bus.znate.ru Open in urlscan Pro
5.9.154.210 Public Scan

URL:
http://bus.znate.ru/
Submission: On May 01 via manual (May 1st 2019, 9:21:48 am UTC) from NL

Summary HTTP 35 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 17 IPs in 6 countries across 19 domains to perform 35 HTTP transactions. The main IP is 5.9.154.210, located in Germany and belongs to HETZNER-AS, DE. The main domain is bus.znate.ru.

This is the only time bus.znate.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	5.9.154.210 5.9.154.210	24940 (HETZNER-AS) (HETZNER-AS)
1 1	185.56.233.120 185.56.233.120	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	88.208.41.105 88.208.41.105	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 2	88.212.196.77 88.212.196.77	39134 (UNITEDNET) (UNITEDNET)
1	88.212.201.95 88.212.201.95	39134 (UNITEDNET) (UNITEDNET)
1	31.172.81.23 31.172.81.23	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
3	31.172.81.24 31.172.81.24	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	31.172.81.242 31.172.81.242	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2	88.208.41.101 88.208.41.101	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	2a03:90c0:999... 2a03:90c0:9997::9997	199524 (GCORE) (GCORE)
4 5	31.172.81.159 31.172.81.159	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
6	104.16.130.5 104.16.130.5	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
6	96.46.176.148 96.46.176.148	7979 (SERVERS) (SERVERS - Servers.com)
1	64.58.116.134 64.58.116.134	7979 (SERVERS) (SERVERS - Servers.com)
2 2	18.153.11.5 18.153.11.5	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	52.4.94.17 52.4.94.17	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	88.212.196.59 88.212.196.59	39134 (UNITEDNET) (UNITEDNET)
2 2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE - Google LLC)
1	88.212.201.80 88.212.201.80	39134 (UNITEDNET) (UNITEDNET)
1 1	136.243.84.74 136.243.84.74	24940 (HETZNER-AS) (HETZNER-AS)
1 1	23.105.254.60 23.105.254.60	7979 (SERVERS) (SERVERS - Servers.com)
35	17

5 5.9.154.210 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.210.154.9.5.clients.your-server.de

bus.znate.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.56.233.120 (Ukraine) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

st.pc.adonweb.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.208.41.105 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

pay-click.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.196.77 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host37.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.201.95 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: 95-201-212-88.host.exepto.ru

jsc.dt00.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.172.81.23 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

n.pay-click.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.172.81.24 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

ad.pay-click.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.172.81.242 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.users-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.208.41.101 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

xl-trk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:90c0:9997::9997 (Austria)

ASN199524 (GCORE, AT)

cdn.user-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 31.172.81.159 (Germany) 4 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.xoalt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.16.130.5 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

servicer-eu.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 96.46.176.148 (Dallas, United States)

ASN7979 (SERVERS - Servers.com, Inc., US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.58.116.134 (Dallas, United States)

ASN7979 (SERVERS - Servers.com, Inc., US)

cm.steepto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.153.11.5 (Cambridge, United States) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-153-11-5.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.4.94.17 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-4-94-17.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.196.59 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: 59-196-212-88.host.exepto.ru

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.201.80 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: 80-201-212-88.host.exepto.ru

cm.marketgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.84.74 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.74.84.243.136.clients.your-server.de

recreativ.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.254.60 (Phoenix, United States) 1 redirects

ASN7979 (SERVERS - Servers.com, Inc., US)

udata.mixmarket.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	mgid.com servicer-eu.mgid.com cm.mgid.com cdn.mgid.com s-img.mgid.com c.mgid.com	17 KB
5	pay-click.ru pay-click.ru n.pay-click.ru ad.pay-click.ru	37 KB
5	znate.ru bus.znate.ru	13 KB
3	xoalt.com 2 redirects sync.xoalt.com	1 KB
3	user-api.com cdn.user-api.com	320 KB
2	doubleclick.net 2 redirects cm.g.doubleclick.net	940 B
2	liadm.com 1 redirects i.liadm.com	727 B
2	bidswitch.net 2 redirects x.bidswitch.net	1 KB
2	adsniper.ru 2 redirects sync3.adsniper.ru	1 KB
2	xl-trk.com xl-trk.com	272 B
2	yadro.ru 1 redirects counter.yadro.ru	2 KB
1	mixmarket.biz 1 redirects udata.mixmarket.biz	207 B
1	recreativ.ru 1 redirects recreativ.ru	433 B
1	marketgid.com cm.marketgid.com	273 B
1	lentainform.com cm.lentainform.com	275 B
1	steepto.com cm.steepto.com	309 B
1	users-api.com sync.users-api.com	544 B
1	dt00.net jsc.dt00.net	28 KB
1	adonweb.ru 1 redirects st.pc.adonweb.ru	281 B
35	19

