urlscan.io logo urlscan.io
SecurityTrails logo

go.webalta.ru Open in urlscan Pro
148.251.194.97  Public Scan

Go To Rescan Add Verdict Report
URL: http://go.webalta.ru/subSI.html
Submission: On May 15 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 8 countries across 16 domains to perform 33 HTTP transactions. The main IP is 148.251.194.97, located in Germany and belongs to HETZNER-AS, DE. The main domain is go.webalta.ru.
This is the only time go.webalta.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 148.251.194.97 24940 (HETZNER-AS)
2 2a03:90c0:999... 199524 (GCORE)
1 22 104.19.132.78 13335 (CLOUDFLAR...)
1 46.105.201.194 16276 (OVH)
2 2 185.184.8.30 204995 (RTB-HOUSE...)
2 2 188.42.196.115 7979 (SERVERS)
2 2 172.217.21.226 15169 (GOOGLE)
2 2 35.212.212.222 19527 (GOOGLE-2)
5 5 52.59.55.170 16509 (AMAZON-02)
1 1 88.99.98.223 24940 (HETZNER-AS)
1 1 178.63.78.76 24940 (HETZNER-AS)
1 35.157.252.175 16509 (AMAZON-02)
1 1 23.67.131.182 20940 (AKAMAI-ASN1)
1 104.111.230.142 16625 (AKAMAI-AS)
1 104.16.199.73 13335 (CLOUDFLAR...)
1 23.105.245.5 7979 (SERVERS)
2 2 54.77.139.233 16509 (AMAZON-02)
2 38.140.142.154 174 (COGENT-174)
33 10
3    148.251.194.97 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: webalta.gchost.ru
go.webalta.ru
img.home.webalta.ru
2    2a03:90c0:9997::9997 (Germany)

ASN199524 (GCORE, AT)
jsc.marketgid.com
cdn.marketgid.com
22    104.19.132.78 (United States)

ASN13335 (CLOUDFLARENET, US)
servicer.mgid.com
cm.mgid.com
s-img.mgid.com
c.mgid.com
1    46.105.201.194 (France)

ASN16276 (OVH, FR)
cdn.adp3.net
2    185.184.8.30 (Poland)

ASN204995 (RTB-HOUSE-AMS, NL)
PTR: ip-185-184-8-30.rtbhouse.net
creativecdn.com
ams.creativecdn.com
2    188.42.196.115 (Luxembourg)

ASN7979 (SERVERS, US)
ads.betweendigital.com
2    172.217.21.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f226.1e100.net
cm.g.doubleclick.net
2    35.212.212.222 (Mountain View, United States)

ASN19527 (GOOGLE-2, US)
PTR: 222.212.212.35.bc.googleusercontent.com
rtb-usw.mfadsrvr.com
5    52.59.55.170 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-55-170.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    88.99.98.223 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.223.98.99.88.clients.your-server.de
bidswitch-eu.splicky.com
1    178.63.78.76 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.76.78.63.178.clients.your-server.de
csync.loopme.me
1    35.157.252.175 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-252-175.eu-central-1.compute.amazonaws.com
pixel.advertising.com
1    23.67.131.182 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-67-131-182.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
1    104.111.230.142 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    104.16.199.73 (United States)

ASN13335 (CLOUDFLARENET, US)
cm.idealmedia.io
1    23.105.245.5 (Russian Federation)

ASN7979 (SERVERS, US)
cm.lentainform.com
2    54.77.139.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-139-233.eu-west-1.compute.amazonaws.com
match.adsrvr.org
2    38.140.142.154 (Fort Lauderdale, United States)

ASN174 (COGENT-174, US)
rtb.adp3.net
Domain Requested by
9 cm.mgid.com jsc.marketgid.com
8 s-img.mgid.com
5 x.bidswitch.net 5 redirects
3 c.mgid.com
2 rtb.adp3.net
2 match.adsrvr.org 2 redirects
2 rtb-usw.mfadsrvr.com 2 redirects
2 cm.g.doubleclick.net 2 redirects
2 ads.betweendigital.com 2 redirects
2 servicer.mgid.com 1 redirects jsc.marketgid.com
2 img.home.webalta.ru go.webalta.ru
1 cm.lentainform.com
1 cm.idealmedia.io
1 eus.rubiconproject.com
1 secure-assets.rubiconproject.com 1 redirects
1 pixel.advertising.com
1 csync.loopme.me 1 redirects
1 bidswitch-eu.splicky.com 1 redirects
1 ams.creativecdn.com 1 redirects
1 creativecdn.com 1 redirects
1 cdn.adp3.net
1 cdn.marketgid.com
1 jsc.marketgid.com go.webalta.ru
1 go.webalta.ru
33 24

This site contains links to these domains. Also see Links.

