie
IDE=AHWqTUkMPXAO-glTMLD672DkfENw3kL2J8pHgJ1pU7h1bzfPQf_voF11AHohqp6QXJI; expires=Fri, 13-May-2022 09:14:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 18 Apr 2021 09:14:04 GMT
cache-control
private
aci.js
www.acint.net/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.acint.net/aci.js
Requested by
Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/351/2/92351.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
8efda3f0b5d984306920023fe9e82a919bfac7109db64ed89f752720408c888b

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:03 GMT
content-encoding
gzip
last-modified
Sat, 02 Jan 2021 18:29:12 GMT
server
openresty
etag
"5ff0bb78-1baf"
content-type
application/x-javascript
cache-control
max-age=43200
content-length
7087
expires
Sun, 18 Apr 2021 21:14:03 GMT
/
ssp-rtb.sape.ru/data/ 		30 B
528 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ssp-rtb.sape.ru/data/?callback=sapeRTB_607bf85bf_35368668&srtbid=92351&scids=161271909,163096090&sx=1600&sy=1200&ref=&u=https%3A%2F%2Fcompromat.t30p.ru%2F&allimps=1&fl=0&v=2&tz=%2B02%3A00
Requested by
Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/351/2/92351.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.6.171 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1359720.sapientru.net
Software
openresty /
Resource Hash
3109f8d61393330a7994ce8956fd3c73b5ce0a55ab168ba81603645b48337166

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 18 Apr 2021 09:14:04 GMT
Server
openresty
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
30
Expires
Wed, 19 Apr 2000 11:43:00 GMT
nv.js
p1.dircont3.com/ 		52 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p1.dircont3.com/nv.js
Requested by
Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/351/2/92351.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2adb69b2840b72e62056e266aa191307213e6ecb399d7950f6f5e366681a114f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt
AcO1rzV4/JjvdAIAAA==
date
Sun, 18 Apr 2021 09:14:04 GMT
content-encoding
br
etag
W/"606d5fae-d018"
last-modified
Wed, 07 Apr 2021 07:30:54 GMT
server
CDN77-Turbo
x-77-nzt-ray
Ir3I/RUXADY=
strict-transport-security
max-age=604800
x-77-cache
HIT
content-type
application/javascript
x-cache
HIT
x-age
628
x-77-pop
frankfurtDE
expires
Fri, 30 Apr 2021 09:03:36 GMT
/
ssp-rtb.sape.ru/data/ 		30 B
528 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ssp-rtb.sape.ru/data/?callback=sapeRTB_607bf85bf_48701453&srtbid=95403&scids=93390459&sx=1600&sy=1200&ref=&allimps=0&fl=0&v=2&tz=%2B02%3A00&u=https%3A%2F%2Fcompromat.t30p.ru%2F
Requested by
Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/351/2/92351.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.6.171 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1359720.sapientru.net
Software
openresty /
Resource Hash
c6b4c46c09ed5bc9a455fa76219ed80de2b586f36e42ee69283cc9196e46472c

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 18 Apr 2021 09:14:04 GMT
Server
openresty
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
30
Expires
Wed, 19 Apr 2000 11:43:00 GMT
1
www.acint.net/rtbw/ 		43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A92351%2C%22sc%22%3A0%2C%22pl%22%3A0%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A534%7D&sid=607bf85b-f645-a0ml-lzec-durdux99r8qg&ref=https%3A%2F%2Fcompromat.t30p.ru%2F&r=1618737244
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:03 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
1
www.acint.net/pxl/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/pxl/1?dp=16&id=92351.433679.161271909.0.0.112&sid=607bf85b-f645-a0ml-lzec-durdux99r8qg&ref=https%3A%2F%2Fcompromat.t30p.ru%2F&r=1618737244
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:03 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
1
www.acint.net/rtbw/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A92351%2C%22sc%22%3A0%2C%22pl%22%3A433679%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=607bf85b-f645-a0ml-lzec-durdux99r8qg&ref=https%3A%2F%2Fcompromat.t30p.ru%2F&r=1618737244
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:03 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
1
www.acint.net/pxl/ 		43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/pxl/1?dp=16&id=95403.446640.93390459&sid=607bf85b-f645-a0ml-lzec-durdux99r8qg&r=ajzirs32hptg
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:03 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
/
www.acint.net/mc/ Frame A007 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.acint.net/mc/?dp=14
Requested by
Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
6c96b1966109bc61ac8864944cfa66279d55a6d2b2a244f736f11a120b9fa9f5

Request headers

:method
GET
:authority
www.acint.net
:scheme
https
:path
/mc/?dp=14
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://compromat.t30p.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
aid=fwAAAWB7+Fu7hwL0Qsd4Au3P4KYSJL633nwBaay/rbVYmjz+
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://compromat.t30p.ru/

Response headers

server
openresty
date
Sun, 18 Apr 2021 09:14:03 GMT
content-type
text/html
set-cookie
cSyncDp7v2=1618737243; expires=Tue, 18-May-21 09:14:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp14v3=1618737243; expires=Tue, 18-May-21 09:14:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp17=1618737243; expires=Tue, 18-May-21 09:14:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp32=1618737243; expires=Tue, 18-May-21 09:14:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp45v3=1618737243; expires=Mon, 19-Apr-21 09:14:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp53=1618737243; expires=Tue, 18-May-21 09:14:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp54v2=1618737243; expires=Tue, 18-May-21 09:14:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp62=1618737243; expires=Tue, 18-May-21 09:14:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp67v2=1618737243; expires=Tue, 18-May-21 09:14:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp68=1618737243; expires=Tue, 18-May-21 09:14:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp77=1618737243; expires=Sun, 02-May-21 09:14:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp84=1618737243; expires=Tue, 18-May-21 09:14:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp85=1618737243; expires=Tue, 18-May-21 09:14:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp88=1618737243; expires=Tue, 18-May-21 09:14:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp95v2=1618737243; expires=Tue, 18-May-21 09:14:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp101=1618737243; expires=Tue, 18-May-21 09:14:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp104v2=1618737243; expires=Sun, 02-May-21 09:14:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp107=1618737243; expires=Tue, 18-May-21 09:14:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp111v2=1618737243; expires=Sun, 02-May-21 09:14:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp112v2=1618737243; expires=Tue, 18-May-21 09:14:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp125=1618737243; expires=Tue, 18-May-21 09:14:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp126=1618737243; expires=Tue, 18-May-21 09:14:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp127=1618737243; expires=Tue, 18-May-21 09:14:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp136=1618737243; expires=Tue, 18-May-21 09:14:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp138=1618737243; expires=Tue, 18-May-21 09:14:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp144=1618737243; expires=Tue, 18-May-21 09:14:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp146=1618737243; expires=Tue, 18-May-21 09:14:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp149=1618737243; expires=Tue, 18-May-21 09:14:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding
gzip
/
www.acint.net/hit/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/hit/?v=0.3.0&uid=c62b3035-24b4-4bc1-bf2b-e1b731f7f9ec&dp=14&tz=%2B02%3A00&nc=67854858&u=https%3A%2F%2Fcompromat.t30p.ru%2F&r=&rs=1600x1200&t=%D0%9D%D0%B0%D0%B8%D0%B1%D0%BE%D0%BB%D0%B5%D0%B5%20%D0%BF%D0%BE%D0%BB%D0%BD%D1%8B%D0%B5%20%D0%B1%D0%B8%D0%BE%D0%B3%D1%80%D0%B0%D1%84%D0%B8%D0%B8%20%D1%80%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B8%D1%85%20%D0%BA%D0%BE%D1%80%D1%80%D1%83%D0%BF%D1%86%D0%B8%D0%BE%D0%BD%D0%B5%D1%80%D0%BE%D0%B2%20%D0%B8%20%D0%B2%D0%BE%D1%80%D0%BE%D0%B2%20%D0%B2%20%D0%B7%D0%B0%D0%BA%D0%BE%D0%BD%D0%B5&oE=1&oP=1&dT=2021-04-18T11%3A14%3A03.994&fu=a94cd09e-d550-4e33-9225-d1647d07ef4f
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:03 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9247.st3cAxo_7NOwqHroUcpcak3diQjLkTPdxbkDYG1kWgT1D2o1Z1uTfZClMLh0XD0d.YeJKLYwOf-1CgBnAiBwlrhQ-eaU%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9247.Vfb3O-cbSsCEuWCoeEdmTzaurA8T8OFkH61F7vXGNCoLpNGgXKGAaXqI9GEEQIgS1s5ZDe_Yoec_ebRA3RNtNQ%2C%2C.1vYPWAIVLH86K4-pp4hNlLElqUs%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9247.Vfb3O-cbSsCEuWCoeEdmTzaurA8T8OFkH61F7vXGNCoLpNGgXKGAaXqI9GEEQIgS1s5ZDe_Yoec_ebRA3RNtNQ%2C%2C.1vYPWAIVLH86K4-pp4hNlLElqUs%2C
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:04 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9247.Vfb3O-cbSsCEuWCoeEdmTzaurA8T8OFkH61F7vXGNCoLpNGgXKGAaXqI9GEEQIgS1s5ZDe_Yoec_ebRA3RNtNQ%2C%2C.1vYPWAIVLH86K4-pp4hNlLElqUs%2C
date
Sun, 18 Apr 2021 09:14:04 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:04 GMT
last-modified
Fri, 16 Apr 2021 09:10:40 GMT
etag
"60705d6f-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sun, 18 Apr 2021 10:14:04 GMT
match
ads.betweendigital.com/ Frame A007
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F5BF87B60F40287BB0278C742
  • https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F5BF87B60F40287BB0278C742&crf=1
68 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F5BF87B60F40287BB0278C742&crf=1
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
/match?bidder_id=73&external_user_id=0100007F5BF87B60F40287BB0278C742&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
match
acint.net/ Frame A007
Redirect Chain
  • https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
  • https://acint.net/match?dp=14&euid=0100007F5CF87B6028007D1902CC6D2D
43 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acint.net/match?dp=14&euid=0100007F5CF87B6028007D1902CC6D2D
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ingolstadt.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:04 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date
Sun, 18 Apr 2021 09:14:04 GMT
Server
openresty
P3P
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Location
https://acint.net/match?dp=14&euid=0100007F5CF87B6028007D1902CC6D2D
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
text/html
Content-Length
142
Expires
Wed, 19 Apr 2000 11:43:00 GMT
match
acint.net/ Frame A007
Redirect Chain
  • https://px.adhigh.net/p/cm/sape?u=0100007F5BF87B60F40287BB0278C742
  • https://px.adhigh.net/p/cm/sape?u=0100007F5BF87B60F40287BB0278C742&bounced=1
  • https://acint.net/match?dp=17&euid=u0l3fFO2HFAl.AikABlF45EIn9A
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acint.net/match?dp=17&euid=u0l3fFO2HFAl.AikABlF45EIn9A
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ingolstadt.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:04 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:04 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f18-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://acint.net/match?dp=17&euid=u0l3fFO2HFAl.AikABlF45EIn9A
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
cm.gif
ad.mail.ru/ Frame A007 		43 B
635 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mail.ru/cm.gif?p=48&id=0100007F5BF87B60F40287BB0278C742
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 18 Apr 2021 09:14:04 GMT
Last-Modified
Sun, 18 Apr 2021 09:14:04 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
max-age=21600
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
43
Expires
Sun, 18 Apr 2021 15:14:04 GMT
sync.cgi
ssp.adriver.ru/cgi-bin/ Frame A007
Redirect Chain
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-6311598386
  • https://www.acint.net/rmatch?dp=45&euid=AtOsyCbXV8xMY-f3o3H0WLQ&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F5BF87B60F40287BB0278C742
42 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F5BF87B60F40287BB0278C742
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
ad15.adriver.ru
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 18 Apr 2021 09:14:04 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif

Redirect headers

date
Sun, 18 Apr 2021 09:14:04 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F5BF87B60F40287BB0278C742
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
sync
a.utraff.com/ Frame A007 		0
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.utraff.com/sync?ssp=sape
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c023 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:04 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BLjytjORZ8IImQ85PtdmuQwYM8EqtiwdFheMhRlxDC4qYo6fi2OtowRY%2FggGYYuIhaEk8Bu8dxgNVeeWSGHwmSlXiwvHhGjsOOkE70q6n%2Fpb%2BnBELc2EZsc%3D"}],"max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
cf-ray
641cc7df6ca74ed4-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cf-request-id
0985db3fa200004ed4e3939000000001
/
sync.bumlam.com/ Frame A007
Redirect Chain
  • https://sync.republer.com/match?dsp=sape
  • https://sync.republer.com/match?dsp=sape&qset=1
  • https://sync.bumlam.com/?src=rp1&uid=503f1c3a-6f79-408e-9531-2ee6fefb2aa0
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjc8O-DBlIEioaQK2IkNTAzZjFjM2EtNmY3OS00MDhlLTk1MzEtMmVlNmZlZmIyYWEw
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjc8O-DBlIEioaQK2IkNTAzZjFjM2EtNmY3OS00MDhlLTk1MzEtMmVlNmZlZmIyYWEwogEQa8rCCKAmEeug1wAlkORcOA**
  • https://sync.bumlam.com/?src=rp1&s_data=CAIQABjc8O-DBmIkNTAzZjFjM2EtNmY3OS00MDhlLTk1MzEtMmVlNmZlZmIyYWEwogEQa8rCCKAmEeug1wAlkORcOA**
  • https://sync.bumlam.com/?src=rp1&s_data=CAIQARjc8O-DBmIkNTAzZjFjM2EtNmY3OS00MDhlLTk1MzEtMmVlNmZlZmIyYWEwogEQa8rCCKAmEeug1wAlkORcOA**
43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bumlam.com/?src=rp1&s_data=CAIQARjc8O-DBmIkNTAzZjFjM2EtNmY3OS00MDhlLTk1MzEtMmVlNmZlZmIyYWEwogEQa8rCCKAmEeug1wAlkORcOA**
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
31.172.81.172 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 18 Apr 2021 09:14:04 GMT
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date
Sun, 18 Apr 2021 09:14:04 GMT
Server
nginx
ETag
6bcac208-a026-11eb-a0d7-002590e45c38
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
//sync.bumlam.com/?src=rp1&s_data=CAIQARjc8O-DBmIkNTAzZjFjM2EtNmY3OS00MDhlLTk1MzEtMmVlNmZlZmIyYWEwogEQa8rCCKAmEeug1wAlkORcOA**
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
match
dm.hybrid.ai/ Frame A007 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=106&vid=0100007F5BF87B60F40287BB0278C742
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.16 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:04 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
120
x-xss-protection
1; mode=block
expires
-1
adcm.js
tag.digitaltarget.ru/ Frame A007 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.digitaltarget.ru/adcm.js
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.147 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
7c078e5032ba5da0fdf4e333ac30ad283aaa9de5d935e716c6fd7e1b5d4e9d2e

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 18 Apr 2021 09:14:04 GMT
Last-Modified
Thu, 28 Jan 2021 10:50:38 GMT
Server
nginx
ETag
"601296fe-c11"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3089
sape
sync.dmp.otm-r.com/match/ Frame A007 		0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/sape?id=0100007F5BF87B60F40287BB0278C742
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.9.22 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.22.9.251.148.clients.your-server.de
Software
nginx/1.17.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 18 Apr 2021 09:14:04 GMT
server
nginx/1.17.2
match
www.acint.net/ Frame A007
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf1v4e2D0Aoe7AnjHQg
  • https://www.acint.net/match?dp=77&euid=
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/match?dp=77&euid=
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:04 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://www.acint.net/match?dp=77&euid=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
240
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
adlmerge.com/merge_gpsid/ Frame A007
Redirect Chain
  • https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F5BF87B60F40287BB0278C742
  • https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F5BF87B60F40287BB0278C742
43 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F5BF87B60F40287BB0278C742
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.211.66.35 Wjelsryp, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.16.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

iseu
eu
server
nginx/1.16.0
date
Sun, 18 Apr 2021 09:14:04 GMT
content-type
image/gif

Redirect headers

location
//adlmerge.com/merge_gpsid/?sid=50&id=0100007F5BF87B60F40287BB0278C742
date
Sun, 18 Apr 2021 09:13:14 GMT
server
nginx
content-length
0
sync.cgi
ssp.adriver.ru/cgi-bin/ Frame A007 		42 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F5BF87B60F40287BB0278C742
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
ad15.adriver.ru
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 18 Apr 2021 09:14:04 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
sprcs
relap.io/partners/ Frame A007 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://relap.io/partners/sprcs?uid=0100007F5BF87B60F40287BB0278C742
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 18 Apr 2021 09:14:04 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=5184000; includeSubdomains;
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
0.gif
x01.aidata.io/ Frame A007
Redirect Chain
  • https://adx.com.ru/sape-sync?uid=0100007F5BF87B60F40287BB0278C742
  • https://adx.com.ru/sync?sspKey=25&sspUserID=0100007F5BF87B60F40287BB0278C742
  • https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=607bf85ca897d8f20b001d37&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru...
  • https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=607bf85ca897d8f20b001d37&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru...
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253DYABBI%2526id%253D607bf85ca897d8f20b001d37%2526d...
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253DYABBI%2526id%253D607bf85ca897d8f20b001d37%2526d...
  • https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3DYABBI%26id%3D607bf85ca897d8f20b001d37%26dest%3D&webouid=uAQjSDKag8LsIKAXttrpTu
  • https://x01.aidata.io/0.gif?pid=YABBI&id=607bf85ca897d8f20b001d37&dest=
  • https://x01.aidata.io/0.gif?pid=YABBI&id=607bf85ca897d8f20b001d37&dest=&bounce=1
0
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/0.gif?pid=YABBI&id=607bf85ca897d8f20b001d37&dest=&bounce=1
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.108.120.76 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51804.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:04 GMT
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Sun, 18 Apr 2021 09:14:03 GMT
last-modified
Sun, 18 Apr 2021 09:14:03 GMT
server
nginx
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'

Redirect headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:04 GMT
last-modified
Sun, 18 Apr 2021 09:14:03 GMT
server
nginx
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location
https://x01.aidata.io/0.gif?pid=YABBI&id=607bf85ca897d8f20b001d37&dest=&bounce=1
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Sun, 18 Apr 2021 09:14:03 GMT
pixel.gif
sync.1dmp.io/ Frame A007 		35 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F5BF87B60F40287BB0278C742
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.100.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.125.100.46.78.clients.your-server.de
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:04 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-type
image/gif
content-length
35
expires
0
match
www.acint.net/ Frame A007
Redirect Chain
  • https://sape-sync.rutarget.ru/sync
  • https://www.acint.net/match?dp=104&euid=v2XpzwAgFSXL
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/match?dp=104&euid=v2XpzwAgFSXL
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:04 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location
https://www.acint.net/match?dp=104&euid=v2XpzwAgFSXL
Date
Sun, 18 Apr 2021 09:14:04 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
match
acint.net/ Frame A007
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
  • https://acint.net/match?dp=107&euid=d9aa594c-1856-526c-82d2-ee81e2a916dd
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acint.net/match?dp=107&euid=d9aa594c-1856-526c-82d2-ee81e2a916dd
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ingolstadt.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:04 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location
https://acint.net/match?dp=107&euid=d9aa594c-1856-526c-82d2-ee81e2a916dd
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
p
0100007f5bf87b60f40287bb0278c742-sp.ops.beeline.ru/ Frame A007 		35 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://0100007f5bf87b60f40287bb0278c742-sp.ops.beeline.ru/p?ssp=sp&id=0100007F5BF87B60F40287BB0278C742
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.9.245.57 , Russian Federation, ASN16345 (BEE-AS Russia, RU),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:04 GMT
x-route
http://upstream_cookiesync
server
nginx
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true, true
x-host
192.168.152.33
access-control-allow-headers
authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT
matchspm
ut.rktch.com/ Frame A007 		0
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ut.rktch.com/matchspm?pi=1000005&pui=0100007F5BF87B60F40287BB0278C742
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d50603.reg.regrucolo.ru
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 18 Apr 2021 09:14:04 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, Accept, Authorization
Access-Control-Allow-Methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
hnXZQMbDS4OJ6GTO_aPi2g
an.yandex.ru/setud/mts_banner/ Frame A007
Redirect Chain
  • https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F5BF87B60F40287BB0278C742
  • https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D8675d940-c6c3-4b83-89e8-64cefda3e2da&ssp=sape&exu=0100007F5BF87B60F40287BB0278C742
  • https://tech.rtb.mts.ru/?dsp_uid=8675d940-c6c3-4b83-89e8-64cefda3e2da&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FhnXZQMbDS4OJ6GTO_aPi2g%3Flocation%3Dhttps%253A%252F%252Fwww.acint....
  • https://an.yandex.ru/setud/mts_banner/hnXZQMbDS4OJ6GTO_aPi2g?location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D8675d940-c6c3-4b83-89e8-64cefda3e2da&sign=1403020836
  • https://an.yandex.ru/setud/mts_banner/hnXZQMbDS4OJ6GTO_aPi2g?redir-setuniq=1&location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D8675d940-c6c3-4b83-89e8-64cefda3e2da&sign=1403020836
43 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/setud/mts_banner/hnXZQMbDS4OJ6GTO_aPi2g?redir-setuniq=1&location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D8675d940-c6c3-4b83-89e8-64cefda3e2da&sign=1403020836
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:04 GMT
content-encoding
gzip
last-modified
Sun, 18 Apr 2021 09:14:04 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=windows-1251
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 18 Apr 2021 09:14:04 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:04 GMT
content-encoding
gzip
last-modified
Sun, 18 Apr 2021 09:14:04 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://an.yandex.ru/setud/mts_banner/hnXZQMbDS4OJ6GTO_aPi2g?redir-setuniq=1&location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D8675d940-c6c3-4b83-89e8-64cefda3e2da&sign=1403020836
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 18 Apr 2021 09:14:04 GMT
match
www.acint.net/ Frame A007
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
  • https://www.acint.net/match?dp=126&euid=448b10cd-fcb2-4cbd-64bc-5be15eabfb0e
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/match?dp=126&euid=448b10cd-fcb2-4cbd-64bc-5be15eabfb0e
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:04 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location
https://www.acint.net/match?dp=126&euid=448b10cd-fcb2-4cbd-64bc-5be15eabfb0e
date
Sun, 18 Apr 2021 09:14:04 GMT
server
nginx
content-length
115
serverid
TODO
content-type
text/html; charset=utf-8
match
www.acint.net/ Frame A007
Redirect Chain
  • https://s.uuidksinc.net/match/396/0100007F5BF87B60F40287BB0278C742
  • https://www.acint.net/match?dp=127&euid=APUttBnNZfzVdSieAHbA
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/match?dp=127&euid=APUttBnNZfzVdSieAHbA
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:04 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date
Sun, 18 Apr 2021 09:14:04 GMT
server
nginx/1.19.0
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
location
https://www.acint.net/match?dp=127&euid=APUttBnNZfzVdSieAHbA
access-control-allow-headers
Content-Type
content-length
0
userbind
match.new-programmatic.com/ Frame A007 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.new-programmatic.com/userbind?src=sape&id=0100007F5BF87B60F40287BB0278C742
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.65.2.150 Moscow, Russian Federation, ASN29076 (CITYTELECOM-AS Filanco LTD, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 18 Apr 2021 09:11:42 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
Vary
Origin
0100007F5BF87B60F40287BB0278C742
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/ Frame A007 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F5BF87B60F40287BB0278C742
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.102.105 Podolsk, Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:04 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
0.gif
x01.aidata.io/ Frame A007
Redirect Chain
  • https://x01.aidata.io/0.gif?pid=9401454&id=0100007F5BF87B60F40287BB0278C742
  • https://x01.aidata.io/0.gif?pid=9401454&id=0100007F5BF87B60F40287BB0278C742&bounce=1
  • https://counter.yadro.ru/id-redir/aidata.gif?back=STOP
  • https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
0
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.108.120.76 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51804.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:04 GMT
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Sun, 18 Apr 2021 09:14:03 GMT
last-modified
Sun, 18 Apr 2021 09:14:03 GMT
server
nginx
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'