Domain
marketgid.com
www.mgid.com
Subject Issuer Validity Valid
*.marketgid.com
Go Daddy Secure Certificate Authority - G2		 2019-07-14 -
2020-09-12		 a year crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-04-07 -
2020-10-09		 6 months crt.sh
cdn.pltfrm.click
Let's Encrypt Authority X3		 2020-03-27 -
2020-06-25		 3 months crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2017-06-14 -
2020-06-18		 3 years crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-02-13 -
2021-02-17		 2 years crt.sh
*.lentainform.com
Go Daddy Secure Certificate Authority - G2		 2020-01-09 -
2021-01-20		 a year crt.sh
*.adp3.net
Let's Encrypt Authority X3		 2020-04-22 -
2020-07-21		 3 months crt.sh

This page contains 3 frames:

Primary Page: http://go.webalta.ru/subSI.html
Frame ID: 11225F2D5C20258D27C52CE2064E90E7
Requests: 27 HTTP requests in this frame

Frame: http://jsc.marketgid.com/w/e/webalta.ru.582003.js?t=1204158
Frame ID: AF87CEA75DBB531559037A3DCB8CE36F
Requests: 6 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1589525150613347627508
Frame ID: 2140D082E6F783FB822262B18AB5E95D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

33
Requests

88 %
HTTPS

6 %
IPv6

16
Domains

24
Subdomains

10
IPs

8
Countries

318 kB
Transfer

401 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://creativecdn.com/cm-notify?pi=mgid HTTP 302
  • https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=501037&c=s3KhSUWNTe8ZBKyNTr93&pi=mgid&tc=1
Request Chain 18
  • https://ads.betweendigital.com/match?bidder_id=43263&callback_url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D501036%26c%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43263&callback_url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D501036%26c%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=501036&c=d76390a4-b6a3-5288-9cc8-5020c2766abe
Request Chain 19
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azRlT1hxbm5SbEpu&muidn=k4eOXqnnRlJn HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azRlT1hxbm5SbEpu&muidn=k4eOXqnnRlJn&google_tc= HTTP 302
  • https://cm.mgid.com/google?muidn=k4eOXqnnRlJn&google_ula={guid},5&google_gid=CAESEFA-e6SQPVaAKXSSQHX98RE&google_cver=1
Request Chain 20
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=287839&c=daabf0e2-6d85-476f-8be8-1cb92877c249
Request Chain 21
  • https://x.bidswitch.net/sync?ssp=mgid HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=mgid&bsw_custom_parameter=edf5b764-169a-4c49-8eea-b65595ea9224 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=mgid&expires=10&bsw_param=edf5b764-169a-4c49-8eea-b65595ea9224 HTTP 302
  • https://cm.mgid.com/m?cdsp=433145&c=edf5b764-169a-4c49-8eea-b65595ea9224
Request Chain 22
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D433143%26c%3D%7Bdevice_id%7D HTTP 307
  • https://cm.mgid.com/m?cdsp=433143&c=b7bc2d4b-d61f-44ea-93a3-4fc16a48fe71
Request Chain 23
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=k4eOXqnnRlJn HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=k4eOXqnnRlJn HTTP 302
  • https://pixel.advertising.com/ups/55859/sync?uid=edf5b764-169a-4c49-8eea-b65595ea9224&_origin=1&gdpr=&gdpr_consent=
Request Chain 24
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 302
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Request Chain 27
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=6a92e065-5f99-4d65-9a3b-6b32a1c67d8e&ttl=1592117151
Request Chain 31
  • https://servicer.mgid.com/pixel?h=42BxaYikOiNkIndFsoYjJ4mdcGkeBRJ3BML0aEm-OScOEoOxDGtq9YAyvypSRxoB2WorxeWbeVgrVdPJI8XXQBStGSpicS6UlCWz5g&r=b70337eb-9677-11ea-a61f-d094662c24f7&l=aHR0cHM6Ly9ydGIuYWRwMy5uZXQvbG9nP2FjdGlvbj1pbXByZXNzaW9uJmtleT0xODcxLTE4NzEtMi1mNjQwNTgwMC01MWE3LTdhMzEtODE3ZS1hMzVjNzM3ZjQwMjEmcHJpY2U9MC4zMzA3NTA&c=MTg3MDkwOF84OTAxMDQ4NDI&tt=Direct HTTP 301
  • https://rtb.adp3.net/log?action=impression&key=1871-1871-2-f6405800-51a7-7a31-817e-a35c737f4021&price=0.330750

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request subSI.html
go.webalta.ru/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://go.webalta.ru/subSI.html
Protocol
HTTP/1.1
Server
148.251.194.97 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
webalta.gchost.ru
Software
nginx /
Resource Hash
98bd72c7c384c3c113dce87dbb99029f07d7434b95e7d2711b57fbbb1b6d873b

Request headers

Host
go.webalta.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Fri, 15 May 2020 06:45:49 GMT
Content-Type
text/html
Last-Modified
Fri, 24 Apr 2015 13:46:41 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Encoding
gzip
jquery-1.7.1.min.js
img.home.webalta.ru/js/ 		92 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://img.home.webalta.ru/js/jquery-1.7.1.min.js
Requested by
Host: go.webalta.ru
URL: http://go.webalta.ru/subSI.html
Protocol
HTTP/1.1
Server
148.251.194.97 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
webalta.gchost.ru
Software
nginx /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Request headers