Redirect headers

Location
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Date
Sun, 18 Apr 2021 09:14:04 GMT
Server
nginx/1.17.9
Connection
keep-alive
Content-Length
324
Strict-Transport-Security
max-age=86400
Content-Type
text/html; charset=iso-8859-1
/
sync.bumlam.com/ Frame A007 		0
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bumlam.com/?src=sap1&uid=0100007F5BF87B60F40287BB0278C742
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
31.172.81.172 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 18 Apr 2021 09:14:04 GMT
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server
nginx
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
frame.html
s3.advarkads.com/modules/match/ Frame 61E1 		187 B
548 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F5BF87B60F40287BB0278C742
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:557 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106

Request headers

:method
GET
:authority
s3.advarkads.com
:scheme
https
:path
/modules/match/frame.html?id=8113-1-1&uid=0100007F5BF87B60F40287BB0278C742
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.acint.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.acint.net/

Response headers

date
Sun, 18 Apr 2021 09:14:04 GMT
content-type
text/html
set-cookie
__cfduid=df7e776b8d95334487c7288a32493d74f1618737244; expires=Tue, 18-May-21 09:14:04 GMT; path=/; domain=.advarkads.com; HttpOnly; SameSite=Lax
cache-control
max-age=60
last-modified
Sat, 25 Apr 2020 07:44:34 GMT
vary
Accept-Encoding
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-request-id
0985db3fa500002c0d092f0000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
641cc7df686b2c0d-FRA
content-encoding
gzip
/
ps.ntvk1.ru/nv/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ps.ntvk1.ru/nv/?top_href=https%3A%2F%2Fcompromat.t30p.ru%2F
Requested by
Host: p1.dircont3.com
URL: https://p1.dircont3.com/nv.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.213.133.114 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.15.7 /
Resource Hash
15e951e034c114ccbfbdb5cacb96e35345ffb6a028dffded15ebf52066eb9c11
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 18 Apr 2021 09:14:04 GMT
Access-Control-Request-Method
POST
Server
nginx/1.15.7
Accept-Language
en-US,en;q=0.8
Strict-Transport-Security
max-age=604800
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://compromat.t30p.ru
Accept
*/*
Connection
keep-alive
Access-Control-Allow-Credentials
true
X-Nativka-Host
ps2.ntvk1.ru
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Key, Cookie, Referer, User-Agent, Host, Connection
Content-Length
3782
Access-Control-Request-Headers
origin, content-type
3
www.acint.net/pxl/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/pxl/3?dp=16&id=95403.446640.93390459&sid=607bf85b-f645-a0ml-lzec-durdux99r8qg&r=e3xk5t9d1dk3
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:04 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
frame.js
s3.advarkads.com/modules/match/ Frame 61E1 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.advarkads.com/modules/match/frame.js
Requested by
Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F5BF87B60F40287BB0278C742
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:557 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6221d34812fb4cfaf4ee4bc702fc28fca9f4a5a5e2653f0f25ae5ce8badd0daa

Request headers

Referer
https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F5BF87B60F40287BB0278C742
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:04 GMT
content-encoding
gzip
cf-cache-status
HIT
age
41
content-length
6559
cf-request-id
0985db400000002c0df7033000000001
last-modified
Thu, 11 Mar 2021 08:11:05 GMT
server
cloudflare
etag
"807238154e16d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
cf-ray
641cc7dff96a2c0d-FRA
rb.js
co9.rktch.com/static/ Frame 3676 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://co9.rktch.com/static/rb.js
Requested by
Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/351/2/92351.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
176.99.9.147 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
d42291.acod.regrucolo.ru
Software
nginx/1.18.0 /
Resource Hash
37d9fdcb589bfab4d9557628567c02db962393f3306d31658425f073721b317d

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 18 Apr 2021 09:14:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Aug 2020 09:34:49 GMT
Server
nginx/1.18.0
ETag
W/"5f350939-1945"
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Expose-Headers
Content-Length,Content-Range
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
3
www.acint.net/pxl/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/pxl/3?dp=16&id=92351.433679.161271909.0.0.112&sid=607bf85b-f645-a0ml-lzec-durdux99r8qg&ref=https%3A%2F%2Fcompromat.t30p.ru%2F&r=1618737244
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:04 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
1
www.acint.net/pxl/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/pxl/1?dp=112&id=92351.433679.161271916.0.1.183&sid=607bf85b-f645-a0ml-lzec-durdux99r8qg&ref=https%3A%2F%2Fcompromat.t30p.ru%2F&r=1618737244
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:04 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
3
www.acint.net/pxl/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/pxl/3?dp=16&id=92351.615529.163096090.0.0.0&sid=607bf85b-f645-a0ml-lzec-durdux99r8qg&ref=https%3A%2F%2Fcompromat.t30p.ru%2F&r=1618737244
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:04 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
/
wf.frontend.weborama.fr/streampixel/ Frame 61E1
Redirect Chain
  • https://api.advarkads.com/api/statistic/match?id=8113-1-1&uid=0100007F5BF87B60F40287BB0278C742
  • https://wf.frontend.weborama.fr/streampixel/?wamid=8179&Wvar=%7B%22userid%22%3A%2286dc7101-bfa6-47a4-b728-c478e2abb39e%22%7D&d.r=345811
67 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wf.frontend.weborama.fr/streampixel/?wamid=8179&Wvar=%7B%22userid%22%3A%2286dc7101-bfa6-47a4-b728-c478e2abb39e%22%7D&d.r=345811
Requested by
Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F5BF87B60F40287BB0278C742
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.223.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.12.0 /
Resource Hash
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b

Request headers

Referer
https://s3.advarkads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:04 GMT
via
1.1 google
last-modified
Sun, 18 Apr 2021 09:14:04 GMT
server
nginx/1.12.0
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-type
image/gif
alt-svc
clear
content-length
67
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 18 Apr 2021 09:14:04 GMT
Server
nginx/1.18.0
X-Powered-By
ASP.NET
P3P
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
Location
https://wf.frontend.weborama.fr/streampixel/?wamid=8179&Wvar=%7B%22userid%22%3A%2286dc7101-bfa6-47a4-b728-c478e2abb39e%22%7D&d.r=345811
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
-1
processor.js
tag.digitaltarget.ru/ Frame A007 		15 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.digitaltarget.ru/processor.js?i=384019763152392
Requested by
Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.147 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
5a49726bf861ad2dbeed14284fc73e953d2e0c8760d79741829116fada42ff75

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 18 Apr 2021 09:14:04 GMT
Last-Modified
Thu, 28 Jan 2021 10:50:38 GMT
Server
nginx
ETag
"601296fe-3da0"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15776
1
mc.yandex.com/watch/41655969/
Redirect Chain
  • https://mc.yandex.com/watch/41655969?wmode=7&page-url=https%3A%2F%2Fcompromat.t30p.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2qfickvpx9rcbpmn%3Afp%3A571%3Afu%3A0%3Aen%3Autf-8%3Ala%...
  • https://mc.yandex.com/watch/41655969/1?wmode=7&page-url=https%3A%2F%2Fcompromat.t30p.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2qfickvpx9rcbpmn%3Afp%3A571%3Afu%3A0%3Aen%3Autf-8%3Al...
203 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/41655969/1?wmode=7&page-url=https%3A%2F%2Fcompromat.t30p.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2qfickvpx9rcbpmn%3Afp%3A571%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A490%3Acn%3A1%3Adp%3A0%3Als%3A299419991645%3Ahid%3A998436773%3Az%3A120%3Ai%3A20210418111404%3Aet%3A1618737244%3Ac%3A1%3Arn%3A387871183%3Au%3A1618737244573416477%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1618737243194%3Ads%3A0%2C0%2C107%2C97%2C231%2C0%2C%2C237%2C6%2C%2C%2C%2C649%3Adsn%3A0%2C0%2C107%2C96%2C231%2C0%2C%2C142%2C7%2C%2C%2C%2C648%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1618737244%3At%3A%D0%9D%D0%B0%D0%B8%D0%B1%D0%BE%D0%BB%D0%B5%D0%B5%20%D0%BF%D0%BE%D0%BB%D0%BD%D1%8B%D0%B5%20%D0%B1%D0%B8%D0%BE%D0%B3%D1%80%D0%B0%D1%84%D0%B8%D0%B8%20%D1%80%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B8%D1%85%20%D0%BA%D0%BE%D1%80%D1%80%D1%83%D0%BF%D1%86%D0%B8%D0%BE%D0%BD%D0%B5%D1%80%D0%BE%D0%B2%20%D0%B8%20%D0%B2%D0%BE%D1%80%D0%BE%D0%B2%20%D0%B2%20%D0%B7%D0%B0%D0%BA%D0%BE%D0%BD%D0%B5
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
3a76e006dd5dbdf5acdd3860052e0a404f6dafe7975b915ae7f20d1559a5696a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 18-Apr-2021 09:14:04 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://compromat.t30p.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
203
x-xss-protection
1; mode=block
expires
Sun, 18-Apr-2021 09:14:04 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:04 GMT
last-modified
Sun, 18-Apr-2021 09:14:04 GMT
location
/watch/41655969/1?wmode=7&page-url=https%3A%2F%2Fcompromat.t30p.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2qfickvpx9rcbpmn%3Afp%3A571%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A490%3Acn%3A1%3Adp%3A0%3Als%3A299419991645%3Ahid%3A998436773%3Az%3A120%3Ai%3A20210418111404%3Aet%3A1618737244%3Ac%3A1%3Arn%3A387871183%3Au%3A1618737244573416477%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1618737243194%3Ads%3A0%2C0%2C107%2C97%2C231%2C0%2C%2C237%2C6%2C%2C%2C%2C649%3Adsn%3A0%2C0%2C107%2C96%2C231%2C0%2C%2C142%2C7%2C%2C%2C%2C648%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1618737244%3At%3A%D0%9D%D0%B0%D0%B8%D0%B1%D0%BE%D0%BB%D0%B5%D0%B5%20%D0%BF%D0%BE%D0%BB%D0%BD%D1%8B%D0%B5%20%D0%B1%D0%B8%D0%BE%D0%B3%D1%80%D0%B0%D1%84%D0%B8%D0%B8%20%D1%80%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B8%D1%85%20%D0%BA%D0%BE%D1%80%D1%80%D1%83%D0%BF%D1%86%D0%B8%D0%BE%D0%BD%D0%B5%D1%80%D0%BE%D0%B2%20%D0%B8%20%D0%B2%D0%BE%D1%80%D0%BE%D0%B2%20%D0%B2%20%D0%B7%D0%B0%D0%BA%D0%BE%D0%BD%D0%B5
strict-transport-security
max-age=31536000
access-control-allow-origin
https://compromat.t30p.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 18-Apr-2021 09:14:04 GMT
Cookie set v0
tg.rktch.com/ Frame E6BB 		486 B
1012 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tg.rktch.com/v0?i=11695&p=1&vw=728&vh=90&sw=1600&sh=1200&rk=Xn8JOD&url=https%3A%2F%2Fcompromat.t30p.ru%2F&siteid=161271916
Requested by
Host: co9.rktch.com
URL: https://co9.rktch.com/static/rb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.5.169 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
d41257.acod.regrucolo.ru
Software
nginx/1.14.2 /
Resource Hash
360c098b7edb66544f6d75b48f100d420b20e32d239b746c7001f356e21fe944

Request headers

Host
tg.rktch.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://compromat.t30p.ru/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://compromat.t30p.ru/

Response headers

Server
nginx/1.14.2
Date
Sun, 18 Apr 2021 09:14:04 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
POST
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
86400
Access-Control-Allow-Headers
Content-Type, Authorization, x-ad4-*
Set-Cookie
b_uid=547f5d04b2cb5456e1bacecdca9b1deccede; Max-Age=36000; Expires=Sun, 18 Apr 2021 19:14:04 GMT; Domain=rktch.com; Secure; SameSite=None
/
ssp-rtb.sape.ru/data/ 		30 B
366 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ssp-rtb.sape.ru/data/?callback=sapeRTB_607bf85c6_60028490&srtbid=92351&scids=161271909&sx=1600&sy=1200&ref=&u=https%3A%2F%2Fcompromat.t30p.ru%2F&allimps=0&fl=0&v=2&deal=9&tz=%2B02%3A00
Requested by
Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/351/2/92351.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.6.171 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1359720.sapientru.net
Software
openresty /
Resource Hash
98805fb32a323cb6e090acacb7faa2aebaf34fac3b0aabb0c089e7d2f4734fd8

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 18 Apr 2021 09:14:04 GMT
Server
openresty
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
30
Expires
Wed, 19 Apr 2000 11:43:00 GMT
3
www.acint.net/pxl/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/pxl/3?dp=112&id=92351.433679.161271916.0.1.183&sid=607bf85b-f645-a0ml-lzec-durdux99r8qg&ref=https%3A%2F%2Fcompromat.t30p.ru%2F&r=1618737244
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:04 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
1
www.acint.net/rtbw/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A92351%2C%22sc%22%3A0%2C%22pl%22%3A433679%2C%22ev%22%3A%22cheap%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=607bf85b-f645-a0ml-lzec-durdux99r8qg&ref=https%3A%2F%2Fcompromat.t30p.ru%2F&r=1618737244
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:04 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
i
dmg.digitaltarget.ru/awg/custom/1093/i/ Frame A007
Redirect Chain
  • https://dmg.digitaltarget.ru/1/1093/i/i?i=946351511853465.854314697476288&a=77&e=0100007F5BF87B60F40287BB0278C742&pref=https%3A%2F%2Fcompromat.t30p.ru%2F&c=ss:77.up:0100007F5BF87B60F40287BB0278C742...
  • https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=946351511853465.854314697476288&a=77&e=0100007F5BF87B60F40287BB0278C742&pref=https%3A%2F%2Fcompromat.t30p.ru%2F&c=ss:77.up:0100007...
49 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=946351511853465.854314697476288&a=77&e=0100007F5BF87B60F40287BB0278C742&pref=https%3A%2F%2Fcompromat.t30p.ru%2F&c=ss:77.up:0100007F5BF87B60F40287BB0278C742.sync:up.xdua:duSyV8znwj2okrpDwQSYXk4c.xps:xpssJKdOU5gFW6DMJ1pxwkH_E.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.148 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 18 Apr 2021 09:14:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
269
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
64
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Credentials
true

Redirect headers

Date
Sun, 18 Apr 2021 09:14:04 GMT
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, POST, OPTIONS
Location
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=946351511853465.854314697476288&a=77&e=0100007F5BF87B60F40287BB0278C742&pref=https%3A%2F%2Fcompromat.t30p.ru%2F&c=ss:77.up:0100007F5BF87B60F40287BB0278C742.sync:up.xdua:duSyV8znwj2okrpDwQSYXk4c.xps:xpssJKdOU5gFW6DMJ1pxwkH_E.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
master-only
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
86400
Connection
keep-alive
Request-Time
0
Content-Length
0
X-Content-Type-Options
nosniff
i
dmg.digitaltarget.ru/awg/custom/1093/i/ Frame A007
Redirect Chain
  • https://dmg.digitaltarget.ru/1/1093/i/i?i=946351511853465.154461700892584&a=77&e=0100007F5BF87B60F40287BB0278C742&pref=https%3A%2F%2Fcompromat.t30p.ru%2F&c=ss:77.up:0100007F5BF87B60F40287BB0278C742...
  • https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=946351511853465.154461700892584&a=77&e=0100007F5BF87B60F40287BB0278C742&pref=https%3A%2F%2Fcompromat.t30p.ru%2F&c=ss:77.up:0100007...
49 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=946351511853465.154461700892584&a=77&e=0100007F5BF87B60F40287BB0278C742&pref=https%3A%2F%2Fcompromat.t30p.ru%2F&c=ss:77.up:0100007F5BF87B60F40287BB0278C742.sync:up.xdua:duSyV8znwj2okrpDwQSYXk4c.xps:xpssJKdOU5gFW6DMJ1pxwkH_E.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.148 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 18 Apr 2021 09:14:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
206
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
64
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Credentials
true

Redirect headers

Date
Sun, 18 Apr 2021 09:14:04 GMT
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, POST, OPTIONS
Location
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=946351511853465.154461700892584&a=77&e=0100007F5BF87B60F40287BB0278C742&pref=https%3A%2F%2Fcompromat.t30p.ru%2F&c=ss:77.up:0100007F5BF87B60F40287BB0278C742.sync:up.xdua:duSyV8znwj2okrpDwQSYXk4c.xps:xpssJKdOU5gFW6DMJ1pxwkH_E.dn:acint__net.adcm:hit.tg:adcmjs_noorient
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
master-only
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
86400
Connection
keep-alive
Request-Time
0
Content-Length
0
X-Content-Type-Options
nosniff
css
fonts.googleapis.com/ Frame FE79 		8 KB
809 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=de
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=314&adk=3059992655&adf=813075226&pi=t.aa~a.1953385413~rp.4&w=910&lmt=1618737243&nsk=4329a9a6&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x314&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280&nras=4&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=2011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=ZfFuPwDdKx&p=https%3A//compromat.t30p.ru&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 18 Apr 2021 08:33:42 GMT
server
ESF
date
Sun, 18 Apr 2021 09:14:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 18 Apr 2021 09:14:04 GMT
css
fonts.googleapis.com/ Frame FE79 		8 KB
786 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&text=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=314&adk=3059992655&adf=813075226&pi=t.aa~a.1953385413~rp.4&w=910&lmt=1618737243&nsk=4329a9a6&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x314&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280&nras=4&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=2011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=ZfFuPwDdKx&p=https%3A//compromat.t30p.ru&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 18 Apr 2021 08:31:16 GMT
server
ESF
date
Sun, 18 Apr 2021 09:14:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 18 Apr 2021 09:14:04 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame FE79 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=314&adk=3059992655&adf=813075226&pi=t.aa~a.1953385413~rp.4&w=910&lmt=1618737243&nsk=4329a9a6&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x314&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280&nras=4&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=2011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=ZfFuPwDdKx&p=https%3A//compromat.t30p.ru&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ebabf4af74f07fdafe166786cf5f881d9f18f5222579fa1b22f4ae67b55068c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 08:58:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
925
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12020
x-xss-protection
0
server
cafe
etag
7010355083530940861
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 May 2021 08:58:39 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/ Frame FE79 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=314&adk=3059992655&adf=813075226&pi=t.aa~a.1953385413~rp.4&w=910&lmt=1618737243&nsk=4329a9a6&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x314&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280&nras=4&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=2011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=ZfFuPwDdKx&p=https%3A//compromat.t30p.ru&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:12:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7113
x-xss-protection
0
server
cafe
etag
11066897925667386271
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 May 2021 09:12:32 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame FE79 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=314&adk=3059992655&adf=813075226&pi=t.aa~a.1953385413~rp.4&w=910&lmt=1618737243&nsk=4329a9a6&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x314&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280&nras=4&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=2011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=ZfFuPwDdKx&p=https%3A//compromat.t30p.ru&dtd=20
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
136
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 May 2021 09:11:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FE79 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=314&adk=3059992655&adf=813075226&pi=t.aa~a.1953385413~rp.4&w=910&lmt=1618737243&nsk=4329a9a6&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x314&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280&nras=4&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=2011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=ZfFuPwDdKx&p=https%3A//compromat.t30p.ru&dtd=20
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423651533291"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36717
x-xss-protection
0
expires
Sun, 18 Apr 2021 09:14:04 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame FE79 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=314&adk=3059992655&adf=813075226&pi=t.aa~a.1953385413~rp.4&w=910&lmt=1618737243&nsk=4329a9a6&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x314&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280&nras=4&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=2011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=ZfFuPwDdKx&p=https%3A//compromat.t30p.ru&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:09:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5602
x-xss-protection
0
server
cafe
etag
7525161794280374107
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 May 2021 09:09:20 GMT
l
www.google.com/ads/measurement/ Frame FE79 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTxlJOXLxsUotrdxpE0QAzXkmJ94FC_IFvqumLL73yJEmG_u__1XurpoW2w2NHHxKqHIr95O6aqmfzivKBBs6grtTNQFw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=314&adk=3059992655&adf=813075226&pi=t.aa~a.1953385413~rp.4&w=910&lmt=1618737243&nsk=4329a9a6&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x314&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280&nras=4&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=2011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=ZfFuPwDdKx&p=https%3A//compromat.t30p.ru&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
downsize_200k_v1
tpc.googlesyndication.com/simgad/5976497367284683232/ Frame FE79 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5976497367284683232/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoI3gIQtwEYASABLQAAAD8w3gI4twFFAACAPw&rs=AOga4qkTvipw8qCJFdexKkFDMCT53uQE5w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=314&adk=3059992655&adf=813075226&pi=t.aa~a.1953385413~rp.4&w=910&lmt=1618737243&nsk=4329a9a6&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x314&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280&nras=4&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=2011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=ZfFuPwDdKx&p=https%3A//compromat.t30p.ru&dtd=20
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
38bf9e6239876b69dbdf951c82707993809c797933d03b4743ea7f4cd9ca9bc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:04 GMT
x-content-type-options
nosniff
last-modified
Mon, 29 Mar 2021 20:11:02 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20408
x-xss-protection
0
expires
Mon, 18 Apr 2022 09:14:04 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame FE79 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CYqymW_h7YN2fOoz57gPo9KTYB5nAvaph5bb27pkN5-3K5uohEAEgxJT5BWCViviBlAegAYLakf8DyAEGqQIgAuV8Ixq0PqgDAcgDywSqBNsBT9AWyn_tqvPAxpB8aZDofdbDFraM6-3KArUj6qTFgsdYvhbxnED2JYQwnlOI4Nmu2Xr0rF1K8Dwy6MoitOCIs14z5Hf9FFZAr1uGYB1I7Cze_ISjrgyM3SG6oze8bWHf9dLC7ytq4jHSZwCbcvSjLQDVQeHl8Xquk35J3amTPkTOe8ln1bc5rVVHxAF4W5F_Z8b8V2Li_wXZvhps-LhBEALZY8sYXsPBNrWwq09ueTlFT7KMrAc-cqjMgVgDqVd5MYV7LBiAO85g8b-F2CXVQQy3KLdm-aMbMd8jwATSifOQwAOSBQQIBBgBkgUECAUYBKAGN4AH5qVuqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEK-iJdIICQiA4YAQEAEYH4AKAcgLAdgTDYgUBLIXGgoYCAASFHB1Yi00NzE5OTE2NzU4Mzk0NzE2&sigh=8vZI5KDmTlI&template_id=492
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=314&adk=3059992655&adf=813075226&pi=t.aa~a.1953385413~rp.4&w=910&lmt=1618737243&nsk=4329a9a6&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x314&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280&nras=4&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=2011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=ZfFuPwDdKx&p=https%3A//compromat.t30p.ru&dtd=20
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=314&adk=3059992655&adf=813075226&pi=t.aa~a.1953385413~rp.4&w=910&lmt=1618737243&nsk=4329a9a6&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x314&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280&nras=4&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=2011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=ZfFuPwDdKx&p=https%3A//compromat.t30p.ru&dtd=20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 18 Apr 2021 09:14:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 4977 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=314&adk=3059992655&adf=813075226&pi=t.aa~a.1953385413~rp.4&w=910&lmt=1618737243&nsk=4329a9a6&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x314&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280&nras=4&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=2011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=ZfFuPwDdKx&p=https%3A//compromat.t30p.ru&dtd=20
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=314&adk=3059992655&adf=813075226&pi=t.aa~a.1953385413~rp.4&w=910&lmt=1618737243&nsk=4329a9a6&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x314&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280&nras=4&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=2011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=ZfFuPwDdKx&p=https%3A//compromat.t30p.ru&dtd=20
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkMPXAO-glTMLD672DkfENw3kL2J8pHgJ1pU7h1bzfPQf_voF11AHohqp6QXJI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=314&adk=3059992655&adf=813075226&pi=t.aa~a.1953385413~rp.4&w=910&lmt=1618737243&nsk=4329a9a6&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x314&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280&nras=4&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=2011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=ZfFuPwDdKx&p=https%3A//compromat.t30p.ru&dtd=20

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 18 Apr 2021 08:23:25 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
3039
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5968 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=314&adk=3059992655&adf=813075226&pi=t.aa~a.1953385413~rp.4&w=910&lmt=1618737243&nsk=4329a9a6&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x314&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280&nras=4&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=2011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=ZfFuPwDdKx&p=https%3A//compromat.t30p.ru&dtd=20
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 17 Apr 2021 16:59:40 GMT
expires
Sun, 18 Apr 2021 16:59:40 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
58464
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/ Frame FE79 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 21:18:43 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:34 GMT
server
sffe
age
474921
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9776
x-xss-protection
0
expires
Tue, 12 Apr 2022 21:18:43 GMT
truncated
/ Frame FE79 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e2a2066e85f32296e791b2c464a3309479fb4188cd1256e9a9e4f21436ba9fc

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 4FAA 		8 KB
713 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=de
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=335&adk=3003695246&adf=2471313025&pi=t.aa~a.1953384399~rp.4&w=910&lmt=1618737243&nsk=28d7dc0&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x335&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=4590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=U85wftuzZQ&p=https%3A//compromat.t30p.ru&dtd=22
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 18 Apr 2021 08:15:44 GMT
server
ESF
date
Sun, 18 Apr 2021 09:14:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 18 Apr 2021 09:14:04 GMT
css
fonts.googleapis.com/ Frame 4FAA 		8 KB
713 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&text=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=335&adk=3003695246&adf=2471313025&pi=t.aa~a.1953384399~rp.4&w=910&lmt=1618737243&nsk=28d7dc0&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x335&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=4590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=U85wftuzZQ&p=https%3A//compromat.t30p.ru&dtd=22
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 18 Apr 2021 08:30:34 GMT
server
ESF
date
Sun, 18 Apr 2021 09:14:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 18 Apr 2021 09:14:04 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 4FAA 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=335&adk=3003695246&adf=2471313025&pi=t.aa~a.1953384399~rp.4&w=910&lmt=1618737243&nsk=28d7dc0&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x335&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=4590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=U85wftuzZQ&p=https%3A//compromat.t30p.ru&dtd=22
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ebabf4af74f07fdafe166786cf5f881d9f18f5222579fa1b22f4ae67b55068c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 08:58:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
925
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12020
x-xss-protection
0
server
cafe
etag
7010355083530940861
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 May 2021 08:58:39 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/ Frame 4FAA 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=335&adk=3003695246&adf=2471313025&pi=t.aa~a.1953384399~rp.4&w=910&lmt=1618737243&nsk=28d7dc0&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x335&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=4590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=U85wftuzZQ&p=https%3A//compromat.t30p.ru&dtd=22
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:12:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7113
x-xss-protection
0
server
cafe
etag
11066897925667386271
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 May 2021 09:12:32 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 4FAA 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=335&adk=3003695246&adf=2471313025&pi=t.aa~a.1953384399~rp.4&w=910&lmt=1618737243&nsk=28d7dc0&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x335&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=4590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=U85wftuzZQ&p=https%3A//compromat.t30p.ru&dtd=22
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
136
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 May 2021 09:11:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4FAA 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=335&adk=3003695246&adf=2471313025&pi=t.aa~a.1953384399~rp.4&w=910&lmt=1618737243&nsk=28d7dc0&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x335&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=4590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=U85wftuzZQ&p=https%3A//compromat.t30p.ru&dtd=22
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423651533291"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36717
x-xss-protection
0
expires
Sun, 18 Apr 2021 09:14:04 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 4FAA 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=335&adk=3003695246&adf=2471313025&pi=t.aa~a.1953384399~rp.4&w=910&lmt=1618737243&nsk=28d7dc0&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x335&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=4590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=U85wftuzZQ&p=https%3A//compromat.t30p.ru&dtd=22
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:09:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5602
x-xss-protection
0
server
cafe
etag
7525161794280374107
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 May 2021 09:09:20 GMT
css
fonts.googleapis.com/ Frame E498 		2 KB
531 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4212762552&pi=t.aa~a.758506006~i.1~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0&nras=2&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3009&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=L8JTqIp7uT&p=https%3A//compromat.t30p.ru&dtd=13
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 18 Apr 2021 08:18:36 GMT
server
ESF
date
Sun, 18 Apr 2021 09:14:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 18 Apr 2021 09:14:04 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame E498 		1 KB
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4212762552&pi=t.aa~a.758506006~i.1~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0&nras=2&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3009&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=L8JTqIp7uT&p=https%3A//compromat.t30p.ru&dtd=13
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:09:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 May 2021 09:09:40 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/ Frame E498 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4212762552&pi=t.aa~a.758506006~i.1~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0&nras=2&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3009&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=L8JTqIp7uT&p=https%3A//compromat.t30p.ru&dtd=13
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:12:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7113
x-xss-protection
0
server
cafe
etag
11066897925667386271
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 May 2021 09:12:32 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame E498 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4212762552&pi=t.aa~a.758506006~i.1~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0&nras=2&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3009&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=L8JTqIp7uT&p=https%3A//compromat.t30p.ru&dtd=13
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
136
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 May 2021 09:11:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E498 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4212762552&pi=t.aa~a.758506006~i.1~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0&nras=2&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3009&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=L8JTqIp7uT&p=https%3A//compromat.t30p.ru&dtd=13
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423651533291"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36717
x-xss-protection
0
expires
Sun, 18 Apr 2021 09:14:04 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame E498 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4212762552&pi=t.aa~a.758506006~i.1~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0&nras=2&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3009&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=L8JTqIp7uT&p=https%3A//compromat.t30p.ru&dtd=13
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:09:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5602
x-xss-protection
0
server
cafe
etag
7525161794280374107
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 May 2021 09:09:20 GMT
a0b5068ca1fc7f6ff765c7833258ec42.js
www.gstatic.com/mysidia/ Frame E498 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a0b5068ca1fc7f6ff765c7833258ec42.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4212762552&pi=t.aa~a.758506006~i.1~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0&nras=2&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3009&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=L8JTqIp7uT&p=https%3A//compromat.t30p.ru&dtd=13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 09:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Apr 2021 02:07:20 GMT
server
sffe
age
343203
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10491
x-xss-protection
0
expires
Tue, 13 Jul 2021 09:54:01 GMT
dpixel
cms.quantserve.com/ Frame 5968 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHQv6Fjao339s-FjnaQfEpU&google_cver=1&google_push=AQvitUKip5sSC-btVxeQqC0Pvq_WttAX_C7emAcNsfB8RrFsRkeas1CRhKZBfMQTI5V6ubCv6KkKiKLjyeIZx8XisYy7wRJaSHyZ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=314&adk=3059992655&adf=813075226&pi=t.aa~a.1953385413~rp.4&w=910&lmt=1618737243&nsk=4329a9a6&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x314&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280&nras=4&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=2011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=ZfFuPwDdKx&p=https%3A//compromat.t30p.ru&dtd=20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:04 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5968
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEFxHsPIOzv0xkkAQMBCvIiI&google_cver=1&google_push=AQvitUIvEV8y4UhkdQWr_xOf4zPZz3wDYR4i2v_6Og5QRQoncS0KQN_NRb44Vn50x_-2zqmqn02tc3eikOCmLvKq_yTlr6PthmH0
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitUIvEV8y4UhkdQWr_xOf4zPZz3wDYR4i2v_6Og5QRQoncS0KQN_NRb44Vn50x_-2zqmqn02tc3eikOCmLvKq_yTlr6PthmH0&google_hm=Q0FFU0VGeEhzUElPenYwe...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitUIvEV8y4UhkdQWr_xOf4zPZz3wDYR4i2v_6Og5QRQoncS0KQN_NRb44Vn50x_-2zqmqn02tc3eikOCmLvKq_yTlr6PthmH0&google_hm=Q0FFU0VGeEhzUElPenYweGtrQVFNQkN2SWlJ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=314&adk=3059992655&adf=813075226&pi=t.aa~a.1953385413~rp.4&w=910&lmt=1618737243&nsk=4329a9a6&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x314&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280&nras=4&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=2011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=ZfFuPwDdKx&p=https%3A//compromat.t30p.ru&dtd=20
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 18 Apr 2021 09:14:04 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitUIvEV8y4UhkdQWr_xOf4zPZz3wDYR4i2v_6Og5QRQoncS0KQN_NRb44Vn50x_-2zqmqn02tc3eikOCmLvKq_yTlr6PthmH0&google_hm=Q0FFU0VGeEhzUElPenYweGtrQVFNQkN2SWlJ
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame 5968 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEIeWsb1EGKo5HPXBSM8Qv4s&google_push=AQvitUIqw9CwizuUMsClf71Iux4zU29bZffY4V4Ctc3A7rRyVvVaraN-AtnO2p2Byo1Kcsmi8bH8hMPZenqXVyzeFDPUp3HBXE3B&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=314&adk=3059992655&adf=813075226&pi=t.aa~a.1953385413~rp.4&w=910&lmt=1618737243&nsk=4329a9a6&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x314&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280&nras=4&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=2011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=ZfFuPwDdKx&p=https%3A//compromat.t30p.ru&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:04 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5968
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEJUwp2yolXuEdeXJOidvw8w&google_cver=1&google_push=AQvitUJpu8DvfjcEmEFY13ccvQ68ZsxojDhvUJm8Tm_2X0HpzS7dYAWqGx8sB92wpcv4Bu2dv8E2ORauFbpEeCbykyEe0w0E8fhB
  • https://rtb.openx.net/sync/dds?google_gid=CAESEJUwp2yolXuEdeXJOidvw8w&google_cver=1&google_push=AQvitUJpu8DvfjcEmEFY13ccvQ68ZsxojDhvUJm8Tm_2X0HpzS7dYAWqGx8sB92wpcv4Bu2dv8E2ORauFbpEeCbykyEe0w0E8fhB&...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJpu8DvfjcEmEFY13ccvQ68ZsxojDhvUJm8Tm_2X0HpzS7dYAWqGx8sB92wpcv4Bu2dv8E2ORauFbpEeCbykyEe0w0E8fhB&google_hm=RwsIidqJxUgHCC_2gnnvmg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJpu8DvfjcEmEFY13ccvQ68ZsxojDhvUJm8Tm_2X0HpzS7dYAWqGx8sB92wpcv4Bu2dv8E2ORauFbpEeCbykyEe0w0E8fhB&google_hm=RwsIidqJxUgHCC_2gnnvmg==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=314&adk=3059992655&adf=813075226&pi=t.aa~a.1953385413~rp.4&w=910&lmt=1618737243&nsk=4329a9a6&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x314&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280&nras=4&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=2011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=ZfFuPwDdKx&p=https%3A//compromat.t30p.ru&dtd=20
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:03 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJpu8DvfjcEmEFY13ccvQ68ZsxojDhvUJm8Tm_2X0HpzS7dYAWqGx8sB92wpcv4Bu2dv8E2ORauFbpEeCbykyEe0w0E8fhB&google_hm=RwsIidqJxUgHCC_2gnnvmg==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
jkmreigia1sgmpnv401q0sh6k327s2dg
pixel
cm.g.doubleclick.net/ Frame 5968
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JFDlrVb-SlWFdkjk88qMxA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JFDlrVb-SlWFdkjk88qMxA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULTUfSrpkNqSVOCXlcs7K4JySuq4UoIvcZ7qnfDq00P0v5eG8zqsJ3zNDjiPfPl_QF3t68FkS_niQDQGRkzDuXUAV9jdw89
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JFDlrVb-SlWFdkjk88qMxA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULTUfSrpkNqSVOCXlcs7K4JySuq4UoIvcZ7qnfDq00P0v5eG8zqsJ3zNDjiPfPl_QF3t68FkS_niQDQGRkzDuXUAV9jdw89
Date
Sun, 18 Apr 2021 09:14:04 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
0
Content-Type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 5968
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIuYorASR7-8H9LCOiK_xC4&google_cver=1&google_push=AQvitULDkKtLHlJ2fbDYyDxnfAkG38N4rzPk45ptValDPIKNRNb9gqqd2fQskZwHl-FB9Y7wyGH...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05NWUNaUlotUy1JVUdY&google_push=AQvitULDkKtLHlJ2fbDYyDxnfAkG38N4rzPk45ptValDPIKNRNb9gqqd2fQskZwHl-FB9Y7wyGHwQcUB9QtUuD9ktVxoDVHCSoE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05NWUNaUlotUy1JVUdY&google_push=AQvitULDkKtLHlJ2fbDYyDxnfAkG38N4rzPk45ptValDPIKNRNb9gqqd2fQskZwHl-FB9Y7wyGHwQcUB9QtUuD9ktVxoDVHCSoE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=314&adk=3059992655&adf=813075226&pi=t.aa~a.1953385413~rp.4&w=910&lmt=1618737243&nsk=4329a9a6&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x314&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280&nras=4&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=2011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=ZfFuPwDdKx&p=https%3A//compromat.t30p.ru&dtd=20
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05NWUNaUlotUy1JVUdY&google_push=AQvitULDkKtLHlJ2fbDYyDxnfAkG38N4rzPk45ptValDPIKNRNb9gqqd2fQskZwHl-FB9Y7wyGHwQcUB9QtUuD9ktVxoDVHCSoE
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
pixel
cm.g.doubleclick.net/ Frame 5968
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEO7GF8J4MO1Id-AOyviaT4M&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEO7GF8J4MO1Id-AOyviaT4M&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHv4XPfpIJI6cQm3QXMrewAABE4AAAAB&google_gid=CAESEO7GF8J4MO1Id-AOyviaT4M&google_push=AQvitUIjCv7E7XrVqLF-VlJjNMUHn8V0yWWrBWLZvWYjN3rgXqw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHv4XPfpIJI6cQm3QXMrewAABE4AAAAB&google_gid=CAESEO7GF8J4MO1Id-AOyviaT4M&google_push=AQvitUIjCv7E7XrVqLF-VlJjNMUHn8V0yWWrBWLZvWYjN3rgXqwnwtwhge7gXldH5IHiadNn_5R3Dn9W3LwbEtLpRqhKzaV4LKc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=314&adk=3059992655&adf=813075226&pi=t.aa~a.1953385413~rp.4&w=910&lmt=1618737243&nsk=4329a9a6&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x314&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280&nras=4&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=2011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=ZfFuPwDdKx&p=https%3A//compromat.t30p.ru&dtd=20
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 18 Apr 2021 09:14:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHv4XPfpIJI6cQm3QXMrewAABE4AAAAB&google_gid=CAESEO7GF8J4MO1Id-AOyviaT4M&google_push=AQvitUIjCv7E7XrVqLF-VlJjNMUHn8V0yWWrBWLZvWYjN3rgXqwnwtwhge7gXldH5IHiadNn_5R3Dn9W3LwbEtLpRqhKzaV4LKc&google_cver=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
459
Expires
Sun, 18 Apr 2021 09:14:04 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 5968 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L5LIz5d640qpCoCzN6Zwczt618NPjzJIb46IvmeNS0_xo3dEuGrIn39M7yr87LT9hyZ99F
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=314&adk=3059992655&adf=813075226&pi=t.aa~a.1953385413~rp.4&w=910&lmt=1618737243&nsk=4329a9a6&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x314&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280&nras=4&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=2011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=ZfFuPwDdKx&p=https%3A//compromat.t30p.ru&dtd=20
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:04 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
adview
googleads.g.doubleclick.net/pagead/ Frame E498 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CUB_SW_h7YI-kOs-WgAfgnY2QDuCb755iyazl1rQK9-ng8pkYEAEgxJT5BWCViviBlAegAc3trc4DyAEJqQIgAuV8Ixq0PqgDAcgDywSqBOoBT9B5kkOVk3T3jy4Xj_KMEfDz9C3Ih8rC8chomBY8-Sfr18BrApwFL6jo8GAQofLW_4ibbbDyEH_OWGVUScFpynjrHiVDRpINnOypFF3mm_elsCK10jC5I7vfclZZx3s_pVmQsQlV2xV9P21To4W64SMumhefSf3HfkZ7dDFvSDW-LXcsEfkmdS-oFHN6wAW1lGvgLrFpFuaZ5u8SXjyaMfHR2ZFcrw8oygJJURQYmr30yFGvmTzngtLzJOojfo-j2Y90QYT6kigixiOd7i8tPR9bkJ7U3GlW28eemD-2jbBf0a3O6AmdpJJ2wAS-89eXpwKSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHm5LSMagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQxoAU0ggJCIDhgBAQARgfgAoByAsB2BMOshcaChgIABIUcHViLTQ3MTk5MTY3NTgzOTQ3MTY&sigh=7TpxqxbaneY&template_id=494
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4212762552&pi=t.aa~a.758506006~i.1~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0&nras=2&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3009&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=L8JTqIp7uT&p=https%3A//compromat.t30p.ru&dtd=13
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4212762552&pi=t.aa~a.758506006~i.1~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0&nras=2&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3009&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=L8JTqIp7uT&p=https%3A//compromat.t30p.ru&dtd=13
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 18 Apr 2021 09:14:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4977
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=314&adk=3059992655&adf=813075226&pi=t.aa~a.1953385413~rp.4&w=910&lmt=1618737243&nsk=4329a9a6&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x314&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280&nras=4&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=2011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=ZfFuPwDdKx&p=https%3A//compromat.t30p.ru&dtd=20
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkBmvXGXsUz8sM4ZFK3CaT7lCg3o_tLwqKgvmINjDJlFR8qMGo69b5YlVUhBJU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 18 Apr 2021 09:14:04 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sun, 18-Apr-2021 10:14:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 18 Apr 2021 09:14:04 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 18 Apr 2021 09:14:04 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
shopping
encrypted-tbn3.gstatic.com/ Frame E498 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRCMdnzTfsd7APF0BC2dmLHexFG2x2IKazMPG8yW7vq0tST22rGhvQGpTnz3Q&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4212762552&pi=t.aa~a.758506006~i.1~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0&nras=2&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3009&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=L8JTqIp7uT&p=https%3A//compromat.t30p.ru&dtd=13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b6190372365e9762f3b08626c544995106cf105325ba0602550eecce893a95f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 10:04:30 GMT
x-content-type-options
nosniff
last-modified
Sat, 17 Oct 2020 03:28:51 GMT
server
sffe
age
601774
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26049
x-xss-protection
0
expires
Mon, 11 Apr 2022 10:04:30 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame E498 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcT5IHjAX5eKFeKpIJTLmiX3VqsCkISCONL8ug0iKJw3hWWDUxlwHdpdTtUnGsY&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4212762552&pi=t.aa~a.758506006~i.1~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0&nras=2&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3009&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=L8JTqIp7uT&p=https%3A//compromat.t30p.ru&dtd=13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59adf6324fe6c5a11682d4b8806dce0bc00da6bd1291c83966593a3ee45be5c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 22:20:08 GMT
x-content-type-options
nosniff
last-modified
Sat, 10 Apr 2021 09:14:52 GMT
server
sffe
age
39236
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46593
x-xss-protection
0
expires
Sun, 17 Apr 2022 22:20:08 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame E498 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQi7nD6IFYDd5A5ETttZdmPp8EC2R6XBqiMwH-7GPfGQXuMDB0dHQ065SyMnQ&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4212762552&pi=t.aa~a.758506006~i.1~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0&nras=2&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3009&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=L8JTqIp7uT&p=https%3A//compromat.t30p.ru&dtd=13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f866831f350faa6caa5a88a1db619b59fade8369df2f9a52671f6ac60aedd5bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 06:33:41 GMT
x-content-type-options
nosniff
last-modified
Sat, 20 Feb 2021 19:42:24 GMT
server
sffe
age
96023
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37006
x-xss-protection
0
expires
Sun, 17 Apr 2022 06:33:41 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame E498 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTsQj_C0Nr17GhhXXklNKBO509S4akgTq8C9HKbujZyRw9zSgZrh2_fFqKBEQ&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4212762552&pi=t.aa~a.758506006~i.1~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0&nras=2&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3009&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=L8JTqIp7uT&p=https%3A//compromat.t30p.ru&dtd=13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
706e1382a2aaf2f4ea29ff2d93771cd3a04712e3292611807c769821d6e3a6cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 23:18:08 GMT
x-content-type-options
nosniff
last-modified
Fri, 28 Aug 2020 08:50:48 GMT
server
sffe
age
35756
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35024
x-xss-protection
0
expires
Sun, 17 Apr 2022 23:18:08 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame E498 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcScEf3da0cl-T2ahvU_O0EO_9B3zMQDGxu4kooV1UsCQB5mfPy0hsvwWLMrzBw&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4212762552&pi=t.aa~a.758506006~i.1~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0&nras=2&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3009&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=L8JTqIp7uT&p=https%3A//compromat.t30p.ru&dtd=13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e43ff151a3acbb5446d9201319e1f8fd5b77dbf72fa1ad089e6a2307baf7af7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 05:53:54 GMT
x-content-type-options
nosniff
last-modified
Thu, 27 Aug 2020 18:40:38 GMT
server
sffe
age
12010
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40683
x-xss-protection
0
expires
Mon, 18 Apr 2022 05:53:54 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7872 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4212762552&pi=t.aa~a.758506006~i.1~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0&nras=2&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3009&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=L8JTqIp7uT&p=https%3A//compromat.t30p.ru&dtd=13
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 17 Apr 2021 16:59:40 GMT
expires
Sun, 18 Apr 2021 16:59:40 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
58464
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame E498 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca6b00ef0d725f22da3293d89f874f5fb1200ec55b41c2422ba9938766923c70