Referer
http://go.webalta.ru/subSI.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 06:45:49 GMT
Last-Modified
Thu, 27 Nov 2014 12:48:39 GMT
Server
nginx
ETag
"54771da7-16eac"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
93868
functions.js
img.home.webalta.ru/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://img.home.webalta.ru/js/functions.js
Requested by
Host: go.webalta.ru
URL: http://go.webalta.ru/subSI.html
Protocol
HTTP/1.1
Server
148.251.194.97 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
webalta.gchost.ru
Software
nginx /
Resource Hash
0d32f3dcde9bfd83fe855276dbc1022f481074e8503334352d7ff77d55ce28b5

Request headers

Referer
http://go.webalta.ru/subSI.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 06:45:49 GMT
Last-Modified
Thu, 27 Nov 2014 12:48:39 GMT
Server
nginx
ETag
"54771da7-80b"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2059
webalta.ru.582003.js
jsc.marketgid.com/w/e/ Frame AF87 		118 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://jsc.marketgid.com/w/e/webalta.ru.582003.js?t=1204158
Requested by
Host: go.webalta.ru
URL: http://go.webalta.ru/subSI.html
Protocol
HTTP/1.1
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
6abe89da9e1ad8940d799b5925554109ae42148417dd7c841eff7dcbc33a065d

Request headers

Referer
http://go.webalta.ru/subSI.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-ID
cec-up-gc11
Date
Fri, 15 May 2020 06:45:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Apr 2020 10:32:29 GMT
Server
nginx
x-amz-request-id
D7E1F06CD512E465
ETag
"8a2cb4a28713a5d9257dd22e19f352be"
X-Cached-Since
2020-05-15T06:29:37+00:00
Content-Type
text/javascript
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34711
x-amz-id-2
bkAqeTmctLmDp2wCq4VRDqnukCGnqFDt66m+PGXhlr2LChExWmPUZlVCOv9fMgLBEuzYz7l7Un0=
truncated
/ 		123 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5bbf49593b04a91123b294afb6808fbcdc54120896082921a8b82315d9ec96e6

Request headers

Referer
http://go.webalta.ru/subSI.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
pfdindisplaypro-regular-webfont.woff
cdn.marketgid.com/fonts/ 		143 KB
144 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.marketgid.com/fonts/pfdindisplaypro-regular-webfont.woff
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
00d2f6cdc8935a366367038ae0c41970fb8179484bd7826fee8889adde33d887

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://go.webalta.ru/subSI.html
Origin
http://go.webalta.ru

Response headers

x-id
cec-up-gc11
date
Fri, 15 May 2020 06:45:50 GMT
x-amz-request-id
B8414302EE4A8FB4
x-cached-since
2020-05-14T23:44:46+00:00
status
200
content-length
146832
x-amz-id-2
gXNWNRdsVtTEBny27R7hIMCUWlcIa6c1E39PneB2bZftkhphzZc5px49ZikmmI3PuRtLHkp2OaU=
last-modified
Mon, 04 May 2020 12:16:39 GMT
server
nginx
etag
"eb96f10c2dc30d06d0969ff9c2ecfff0"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
cache
STALE
accept-ranges
bytes
1
servicer.mgid.com/345863/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/345863/1?w=1592&h=252&cols=3&pv=5&cbuster=1589525150208510794789&niet=4g&nisd=false&ref=&lu=http%3A%2F%2Fgo.webalta.ru%2FsubSI.html&pageView=1&pvid=1721714fa01bb690c68&implVersion=9&dpr=1
Requested by
Host: jsc.marketgid.com
URL: http://jsc.marketgid.com/w/e/webalta.ru.582003.js?t=1204158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75709a8957ae7a2e853cec607b2d3387b2fd34aa78427fe783e1d54f24781837

Request headers

Referer
http://go.webalta.ru/subSI.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 May 2020 06:45:50 GMT
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
593ae5fdcb9dfa8c-AMS
content-type
application/x-javascript; charset=utf-8
cf-request-id
02b8ae129e0000fa8ca2afc200000001
i.js
cm.mgid.com/ 		1 KB
650 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?cbuster=1589525150608263950974
Requested by
Host: jsc.marketgid.com
URL: http://jsc.marketgid.com/w/e/webalta.ru.582003.js?t=1204158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34ed36d2a32262039dfb03fd88b61a2a1581adc76c0ab80c0a4b717c8fd0f423

Request headers

Referer
http://go.webalta.ru/subSI.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 May 2020 06:45:50 GMT
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
593ae5ff8e5bfa8c-AMS
content-type
application/javascript
cf-request-id
02b8ae13b00000fa8ca2b04200000001
i-noref.js
cm.mgid.com/ Frame 2140 		19 B
279 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1589525150613347627508
Requested by
Host: jsc.marketgid.com
URL: http://jsc.marketgid.com/w/e/webalta.ru.582003.js?t=1204158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 May 2020 06:45:50 GMT
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
593ae5ff8e67fa8c-AMS
content-type
application/javascript
cf-request-id
02b8ae13b40000fa8ca2b05200000001
html_min75x75_0_1870908_3e0c666841fccd4d5e1b8dace2f11cda.jpg
cdn.adp3.net/creatives-thumbnails/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adp3.net/creatives-thumbnails/html_min75x75_0_1870908_3e0c666841fccd4d5e1b8dace2f11cda.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.201.194 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
c2895f5c60c805d1d55f519933e5daf115e657519587a3ad1ad4fc17d5fce797