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
ps5.ntvk1.ru/ 		102 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ps5.ntvk1.ru/?r=ulmzh6fusr
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.176.118.216 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
2d06e396ae3e665587c28f5ab65944261d284a6d4597f89f741c12ed8354bd5d

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 18 Apr 2021 09:14:04 GMT
Server
nginx/1.10.3 (Ubuntu)
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://compromat.t30p.ru
Access-Control-Expose-Headers
Content-Length,Date,Server
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
102
matchspm
ut.rktch.com/
Redirect Chain
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}
  • https://ut.rktch.com/matchspm?pi=1000006&pui=uAQjSDKag8LsIKAXttrpTu
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ut.rktch.com/matchspm?pi=1000006&pui=uAQjSDKag8LsIKAXttrpTu
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d50603.reg.regrucolo.ru
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 18 Apr 2021 09:14:04 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, Accept, Authorization
Access-Control-Allow-Methods
GET, POST, PATCH, PUT, DELETE, OPTIONS

Redirect headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:04 GMT
via
1.1 google
last-modified
Sun, 18 Apr 2021 09:14:04 GMT
server
nginx/1.12.0
location
https://ut.rktch.com/matchspm?pi=1000006&pui=uAQjSDKag8LsIKAXttrpTu
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
clear
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
matchspm
ut.rktch.com/ 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ut.rktch.com/matchspm?pi=2&pui=36e94712fdf149aa82a43b3fb9485247
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d50603.reg.regrucolo.ru
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 18 Apr 2021 09:14:04 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, Accept, Authorization
Access-Control-Allow-Methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
hnXZQMbDS4OJ6GTO_aPi2g
an.yandex.ru/setud/mts_banner/
Redirect Chain
  • https://ut.rktch.com/matchbt?bi=29
  • https://sm.rtb.mts.ru/p?ssp=natimatica&id=547f5d04b2cb5456e1bacecdca9b1deccede
  • https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3D8675d940-c6c3-4b83-89e8-64cefda3e2da&ssp=natimatica&exu=547f5d04b2cb5456e1bacecdca9b1deccede
  • https://tech.rtb.mts.ru/?dsp_uid=8675d940-c6c3-4b83-89e8-64cefda3e2da&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FhnXZQMbDS4OJ6GTO_aPi2g%3Flocation%3Dhttps%253A%252F%252Fut.rktch.c...
  • https://an.yandex.ru/setud/mts_banner/hnXZQMbDS4OJ6GTO_aPi2g?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3D8675d940-c6c3-4b83-89e8-64cefda3e2da&sign=2368136995
43 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/setud/mts_banner/hnXZQMbDS4OJ6GTO_aPi2g?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3D8675d940-c6c3-4b83-89e8-64cefda3e2da&sign=2368136995
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:05 GMT
content-encoding
gzip
last-modified
Sun, 18 Apr 2021 09:14:05 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=windows-1251
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 18 Apr 2021 09:14:05 GMT

Redirect headers

Date
Sun, 18 Apr 2021 09:14:05 GMT
Server
nginx/1.13.12
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Location
https://an.yandex.ru/setud/mts_banner/hnXZQMbDS4OJ6GTO_aPi2g?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3D8675d940-c6c3-4b83-89e8-64cefda3e2da&sign=2368136995
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
natimatica
exchange.buzzoola.com/cookiesync/ssp/
Redirect Chain
  • https://ut.rktch.com/matchbt?bi=27
  • https://exchange.buzzoola.com/cookiesync/ssp/natimatica?uid=547f5d04b2cb5456e1bacecdca9b1deccede
  • https://exchange.buzzoola.com/cookiesync/ssp/natimatica?set_buzzoola_cookie=t&uid=547f5d04b2cb5456e1bacecdca9b1deccede
43 B
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.buzzoola.com/cookiesync/ssp/natimatica?set_buzzoola_cookie=t&uid=547f5d04b2cb5456e1bacecdca9b1deccede
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.156.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:04 GMT
server
nginx
content-length
43
serverid
TODO
content-type
image/gif

Redirect headers

location
/cookiesync/ssp/natimatica?set_buzzoola_cookie=t&uid=547f5d04b2cb5456e1bacecdca9b1deccede
date
Sun, 18 Apr 2021 09:14:04 GMT
server
nginx
etag
W/"975f48fd2e45437d9146de36ac69eb5e8aa44f1fc7ab0f7cf00fcbdfd78ea0a6"
content-length
129
serverid
TODO
content-type
text/html; charset=utf-8
match
api.advarkads.com/api/statistic/
Redirect Chain
  • https://ut.rktch.com/matchbt?bi=50
  • https://api.advarkads.com/api/statistic/match?id=8067-1-1&uid=547f5d04b2cb5456e1bacecdca9b1deccede
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.advarkads.com/api/statistic/match?id=8067-1-1&uid=547f5d04b2cb5456e1bacecdca9b1deccede
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.233.108 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.18.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 18 Apr 2021 09:14:04 GMT
Server
nginx/1.18.0
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
-1

Redirect headers

Date
Sun, 18 Apr 2021 09:14:04 GMT
Server
nginx/1.18.0
Access-Control-Allow-Methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
location
https://api.advarkads.com/api/statistic/match?id=8067-1-1&uid=547f5d04b2cb5456e1bacecdca9b1deccede
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, Accept, Authorization
Content-Length
0
uuid
rtb.beroll.ru/
Redirect Chain
  • https://ut.rktch.com/matchbt?bi=39
  • https://rtb.beroll.ru/uuid?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D39%26bui%3D
0
86 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.beroll.ru/uuid?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D39%26bui%3D
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.202.224.34 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:05 GMT
server
nginx/1.14.0
content-length
0
content-type
application/octet-stream, text/plain

Redirect headers

Date
Sun, 18 Apr 2021 09:14:04 GMT
Server
nginx/1.18.0
Access-Control-Allow-Methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
location
https://rtb.beroll.ru/uuid?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D39%26bui%3D
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, Accept, Authorization
Content-Length
0
downsize_200k_v1
tpc.googlesyndication.com/simgad/7497725719258967966/ Frame 4FAA 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7497725719258967966/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIjwMQ0QEYASABLQAAAD8wkAM40QFFAACAPw&rs=AOga4qn7lWRikA_Vqplmwl5k3UHDshP_FQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=335&adk=3003695246&adf=2471313025&pi=t.aa~a.1953384399~rp.4&w=910&lmt=1618737243&nsk=28d7dc0&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x335&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=4590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=U85wftuzZQ&p=https%3A//compromat.t30p.ru&dtd=22
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ade1daa7c582c22b619dff1f21a806a6d3447ee24507801fa6f7624cd6b0052e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:04 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Oct 2019 12:59:16 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25276
x-xss-protection
0
expires
Mon, 18 Apr 2022 09:14:04 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 4FAA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C3JHrW_h7YLa6Otbw7gP0naqYA9LYmadhuMGnrJ4MloLNhYgWEAEgxJT5BWCViviBlAegAaaK2o4DyAEGqQIgAuV8Ixq0PqgDAcgDywSqBN8BT9ASMd9LKdF6n4X9BuSe9Q6YcIcPjoXLkuzWbX2nuH5OoUjBaZJeNJH_0NiMPQuhyQEhKZnumZiNuVMybodu-jAZl6y_IpXf6cV_215MBHUD47T8Im272R-ZmUpTzmHb_nzQixAyUsiUEVlhRZvUE3_4fQOfzTzODbZpkVZjfmWF9CpgDgQrdtwWl0Jk7JefMXK9E7BURI_VCIEpS4c8iTfX3b_OLINGD6jTtWMdnCBR26sCiQXheRa1YX_mO5WdA3LOBLT4xSSmvf5bYn5qnL1Caolpxarb9xvr3mMSZMAExpeUsIADkgUECAQYAZIFBAgFGASgBjeAB8L1pXGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQvuId0ggJCIDhgBAQARgfgAoByAsB2BMMiBQFshcaChgIABIUcHViLTQ3MTk5MTY3NTgzOTQ3MTY&sigh=WPHYJTglbjA&template_id=492
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=335&adk=3003695246&adf=2471313025&pi=t.aa~a.1953384399~rp.4&w=910&lmt=1618737243&nsk=28d7dc0&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x335&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=4590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=U85wftuzZQ&p=https%3A//compromat.t30p.ru&dtd=22
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=335&adk=3003695246&adf=2471313025&pi=t.aa~a.1953384399~rp.4&w=910&lmt=1618737243&nsk=28d7dc0&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x335&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=4590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=U85wftuzZQ&p=https%3A//compromat.t30p.ru&dtd=22
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 18 Apr 2021 09:14:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 07DC 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=335&adk=3003695246&adf=2471313025&pi=t.aa~a.1953384399~rp.4&w=910&lmt=1618737243&nsk=28d7dc0&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x335&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=4590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=U85wftuzZQ&p=https%3A//compromat.t30p.ru&dtd=22
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=335&adk=3003695246&adf=2471313025&pi=t.aa~a.1953384399~rp.4&w=910&lmt=1618737243&nsk=28d7dc0&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x335&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=4590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=U85wftuzZQ&p=https%3A//compromat.t30p.ru&dtd=22
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
DSID=NO_DATA; IDE=AHWqTUkD0keq8Bt-zfXrQFUouDUdpU1BOBG-uDFiMsTHWyRFKK01f0Xw56GqeXiYfDM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=335&adk=3003695246&adf=2471313025&pi=t.aa~a.1953384399~rp.4&w=910&lmt=1618737243&nsk=28d7dc0&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x335&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=4590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=U85wftuzZQ&p=https%3A//compromat.t30p.ru&dtd=22

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 18 Apr 2021 08:23:25 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
3039
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E0B2 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=335&adk=3003695246&adf=2471313025&pi=t.aa~a.1953384399~rp.4&w=910&lmt=1618737243&nsk=28d7dc0&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x335&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=4590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=U85wftuzZQ&p=https%3A//compromat.t30p.ru&dtd=22
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 17 Apr 2021 16:59:40 GMT
expires
Sun, 18 Apr 2021 16:59:40 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
58464
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v14/ Frame E498 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v14/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 04 Dec 2019 18:44:32 GMT
server
sffe
age
601826
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20900
x-xss-protection
0
expires
Mon, 11 Apr 2022 10:03:38 GMT
KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 4FAA 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=de
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 21:18:43 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:34 GMT
server
sffe
age
474921
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9776
x-xss-protection
0
expires
Tue, 12 Apr 2022 21:18:43 GMT
truncated
/ Frame 4FAA 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d1199ed8b985ed48c522d59ff3f0d8760b2bb0f14fa9057f47a311249a7b5fb3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 02BE 		2 KB
531 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4114440736&pi=t.aa~a.758506006~i.2~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280&nras=3&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=zpcoRVoPDu&p=https%3A//compromat.t30p.ru&dtd=17
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 18 Apr 2021 08:12:20 GMT
server
ESF
date
Sun, 18 Apr 2021 09:14:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 18 Apr 2021 09:14:04 GMT
aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
pagead2.googlesyndication.com/bg/ Frame 1B00 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=314&adk=3059992655&adf=813075226&pi=t.aa~a.1953385413~rp.4&w=910&lmt=1618737243&nsk=4329a9a6&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x314&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280&nras=4&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=2011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=ZfFuPwDdKx&p=https%3A//compromat.t30p.ru&dtd=20
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 08:55:16 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
1128
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5682
x-xss-protection
0
expires
Mon, 18 Apr 2022 08:55:16 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 02BE 		1 KB
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4114440736&pi=t.aa~a.758506006~i.2~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280&nras=3&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=zpcoRVoPDu&p=https%3A//compromat.t30p.ru&dtd=17
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:09:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 May 2021 09:09:40 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/ Frame 02BE 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4114440736&pi=t.aa~a.758506006~i.2~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280&nras=3&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=zpcoRVoPDu&p=https%3A//compromat.t30p.ru&dtd=17
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:12:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7113
x-xss-protection
0
server
cafe
etag
11066897925667386271
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 May 2021 09:12:32 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 02BE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4114440736&pi=t.aa~a.758506006~i.2~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280&nras=3&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=zpcoRVoPDu&p=https%3A//compromat.t30p.ru&dtd=17
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
136
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 May 2021 09:11:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 02BE 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4114440736&pi=t.aa~a.758506006~i.2~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280&nras=3&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=zpcoRVoPDu&p=https%3A//compromat.t30p.ru&dtd=17
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423651533291"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36717
x-xss-protection
0
expires
Sun, 18 Apr 2021 09:14:04 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 02BE 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4114440736&pi=t.aa~a.758506006~i.2~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280&nras=3&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=zpcoRVoPDu&p=https%3A//compromat.t30p.ru&dtd=17
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:09:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5602
x-xss-protection
0
server
cafe
etag
7525161794280374107
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 May 2021 09:09:20 GMT
b42b11247d0ebeb7b44892ca7e629453.js
www.gstatic.com/mysidia/ Frame 02BE 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b42b11247d0ebeb7b44892ca7e629453.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4114440736&pi=t.aa~a.758506006~i.2~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280&nras=3&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=zpcoRVoPDu&p=https%3A//compromat.t30p.ru&dtd=17
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0d34b0d95e73a7ae965ab9eef15d273c1b4ab22aa7d5648e120a2763434ce84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 10:55:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Apr 2021 10:27:13 GMT
server
sffe
age
339494
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10497
x-xss-protection
0
expires
Tue, 13 Jul 2021 10:55:50 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 02BE 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTHvbmf5ziciCC7TpI92C0e4GiytrY8nBrpCsUWMHUT-B4FTjY&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4114440736&pi=t.aa~a.758506006~i.2~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280&nras=3&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=zpcoRVoPDu&p=https%3A//compromat.t30p.ru&dtd=17
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ff4dc66198057b9826eaa58e2231832bb8bc47baed0cf250cb48d8bd2a1cf98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 08:07:46 GMT
x-content-type-options
nosniff
last-modified
Sat, 05 May 2018 18:53:29 GMT
server
sffe
age
263178
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8769
x-xss-protection
0
expires
Fri, 15 Apr 2022 08:07:46 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 02BE 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTizNQZbc3gcEtc-fk4YuRjsMNFXp3Ke7TzFtJDibHArvoXF3jUIANSurMacK8&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4114440736&pi=t.aa~a.758506006~i.2~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280&nras=3&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=zpcoRVoPDu&p=https%3A//compromat.t30p.ru&dtd=17
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ed6ca38a3aaab35ab1534ce27b8053b5e8108316b061dbfbf6457d9d285ae8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 22:29:56 GMT
x-content-type-options
nosniff
last-modified
Fri, 20 Nov 2020 10:25:42 GMT
server
sffe
age
557048
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30609
x-xss-protection
0
expires
Mon, 11 Apr 2022 22:29:56 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 02BE 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQTCQgTxCTfHFRxuQORu_4OlSyVRr6fryxbz2DBBkQKxXf-FsdERcOadyOWag&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4114440736&pi=t.aa~a.758506006~i.2~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280&nras=3&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=zpcoRVoPDu&p=https%3A//compromat.t30p.ru&dtd=17
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc62ab4d55b3b5e7b55ef738e4cfabe1b276b0fb3ec2905102ce6fae8a06d94c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 06:46:45 GMT
x-content-type-options
nosniff
last-modified
Wed, 13 May 2020 12:04:33 GMT
server
sffe
age
268039
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40104
x-xss-protection
0
expires
Fri, 15 Apr 2022 06:46:45 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 02BE 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTp8ZYnC2U-XSmJWW_XVtAIBKaTFJGfgD2C1y8uR1FB7uke4Pm3gohs5X-WuIg&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4114440736&pi=t.aa~a.758506006~i.2~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280&nras=3&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=zpcoRVoPDu&p=https%3A//compromat.t30p.ru&dtd=17
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f08392378c631c1aa6bad132db9dfbcc812f02b8ca09d0a1a1e6ed07105e06c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:15:11 GMT
x-content-type-options
nosniff
last-modified
Tue, 11 Feb 2020 08:47:39 GMT
server
sffe
age
251933
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31895
x-xss-protection
0
expires
Fri, 15 Apr 2022 11:15:11 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 02BE 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRbXEKNsDMLb80kvqxi_PBg_vkrhnOt48tHCvk0jm9JGmCgchb-F_Z--NvgCQ&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4114440736&pi=t.aa~a.758506006~i.2~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280&nras=3&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=zpcoRVoPDu&p=https%3A//compromat.t30p.ru&dtd=17
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
38fd4c8c21eea207339997759032d5b8538b96ae030299e04a3a57a7e7bb5144
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 06:10:32 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Sep 2019 11:41:29 GMT
server
sffe
age
356612
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37105
x-xss-protection
0
expires
Thu, 14 Apr 2022 06:10:32 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 02BE 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTMCMfM3_0RZpmrL1Y35oYvMvxKm4u5J8fLmmOO8mDUdno_nwP1iLQdldUFuTs&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4114440736&pi=t.aa~a.758506006~i.2~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280&nras=3&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=zpcoRVoPDu&p=https%3A//compromat.t30p.ru&dtd=17
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f74abeae6ea3a17bcf738e85a7b3790f07977383d37f8caa1808bd1a12137a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 14:14:36 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Sep 2019 10:21:33 GMT
server
sffe
age
154768
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36768
x-xss-protection
0
expires
Sat, 16 Apr 2022 14:14:36 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 02BE 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRpw7gdQ9Zy8qRW2W5OpT8RPlBUlWPrk_5BpenvYT6-6q_-B6lvMEK19U-1LHY&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4114440736&pi=t.aa~a.758506006~i.2~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280&nras=3&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=zpcoRVoPDu&p=https%3A//compromat.t30p.ru&dtd=17
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed17817b11e0b4095387d7bcb33cbf9b4227738ceea03c4c0ee3e2765ec5cb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 05:28:46 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Sep 2019 09:07:52 GMT
server
sffe
age
272718
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31011
x-xss-protection
0
expires
Fri, 15 Apr 2022 05:28:46 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 02BE 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRAFx4u_zYwPfwpJzG3a0ifkULv41DE5VchcEZsCuJ1BhPZGGRtxz24xlQUqGA&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4114440736&pi=t.aa~a.758506006~i.2~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280&nras=3&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=zpcoRVoPDu&p=https%3A//compromat.t30p.ru&dtd=17
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c2b0401b20a6eb186b91330b16f60b1d7df5b75bd340948927b322d6bf5a7d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 07:14:51 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Sep 2019 09:02:31 GMT
server
sffe
age
93553
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36332
x-xss-protection
0
expires
Sun, 17 Apr 2022 07:14:51 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 02BE 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcR6nyOtVrqFHoJszi5viNFAGKhtsulaVr6k74mj3eXsnLUh1vlQZEQbYpqtsWs&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4114440736&pi=t.aa~a.758506006~i.2~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280&nras=3&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=zpcoRVoPDu&p=https%3A//compromat.t30p.ru&dtd=17
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b0b0b47ae7cd546f0de04d767e687dbf611103b29790520ab53ca24fe6ab3d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 10:33:13 GMT
x-content-type-options
nosniff
last-modified
Sat, 30 Nov 2019 11:15:32 GMT
server
sffe
age
168051
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17856
x-xss-protection
0
expires
Sat, 16 Apr 2022 10:33:13 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 02BE 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQDF3yQ_OukSpnWgTIMbijBKN8y5XwtNJKQ6gTk5Ml5BD6UYeMkZvTHReGthg&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4114440736&pi=t.aa~a.758506006~i.2~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280&nras=3&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=zpcoRVoPDu&p=https%3A//compromat.t30p.ru&dtd=17
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
736e094010f421ae46f77ffbdddb5e54803707a72a4e71f5e862dc5969a16f50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 05:15:31 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Sep 2019 09:46:37 GMT
server
sffe
age
14313
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34722
x-xss-protection
0
expires
Mon, 18 Apr 2022 05:15:31 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=compromat.t30p.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4719916758394716&plah=compromat.t30p.ru&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Apr 2021 09:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=compromat.t30p.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4719916758394716&plah=compromat.t30p.ru&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Apr 2021 09:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A626 		117 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=250&slotname=5661874658&adk=584091248&adf=4137922100&pi=t.ma~as.5661874658&w=332&fwrn=4&fwrnh=100&lmt=1618737244&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737244860&bpp=8&bdt=1254&idt=8&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314%2C910x335&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1102&ady=4020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&psts=AGkb-H80eFA4BWSaL_zLlcOZJt3JSYiAxNYTB8FDsZenRJpo88lwXHvkYvq1IC6WTrXv7QzjRJS-S_Em%2CAGkb-H_Y8bL9gMv1gReoxOyr4Tj8g_o8Ma4DnEFf_vRg2bGc_D3I10PbugSRqqhx8Oldfys8pSkEd9dULkU%2CAGkb-H9FLYd7HSz-oOWOhDa-KhzaVbtSfmZzUjQZufakGBA6TjknaCxqSWZh0DXOQ967i2lX6gJ5J7IrPEk&pvsid=3766037551808549&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=7HWD7ojd7u&p=https%3A//compromat.t30p.ru&dtd=12
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4719916758394716&plah=compromat.t30p.ru&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
527b19a69680059d733db88f05c8e187ad4308b5f67ce41fe44acb7f747bc8e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4719916758394716&output=html&h=250&slotname=5661874658&adk=584091248&adf=4137922100&pi=t.ma~as.5661874658&w=332&fwrn=4&fwrnh=100&lmt=1618737244&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737244860&bpp=8&bdt=1254&idt=8&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314%2C910x335&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1102&ady=4020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&psts=AGkb-H80eFA4BWSaL_zLlcOZJt3JSYiAxNYTB8FDsZenRJpo88lwXHvkYvq1IC6WTrXv7QzjRJS-S_Em%2CAGkb-H_Y8bL9gMv1gReoxOyr4Tj8g_o8Ma4DnEFf_vRg2bGc_D3I10PbugSRqqhx8Oldfys8pSkEd9dULkU%2CAGkb-H9FLYd7HSz-oOWOhDa-KhzaVbtSfmZzUjQZufakGBA6TjknaCxqSWZh0DXOQ967i2lX6gJ5J7IrPEk&pvsid=3766037551808549&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=7HWD7ojd7u&p=https%3A//compromat.t30p.ru&dtd=12
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://compromat.t30p.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
DSID=NO_DATA; IDE=AHWqTUkD0keq8Bt-zfXrQFUouDUdpU1BOBG-uDFiMsTHWyRFKK01f0Xw56GqeXiYfDM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://compromat.t30p.ru/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 18 Apr 2021 09:14:05 GMT
server
cafe
content-length
36206
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 02BE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=ClFIwW_h7YMWMOo3RgAfFzZqgA9HgpPVbvoPfo_4KjbDt_tsZEAEgxJT5BWCViviBlAegAbij__4DyAEJqQIgAuV8Ixq0PqgDAcgDywSqBOMBT9CYxfYM1axUujij6Z0MCRV1cb98mAJVFFXGnF9A9N2T46i5Xz2sxfGK3SYD1CMnV_HDwYD1uWLrE2OJPk3akCjHIv1guzjlrZ_kdNBR-HRl8wllT8ltK3S8R0yaE2psQIpfNXrpeQULZLfDng_DqGVPPN_GgGs66JpnC2k4q_Ow8L7QkvM9LyLQTNg4i1tIa7KYMnbITOPs9NYgeHVPPAsThOUYbJQrOZQ6qTVb4izWx1p3wJTtgIlZEBlacfUIg47D-AsrMEetRs0QfU4ZJ3XgBGgXw6wXLnmPClHL_MY2N6nABLyBuLr7ApIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAew3IABqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDemwfSCAkIgOGAEBABGB-ACgHICwHYEw6yFxoKGAgAEhRwdWItNDcxOTkxNjc1ODM5NDcxNg&sigh=lVnaphbjh2Y&template_id=494
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4114440736&pi=t.aa~a.758506006~i.2~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280&nras=3&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=zpcoRVoPDu&p=https%3A//compromat.t30p.ru&dtd=17
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4114440736&pi=t.aa~a.758506006~i.2~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280&nras=3&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=zpcoRVoPDu&p=https%3A//compromat.t30p.ru&dtd=17
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 18 Apr 2021 09:14:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
dpixel
cms.quantserve.com/ Frame 7872 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENi3tVKXbO8s7vqzpC4515s&google_cver=1&google_push=AQvitUJtwwPgTaQongAcbHR8G2gFDjTEbYm9lkjUL40JLUF2YTrXEc6gcWTGt6a2lMqxCZ41tabU-rpNXi6dWJozpFqm5SHVI3Tr
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4212762552&pi=t.aa~a.758506006~i.1~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0&nras=2&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3009&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=L8JTqIp7uT&p=https%3A//compromat.t30p.ru&dtd=13
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:04 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7872
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUKlSpCmrbmc3FSOW6Ldww3--fdHPLw9xVfAuZA...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUh2NFhBQUFBUW1pZmxoMQ&google_push=AQvitUKlSpCmrbmc3FSOW6Ldww3--fdHPLw9xVfAuZAcqD5qIMAtVm2XY9lt6kD8HizcelKxcj_RJGvRfPPjbd5fcqyqrujm28E
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUh2NFhBQUFBUW1pZmxoMQ&google_push=AQvitUKlSpCmrbmc3FSOW6Ldww3--fdHPLw9xVfAuZAcqD5qIMAtVm2XY9lt6kD8HizcelKxcj_RJGvRfPPjbd5fcqyqrujm28E
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUh2NFhBQUFBUW1pZmxoMQ&google_push=AQvitUKlSpCmrbmc3FSOW6Ldww3--fdHPLw9xVfAuZAcqD5qIMAtVm2XY9lt6kD8HizcelKxcj_RJGvRfPPjbd5fcqyqrujm28E
Date
Sun, 18 Apr 2021 09:14:04 GMT
Server
Apache
Connection
keep-alive
Content-Length
390
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame 7872
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEGRwxPYZ8GsXi_DKZ3kr0NY&google_cver=1&google_push=AQvitULwdmijv5G59u-0901R5-lsyH4z3FcneI8LcSOk7Hi70PG6Y6Yi28Whm-mZ7FJmgehPW0-bOIMRkZGOpVz5HLOF5A0t6uYw
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULwdmijv5G59u-0901R5-lsyH4z3FcneI8LcSOk7Hi70PG6Y6Yi28Whm-mZ7FJmgehPW0-bOIMRkZGOpVz5HLOF5A0t6uYw&google_hm=RwsIidqJxUgHCC_2gnnvmg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULwdmijv5G59u-0901R5-lsyH4z3FcneI8LcSOk7Hi70PG6Y6Yi28Whm-mZ7FJmgehPW0-bOIMRkZGOpVz5HLOF5A0t6uYw&google_hm=RwsIidqJxUgHCC_2gnnvmg==
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:04 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULwdmijv5G59u-0901R5-lsyH4z3FcneI8LcSOk7Hi70PG6Y6Yi28Whm-mZ7FJmgehPW0-bOIMRkZGOpVz5HLOF5A0t6uYw&google_hm=RwsIidqJxUgHCC_2gnnvmg==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
04spncn9p4mslac4613h36q1dedmha0l
pixel
cm.g.doubleclick.net/ Frame 7872
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JFDlrVb-SlWFdkjk88qMxA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JFDlrVb-SlWFdkjk88qMxA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKMuUChpMAFqwNy9QmYZvENKQ6WtVSQdrb0di2hOZTNBftzSm9pGokaMZTpXKCBjA5js5yriHSboB8-SEtHFcWhwalJN4VI
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JFDlrVb-SlWFdkjk88qMxA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKMuUChpMAFqwNy9QmYZvENKQ6WtVSQdrb0di2hOZTNBftzSm9pGokaMZTpXKCBjA5js5yriHSboB8-SEtHFcWhwalJN4VI
Date
Sun, 18 Apr 2021 09:14:04 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
0
Content-Type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 7872
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJwfGu5-LPC2zT8stfJDugo&google_cver=1&google_push=AQvitUIJCyF825cwcRk3WfpLw4eWf6GsGwEqhnEBKe5t90CwZo-bz_TNeFj7broXxPWEjd4hBxP...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05NWUNaWEotMS1MTzVC&google_push=AQvitUIJCyF825cwcRk3WfpLw4eWf6GsGwEqhnEBKe5t90CwZo-bz_TNeFj7broXxPWEjd4hBxPgvSd4rsvqrAjO46Jc5NX7qKsO
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05NWUNaWEotMS1MTzVC&google_push=AQvitUIJCyF825cwcRk3WfpLw4eWf6GsGwEqhnEBKe5t90CwZo-bz_TNeFj7broXxPWEjd4hBxPgvSd4rsvqrAjO46Jc5NX7qKsO
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05NWUNaWEotMS1MTzVC&google_push=AQvitUIJCyF825cwcRk3WfpLw4eWf6GsGwEqhnEBKe5t90CwZo-bz_TNeFj7broXxPWEjd4hBxPgvSd4rsvqrAjO46Jc5NX7qKsO
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
pixel
cm.g.doubleclick.net/ Frame 7872
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGhAXZxfokQxLOTm36lD6Q4&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHv4XPfpIJI6cQm3QXMrewAABE4AAAAB&google_cver=1&google_push=AQvitUJDhKrJ3dpYLl35hgRYlj-rvvLfs8F0SC9VL7sUSqx-KOfIBbUet7o14wpC1zHlP7A4Uqhi...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHv4XPfpIJI6cQm3QXMrewAABE4AAAAB&google_cver=1&google_push=AQvitUJDhKrJ3dpYLl35hgRYlj-rvvLfs8F0SC9VL7sUSqx-KOfIBbUet7o14wpC1zHlP7A4UqhifDO1uUrVREZz97bgvjimSzR7&google_gid=CAESEGhAXZxfokQxLOTm36lD6Q4
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 18 Apr 2021 09:14:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHv4XPfpIJI6cQm3QXMrewAABE4AAAAB&google_cver=1&google_push=AQvitUJDhKrJ3dpYLl35hgRYlj-rvvLfs8F0SC9VL7sUSqx-KOfIBbUet7o14wpC1zHlP7A4UqhifDO1uUrVREZz97bgvjimSzR7&google_gid=CAESEGhAXZxfokQxLOTm36lD6Q4
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
460
Expires
Sun, 18 Apr 2021 09:14:04 GMT
trk
ag.innovid.com/ Frame 7872 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEDLSntZmeeDxA862uKeqLTw&google_cver=1&google_push=AQvitUJSxVO9Yzgxf6JAvolngXFNZ19O7Ws7J8qBchgLC6pnxKmHbxeadRyqK3aDFtZQZLYOeMHVQ-bQ18sInv5xdAINsNVFKYMm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4212762552&pi=t.aa~a.758506006~i.1~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0&nras=2&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3009&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=L8JTqIp7uT&p=https%3A//compromat.t30p.ru&dtd=13
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8101:ac20:41f1:bf24:9b3 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:04 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 7872 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kp9PUpjGqr-sAY3lB3SQz40rq1LuuNMPanDRiLNVjjn9EE87o2g0heDT1uh44MyBiboC3h
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4212762552&pi=t.aa~a.758506006~i.1~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0&nras=2&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3009&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=L8JTqIp7uT&p=https%3A//compromat.t30p.ru&dtd=13
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:04 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 51B3 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4114440736&pi=t.aa~a.758506006~i.2~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280&nras=3&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=zpcoRVoPDu&p=https%3A//compromat.t30p.ru&dtd=17
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 17 Apr 2021 16:59:40 GMT
expires
Sun, 18 Apr 2021 16:59:40 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
58464
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 02BE 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
da12d80dbba08d7adf3ea8fb481db85642b8359badf2ca849b5d79d00eecd08f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
pagead2.googlesyndication.com/bg/ Frame 4CDD 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4212762552&pi=t.aa~a.758506006~i.1~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0&nras=2&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3009&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=L8JTqIp7uT&p=https%3A//compromat.t30p.ru&dtd=13
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 08:55:16 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
1128
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5682
x-xss-protection
0
expires
Mon, 18 Apr 2022 08:55:16 GMT
dpixel
cms.quantserve.com/ Frame E0B2 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAVo1GiTQMzn3t_Ac1PyGaA&google_cver=1&google_push=AQvitULrYI2cObCnjJUW90pOCTHq9XUqIjunnloa5ixqNUeyjyZzxnomZxFY2wf5jB5oocKGq07ysv3IA7jhTWQHhz7DjRrmG3rv
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=335&adk=3003695246&adf=2471313025&pi=t.aa~a.1953384399~rp.4&w=910&lmt=1618737243&nsk=28d7dc0&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x335&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=4590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=U85wftuzZQ&p=https%3A//compromat.t30p.ru&dtd=22
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:04 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame E0B2 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEPkNdEcvlE6kVIWyVIie-Gg&google_push=AQvitULZSW_SW3gnSDiWHg_jIoopxNLWB6436fnFLSpLeOF95q0CHMs1E8FiJRc55abs-laAM0Zd57hb7nBRuawB6Aspz5loIRFJ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=335&adk=3003695246&adf=2471313025&pi=t.aa~a.1953384399~rp.4&w=910&lmt=1618737243&nsk=28d7dc0&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x335&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=4590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=U85wftuzZQ&p=https%3A//compromat.t30p.ru&dtd=22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:04 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E0B2
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEFWXdB624oNyK0b9sr2sRs8&google_cver=1&google_push=AQvitULAQc-K9D6gO9wPbGYYJW0cD6nykFXFYVRAWmqgniyam9tbv1lh3R7dgdPOHwig9UiueYS9nJ-go1Gl7UacGCLL2cYNCULN
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULAQc-K9D6gO9wPbGYYJW0cD6nykFXFYVRAWmqgniyam9tbv1lh3R7dgdPOHwig9UiueYS9nJ-go1Gl7UacGCLL2cYNCULN&google_hm=RwsIidqJxUgHCC_2gnnvmg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULAQc-K9D6gO9wPbGYYJW0cD6nykFXFYVRAWmqgniyam9tbv1lh3R7dgdPOHwig9UiueYS9nJ-go1Gl7UacGCLL2cYNCULN&google_hm=RwsIidqJxUgHCC_2gnnvmg==
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:04 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULAQc-K9D6gO9wPbGYYJW0cD6nykFXFYVRAWmqgniyam9tbv1lh3R7dgdPOHwig9UiueYS9nJ-go1Gl7UacGCLL2cYNCULN&google_hm=RwsIidqJxUgHCC_2gnnvmg==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
prniaf2th4di1fmt8llsvk9re569pedq
pixel
cm.g.doubleclick.net/ Frame E0B2
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JFDlrVb-SlWFdkjk88qMxA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JFDlrVb-SlWFdkjk88qMxA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULeoc66IU2s88p3Ue69hTP3JPMlEwHvXtM3CoeSDTRl859MBM5vCFh50utwihs4okx9D4cosyB0_GpZzvkrpGG9ZpR8RDNG
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JFDlrVb-SlWFdkjk88qMxA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULeoc66IU2s88p3Ue69hTP3JPMlEwHvXtM3CoeSDTRl859MBM5vCFh50utwihs4okx9D4cosyB0_GpZzvkrpGG9ZpR8RDNG
Date
Sun, 18 Apr 2021 09:14:04 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
0
Content-Type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame E0B2