Request headers

Referer
http://go.webalta.ru/subSI.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 06:45:51 GMT
last-modified
Thu, 14 May 2020 13:08:05 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"5ebd42b5-5cdc"
x-cacheable
Cacheable
content-type
image/jpeg
status
200
cache-control
max-age=1209600
x-cdn-pop
sbg
accept-ranges
bytes
content-length
23772
x-request-id
6816212
expires
Fri, 29 May 2020 06:45:51 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvNDk2MzcxLzRjM2UwZjJlMjYzYTdkMDIxNGFhMzM2MmZkY2JjM2ExLkpQRUc*.webp
s-img.mgid.com/g/5796651/75x75/81x270x762x762/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/5796651/75x75/81x270x762x762/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvNDk2MzcxLzRjM2UwZjJlMjYzYTdkMDIxNGFhMzM2MmZkY2JjM2ExLkpQRUc*.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
453184056d4754ba01b5c7e6f964cb39aab69e5403c07882e6cebfebe6cf6701

Request headers

Referer
http://go.webalta.ru/subSI.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 06:45:50 GMT
cf-cache-status
HIT
last-modified
Wed, 13 May 2020 10:58:40 GMT
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
593ae5ff8e78fa8c-AMS
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
1334
cf-request-id
02b8ae13b90000fa8ca2b09200000001
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMzAxOTQ4Lzk3MDQ0NGI2NDJmMGEzZDA4YThjMWYzZDBjNzY4N2RhLmpwZw**.webp
s-img.mgid.com/g/5770193/75x75/81x0x328x328/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/5770193/75x75/81x0x328x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMzAxOTQ4Lzk3MDQ0NGI2NDJmMGEzZDA4YThjMWYzZDBjNzY4N2RhLmpwZw**.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df029d1f3bc3cb9d2ebb278d93c8a4491cfa9e924a0639fe45a4a4254bae725a

Request headers

Referer
http://go.webalta.ru/subSI.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 06:45:50 GMT
cf-cache-status
MISS
last-modified
Tue, 12 May 2020 18:50:09 GMT
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
593ae5ff8e79fa8c-AMS
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
1436
cf-request-id
02b8ae13b90000fa8ca2b0a200000001
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvNTA5MDQ5L2NjMTkyNzk0MWNkMmU5Zjk4M2VjMjQ3NGNlYjI5YjA3LmpwZw**.webp
s-img.mgid.com/g/5812089/75x75/155x0x328x328/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/5812089/75x75/155x0x328x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvNTA5MDQ5L2NjMTkyNzk0MWNkMmU5Zjk4M2VjMjQ3NGNlYjI5YjA3LmpwZw**.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8b72f46ab01bbb120403c2b55d7f45c12f45d2b5aab18222a10809f415076fa

Request headers

Referer
http://go.webalta.ru/subSI.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 06:45:50 GMT
cf-cache-status
HIT
last-modified
Thu, 14 May 2020 07:11:58 GMT
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
593ae5ff8e70fa8c-AMS
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
1770
cf-request-id
02b8ae13b80000fa8ca2b06200000001
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvNDk3MDI5L2NmZWNmNWUxMTNlZWFiZTg3MDJlODgxYjc5MTFiNmRkLmpwZw**.webp
s-img.mgid.com/g/5762201/75x75/82x0x328x328/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/5762201/75x75/82x0x328x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvNDk3MDI5L2NmZWNmNWUxMTNlZWFiZTg3MDJlODgxYjc5MTFiNmRkLmpwZw**.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74d83cbc83390b4e30438223d868a46eb881e00687a2714c0779378a587eef2c

Request headers

Referer
http://go.webalta.ru/subSI.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 06:45:50 GMT
cf-cache-status
HIT
last-modified
Thu, 07 May 2020 18:57:06 GMT
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
593ae5ff8e73fa8c-AMS
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
1886
cf-request-id
02b8ae13b80000fa8ca2b07200000001
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDQvMzU1MTYyLzcxMzRkMTZmZDY4NDY2MTE2MGE4NGI4MDAwMzFiMzQyLmpwZw**.webp
s-img.mgid.com/g/5562705/75x75/82x0x328x328/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/5562705/75x75/82x0x328x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDQvMzU1MTYyLzcxMzRkMTZmZDY4NDY2MTE2MGE4NGI4MDAwMzFiMzQyLmpwZw**.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f5ae6024d16c4d500f91a0006de810cf02f5e3df2b49ac9b5502d69b8adb11d

Request headers

Referer
http://go.webalta.ru/subSI.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 06:45:50 GMT
cf-cache-status
HIT
last-modified
Tue, 12 May 2020 04:17:35 GMT
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
593ae5ff8e7afa8c-AMS
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
1254
cf-request-id
02b8ae13b90000fa8ca2b0b200000001
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDQtMTkvMjQ3MzE5LzcwYTI2NjA0NzQ1ODZlZDBhMGUyYzAxYmIxMGM1YzA1LmpwZWc_dD0xNTI0MTM0NDg2NzQw.webp
s-img.mgid.com/g/4828156/75x75/82x0x328x328/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/4828156/75x75/82x0x328x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDQtMTkvMjQ3MzE5LzcwYTI2NjA0NzQ1ODZlZDBhMGUyYzAxYmIxMGM1YzA1LmpwZWc_dD0xNTI0MTM0NDg2NzQw.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15cb0cf636f12258c3ea04188a6fd0d73aa4e4f56a2f0de82d0d110414113740

Request headers

Referer
http://go.webalta.ru/subSI.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 06:45:50 GMT
cf-cache-status
HIT
last-modified
Sat, 09 May 2020 11:47:01 GMT
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
593ae5ff8e77fa8c-AMS
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
1544
cf-request-id
02b8ae13b90000fa8ca2b08200000001
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTAtMDMvMjQ3MzE5L2Q3NjdlZDM1N2JhNThiZDQxYjc5ZWNkMjUxMGY5Y2VkLmpwZWc_dD0xNTM4NTkwNjYwMzk0.webp
s-img.mgid.com/g/4828180/75x75/82x0x328x328/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/4828180/75x75/82x0x328x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTAtMDMvMjQ3MzE5L2Q3NjdlZDM1N2JhNThiZDQxYjc5ZWNkMjUxMGY5Y2VkLmpwZWc_dD0xNTM4NTkwNjYwMzk0.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a5a355194c1b5b1f761c750a52827b49028c28fe2c291b31bed1023889d6a36

Request headers

Referer
http://go.webalta.ru/subSI.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 06:45:50 GMT
cf-cache-status
MISS
last-modified
Fri, 15 May 2020 06:45:50 GMT
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
593ae6000f21fa8c-AMS
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
1452
cf-request-id
02b8ae14040000fa8ca2b11200000001
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTQyNjQ4LzM2ODY0MDI0ZDEyYjMzNjAxZWU0NmFiMjk3ZjE1YzZmLnBuZw**.webp
s-img.mgid.com/g/5819471/75x75/82x0x328x328/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/5819471/75x75/82x0x328x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTQyNjQ4LzM2ODY0MDI0ZDEyYjMzNjAxZWU0NmFiMjk3ZjE1YzZmLnBuZw**.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf4b4eff0d2b4053d061293238eb8f226d51008c6fced0fed7263291b4bf684a

Request headers

Referer
http://go.webalta.ru/subSI.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 06:45:50 GMT
cf-cache-status
HIT
age
9538
status
200
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
1522
cf-request-id
02b8ae14070000fa8ca2b12200000001
last-modified
Fri, 15 May 2020 04:04:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
593ae6000f26fa8c-AMS
m
cm.mgid.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=mgid
  • https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1
  • https://cm.mgid.com/m?cdsp=501037&c=s3KhSUWNTe8ZBKyNTr93&pi=mgid&tc=1
43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=501037&c=s3KhSUWNTe8ZBKyNTr93&pi=mgid&tc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
http://go.webalta.ru/subSI.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 May 2020 06:45:51 GMT
cf-cache-status
DYNAMIC
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
593ae601d9f7fa8c-AMS
content-type
image/gif
cf-request-id
02b8ae15240000fa8ca2b37200000001

Redirect headers

status
302
pragma
no-cache
date
Fri, 15 May 2020 06:45:50 GMT, Fri, 15 May 2020 06:45:50 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
location
https://cm.mgid.com/m?cdsp=501037&c=s3KhSUWNTe8ZBKyNTr93&pi=mgid&tc=1
expires
Thu, 01 Jan 1970 00:00:00 GMT
m
cm.mgid.com/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43263&callback_url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D501036%26c%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43263&callback_url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D501036%26c%3D%24%7BUSER_ID%7D&crf=1
  • https://cm.mgid.com/m?cdsp=501036&c=d76390a4-b6a3-5288-9cc8-5020c2766abe
43 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=501036&c=d76390a4-b6a3-5288-9cc8-5020c2766abe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
http://go.webalta.ru/subSI.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 May 2020 06:45:51 GMT
cf-cache-status
DYNAMIC
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
593ae6019985fa8c-AMS
content-type
image/gif
cf-request-id
02b8ae14ff0000fa8ca2b32200000001