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDa5LflwI3fh0fzPNg938cU&google_cver=1&google_push=AQvitUIVPsptrOJz4xji4Ux7S7B8k3b_KiIi3qIo0fN1Y1SRvKDbwjSDLkhxHi-JHKj_6lS0Vdt...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05NWUNaWVUtMjAtNk9KRw==&google_push=AQvitUIVPsptrOJz4xji4Ux7S7B8k3b_KiIi3qIo0fN1Y1SRvKDbwjSDLkhxHi-JHKj_6lS0Vdtp3cG_nmYrx43P3SDGg-SIbqZl
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05NWUNaWVUtMjAtNk9KRw==&google_push=AQvitUIVPsptrOJz4xji4Ux7S7B8k3b_KiIi3qIo0fN1Y1SRvKDbwjSDLkhxHi-JHKj_6lS0Vdtp3cG_nmYrx43P3SDGg-SIbqZl
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05NWUNaWVUtMjAtNk9KRw==&google_push=AQvitUIVPsptrOJz4xji4Ux7S7B8k3b_KiIi3qIo0fN1Y1SRvKDbwjSDLkhxHi-JHKj_6lS0Vdtp3cG_nmYrx43P3SDGg-SIbqZl
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
pixel
cm.g.doubleclick.net/ Frame E0B2
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHDlD97jd3mgPiYRV3gTiKI&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHv4XPfpIJI6cQm3QXMrewAABE4AAAAB&google_push=AQvitUILWTo89wGi_QtsrCdpn3WA2v_SWyWGvIS6nqVxvo1iDck0gQWbIoSaeEo0Ko4ob8NkTHXun6jy7x_4cD20I7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHv4XPfpIJI6cQm3QXMrewAABE4AAAAB&google_push=AQvitUILWTo89wGi_QtsrCdpn3WA2v_SWyWGvIS6nqVxvo1iDck0gQWbIoSaeEo0Ko4ob8NkTHXun6jy7x_4cD20I7u6IG6WEX-Q&google_gid=CAESEHDlD97jd3mgPiYRV3gTiKI&google_cver=1
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 18 Apr 2021 09:14:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHv4XPfpIJI6cQm3QXMrewAABE4AAAAB&google_push=AQvitUILWTo89wGi_QtsrCdpn3WA2v_SWyWGvIS6nqVxvo1iDck0gQWbIoSaeEo0Ko4ob8NkTHXun6jy7x_4cD20I7u6IG6WEX-Q&google_gid=CAESEHDlD97jd3mgPiYRV3gTiKI&google_cver=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
460
Expires
Sun, 18 Apr 2021 09:14:04 GMT
pixel
cm.g.doubleclick.net/ Frame E0B2
Redirect Chain
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEIhTkS8GCHoHEf6ErEYabnM&google_cver=1&google_push=AQvitUKUNsAyV4elV1mv_poa...
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUKUNsAyV4elV1mv_poaceRh1H-Ydtsfx1k-ji1wFT47IGE1YVquR2ZzNWAQG07iGg13n2i-uTl9ERxl9pIgi8bGdlQSEv4v_A&google_hm=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUKUNsAyV4elV1mv_poaceRh1H-Ydtsfx1k-ji1wFT47IGE1YVquR2ZzNWAQG07iGg13n2i-uTl9ERxl9pIgi8bGdlQSEv4v_A&google_hm=
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:05 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUKUNsAyV4elV1mv_poaceRh1H-Ydtsfx1k-ji1wFT47IGE1YVquR2ZzNWAQG07iGg13n2i-uTl9ERxl9pIgi8bGdlQSEv4v_A&google_hm=
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
none
content-length
0
expires
Sat, 17 Apr 2021 09:14:05 GMT
attr
cm.g.doubleclick.net/pixel/ Frame E0B2 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I9TmBTuSiUJ62WpPo9AoXlk_8MZT7n3ixb54iT8SLYTtjREZtF7ZLznO0Q5988b6A9vywRRA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=335&adk=3003695246&adf=2471313025&pi=t.aa~a.1953384399~rp.4&w=910&lmt=1618737243&nsk=28d7dc0&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x335&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=4590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=U85wftuzZQ&p=https%3A//compromat.t30p.ru&dtd=22
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:04 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame 07DC
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=335&adk=3003695246&adf=2471313025&pi=t.aa~a.1953384399~rp.4&w=910&lmt=1618737243&nsk=28d7dc0&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x335&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=4590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=U85wftuzZQ&p=https%3A//compromat.t30p.ru&dtd=22
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
DSID=NO_DATA; IDE=AHWqTUkD0keq8Bt-zfXrQFUouDUdpU1BOBG-uDFiMsTHWyRFKK01f0Xw56GqeXiYfDM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 18 Apr 2021 09:14:05 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sun, 18-Apr-2021 10:14:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 18 Apr 2021 09:14:05 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 18 Apr 2021 09:14:05 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
pagead2.googlesyndication.com/bg/ Frame 4E24 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=335&adk=3003695246&adf=2471313025&pi=t.aa~a.1953384399~rp.4&w=910&lmt=1618737243&nsk=28d7dc0&rafmt=11&pwprc=9434662771&psa=0&ad_type=text_image&format=910x335&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=150&ady=4590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=U85wftuzZQ&p=https%3A//compromat.t30p.ru&dtd=22
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 08:55:16 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
1129
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5682
x-xss-protection
0
expires
Mon, 18 Apr 2022 08:55:16 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v14/ Frame 02BE 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v14/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 04 Dec 2019 18:44:32 GMT
server
sffe
age
601827
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20900
x-xss-protection
0
expires
Mon, 11 Apr 2022 10:03:38 GMT
dpixel
cms.quantserve.com/ Frame 51B3 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMUuQtb6KB1AuevEnIIjM8M&google_cver=1&google_push=AQvitULBaX3UfjAJq8KyOfbZb2V-krBA6l4H8KEKUBxNGdz4qS4U-3R7SoeMGVm8m8_WNcyB55SskEk3gceFIyry3GZ7oQGdrEI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4114440736&pi=t.aa~a.758506006~i.2~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280&nras=3&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=zpcoRVoPDu&p=https%3A//compromat.t30p.ru&dtd=17
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:05 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 51B3
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESENAhOBeptyrxRdcHMe9PuAE&google_cver=1&google_push=AQvitUKo_qqVHnkKs5xAL1wV2XW3ln7boozdMPbNft93AYMD0rJzoRTkBhZg-sF99siKCqY3_SxlSh3zT3umqj7N9j4aQH2i6pk
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKo_qqVHnkKs5xAL1wV2XW3ln7boozdMPbNft93AYMD0rJzoRTkBhZg-sF99siKCqY3_SxlSh3zT3umqj7N9j4aQH2i6pk&google_hm=RwsIidqJxUgHCC_2gnnvmg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKo_qqVHnkKs5xAL1wV2XW3ln7boozdMPbNft93AYMD0rJzoRTkBhZg-sF99siKCqY3_SxlSh3zT3umqj7N9j4aQH2i6pk&google_hm=RwsIidqJxUgHCC_2gnnvmg==
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:05 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKo_qqVHnkKs5xAL1wV2XW3ln7boozdMPbNft93AYMD0rJzoRTkBhZg-sF99siKCqY3_SxlSh3zT3umqj7N9j4aQH2i6pk&google_hm=RwsIidqJxUgHCC_2gnnvmg==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
m359v3s9g5fimrl8otftbc4jaequepct
pixel
cm.g.doubleclick.net/ Frame 51B3
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JFDlrVb-SlWFdkjk88qMxA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JFDlrVb-SlWFdkjk88qMxA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIFcNpvOWRk26p_3NW4U38Dbn9eQAuOlz0QMdWFI_JtiyaoqmvmsmBlEx6mWKkzbj9C1j9Zb_Vpyy8iB58cTZ-EVtEu2Kc
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JFDlrVb-SlWFdkjk88qMxA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIFcNpvOWRk26p_3NW4U38Dbn9eQAuOlz0QMdWFI_JtiyaoqmvmsmBlEx6mWKkzbj9C1j9Zb_Vpyy8iB58cTZ-EVtEu2Kc
Date
Sun, 18 Apr 2021 09:14:03 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
0
Content-Type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 51B3
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEI4gvJfve-MWqkN3V995ROI&google_cver=1&google_push=AQvitUKGqJHoS4rqgWsufEWWK9Bj9c9qUfFu7gyZwHrGtowXyENXDNrHdzsVcwRL4fOhdjHSx1J...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05NWUQwNUYtMy1BSlk2&google_push=AQvitUKGqJHoS4rqgWsufEWWK9Bj9c9qUfFu7gyZwHrGtowXyENXDNrHdzsVcwRL4fOhdjHSx1JhUUBcg_ODNdES7wf4EufdONY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05NWUQwNUYtMy1BSlk2&google_push=AQvitUKGqJHoS4rqgWsufEWWK9Bj9c9qUfFu7gyZwHrGtowXyENXDNrHdzsVcwRL4fOhdjHSx1JhUUBcg_ODNdES7wf4EufdONY
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05NWUQwNUYtMy1BSlk2&google_push=AQvitUKGqJHoS4rqgWsufEWWK9Bj9c9qUfFu7gyZwHrGtowXyENXDNrHdzsVcwRL4fOhdjHSx1JhUUBcg_ODNdES7wf4EufdONY
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
pixel
cm.g.doubleclick.net/ Frame 51B3
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGEQR9nYaNugRafOkw1o3WE&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHv4XPfpIJI6cQm3QXMrewAABE4AAAAB&google_cver=1&google_push=AQvitUJBqPREe5qbxPzboN47Ks-elB28L5BH9kih6oRUEPmcIl3f39-aCNGB_Ffy6PwupA3zp_s1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHv4XPfpIJI6cQm3QXMrewAABE4AAAAB&google_cver=1&google_push=AQvitUJBqPREe5qbxPzboN47Ks-elB28L5BH9kih6oRUEPmcIl3f39-aCNGB_Ffy6PwupA3zp_s172Blwggy8A7u6f6th2gjwgs&google_gid=CAESEGEQR9nYaNugRafOkw1o3WE
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 18 Apr 2021 09:14:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHv4XPfpIJI6cQm3QXMrewAABE4AAAAB&google_cver=1&google_push=AQvitUJBqPREe5qbxPzboN47Ks-elB28L5BH9kih6oRUEPmcIl3f39-aCNGB_Ffy6PwupA3zp_s172Blwggy8A7u6f6th2gjwgs&google_gid=CAESEGEQR9nYaNugRafOkw1o3WE
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
459
Expires
Sun, 18 Apr 2021 09:14:05 GMT
pixel
cm.g.doubleclick.net/ Frame 51B3
Redirect Chain
  • https://ag.innovid.com/trk?tid=11711&google_gid=CAESELaIH2U9O_Lm3r3XpxuKrhA&google_cver=1&google_push=AQvitUJSHQ01rkJCXaWCe9z4w5lL_zMCurysJR6Nvz3PF0Mvdu3zVDKIR7xx9Ju1AY_cdqsiME9VUgbkNa6r_rl5DbiotJJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AQvitUJSHQ01rkJCXaWCe9z4w5lL_zMCurysJR6Nvz3PF0Mvdu3zVDKIR7xx9Ju1AY_cdqsiME9VUgbkNa6r_rl5DbiotJJVFkc&google_hm=aflWwBQJS-KUpCqN4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AQvitUJSHQ01rkJCXaWCe9z4w5lL_zMCurysJR6Nvz3PF0Mvdu3zVDKIR7xx9Ju1AY_cdqsiME9VUgbkNa6r_rl5DbiotJJVFkc&google_hm=aflWwBQJS-KUpCqN4CfEaQ
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AQvitUJSHQ01rkJCXaWCe9z4w5lL_zMCurysJR6Nvz3PF0Mvdu3zVDKIR7xx9Ju1AY_cdqsiME9VUgbkNa6r_rl5DbiotJJVFkc&google_hm=aflWwBQJS-KUpCqN4CfEaQ
pragma
no-cache
date
Sun, 18 Apr 2021 09:14:05 GMT
cache-control
no-cache
content-length
0
request-time
2
expires
-1
pixel
cm.g.doubleclick.net/ Frame 51B3
Redirect Chain
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEF3ll6B833bWLppzmXAdECk&google_cver=1&google_push=AQvitUInLnIhA4NNr7QEc-ya...
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUInLnIhA4NNr7QEc-yaEFPH0S_n-QgsML9_enqwLkPeeM2y73x2onuibrVeKPY-KZv5-dhVC30Sd7_NsR6TPeEa8TdkaTrJ&google_hm=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUInLnIhA4NNr7QEc-yaEFPH0S_n-QgsML9_enqwLkPeeM2y73x2onuibrVeKPY-KZv5-dhVC30Sd7_NsR6TPeEa8TdkaTrJ&google_hm=
Requested by
Host: compromat.t30p.ru
URL: https://compromat.t30p.ru/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:05 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUInLnIhA4NNr7QEc-yaEFPH0S_n-QgsML9_enqwLkPeeM2y73x2onuibrVeKPY-KZv5-dhVC30Sd7_NsR6TPeEa8TdkaTrJ&google_hm=
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
none
content-length
0
expires
Sat, 17 Apr 2021 09:14:05 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 51B3 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KErw9d2RvrHD_V1Ofwr1t5DY0OorsC1rihCXWq9ZyzuuTpBnt_hJJuYxt2_pklHtEwuA6PEA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4114440736&pi=t.aa~a.758506006~i.2~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280&nras=3&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=zpcoRVoPDu&p=https%3A//compromat.t30p.ru&dtd=17
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:05 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
pagead2.googlesyndication.com/bg/ Frame 923A 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=280&adk=2041072909&adf=4114440736&pi=t.aa~a.758506006~i.2~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1618737243&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9434662771&psa=0&ad_type=text_image&format=888x280&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737243916&bpp=1&bdt=310&idt=-M&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280&nras=3&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=3344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&pvsid=3766037551808549&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=zpcoRVoPDu&p=https%3A//compromat.t30p.ru&dtd=17
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 08:55:16 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
1129
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5682
x-xss-protection
0
expires
Mon, 18 Apr 2022 08:55:16 GMT
3bdf4bc5a105080d989d03306174de96.js
www.gstatic.com/mysidia/ Frame A626 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3bdf4bc5a105080d989d03306174de96.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=250&slotname=5661874658&adk=584091248&adf=4137922100&pi=t.ma~as.5661874658&w=332&fwrn=4&fwrnh=100&lmt=1618737244&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737244860&bpp=8&bdt=1254&idt=8&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314%2C910x335&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1102&ady=4020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&psts=AGkb-H80eFA4BWSaL_zLlcOZJt3JSYiAxNYTB8FDsZenRJpo88lwXHvkYvq1IC6WTrXv7QzjRJS-S_Em%2CAGkb-H_Y8bL9gMv1gReoxOyr4Tj8g_o8Ma4DnEFf_vRg2bGc_D3I10PbugSRqqhx8Oldfys8pSkEd9dULkU%2CAGkb-H9FLYd7HSz-oOWOhDa-KhzaVbtSfmZzUjQZufakGBA6TjknaCxqSWZh0DXOQ967i2lX6gJ5J7IrPEk&pvsid=3766037551808549&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=7HWD7ojd7u&p=https%3A//compromat.t30p.ru&dtd=12
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c491669ffeb03b25a72061f0b309f113d9c442aad96d271841dabf757d3080ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 11:04:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Apr 2021 10:27:13 GMT
server
sffe
age
338995
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2784
x-xss-protection
0
expires
Tue, 13 Jul 2021 11:04:10 GMT
51f95e8801b2f454bb1ec0b0d582ea90.js
www.gstatic.com/mysidia/ Frame A626 		142 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/51f95e8801b2f454bb1ec0b0d582ea90.js?tag=video_mra/web_raspberry
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=250&slotname=5661874658&adk=584091248&adf=4137922100&pi=t.ma~as.5661874658&w=332&fwrn=4&fwrnh=100&lmt=1618737244&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737244860&bpp=8&bdt=1254&idt=8&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314%2C910x335&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1102&ady=4020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&psts=AGkb-H80eFA4BWSaL_zLlcOZJt3JSYiAxNYTB8FDsZenRJpo88lwXHvkYvq1IC6WTrXv7QzjRJS-S_Em%2CAGkb-H_Y8bL9gMv1gReoxOyr4Tj8g_o8Ma4DnEFf_vRg2bGc_D3I10PbugSRqqhx8Oldfys8pSkEd9dULkU%2CAGkb-H9FLYd7HSz-oOWOhDa-KhzaVbtSfmZzUjQZufakGBA6TjknaCxqSWZh0DXOQ967i2lX6gJ5J7IrPEk&pvsid=3766037551808549&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=7HWD7ojd7u&p=https%3A//compromat.t30p.ru&dtd=12
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98329b1413a0161084fbf5608a0c80759978a565ce2adcf114e72761d4531375
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 12:04:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Apr 2021 10:35:46 GMT
server
sffe
age
248990
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53387
x-xss-protection
0
expires
Wed, 14 Jul 2021 12:04:15 GMT
css
fonts.googleapis.com/ Frame A626 		3 KB
578 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=250&slotname=5661874658&adk=584091248&adf=4137922100&pi=t.ma~as.5661874658&w=332&fwrn=4&fwrnh=100&lmt=1618737244&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737244860&bpp=8&bdt=1254&idt=8&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314%2C910x335&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1102&ady=4020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&psts=AGkb-H80eFA4BWSaL_zLlcOZJt3JSYiAxNYTB8FDsZenRJpo88lwXHvkYvq1IC6WTrXv7QzjRJS-S_Em%2CAGkb-H_Y8bL9gMv1gReoxOyr4Tj8g_o8Ma4DnEFf_vRg2bGc_D3I10PbugSRqqhx8Oldfys8pSkEd9dULkU%2CAGkb-H9FLYd7HSz-oOWOhDa-KhzaVbtSfmZzUjQZufakGBA6TjknaCxqSWZh0DXOQ967i2lX6gJ5J7IrPEk&pvsid=3766037551808549&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=7HWD7ojd7u&p=https%3A//compromat.t30p.ru&dtd=12
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 18 Apr 2021 08:16:40 GMT
server
ESF
date
Sun, 18 Apr 2021 09:14:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 18 Apr 2021 09:14:05 GMT
css
fonts.googleapis.com/ Frame A626 		3 KB
579 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=250&slotname=5661874658&adk=584091248&adf=4137922100&pi=t.ma~as.5661874658&w=332&fwrn=4&fwrnh=100&lmt=1618737244&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737244860&bpp=8&bdt=1254&idt=8&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314%2C910x335&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1102&ady=4020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&psts=AGkb-H80eFA4BWSaL_zLlcOZJt3JSYiAxNYTB8FDsZenRJpo88lwXHvkYvq1IC6WTrXv7QzjRJS-S_Em%2CAGkb-H_Y8bL9gMv1gReoxOyr4Tj8g_o8Ma4DnEFf_vRg2bGc_D3I10PbugSRqqhx8Oldfys8pSkEd9dULkU%2CAGkb-H9FLYd7HSz-oOWOhDa-KhzaVbtSfmZzUjQZufakGBA6TjknaCxqSWZh0DXOQ967i2lX6gJ5J7IrPEk&pvsid=3766037551808549&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=7HWD7ojd7u&p=https%3A//compromat.t30p.ru&dtd=12
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d9b4e8baf2d6296710fb142486efc074d1b4295512aa4125465410dbfd1053a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 18 Apr 2021 08:16:48 GMT
server
ESF
date
Sun, 18 Apr 2021 09:14:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 18 Apr 2021 09:14:05 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame A626 		1 KB
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=250&slotname=5661874658&adk=584091248&adf=4137922100&pi=t.ma~as.5661874658&w=332&fwrn=4&fwrnh=100&lmt=1618737244&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737244860&bpp=8&bdt=1254&idt=8&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314%2C910x335&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1102&ady=4020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&psts=AGkb-H80eFA4BWSaL_zLlcOZJt3JSYiAxNYTB8FDsZenRJpo88lwXHvkYvq1IC6WTrXv7QzjRJS-S_Em%2CAGkb-H_Y8bL9gMv1gReoxOyr4Tj8g_o8Ma4DnEFf_vRg2bGc_D3I10PbugSRqqhx8Oldfys8pSkEd9dULkU%2CAGkb-H9FLYd7HSz-oOWOhDa-KhzaVbtSfmZzUjQZufakGBA6TjknaCxqSWZh0DXOQ967i2lX6gJ5J7IrPEk&pvsid=3766037551808549&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=7HWD7ojd7u&p=https%3A//compromat.t30p.ru&dtd=12
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:09:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
265
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 May 2021 09:09:40 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/ Frame A626 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=250&slotname=5661874658&adk=584091248&adf=4137922100&pi=t.ma~as.5661874658&w=332&fwrn=4&fwrnh=100&lmt=1618737244&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737244860&bpp=8&bdt=1254&idt=8&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314%2C910x335&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1102&ady=4020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&psts=AGkb-H80eFA4BWSaL_zLlcOZJt3JSYiAxNYTB8FDsZenRJpo88lwXHvkYvq1IC6WTrXv7QzjRJS-S_Em%2CAGkb-H_Y8bL9gMv1gReoxOyr4Tj8g_o8Ma4DnEFf_vRg2bGc_D3I10PbugSRqqhx8Oldfys8pSkEd9dULkU%2CAGkb-H9FLYd7HSz-oOWOhDa-KhzaVbtSfmZzUjQZufakGBA6TjknaCxqSWZh0DXOQ967i2lX6gJ5J7IrPEk&pvsid=3766037551808549&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=7HWD7ojd7u&p=https%3A//compromat.t30p.ru&dtd=12
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:12:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7113
x-xss-protection
0
server
cafe
etag
11066897925667386271
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 May 2021 09:12:32 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame A626 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=250&slotname=5661874658&adk=584091248&adf=4137922100&pi=t.ma~as.5661874658&w=332&fwrn=4&fwrnh=100&lmt=1618737244&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737244860&bpp=8&bdt=1254&idt=8&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314%2C910x335&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1102&ady=4020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&psts=AGkb-H80eFA4BWSaL_zLlcOZJt3JSYiAxNYTB8FDsZenRJpo88lwXHvkYvq1IC6WTrXv7QzjRJS-S_Em%2CAGkb-H_Y8bL9gMv1gReoxOyr4Tj8g_o8Ma4DnEFf_vRg2bGc_D3I10PbugSRqqhx8Oldfys8pSkEd9dULkU%2CAGkb-H9FLYd7HSz-oOWOhDa-KhzaVbtSfmZzUjQZufakGBA6TjknaCxqSWZh0DXOQ967i2lX6gJ5J7IrPEk&pvsid=3766037551808549&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=7HWD7ojd7u&p=https%3A//compromat.t30p.ru&dtd=12
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
137
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 May 2021 09:11:48 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame A626 		67 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=250&slotname=5661874658&adk=584091248&adf=4137922100&pi=t.ma~as.5661874658&w=332&fwrn=4&fwrnh=100&lmt=1618737244&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737244860&bpp=8&bdt=1254&idt=8&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314%2C910x335&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1102&ady=4020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&psts=AGkb-H80eFA4BWSaL_zLlcOZJt3JSYiAxNYTB8FDsZenRJpo88lwXHvkYvq1IC6WTrXv7QzjRJS-S_Em%2CAGkb-H_Y8bL9gMv1gReoxOyr4Tj8g_o8Ma4DnEFf_vRg2bGc_D3I10PbugSRqqhx8Oldfys8pSkEd9dULkU%2CAGkb-H9FLYd7HSz-oOWOhDa-KhzaVbtSfmZzUjQZufakGBA6TjknaCxqSWZh0DXOQ967i2lX6gJ5J7IrPEk&pvsid=3766037551808549&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=7HWD7ojd7u&p=https%3A//compromat.t30p.ru&dtd=12
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Apr 2021 22:41:50 GMT
x-content-type-options
nosniff
server
cafe
age
37935
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
expires
Sun, 18 Apr 2021 22:41:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A626 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=250&slotname=5661874658&adk=584091248&adf=4137922100&pi=t.ma~as.5661874658&w=332&fwrn=4&fwrnh=100&lmt=1618737244&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737244860&bpp=8&bdt=1254&idt=8&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314%2C910x335&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1102&ady=4020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&psts=AGkb-H80eFA4BWSaL_zLlcOZJt3JSYiAxNYTB8FDsZenRJpo88lwXHvkYvq1IC6WTrXv7QzjRJS-S_Em%2CAGkb-H_Y8bL9gMv1gReoxOyr4Tj8g_o8Ma4DnEFf_vRg2bGc_D3I10PbugSRqqhx8Oldfys8pSkEd9dULkU%2CAGkb-H9FLYd7HSz-oOWOhDa-KhzaVbtSfmZzUjQZufakGBA6TjknaCxqSWZh0DXOQ967i2lX6gJ5J7IrPEk&pvsid=3766037551808549&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=7HWD7ojd7u&p=https%3A//compromat.t30p.ru&dtd=12
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423651533291"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36717
x-xss-protection
0
expires
Sun, 18 Apr 2021 09:14:05 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame A626 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=250&slotname=5661874658&adk=584091248&adf=4137922100&pi=t.ma~as.5661874658&w=332&fwrn=4&fwrnh=100&lmt=1618737244&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737244860&bpp=8&bdt=1254&idt=8&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314%2C910x335&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1102&ady=4020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&psts=AGkb-H80eFA4BWSaL_zLlcOZJt3JSYiAxNYTB8FDsZenRJpo88lwXHvkYvq1IC6WTrXv7QzjRJS-S_Em%2CAGkb-H_Y8bL9gMv1gReoxOyr4Tj8g_o8Ma4DnEFf_vRg2bGc_D3I10PbugSRqqhx8Oldfys8pSkEd9dULkU%2CAGkb-H9FLYd7HSz-oOWOhDa-KhzaVbtSfmZzUjQZufakGBA6TjknaCxqSWZh0DXOQ967i2lX6gJ5J7IrPEk&pvsid=3766037551808549&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=7HWD7ojd7u&p=https%3A//compromat.t30p.ru&dtd=12
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:09:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
285
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5602
x-xss-protection
0
server
cafe
etag
7525161794280374107
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 May 2021 09:09:20 GMT
l
www.google.com/ads/measurement/ Frame A626 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ_g0NPQHsz8-Qk2TOd68katIxU8E62tMsGXIFZ3ixqzPd4m0yG_Ymwm82jtam98dqpRSTpSnWHWrARYewJbedXhngzIw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=250&slotname=5661874658&adk=584091248&adf=4137922100&pi=t.ma~as.5661874658&w=332&fwrn=4&fwrnh=100&lmt=1618737244&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737244860&bpp=8&bdt=1254&idt=8&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314%2C910x335&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1102&ady=4020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&psts=AGkb-H80eFA4BWSaL_zLlcOZJt3JSYiAxNYTB8FDsZenRJpo88lwXHvkYvq1IC6WTrXv7QzjRJS-S_Em%2CAGkb-H_Y8bL9gMv1gReoxOyr4Tj8g_o8Ma4DnEFf_vRg2bGc_D3I10PbugSRqqhx8Oldfys8pSkEd9dULkU%2CAGkb-H9FLYd7HSz-oOWOhDa-KhzaVbtSfmZzUjQZufakGBA6TjknaCxqSWZh0DXOQ967i2lX6gJ5J7IrPEk&pvsid=3766037551808549&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=7HWD7ojd7u&p=https%3A//compromat.t30p.ru&dtd=12
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
b42b11247d0ebeb7b44892ca7e629453.js
www.gstatic.com/mysidia/ Frame A626 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b42b11247d0ebeb7b44892ca7e629453.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=250&slotname=5661874658&adk=584091248&adf=4137922100&pi=t.ma~as.5661874658&w=332&fwrn=4&fwrnh=100&lmt=1618737244&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737244860&bpp=8&bdt=1254&idt=8&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314%2C910x335&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1102&ady=4020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&psts=AGkb-H80eFA4BWSaL_zLlcOZJt3JSYiAxNYTB8FDsZenRJpo88lwXHvkYvq1IC6WTrXv7QzjRJS-S_Em%2CAGkb-H_Y8bL9gMv1gReoxOyr4Tj8g_o8Ma4DnEFf_vRg2bGc_D3I10PbugSRqqhx8Oldfys8pSkEd9dULkU%2CAGkb-H9FLYd7HSz-oOWOhDa-KhzaVbtSfmZzUjQZufakGBA6TjknaCxqSWZh0DXOQ967i2lX6gJ5J7IrPEk&pvsid=3766037551808549&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=7HWD7ojd7u&p=https%3A//compromat.t30p.ru&dtd=12
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0d34b0d95e73a7ae965ab9eef15d273c1b4ab22aa7d5648e120a2763434ce84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 10:55:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Apr 2021 10:27:13 GMT
server
sffe
age
339495
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10497
x-xss-protection
0
expires
Tue, 13 Jul 2021 10:55:50 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/778386939095909474/ Frame A626 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/778386939095909474/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=250&slotname=5661874658&adk=584091248&adf=4137922100&pi=t.ma~as.5661874658&w=332&fwrn=4&fwrnh=100&lmt=1618737244&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737244860&bpp=8&bdt=1254&idt=8&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314%2C910x335&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1102&ady=4020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&psts=AGkb-H80eFA4BWSaL_zLlcOZJt3JSYiAxNYTB8FDsZenRJpo88lwXHvkYvq1IC6WTrXv7QzjRJS-S_Em%2CAGkb-H_Y8bL9gMv1gReoxOyr4Tj8g_o8Ma4DnEFf_vRg2bGc_D3I10PbugSRqqhx8Oldfys8pSkEd9dULkU%2CAGkb-H9FLYd7HSz-oOWOhDa-KhzaVbtSfmZzUjQZufakGBA6TjknaCxqSWZh0DXOQ967i2lX6gJ5J7IrPEk&pvsid=3766037551808549&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=7HWD7ojd7u&p=https%3A//compromat.t30p.ru&dtd=12
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dafc19c819c4531ce31949ac076aa18fb3e03aa2b75fd1be3f78c87c483163e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 23:45:59 GMT
x-content-type-options
nosniff
age
293286
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1571
x-xss-protection
0
last-modified
Fri, 16 Nov 2018 14:15:56 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Apr 2022 23:45:59 GMT
truncated
/ Frame A626 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
csi
csi.gstatic.com/ Frame A626 		0
331 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~knmyd0ce&c=6592415284041&slotId=3296207642020.5&qqid=CP2W35O6h_ACFYfXEQgdCH0E0A&sei=44729911%2C44730425%2C44730426%2C75259407%2C75259408%2C324123032&nsei=44714510%2C75259405%2C447279544&bi=rda&ulv=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/51f95e8801b2f454bb1ec0b0d582ea90.js?tag=video_mra/web_raspberry
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4007:809::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:06 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/7005362181481130210/ Frame A626 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7005362181481130210/downsize_200k_v1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=250&slotname=5661874658&adk=584091248&adf=4137922100&pi=t.ma~as.5661874658&w=332&fwrn=4&fwrnh=100&lmt=1618737244&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737244860&bpp=8&bdt=1254&idt=8&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314%2C910x335&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1102&ady=4020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&psts=AGkb-H80eFA4BWSaL_zLlcOZJt3JSYiAxNYTB8FDsZenRJpo88lwXHvkYvq1IC6WTrXv7QzjRJS-S_Em%2CAGkb-H_Y8bL9gMv1gReoxOyr4Tj8g_o8Ma4DnEFf_vRg2bGc_D3I10PbugSRqqhx8Oldfys8pSkEd9dULkU%2CAGkb-H9FLYd7HSz-oOWOhDa-KhzaVbtSfmZzUjQZufakGBA6TjknaCxqSWZh0DXOQ967i2lX6gJ5J7IrPEk&pvsid=3766037551808549&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=7HWD7ojd7u&p=https%3A//compromat.t30p.ru&dtd=12