Redirect headers

status
302
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://cm.mgid.com/m?cdsp=501036&c=d76390a4-b6a3-5288-9cc8-5020c2766abe
google
cm.mgid.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azRlT1hxbm5SbEpu&muidn=k4eOXqnnRlJn
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azRlT1hxbm5SbEpu&muidn=k4eOXqnnRlJn&google_tc=
  • https://cm.mgid.com/google?muidn=k4eOXqnnRlJn&google_ula={guid},5&google_gid=CAESEFA-e6SQPVaAKXSSQHX98RE&google_cver=1
0
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/google?muidn=k4eOXqnnRlJn&google_ula={guid},5&google_gid=CAESEFA-e6SQPVaAKXSSQHX98RE&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://go.webalta.ru/subSI.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 May 2020 06:45:51 GMT
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
593ae6024ab8fa8c-AMS
content-type
text/plain
cf-request-id
02b8ae156a0000fa8ca2b3c200000001

Redirect headers

pragma
no-cache
date
Fri, 15 May 2020 06:45:51 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.mgid.com/google?muidn=k4eOXqnnRlJn&google_ula={guid},5&google_gid=CAESEFA-e6SQPVaAKXSSQHX98RE&google_cver=1
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
cm.mgid.com/
Redirect Chain
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
  • https://cm.mgid.com/m?cdsp=287839&c=daabf0e2-6d85-476f-8be8-1cb92877c249
43 B
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=287839&c=daabf0e2-6d85-476f-8be8-1cb92877c249
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
http://go.webalta.ru/subSI.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 May 2020 06:45:51 GMT
cf-cache-status
DYNAMIC
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
593ae605b89cfa8c-AMS
content-type
image/gif
cf-request-id
02b8ae17960000fa8ca2b69200000001

Redirect headers

date
Fri, 15 May 2020 06:45:51 GMT
via
1.1 google
status
302
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
//cm.mgid.com/m?cdsp=287839&c=daabf0e2-6d85-476f-8be8-1cb92877c249
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
m
cm.mgid.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=mgid
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=mgid&bsw_custom_parameter=edf5b764-169a-4c49-8eea-b65595ea9224
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=mgid&expires=10&bsw_param=edf5b764-169a-4c49-8eea-b65595ea9224
  • https://cm.mgid.com/m?cdsp=433145&c=edf5b764-169a-4c49-8eea-b65595ea9224
43 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=433145&c=edf5b764-169a-4c49-8eea-b65595ea9224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
http://go.webalta.ru/subSI.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 May 2020 06:45:51 GMT
cf-cache-status
DYNAMIC
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
593ae6036c7cfa8c-AMS
content-type
image/gif
cf-request-id
02b8ae16200000fa8ca2b4c200000001

Redirect headers

status
302
date
Fri, 15 May 2020 06:45:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
//cm.mgid.com/m?cdsp=433145&c=edf5b764-169a-4c49-8eea-b65595ea9224
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
m
cm.mgid.com/
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D433143%26c%3D%7Bdevice_id%7D
  • https://cm.mgid.com/m?cdsp=433143&c=b7bc2d4b-d61f-44ea-93a3-4fc16a48fe71
43 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=433143&c=b7bc2d4b-d61f-44ea-93a3-4fc16a48fe71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
http://go.webalta.ru/subSI.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 May 2020 06:45:50 GMT
cf-cache-status
DYNAMIC
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
593ae60148fbfa8c-AMS
content-type
image/gif
cf-request-id
02b8ae14ca0000fa8ca2b2e200000001

Redirect headers

status
307
date
Fri, 15 May 2020 06:45:50 GMT
content-length
0
location
https://cm.mgid.com/m?cdsp=433143&c=b7bc2d4b-d61f-44ea-93a3-4fc16a48fe71
sync
pixel.advertising.com/ups/55859/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=k4eOXqnnRlJn
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=k4eOXqnnRlJn
  • https://pixel.advertising.com/ups/55859/sync?uid=edf5b764-169a-4c49-8eea-b65595ea9224&_origin=1&gdpr=&gdpr_consent=
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55859/sync?uid=edf5b764-169a-4c49-8eea-b65595ea9224&_origin=1&gdpr=&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.252.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-252-175.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://go.webalta.ru/subSI.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Fri, 15 May 2020 06:45:51 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status
302
date
Fri, 15 May 2020 06:45:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
//pixel.advertising.com/ups/55859/sync?uid=edf5b764-169a-4c49-8eea-b65595ea9224&_origin=1&gdpr=&gdpr_consent=
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usync.html
eus.rubiconproject.com/
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://go.webalta.ru/subSI.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

Location
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date
Fri, 15 May 2020 06:45:50 GMT
Access-Control-Allow-Credentials
true
Server
AkamaiGHost
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
0
/
cm.idealmedia.io/setmuidn/ 		0
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.idealmedia.io/setmuidn/?muidf=k4eOXqnnRlJn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://go.webalta.ru/subSI.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 May 2020 06:45:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
593ae601cf33c83f-AMS
content-type
image/gif
cf-request-id
02b8ae15200000c83f80afd200000001
/
cm.lentainform.com/setmuidn/ 		0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lentainform.com/setmuidn/?muidf=k4eOXqnnRlJn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.105.245.5 , Russian Federation, ASN7979 (SERVERS, US),
Reverse DNS
Software
nginx/1.15.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://go.webalta.ru/subSI.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 May 2020 06:45:51 GMT
server
nginx/1.15.10
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
m
cm.mgid.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=6a92e065-5f99-4d65-9a3b-6b32a1c67d8e&ttl=1592117151
43 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=371158&c=6a92e065-5f99-4d65-9a3b-6b32a1c67d8e&ttl=1592117151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
http://go.webalta.ru/subSI.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 May 2020 06:45:51 GMT
cf-cache-status
DYNAMIC
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
593ae603fd3bfa8c-AMS
content-type
image/gif
cf-request-id
02b8ae167f0000fa8ca2b55200000001