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36d0f087898988a1caff536cfca77021eb4f6a4064ce2811320043845d125903
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 23:28:28 GMT
x-content-type-options
nosniff
age
121537
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36732
x-xss-protection
0
last-modified
Tue, 13 Apr 2021 12:17:26 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Apr 2022 23:28:28 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame A626 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CkzQaXPh7YP34N4evx_APiPqRgA3Sv76kYrmIna7hDZ3M_d8FEAEgxJT5BWCViviBlAegAf_0_ZkDyAEJqQIgAuV8Ixq0PqgDAcgDywSqBOIBT9AwnaDodpJXB_fycNul2wIIPTwEqfc4OazRA7f8YsFI1ldRUvMPEhgyt0vNVDw_rK_bszG-5reb4WiPlzFyBzGDmSFzXvFkoMUYt-tJofpFIzS5sJsIFBSr3qI5SATv5A4Gz9YwXybb2VKNKMJ15rOWjbsudhNy91zhABB1Il_bRKjsY3bIAdYrSqSK_64lYI3qjXfglW1u03LtfyNe4CynsAibEoMbWc4kYojMKeO5x7gh_DXraXvXoVwZO_piwe5NB7kMkCatUYLBc7RQSV3J4-SkTTjb4s5mwaK9MnhaWcAEyIKUhsQDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_yRlzaoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQlboD0ggJCIDhgBAQARgfgAoByAsB2BMNiBQBshcaChgIABIUcHViLTQ3MTk5MTY3NTgzOTQ3MTY&sigh=ArGpnXGDNz4&template_id=3484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=250&slotname=5661874658&adk=584091248&adf=4137922100&pi=t.ma~as.5661874658&w=332&fwrn=4&fwrnh=100&lmt=1618737244&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737244860&bpp=8&bdt=1254&idt=8&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314%2C910x335&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1102&ady=4020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&psts=AGkb-H80eFA4BWSaL_zLlcOZJt3JSYiAxNYTB8FDsZenRJpo88lwXHvkYvq1IC6WTrXv7QzjRJS-S_Em%2CAGkb-H_Y8bL9gMv1gReoxOyr4Tj8g_o8Ma4DnEFf_vRg2bGc_D3I10PbugSRqqhx8Oldfys8pSkEd9dULkU%2CAGkb-H9FLYd7HSz-oOWOhDa-KhzaVbtSfmZzUjQZufakGBA6TjknaCxqSWZh0DXOQ967i2lX6gJ5J7IrPEk&pvsid=3766037551808549&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=7HWD7ojd7u&p=https%3A//compromat.t30p.ru&dtd=12
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=250&slotname=5661874658&adk=584091248&adf=4137922100&pi=t.ma~as.5661874658&w=332&fwrn=4&fwrnh=100&lmt=1618737244&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737244860&bpp=8&bdt=1254&idt=8&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314%2C910x335&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1102&ady=4020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&psts=AGkb-H80eFA4BWSaL_zLlcOZJt3JSYiAxNYTB8FDsZenRJpo88lwXHvkYvq1IC6WTrXv7QzjRJS-S_Em%2CAGkb-H_Y8bL9gMv1gReoxOyr4Tj8g_o8Ma4DnEFf_vRg2bGc_D3I10PbugSRqqhx8Oldfys8pSkEd9dULkU%2CAGkb-H9FLYd7HSz-oOWOhDa-KhzaVbtSfmZzUjQZufakGBA6TjknaCxqSWZh0DXOQ967i2lX6gJ5J7IrPEk&pvsid=3766037551808549&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=7HWD7ojd7u&p=https%3A//compromat.t30p.ru&dtd=12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 18 Apr 2021 09:14:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1832 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=250&slotname=5661874658&adk=584091248&adf=4137922100&pi=t.ma~as.5661874658&w=332&fwrn=4&fwrnh=100&lmt=1618737244&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737244860&bpp=8&bdt=1254&idt=8&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314%2C910x335&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1102&ady=4020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&psts=AGkb-H80eFA4BWSaL_zLlcOZJt3JSYiAxNYTB8FDsZenRJpo88lwXHvkYvq1IC6WTrXv7QzjRJS-S_Em%2CAGkb-H_Y8bL9gMv1gReoxOyr4Tj8g_o8Ma4DnEFf_vRg2bGc_D3I10PbugSRqqhx8Oldfys8pSkEd9dULkU%2CAGkb-H9FLYd7HSz-oOWOhDa-KhzaVbtSfmZzUjQZufakGBA6TjknaCxqSWZh0DXOQ967i2lX6gJ5J7IrPEk&pvsid=3766037551808549&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=7HWD7ojd7u&p=https%3A//compromat.t30p.ru&dtd=12
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 17 Apr 2021 16:59:40 GMT
expires
Sun, 18 Apr 2021 16:59:40 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
58465
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
videoplayback
r1---sn-4g5e6nsd.gvt1.com/ Frame A626
Redirect Chain
  • https://redirector.gvt1.com/videoplayback?id=f88da2793e589ae1&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1618744445&sparams=ip,ipbits,expire,id,...
  • https://r1---sn-4g5e6nsd.gvt1.com/videoplayback?id=f88da2793e589ae1&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1618744445&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...
849 KB
849 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5e6nsd.gvt1.com/videoplayback?id=f88da2793e589ae1&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1618744445&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=05CB6E7633FEC468F83C0B522288C04C567DDD7B.17EA9FD6A761BBA085D8FFCFBA2440C241677ED1&key=cms1&cms_redirect=yes&mh=VW&mip=2a01:4f8:192:5414::2&mm=28&mn=sn-4g5e6nsd&ms=nvh&mt=1618736631&mv=u&mvi=1&pl=47
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=250&slotname=5661874658&adk=584091248&adf=4137922100&pi=t.ma~as.5661874658&w=332&fwrn=4&fwrnh=100&lmt=1618737244&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737244860&bpp=8&bdt=1254&idt=8&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314%2C910x335&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1102&ady=4020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&psts=AGkb-H80eFA4BWSaL_zLlcOZJt3JSYiAxNYTB8FDsZenRJpo88lwXHvkYvq1IC6WTrXv7QzjRJS-S_Em%2CAGkb-H_Y8bL9gMv1gReoxOyr4Tj8g_o8Ma4DnEFf_vRg2bGc_D3I10PbugSRqqhx8Oldfys8pSkEd9dULkU%2CAGkb-H9FLYd7HSz-oOWOhDa-KhzaVbtSfmZzUjQZufakGBA6TjknaCxqSWZh0DXOQ967i2lX6gJ5J7IrPEk&pvsid=3766037551808549&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=7HWD7ojd7u&p=https%3A//compromat.t30p.ru&dtd=12
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:61::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
550e2706256c5600577049d03b43f846f56b0afad9844b1f9f4b1a8fa1614168
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 13 Apr 2021 14:58:12 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
Content-Range
bytes 0-869593/869594
client-protocol
quic
cache-control
private, max-age=6900
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
869594
expires
Sun, 18 Apr 2021 09:14:05 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:05 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r1---sn-4g5e6nsd.gvt1.com/videoplayback?id=f88da2793e589ae1&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1618744445&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=05CB6E7633FEC468F83C0B522288C04C567DDD7B.17EA9FD6A761BBA085D8FFCFBA2440C241677ED1&key=cms1&cms_redirect=yes&mh=VW&mip=2a01:4f8:192:5414::2&mm=28&mn=sn-4g5e6nsd&ms=nvh&mt=1618736631&mv=u&mvi=1&pl=47
cache-control
no-cache, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
707
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame A626 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef325909aea33935da35aa84239ec8e823209842245b1d4c755d8ffbe9f5ab1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
rda_video_bg_pattern.png
googleads.g.doubleclick.net/pagead/images/ Frame A626 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/images/rda_video_bg_pattern.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=250&slotname=5661874658&adk=584091248&adf=4137922100&pi=t.ma~as.5661874658&w=332&fwrn=4&fwrnh=100&lmt=1618737244&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737244860&bpp=8&bdt=1254&idt=8&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314%2C910x335&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1102&ady=4020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&psts=AGkb-H80eFA4BWSaL_zLlcOZJt3JSYiAxNYTB8FDsZenRJpo88lwXHvkYvq1IC6WTrXv7QzjRJS-S_Em%2CAGkb-H_Y8bL9gMv1gReoxOyr4Tj8g_o8Ma4DnEFf_vRg2bGc_D3I10PbugSRqqhx8Oldfys8pSkEd9dULkU%2CAGkb-H9FLYd7HSz-oOWOhDa-KhzaVbtSfmZzUjQZufakGBA6TjknaCxqSWZh0DXOQ967i2lX6gJ5J7IrPEk&pvsid=3766037551808549&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=7HWD7ojd7u&p=https%3A//compromat.t30p.ru&dtd=12
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=250&slotname=5661874658&adk=584091248&adf=4137922100&pi=t.ma~as.5661874658&w=332&fwrn=4&fwrnh=100&lmt=1618737244&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737244860&bpp=8&bdt=1254&idt=8&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314%2C910x335&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1102&ady=4020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&psts=AGkb-H80eFA4BWSaL_zLlcOZJt3JSYiAxNYTB8FDsZenRJpo88lwXHvkYvq1IC6WTrXv7QzjRJS-S_Em%2CAGkb-H_Y8bL9gMv1gReoxOyr4Tj8g_o8Ma4DnEFf_vRg2bGc_D3I10PbugSRqqhx8Oldfys8pSkEd9dULkU%2CAGkb-H9FLYd7HSz-oOWOhDa-KhzaVbtSfmZzUjQZufakGBA6TjknaCxqSWZh0DXOQ967i2lX6gJ5J7IrPEk&pvsid=3766037551808549&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=7HWD7ojd7u&p=https%3A//compromat.t30p.ru&dtd=12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Apr 2021 04:34:43 GMT
x-content-type-options
nosniff
server
cafe
age
16762
etag
9923804599063086578
vary
Accept-Encoding
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2033
x-xss-protection
0
expires
Mon, 19 Apr 2021 04:34:43 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame A626 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:21 GMT
server
sffe
age
601827
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21716
x-xss-protection
0
expires
Mon, 11 Apr 2022 10:03:38 GMT
dpixel
cms.quantserve.com/ Frame 1832 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMUuQtb6KB1AuevEnIIjM8M&google_cver=1&google_push=AQvitUJJYt4Y9FFi03fBmtUdE72KCkpQ4yl8-FdC3pDUL8JuebCrf-dSAHc9YVTy8eug1JY3PRzep_4qAOOJTqLcITOSR0pex9oc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=250&slotname=5661874658&adk=584091248&adf=4137922100&pi=t.ma~as.5661874658&w=332&fwrn=4&fwrnh=100&lmt=1618737244&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737244860&bpp=8&bdt=1254&idt=8&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314%2C910x335&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1102&ady=4020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&psts=AGkb-H80eFA4BWSaL_zLlcOZJt3JSYiAxNYTB8FDsZenRJpo88lwXHvkYvq1IC6WTrXv7QzjRJS-S_Em%2CAGkb-H_Y8bL9gMv1gReoxOyr4Tj8g_o8Ma4DnEFf_vRg2bGc_D3I10PbugSRqqhx8Oldfys8pSkEd9dULkU%2CAGkb-H9FLYd7HSz-oOWOhDa-KhzaVbtSfmZzUjQZufakGBA6TjknaCxqSWZh0DXOQ967i2lX6gJ5J7IrPEk&pvsid=3766037551808549&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=7HWD7ojd7u&p=https%3A//compromat.t30p.ru&dtd=12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:05 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1832
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUL4MDJ8OsyvSaTyaS_FAwSxzHl61Yo_kBzLne2MDfSsOW6tXnxWBLXQgx9xr3hO0mXse3gYDyG75WAHZvpJf4XIobI1mUiE&google_gid=CAESEK16pb6lx_RSwS6-IkFIuD8&goo...
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCN3w74MGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BUXZpdFVMNE1ESjhPc3l2U2FUeWFTX0ZBd1N4ekhsNjFZb19rQnpMbmUyTURmU3NPVzZ0WG54V0JMWFFneDl4cjNoTzBtWHNlM2dZRHlHNzVXQUhadn...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcweW1CTnczcUhfYUdKekVjRDR5Qi1oWndMdWxYd2VBa01HdXNmdTFCZnhqdw==&google_push
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcweW1CTnczcUhfYUdKekVjRDR5Qi1oWndMdWxYd2VBa01HdXNmdTFCZnhqdw==&google_push
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=250&slotname=5661874658&adk=584091248&adf=4137922100&pi=t.ma~as.5661874658&w=332&fwrn=4&fwrnh=100&lmt=1618737244&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737244860&bpp=8&bdt=1254&idt=8&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314%2C910x335&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1102&ady=4020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&psts=AGkb-H80eFA4BWSaL_zLlcOZJt3JSYiAxNYTB8FDsZenRJpo88lwXHvkYvq1IC6WTrXv7QzjRJS-S_Em%2CAGkb-H_Y8bL9gMv1gReoxOyr4Tj8g_o8Ma4DnEFf_vRg2bGc_D3I10PbugSRqqhx8Oldfys8pSkEd9dULkU%2CAGkb-H9FLYd7HSz-oOWOhDa-KhzaVbtSfmZzUjQZufakGBA6TjknaCxqSWZh0DXOQ967i2lX6gJ5J7IrPEk&pvsid=3766037551808549&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=7HWD7ojd7u&p=https%3A//compromat.t30p.ru&dtd=12
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 18 Apr 2021 09:14:05 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcweW1CTnczcUhfYUdKekVjRDR5Qi1oWndMdWxYd2VBa01HdXNmdTFCZnhqdw==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
sync
odr.mookie1.com/t/v2/ Frame 1832 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEGyYQTNBUZVFMXVtb3oVSIM&google_push=AQvitUKGG0hZydGVF_AjyJ1KMZy2PMQiPZDycmpEnTYr5W-2mSKSRfxJANX2-Ta9gk3KhpYwOJdL2BbFc-QjoJRDv6yallXrbaM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=250&slotname=5661874658&adk=584091248&adf=4137922100&pi=t.ma~as.5661874658&w=332&fwrn=4&fwrnh=100&lmt=1618737244&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737244860&bpp=8&bdt=1254&idt=8&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314%2C910x335&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1102&ady=4020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&psts=AGkb-H80eFA4BWSaL_zLlcOZJt3JSYiAxNYTB8FDsZenRJpo88lwXHvkYvq1IC6WTrXv7QzjRJS-S_Em%2CAGkb-H_Y8bL9gMv1gReoxOyr4Tj8g_o8Ma4DnEFf_vRg2bGc_D3I10PbugSRqqhx8Oldfys8pSkEd9dULkU%2CAGkb-H9FLYd7HSz-oOWOhDa-KhzaVbtSfmZzUjQZufakGBA6TjknaCxqSWZh0DXOQ967i2lX6gJ5J7IrPEk&pvsid=3766037551808549&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=7HWD7ojd7u&p=https%3A//compromat.t30p.ru&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:05 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1832
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JFDlrVb-SlWFdkjk88qMxA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JFDlrVb-SlWFdkjk88qMxA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUI6mgQmHKjwMGlPU_1hO9Q6LtoHj3SbdMx85y6FCsItcpagOfw284ruyg-3lqrWfOR856qu68w-lLThcqvzoQRmYNgxRKo5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=250&slotname=5661874658&adk=584091248&adf=4137922100&pi=t.ma~as.5661874658&w=332&fwrn=4&fwrnh=100&lmt=1618737244&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737244860&bpp=8&bdt=1254&idt=8&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314%2C910x335&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1102&ady=4020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&psts=AGkb-H80eFA4BWSaL_zLlcOZJt3JSYiAxNYTB8FDsZenRJpo88lwXHvkYvq1IC6WTrXv7QzjRJS-S_Em%2CAGkb-H_Y8bL9gMv1gReoxOyr4Tj8g_o8Ma4DnEFf_vRg2bGc_D3I10PbugSRqqhx8Oldfys8pSkEd9dULkU%2CAGkb-H9FLYd7HSz-oOWOhDa-KhzaVbtSfmZzUjQZufakGBA6TjknaCxqSWZh0DXOQ967i2lX6gJ5J7IrPEk&pvsid=3766037551808549&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=7HWD7ojd7u&p=https%3A//compromat.t30p.ru&dtd=12
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JFDlrVb-SlWFdkjk88qMxA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUI6mgQmHKjwMGlPU_1hO9Q6LtoHj3SbdMx85y6FCsItcpagOfw284ruyg-3lqrWfOR856qu68w-lLThcqvzoQRmYNgxRKo5
Date
Sun, 18 Apr 2021 09:14:04 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
0
Content-Type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 1832
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEI4gvJfve-MWqkN3V995ROI&google_cver=1&google_push=AQvitUIWs7xgTlvVgx3bUjPJe2Z2VK_82K3atSM9Z_Qi1NEPYLcFVErcoBj4TkeXRnycWZ2I3k1...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05NWUQwRlYtMUUtQjdE&google_push=AQvitUIWs7xgTlvVgx3bUjPJe2Z2VK_82K3atSM9Z_Qi1NEPYLcFVErcoBj4TkeXRnycWZ2I3k1DY_GSsRqGDn3M-S7psUXA1o0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05NWUQwRlYtMUUtQjdE&google_push=AQvitUIWs7xgTlvVgx3bUjPJe2Z2VK_82K3atSM9Z_Qi1NEPYLcFVErcoBj4TkeXRnycWZ2I3k1DY_GSsRqGDn3M-S7psUXA1o0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=250&slotname=5661874658&adk=584091248&adf=4137922100&pi=t.ma~as.5661874658&w=332&fwrn=4&fwrnh=100&lmt=1618737244&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737244860&bpp=8&bdt=1254&idt=8&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314%2C910x335&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1102&ady=4020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&psts=AGkb-H80eFA4BWSaL_zLlcOZJt3JSYiAxNYTB8FDsZenRJpo88lwXHvkYvq1IC6WTrXv7QzjRJS-S_Em%2CAGkb-H_Y8bL9gMv1gReoxOyr4Tj8g_o8Ma4DnEFf_vRg2bGc_D3I10PbugSRqqhx8Oldfys8pSkEd9dULkU%2CAGkb-H9FLYd7HSz-oOWOhDa-KhzaVbtSfmZzUjQZufakGBA6TjknaCxqSWZh0DXOQ967i2lX6gJ5J7IrPEk&pvsid=3766037551808549&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=7HWD7ojd7u&p=https%3A//compromat.t30p.ru&dtd=12
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05NWUQwRlYtMUUtQjdE&google_push=AQvitUIWs7xgTlvVgx3bUjPJe2Z2VK_82K3atSM9Z_Qi1NEPYLcFVErcoBj4TkeXRnycWZ2I3k1DY_GSsRqGDn3M-S7psUXA1o0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
pixel
cm.g.doubleclick.net/ Frame 1832
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGEQR9nYaNugRafOkw1o3WE&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHv4XPfpIJI6cQm3QXMrewAABE4AAAAB&google_cver=1&google_push=AQvitUJ2vAot5C7djZPaqZAVpZhO-6QA3GvRT-v9QbD7tzxb6aUQBr5zeHPQnmZyOGpSp-gbkPIC...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHv4XPfpIJI6cQm3QXMrewAABE4AAAAB&google_cver=1&google_push=AQvitUJ2vAot5C7djZPaqZAVpZhO-6QA3GvRT-v9QbD7tzxb6aUQBr5zeHPQnmZyOGpSp-gbkPIC0oBVdtttLA1qkdj-1JhZ-gFB&google_gid=CAESEGEQR9nYaNugRafOkw1o3WE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=250&slotname=5661874658&adk=584091248&adf=4137922100&pi=t.ma~as.5661874658&w=332&fwrn=4&fwrnh=100&lmt=1618737244&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737244860&bpp=8&bdt=1254&idt=8&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314%2C910x335&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1102&ady=4020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&psts=AGkb-H80eFA4BWSaL_zLlcOZJt3JSYiAxNYTB8FDsZenRJpo88lwXHvkYvq1IC6WTrXv7QzjRJS-S_Em%2CAGkb-H_Y8bL9gMv1gReoxOyr4Tj8g_o8Ma4DnEFf_vRg2bGc_D3I10PbugSRqqhx8Oldfys8pSkEd9dULkU%2CAGkb-H9FLYd7HSz-oOWOhDa-KhzaVbtSfmZzUjQZufakGBA6TjknaCxqSWZh0DXOQ967i2lX6gJ5J7IrPEk&pvsid=3766037551808549&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=7HWD7ojd7u&p=https%3A//compromat.t30p.ru&dtd=12
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 18 Apr 2021 09:14:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHv4XPfpIJI6cQm3QXMrewAABE4AAAAB&google_cver=1&google_push=AQvitUJ2vAot5C7djZPaqZAVpZhO-6QA3GvRT-v9QbD7tzxb6aUQBr5zeHPQnmZyOGpSp-gbkPIC0oBVdtttLA1qkdj-1JhZ-gFB&google_gid=CAESEGEQR9nYaNugRafOkw1o3WE
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
460
Expires
Sun, 18 Apr 2021 09:14:05 GMT
pixel
cm.g.doubleclick.net/ Frame 1832
Redirect Chain
  • https://ag.innovid.com/trk?tid=11711&google_gid=CAESELaIH2U9O_Lm3r3XpxuKrhA&google_cver=1&google_push=AQvitUICQGqwymYyrV-M4VFR8FdP_4MwHagaBBE5pdKnfYA536ah2U1pyO-hnbRyKPlX6t-1hYllMUOTojzbbUa3ad6oQx7...
  • https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AQvitUICQGqwymYyrV-M4VFR8FdP_4MwHagaBBE5pdKnfYA536ah2U1pyO-hnbRyKPlX6t-1hYllMUOTojzbbUa3ad6oQx74rU7t&google_hm=aflWwBQJS-KUpCqN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AQvitUICQGqwymYyrV-M4VFR8FdP_4MwHagaBBE5pdKnfYA536ah2U1pyO-hnbRyKPlX6t-1hYllMUOTojzbbUa3ad6oQx74rU7t&google_hm=aflWwBQJS-KUpCqN4CfEaQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=250&slotname=5661874658&adk=584091248&adf=4137922100&pi=t.ma~as.5661874658&w=332&fwrn=4&fwrnh=100&lmt=1618737244&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737244860&bpp=8&bdt=1254&idt=8&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314%2C910x335&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1102&ady=4020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&psts=AGkb-H80eFA4BWSaL_zLlcOZJt3JSYiAxNYTB8FDsZenRJpo88lwXHvkYvq1IC6WTrXv7QzjRJS-S_Em%2CAGkb-H_Y8bL9gMv1gReoxOyr4Tj8g_o8Ma4DnEFf_vRg2bGc_D3I10PbugSRqqhx8Oldfys8pSkEd9dULkU%2CAGkb-H9FLYd7HSz-oOWOhDa-KhzaVbtSfmZzUjQZufakGBA6TjknaCxqSWZh0DXOQ967i2lX6gJ5J7IrPEk&pvsid=3766037551808549&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=7HWD7ojd7u&p=https%3A//compromat.t30p.ru&dtd=12
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AQvitUICQGqwymYyrV-M4VFR8FdP_4MwHagaBBE5pdKnfYA536ah2U1pyO-hnbRyKPlX6t-1hYllMUOTojzbbUa3ad6oQx74rU7t&google_hm=aflWwBQJS-KUpCqN4CfEaQ
pragma
no-cache
date
Sun, 18 Apr 2021 09:14:05 GMT
cache-control
no-cache
content-length
0
request-time
1
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 1832 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KSzLublDHu37WgdnT21yZPZM82IEWBzJCy3nYiAz1qniJ4wR-2n5mbdEPJQ565RaFBIvd1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=250&slotname=5661874658&adk=584091248&adf=4137922100&pi=t.ma~as.5661874658&w=332&fwrn=4&fwrnh=100&lmt=1618737244&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737244860&bpp=8&bdt=1254&idt=8&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314%2C910x335&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1102&ady=4020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&psts=AGkb-H80eFA4BWSaL_zLlcOZJt3JSYiAxNYTB8FDsZenRJpo88lwXHvkYvq1IC6WTrXv7QzjRJS-S_Em%2CAGkb-H_Y8bL9gMv1gReoxOyr4Tj8g_o8Ma4DnEFf_vRg2bGc_D3I10PbugSRqqhx8Oldfys8pSkEd9dULkU%2CAGkb-H9FLYd7HSz-oOWOhDa-KhzaVbtSfmZzUjQZufakGBA6TjknaCxqSWZh0DXOQ967i2lX6gJ5J7IrPEk&pvsid=3766037551808549&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=7HWD7ojd7u&p=https%3A//compromat.t30p.ru&dtd=12
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:05 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/getconfig/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210414&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4719916758394716&plah=compromat.t30p.ru&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ad64549d94c2ae654312c78ff951131c4d2cc5bd551dbd4f1609248b7f848f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Apr 2021 09:14:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6989
x-xss-protection
0
aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
pagead2.googlesyndication.com/bg/ Frame C6C9 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4719916758394716&output=html&h=250&slotname=5661874658&adk=584091248&adf=4137922100&pi=t.ma~as.5661874658&w=332&fwrn=4&fwrnh=100&lmt=1618737244&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fcompromat.t30p.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618737244860&bpp=8&bdt=1254&idt=8&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4efe7f166fc528ae-224b2e9593a70051%3AT%3D1618737243%3ART%3D1618737243%3AS%3DALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA&prev_fmts=0x0%2C888x280%2C888x280%2C910x314%2C910x335&nras=5&correlator=1321637884387&frm=20&pv=1&ga_vid=1160610847.1618737244&ga_sid=1618737244&ga_hid=1697777892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1102&ady=4020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C44740079&oid=3&psts=AGkb-H80eFA4BWSaL_zLlcOZJt3JSYiAxNYTB8FDsZenRJpo88lwXHvkYvq1IC6WTrXv7QzjRJS-S_Em%2CAGkb-H_Y8bL9gMv1gReoxOyr4Tj8g_o8Ma4DnEFf_vRg2bGc_D3I10PbugSRqqhx8Oldfys8pSkEd9dULkU%2CAGkb-H9FLYd7HSz-oOWOhDa-KhzaVbtSfmZzUjQZufakGBA6TjknaCxqSWZh0DXOQ967i2lX6gJ5J7IrPEk&pvsid=3766037551808549&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=7HWD7ojd7u&p=https%3A//compromat.t30p.ru&dtd=12
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 08:55:16 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
1129
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5682
x-xss-protection
0
expires
Mon, 18 Apr 2022 08:55:16 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4719916758394716&plah=compromat.t30p.ru&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Sun, 18 Apr 2021 09:14:05 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 8C2E 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://compromat.t30p.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://compromat.t30p.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Sun, 18 Apr 2021 08:58:32 GMT
expires
Mon, 18 Apr 2022 08:58:32 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
933
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
pagead2.googlesyndication.com/bg/ Frame 8C2E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 08:55:16 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
1129
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5682
x-xss-protection
0
expires
Mon, 18 Apr 2022 08:55:16 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210414&jk=3766037551808549&bg=!3t2l3ZnNAAZUuIlwVLg7ACkAdvg8Wgn0lK9fvcSJ1MMdytc-X9zolQzCIMOU--JJzS3iMjG9ojCgAAIAAABWUgAAAAxoAQcKALbf22PmLkRwlpqzn1mHM52NO0LJ0KKk8fjKTNK1xYaLlykP5hxT6_ixerSTT6czfi-VNB9_cwpd_GULz7cUN62sdu2WQvCDMzSoy5g4lb_SRuwBZOnupd0rw0Ot2dgsCPE-I-eXHckljv3fHU3qF3iVMoyBA85jk1p06RmfePjnnkNxMBJTfQAysrahiron8ZANmN2O-U5UTNLGgw4qy6dfKwUuz2b9KUife1y0cSIv_ne8hbuWbJkCHtOX51CLqt8MjHwQOCnwHgWvgVrHix_cZ9kKD2MPUjBbBQlGREmSfbLSYFkyad-LSAJDQ4lvaAceDHRPsjoU5heB4dz6pQq7ZxW05IupSI3OakH4XeQpy3K4kandsABZLUZL2nelQK8VpTpIgInyw2cUpp7FDvjmPxWpvpATNvljXXNyN0cfFDbI_wZMx-SyT64v6nlB3nCXeyReKcor6Kj4zWr2VCEF9voJ1EIk6gPlzl4-tsPnQlXQy2_r1uFrhba5cM5T26NN-QuVvQuk2o4JA0MD5bjAx9QIA2eBvOonk27Dilv5-zCCVRNZ1ljzvfc9AdcgerBOCdOFThiL8xgRu7oxgtHnt8QHcK916zE6TwDratKCwXVJOtSdHlyUgD1Th2tK6fhPXuEVYOSR9nJpPORn1TZ_TJobbOumf8egDBbRk-JNELpGSXr6YrFmt7k6KzJMBSpvid1_z8lU2Ki91x0cWFgzPixNtBMPbRJwbfSdtAc5ZCkvyRD7Eiuv4A38AkythIjOUd1gN7ReAEwKMVfZaq29V6PUunphlhz2jnQKd9_HXivRD5aZ0_D39ipupZTSQAz_HpvI4xSxxFvLI5j__VJtT-Qx-JnUxmnGASVKlf6fiayAqex3ktBDw3KxryRk4hjtncdGl5BJ4dcwTvEAKtery-_KJzdb9IaYcVnsaQLabn-uX2QHSwr-ULMytH9BA0PpPkZ1md5x
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
www.acint.net/rtbw/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A92351%2C%22sc%22%3A0%2C%22pl%22%3A432381%2C%22ev%22%3A%22vis0%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=607bf85b-f645-a0ml-lzec-durdux99r8qg&ref=https%3A%2F%2Fcompromat.t30p.ru%2F&r=1618737246
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:05 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
1
www.acint.net/rtbw/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A92351%2C%22sc%22%3A0%2C%22pl%22%3A432492%2C%22ev%22%3A%22vis0%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=607bf85b-f645-a0ml-lzec-durdux99r8qg&ref=https%3A%2F%2Fcompromat.t30p.ru%2F&r=1618737246
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:05 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
41655969
mc.yandex.com/webvisor/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/41655969?wmode=0&wv-part=1&wv-hit=998436773&page-url=https%3A%2F%2Fcompromat.t30p.ru%2F&rn=137386814&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1618737246%3Aw%3A1600x1200%3Av%3A490%3Az%3A120%3Ai%3A20210418111406%3Au%3A1618737244573416477%3Avf%3A2qfickvpx9rcbpmn%3Awe%3A1%3Ati%3A2%3Ast%3A1618737246
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:06 GMT
last-modified
Sun, 18-Apr-2021 09:14:06 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://compromat.t30p.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 18-Apr-2021 09:14:06 GMT
41655969
mc.yandex.com/webvisor/ 		43 B
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/41655969?wmode=0&wv-part=1&wv-hit=998436773&page-url=https%3A%2F%2Fcompromat.t30p.ru%2F&rn=374984576&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1618737246%3Aw%3A1600x1200%3Av%3A490%3Az%3A120%3Ai%3A20210418111406%3Au%3A1618737244573416477%3Avf%3A2qfickvpx9rcbpmn%3Awe%3A1%3Ati%3A2%3Ast%3A1618737246
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:06 GMT
last-modified
Sun, 18-Apr-2021 09:14:06 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://compromat.t30p.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 18-Apr-2021 09:14:06 GMT
csi
csi.gstatic.com/ Frame A626 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~knmyd0cm&c=6592415284041&slotId=3296207642020.5&qqid=CP2W35O6h_ACFYfXEQgdCH0E0A&umsem=0&ape=1&ple=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/51f95e8801b2f454bb1ec0b0d582ea90.js?tag=video_mra/web_raspberry
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4007:809::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 09:14:07 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.acint.net/ping/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/ping/?v=0.3.0&uid=c62b3035-24b4-4bc1-bf2b-e1b731f7f9ec&dp=14&tz=%2B02%3A00&nc=08543043&dT=2021-04-18T11%3A14%3A06.996
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://compromat.t30p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:14:06 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| BlogEngineRes function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY number| google_lpabyc function| $ function| jQuery function| TemplateUtils function| opFORFactory object| BlogEngine function| ym string| callBackFrameUrl function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| SapeRtbCommon function| SapeRtbPlayer function| SapeRtbClientCode object| aafVYIyfvUHGVufyud object| _acic object| sapeRtbHandler_92351 string| srtb_sid function| sapeRTB_607bf85bf_48701453 number| _AUExGYqNVn0H object| _acil object| Ya object| yaCounter41655969 object| _ntvk1 object| srtb_current_partners number| j object| GoogleGcLKhOms object| google_image_requests