Redirect headers

pragma
no-cache
date
Fri, 15 May 2020 06:45:51 GMT
x-aspnet-version
4.0.30319
status
302
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.mgid.com/m?cdsp=371158&c=6a92e065-5f99-4d65-9a3b-6b32a1c67d8e&ttl=1592117151
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
c
c.mgid.com/ Frame AF87 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/c?f=1&pv=3&v=70|70|8|ZCEfQoNedK0ZbBdPVsQQAqhZR_dwyQh4xD3QnLbUrx-8p46y3e7wKDLmcr-aTw10&fw=1&extjs=510&v=70|70|8|Kei7R2y83NgKh11hhHFL0e2ERMQJanCYO9DqbEgZ2MbhKEXq2IG75t7qN0TKoKyo&v=70|70|8|76t5zf5yDqKN9IR_oFpXttBtJfgaqtSoHvVXlgjgbcmEPvvnhSq_87NAFhe9A4Xx&imgdim=1&cid=345863&h2=uMBDuuyVyPyEF0oxkZrWtvN-fy5S3o8nVYjDcujLCRw*&rid=b70337eb-9677-11ea-a61f-d094662c24f7&tt=Direct&pageImp=1&muid=k4eOXqnnRlJn&cbuster=1589525151971846821996&tpl=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
http://go.webalta.ru/subSI.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 May 2020 06:45:52 GMT
cf-cache-status
DYNAMIC
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
593ae6080c0cfa8c-AMS
content-type
image/gif
cf-request-id
02b8ae19020000fa8ca2b7d200000001
c
c.mgid.com/ Frame AF87 		43 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/c?pv=3&v=70|70|8|eR0Qku8u1dYbsaPuYeg5SXtWFNqJlSgVluM3JXR3Es5sqUUBgDmzuf0lHyDf2ft5&extjs=510&v=70|70|8|Tq0TGueA4bAQiTAJVoNHZops3WUUbhaZZijTahmx4QTU3SVWEcaf7_rOG5k5A68E&v=70|70|8|MSdq6IwQiuQxrb9SpP5YaUE58OUTSnWq5HihaBL6LP4mZus7VTRDrclJDyHYpVql&v=70|70|8|ZCEfQoNedK0ZbBdPVsQQArZ4FmMsD2NAIt7HuchvYFtGOjzTkzBqC7EBhrxs9U8O&v=70|70|8|nF34oK74Cb78dhXzF57Be9lMVicdExjA6PeUBRnUC7mt4w54VgoArHSqPMnL491S&imgdim=1&cid=345863&h2=uMBDuuyVyPyEF0oxkZrWtvN-fy5S3o8nVYjDcujLCRw*&rid=b70337eb-9677-11ea-a61f-d094662c24f7&tt=Direct&pageImp=0&muid=k4eOXqnnRlJn&cbuster=1589525152071133646087&tpl=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
http://go.webalta.ru/subSI.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 May 2020 06:45:52 GMT
cf-cache-status
DYNAMIC
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
593ae608ace5fa8c-AMS
content-type
image/gif
cf-request-id
02b8ae19650000fa8ca2b86200000001
save.gif
rtb.adp3.net/metrics/ Frame AF87 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adp3.net/metrics/save.gif?event=tracked_impressions&bid_id=1871-1871-2-f6405800-51a7-7a31-817e-a35c737f4021&price=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
38.140.142.154 Fort Lauderdale, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
http://go.webalta.ru/subSI.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 15 May 2020 06:45:52 GMT
server
openresty/1.15.8.3
content-length
35
content-type
image/gif
log
rtb.adp3.net/ Frame AF87
Redirect Chain
  • https://servicer.mgid.com/pixel?h=42BxaYikOiNkIndFsoYjJ4mdcGkeBRJ3BML0aEm-OScOEoOxDGtq9YAyvypSRxoB2WorxeWbeVgrVdPJI8XXQBStGSpicS6UlCWz5g&r=b70337eb-9677-11ea-a61f-d094662c24f7&l=aHR0cHM6Ly9ydGIuYWR...
  • https://rtb.adp3.net/log?action=impression&key=1871-1871-2-f6405800-51a7-7a31-817e-a35c737f4021&price=0.330750
17 B
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adp3.net/log?action=impression&key=1871-1871-2-f6405800-51a7-7a31-817e-a35c737f4021&price=0.330750
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
38.140.142.154 Fort Lauderdale, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://go.webalta.ru/subSI.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 15 May 2020 06:45:52 GMT
server
openresty/1.15.8.3
content-length
17
content-type
text/html;charset=UTF-8