38 Cookies

Domain/Path Name / Value
.advarkads.com/ Name: u
Value: 86dc7101-bfa6-47a4-b728-c478e2abb39e
.acint.net/ Name: cSyncDp146
Value: 1618737243
.acint.net/ Name: cSyncDp144
Value: 1618737243
.acint.net/ Name: cSyncDp136
Value: 1618737243
.acint.net/ Name: cSyncDp138
Value: 1618737243
.acint.net/ Name: cSyncDp127
Value: 1618737243
.acint.net/ Name: cSyncDp126
Value: 1618737243
.acint.net/ Name: cSyncDp125
Value: 1618737243
.acint.net/ Name: cSyncDp107
Value: 1618737243
.acint.net/ Name: cSyncDp149
Value: 1618737243
.acint.net/ Name: cSyncDp104v2
Value: 1618737243
.acint.net/ Name: cSyncDp95v2
Value: 1618737243
.acint.net/ Name: cSyncDp88
Value: 1618737243
.acint.net/ Name: cSyncDp84
Value: 1618737243
.acint.net/ Name: cSyncDp111v2
Value: 1618737243
.acint.net/ Name: cSyncDp77
Value: 1618737243
.acint.net/ Name: cSyncDp67v2
Value: 1618737243
.acint.net/ Name: cSyncDp53
Value: 1618737243
.acint.net/ Name: cSyncDp45v3
Value: 1618737243
.acint.net/ Name: cSyncDp32
Value: 1618737243
.doubleclick.net/ Name: IDE
Value: AHWqTUkD0keq8Bt-zfXrQFUouDUdpU1BOBG-uDFiMsTHWyRFKK01f0Xw56GqeXiYfDM
.acint.net/ Name: cSyncDp85
Value: 1618737243
.acint.net/ Name: cSyncDp54v2
Value: 1618737243
.t30p.ru/ Name: _ym_isad
Value: 2
.doubleclick.net/ Name: DSID
Value: NO_DATA
compromat.t30p.ru/ Name: fid
Value: a94cd09e-d550-4e33-9225-d1647d07ef4f
.acint.net/ Name: cSyncDp14v3
Value: 1618737243
.acint.net/ Name: cSyncDp101
Value: 1618737243
.acint.net/ Name: cSyncDp68
Value: 1618737243
.t30p.ru/ Name: _ym_visorc
Value: w
.acint.net/ Name: cSyncDp17
Value: 1618737243
.t30p.ru/ Name: _ym_d
Value: 1618737244
.acint.net/ Name: cSyncDp7v2
Value: 1618737243
.acint.net/ Name: cSyncDp62
Value: 1618737243
.acint.net/ Name: cSyncDp112v2
Value: 1618737243
.acint.net/ Name: aid
Value: fwAAAWB7+Fu7hwL0Qsd4Au3P4KYSJL633nwBaay/rbVYmjz+
.t30p.ru/ Name: _ym_uid
Value: 1618737244573416477
.t30p.ru/ Name: __gads
Value: ID=4efe7f166fc528ae-224b2e9593a70051:T=1618737243:RT=1618737243:S=ALNI_MZEkPdbJYEQnV8dn2TPjE2UlzbzYA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0100007f5bf87b60f40287bb0278c742-sp.ops.beeline.ru
a.utraff.com
acint.net
ad.adriver.ru
ad.mail.ru
adlmerge.com
ads.betweendigital.com
adservice.google.com
adservice.google.de
adx.com.ru
ag.innovid.com
an.yandex.ru
api.advarkads.com
biography.t30p.ru
cdn-rtb.sape.ru
cm.g.doubleclick.net
cms.quantserve.com
co9.rktch.com
compromat.t30p.ru
counter.yadro.ru
csi.gstatic.com
d.agkn.com
disqus.com
dm.hybrid.ai
dmg.digitaltarget.ru
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
exchange.buzzoola.com
fcgi4.gnezdo.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
image6.pubmatic.com
match.new-programmatic.com
mc.yandex.com
mc.yandex.ru
odr.mookie1.com
p1.dircont3.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
ps.ntvk1.ru
ps5.ntvk1.ru
px.adhigh.net
r1---sn-4g5e6nsd.gvt1.com
redirect.frontend.weborama.fr
redirector.gvt1.com
relap.io
rtb.beroll.ru
rtb.openx.net
s.uuidksinc.net
s3.advarkads.com
sape-sync.rutarget.ru
sm.rtb.mts.ru
ssp-rtb.sape.ru
ssp.adriver.ru
ssum-sec.casalemedia.com
stat.adlabs.ru
static.life.ru
sync.1dmp.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.republer.com
sync3.adsniper.ru
tag.digitaltarget.ru
tech.rtb.mts.ru
tg.rktch.com
tpc.googlesyndication.com
ut.rktch.com
wf.frontend.weborama.fr
www.acint.net
www.google.com
www.googletagservices.com
www.gstatic.com
www.t30p.ru
x01.aidata.io
109.248.237.36
142.250.186.162
142.250.186.98
148.251.156.238
148.251.9.22
151.101.128.134
157.90.6.171
176.99.5.169
176.99.9.147
185.15.175.147
185.15.175.148
185.64.190.78
188.34.131.130
188.42.196.115
193.232.148.157
194.176.118.216
194.190.117.93
195.201.243.71
195.209.108.37
212.193.146.233
213.87.44.207
217.65.2.150
217.66.147.169
23.218.208.246
2404:6800:4007:809::2003
2606:4700:10::6816:557
2606:4700:3039::6815:c023
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1148:db00::17
2a00:1450:4001:61::6
2a00:1450:4001:808::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:828::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
2a02:6b8::1:119
2a02:6b8::90
2a02:6ea0:c700::4
2a05:d01c:1d8:8101:ac20:41f1:bf24:9b3
31.172.81.158
31.172.81.172
31.220.27.134
34.246.227.69
34.98.67.61
35.186.253.211
35.190.16.14
35.244.174.68
35.244.223.69
37.18.16.16
37.9.245.57
46.4.121.26
52.57.98.174
69.173.144.138
78.46.100.125
79.137.69.120
80.64.106.149
81.222.128.215
82.202.224.34
84.201.139.218
84.201.143.211
88.212.201.216
88.212.233.108
89.108.120.76
89.108.97.2
93.95.102.105
95.163.37.253
95.181.171.231
95.211.66.35
95.213.133.114
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c88728e21e2eef44451fa9a777cd094ba424c107acb5225a3e3f907afcf2be6
0ed6ca38a3aaab35ab1534ce27b8053b5e8108316b061dbfbf6457d9d285ae8c
11d5cc5bb3db6c56fb91f9068e7f4741f6212c8e2e5546b17039c1c58720fb83
13b0e6d8616b7ce77d987b60af990b13d8a2cb70911935bc00ef3424c73c24e0
15e951e034c114ccbfbdb5cacb96e35345ffb6a028dffded15ebf52066eb9c11
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1983680021d05ff8389f26b4ea712750e503691814835e11ade55ac9622918bf
19ec91b31808f7b154c7b7a6bfd46fa2338dd0c3bfdc8022c7273be7f8902fd0
1b5aaa29981dd00553838adc596ec5719ff636f480894a0604c1fa101f574201
1c2b0401b20a6eb186b91330b16f60b1d7df5b75bd340948927b322d6bf5a7d1
1e2a2066e85f32296e791b2c464a3309479fb4188cd1256e9a9e4f21436ba9fc
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2adb69b2840b72e62056e266aa191307213e6ecb399d7950f6f5e366681a114f
2d06e396ae3e665587c28f5ab65944261d284a6d4597f89f741c12ed8354bd5d
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
2e43ff151a3acbb5446d9201319e1f8fd5b77dbf72fa1ad089e6a2307baf7af7
3109f8d61393330a7994ce8956fd3c73b5ce0a55ab168ba81603645b48337166
31544956c3666ecda832f4aa462ede5a2af0b3d15295933c689f9314e1264232
360c098b7edb66544f6d75b48f100d420b20e32d239b746c7001f356e21fe944
36d0f087898988a1caff536cfca77021eb4f6a4064ce2811320043845d125903
37d9fdcb589bfab4d9557628567c02db962393f3306d31658425f073721b317d
38bf9e6239876b69dbdf951c82707993809c797933d03b4743ea7f4cd9ca9bc6
38fd4c8c21eea207339997759032d5b8538b96ae030299e04a3a57a7e7bb5144
398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede
3a76e006dd5dbdf5acdd3860052e0a404f6dafe7975b915ae7f20d1559a5696a
3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16
3ff4dc66198057b9826eaa58e2231832bb8bc47baed0cf250cb48d8bd2a1cf98
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
43df78108997ef68a89a865d15618a5f0d5c493b91983031a1f86cc7b533c008
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
48803ecb715231d76a8556bd61d19953b067ed8042380d79aa6882bd355bc069
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
527b19a69680059d733db88f05c8e187ad4308b5f67ce41fe44acb7f747bc8e0
53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
550e2706256c5600577049d03b43f846f56b0afad9844b1f9f4b1a8fa1614168
5643cd3e2e4eaf98599c2e72914832a7cd4c0e0c642efabf35ed40ad8e896986
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
59adf6324fe6c5a11682d4b8806dce0bc00da6bd1291c83966593a3ee45be5c3
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a49726bf861ad2dbeed14284fc73e953d2e0c8760d79741829116fada42ff75
5acd5b0aefec349b8c705422b293122bb2e0e1bf77777463f565180e77ef2115
5ad64549d94c2ae654312c78ff951131c4d2cc5bd551dbd4f1609248b7f848f8
5d78ef4fc92df1a2d5948279cd24cba7b27c9a4dfae53283977d3b7ec99ad138
5f3592a8b8037ea064764a2815799612063c6722d314d1d66d3a9391c3c16d66
5fc2e797a15cd91f90fffff8592001fb02b449cf9fa77c6304f5565df0e4611d
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61f1a884fb9b9e3bf157498fb4496414eb9f7ba3d315c3d77dd9ddebd9794b4c
621beaac25134f60943a7f0dbbe4c52c9d2a230ef0fe4d940ce36d65a0c3f68a
6221d34812fb4cfaf4ee4bc702fc28fca9f4a5a5e2653f0f25ae5ce8badd0daa
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c96b1966109bc61ac8864944cfa66279d55a6d2b2a244f736f11a120b9fa9f5
6ce3cf753c5f29aec1c04cd2c948c3222a1f1b0753628215e1b6c409be65ace4
6ebabf4af74f07fdafe166786cf5f881d9f18f5222579fa1b22f4ae67b55068c
706e1382a2aaf2f4ea29ff2d93771cd3a04712e3292611807c769821d6e3a6cb
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
736e094010f421ae46f77ffbdddb5e54803707a72a4e71f5e862dc5969a16f50
73bd0e97f947d846ac07f67aed5bcb6dff0287eee7b26c7c53aa544524170324
74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f
76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700
789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf
7b0b0b47ae7cd546f0de04d767e687dbf611103b29790520ab53ca24fe6ab3d4
7c078e5032ba5da0fdf4e333ac30ad283aaa9de5d935e716c6fd7e1b5d4e9d2e
7d58c9ff4125a23ad0e9ee052b3898a93733b5b16f68fdfc7a85762c17cf1976
80ac89b9105bf1bcae22cded7d09c3544e59636adc2bc0160cb514fa6f02b132
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8b6190372365e9762f3b08626c544995106cf105325ba0602550eecce893a95f
8d9b4e8baf2d6296710fb142486efc074d1b4295512aa4125465410dbfd1053a
8dafc19c819c4531ce31949ac076aa18fb3e03aa2b75fd1be3f78c87c483163e
8efda3f0b5d984306920023fe9e82a919bfac7109db64ed89f752720408c888b
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
98329b1413a0161084fbf5608a0c80759978a565ce2adcf114e72761d4531375
98805fb32a323cb6e090acacb7faa2aebaf34fac3b0aabb0c089e7d2f4734fd8
98ea718868bb9a520da4777cd8a5ed5c76d123b77aa2e0289ab4bad638439b73
9a1b4f5a95e9309e3eaa55b31ae613c7f41bd5e055f93685661eabc5891d5438
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae
9f74abeae6ea3a17bcf738e85a7b3790f07977383d37f8caa1808bd1a12137a9
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d34b0d95e73a7ae965ab9eef15d273c1b4ab22aa7d5648e120a2763434ce84
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2ca2af56b18c3fff5780274e6b3a8aa6c8c95880590d897b25be29083afabfc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a858592b252c2b7b159f1e61175268279c2fbcc3f52bccece775d26fe08d4a8e
ade1daa7c582c22b619dff1f21a806a6d3447ee24507801fa6f7624cd6b0052e
aef325909aea33935da35aa84239ec8e823209842245b1d4c755d8ffbe9f5ab1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b9302a66d23c0da4032b8ffebf301e70aad182c08161cdfdb3906233e91535de
bd8c9ac4309a5e9ac3225b7154adbf9598236f48de317e80670ae4364ad83a06
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c491669ffeb03b25a72061f0b309f113d9c442aad96d271841dabf757d3080ee
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49
c6b4c46c09ed5bc9a455fa76219ed80de2b586f36e42ee69283cc9196e46472c
c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c
ca6b00ef0d725f22da3293d89f874f5fb1200ec55b41c2422ba9938766923c70
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cd0137e482f2ab6d0eb4b41849c70f3da3ace5bc2404a63dd5e6ef8eedfda2e1
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
ce55fa14a1e5796563d9ce954a0971ae72ec86d2e044991aa84212a25f7f2f32
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1199ed8b985ed48c522d59ff3f0d8760b2bb0f14fa9057f47a311249a7b5fb3
d5487ba7090c60a9a00626d507574e5bad25b510cec783e44f8de523c3e353d5
d87880fb15aa4c2b3cfa441ba18c25216522a3f29e5208a3d2aa6b05eb0be14d
da12d80dbba08d7adf3ea8fb481db85642b8359badf2ca849b5d79d00eecd08f
dad2ac3f093b8cdcca3bfce4fb4d0d7c2e72bd3247ea05ec5e383559d4c3a77f
dc62ab4d55b3b5e7b55ef738e4cfabe1b276b0fb3ec2905102ce6fae8a06d94c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e78e618d5aa325568dd820fc1b1a67d65c7e57bbb833c2d15515037d81a597a1
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
eed17817b11e0b4095387d7bcb33cbf9b4227738ceea03c4c0ee3e2765ec5cb4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f08392378c631c1aa6bad132db9dfbcc812f02b8ca09d0a1a1e6ed07105e06c1
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f866831f350faa6caa5a88a1db619b59fade8369df2f9a52671f6ac60aedd5bb
fd2f205dc5169cb1850b8fbc43e04d30645e71518b1817b0f6e123cc427feb0c