Redirect headers

pragma
no-cache
date
Fri, 15 May 2020 06:45:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
301
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location
https://rtb.adp3.net/log?action=impression&key=1871-1871-2-f6405800-51a7-7a31-817e-a35c737f4021&price=0.330750
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
593ae609ee74fa8c-AMS
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id
02b8ae1a2d0000fa8ca2b93200000001
c
c.mgid.com/ Frame AF87 		43 B
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/c?pv=3&v=70|70|8|UjTBZ9yn3a_L-G6g6PkVcd2eEEvMvo36Akz-tT9vCSTTil40sIa3NcXsIIAIRnIa&extjs=510&imgdim=1&cid=345863&h2=uMBDuuyVyPyEF0oxkZrWtvN-fy5S3o8nVYjDcujLCRw*&rid=b70337eb-9677-11ea-a61f-d094662c24f7&tt=Direct&pageImp=0&muid=k4eOXqnnRlJn&cbuster=1589525152271931408892&tpl=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
http://go.webalta.ru/subSI.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 May 2020 06:45:52 GMT
cf-cache-status
DYNAMIC
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
593ae609ee77fa8c-AMS
content-type
image/gif
cf-request-id
02b8ae1a2d0000fa8ca2b94200000001

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery undefined| sdTimer number| sdOpacity object| WbData function| addEvent function| shadowShow function| shadowPrc function| shadowClose function| setCookie function| getCookie function| delCookie number| curStatsObj number| StatsSiteID function| chB function| saveSats object| _mgIntExchangeNews object| onClickExcludes object| _mgq function| _mgqp number| _mgqt number| _mgqi function| MarketGidLoadGoods345863 function| MarketGidCReject345863 function| AdskeeperLoadGoods345863 function| AdskeeperCReject345863 function| LentaInformLoadGoods345863 function| LentaInformCReject345863 function| IdealMediaLoadGoods345863 function| IdealMediaCReject345863 boolean| _mgPageView399 boolean| i.js.loaded boolean| i-noref.js.loaded function| LoadCriteoAllPlaces345863 object| _mgwcapping boolean| _mgPageImp399

0 Cookies

1 Console Messages

Source Level URL
Text
console-api debug URL: http://jsc.marketgid.com/w/e/webalta.ru.582003.js?t=1204158(Line 1)
Message:
[object HTMLImageElement]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.betweendigital.com
ams.creativecdn.com
bidswitch-eu.splicky.com
c.mgid.com
cdn.adp3.net
cdn.marketgid.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
csync.loopme.me
eus.rubiconproject.com
go.webalta.ru
img.home.webalta.ru
jsc.marketgid.com
match.adsrvr.org
pixel.advertising.com
rtb-usw.mfadsrvr.com
rtb.adp3.net
s-img.mgid.com
secure-assets.rubiconproject.com
servicer.mgid.com
x.bidswitch.net
104.111.230.142
104.16.199.73
104.19.132.78
148.251.194.97
172.217.21.226
178.63.78.76
185.184.8.30
188.42.196.115
23.105.245.5
23.67.131.182
2a03:90c0:9997::9997
35.157.252.175
35.212.212.222
38.140.142.154
46.105.201.194
52.59.55.170
54.77.139.233
88.99.98.223
00d2f6cdc8935a366367038ae0c41970fb8179484bd7826fee8889adde33d887
0d32f3dcde9bfd83fe855276dbc1022f481074e8503334352d7ff77d55ce28b5
15cb0cf636f12258c3ea04188a6fd0d73aa4e4f56a2f0de82d0d110414113740
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
34ed36d2a32262039dfb03fd88b61a2a1581adc76c0ab80c0a4b717c8fd0f423
453184056d4754ba01b5c7e6f964cb39aab69e5403c07882e6cebfebe6cf6701
5bbf49593b04a91123b294afb6808fbcdc54120896082921a8b82315d9ec96e6
6abe89da9e1ad8940d799b5925554109ae42148417dd7c841eff7dcbc33a065d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
74d83cbc83390b4e30438223d868a46eb881e00687a2714c0779378a587eef2c
75709a8957ae7a2e853cec607b2d3387b2fd34aa78427fe783e1d54f24781837
7a5a355194c1b5b1f761c750a52827b49028c28fe2c291b31bed1023889d6a36
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
98bd72c7c384c3c113dce87dbb99029f07d7434b95e7d2711b57fbbb1b6d873b
9f5ae6024d16c4d500f91a0006de810cf02f5e3df2b49ac9b5502d69b8adb11d
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
bf4b4eff0d2b4053d061293238eb8f226d51008c6fced0fed7263291b4bf684a
c2895f5c60c805d1d55f519933e5daf115e657519587a3ad1ad4fc17d5fce797
c8b72f46ab01bbb120403c2b55d7f45c12f45d2b5aab18222a10809f415076fa
df029d1f3bc3cb9d2ebb278d93c8a4491cfa9e924a0639fe45a4a4254bae725a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855