	Domain	Requested by
5	cm.mgid.com	jsc.dt00.net
5	bus.znate.ru	bus.znate.ru
4	s-img.mgid.com
3	sync.xoalt.com	2 redirects
3	cdn.user-api.com
3	ad.pay-click.ru	n.pay-click.ru ad.pay-click.ru
2	cm.g.doubleclick.net	2 redirects
2	i.liadm.com	1 redirects
2	x.bidswitch.net	2 redirects
2	sync3.adsniper.ru	2 redirects
2	xl-trk.com
2	counter.yadro.ru	1 redirects bus.znate.ru
1	udata.mixmarket.biz	1 redirects
1	recreativ.ru	1 redirects
1	cm.marketgid.com
1	cm.lentainform.com
1	cm.steepto.com
1	c.mgid.com
1	cdn.mgid.com
1	servicer-eu.mgid.com	jsc.dt00.net
1	sync.users-api.com	ad.pay-click.ru
1	n.pay-click.ru	pay-click.ru
1	jsc.dt00.net	bus.znate.ru
1	pay-click.ru	bus.znate.ru
1	st.pc.adonweb.ru	1 redirects
35	25

This site contains links to these domains. Also see Links.

Domain
ctr-media.org
www.liveinternet.ru
add.coolreferat.com
mgid.com
www.mgid.com

Subject Issuer	Validity	Valid
pay-click.ru Let's Encrypt Authority X3	`2019-03-02` - `2019-05-31`	3 months	crt.sh
ssl382979.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-03-13` - `2019-09-19`	6 months	crt.sh
*.mgid.com Go Daddy Secure Certificate Authority - G2	`2018-09-13` - `2019-11-12`	a year	crt.sh
*.steepto.com Go Daddy Secure Certificate Authority - G2	`2018-07-25` - `2019-10-20`	a year	crt.sh
*.liadm.com Amazon	`2019-01-25` - `2020-02-25`	a year	crt.sh
*.lentainform.com Go Daddy Secure Certificate Authority - G2	`2018-11-21` - `2020-01-20`	a year	crt.sh
*.marketgid.com COMODO ECC Domain Validation Secure Server CA	`2018-12-21` - `2020-02-19`	a year	crt.sh

This page contains 3 frames:

Primary Page: http://bus.znate.ru/
Frame ID: A3C597AD0D55D6D9F3FA8EE0B6832BE3
Requests: 31 HTTP requests in this frame

Frame: http://jsc.dt00.net/b/u/bus.znate.ru.47070.js?t=119419
Frame ID: 77DD4FBFA6C938C26B891481E2D64284
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1556702491856597429105
Frame ID: BC797A076894BC411D4C0DEE2092C472
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

35
Requests

49 %
HTTPS

5 %
IPv6

19
Domains

25
Subdomains

17
IPs

6
Countries

420 kB
Transfer

570 kB
Size

1
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://ctr-media.org/?ed=_e_K84sSY3PTLE1NDExVistTi0CcSzUCsC0oam5hVpJrq0BAA%3D%3D&sub_id=66850&s_trk=Cgiqw3Yp0qXz2RCEwYDDDRibyqXmBQ**&subid2=U0NCLTE2My1zc3AtMzYwZmVkNWYtZTA3My1kN2MwLWIwMmMtMTU1NjcwMjQ5MS1qdjUwZ3hwei0xeWlrOjA6NjA2NDk6MDozMw**&subacc4=60649&sxl=0&brl=0&subacc3=0
Title: Домашний рецепт против морщин! За 11 дней морщины под глазами разгладятся, если...

Search URL Search Domain Scan URL

URL: http://ctr-media.org/?ed=_e_K84sSY3PTLE1NDExVistTi0CcSzUCsC0oam5hVpJrq0BAA%3D%3D&sub_id=66850&s_trk=Cgiqw3Yp0qXz2RCDxJX_CRibyqXmBQ**&subid2=U0NCLTE2My1zc3AtMzYwZmVkNWYtZTA3My1kN2MwLWIwMmMtMTU1NjcwMjQ5MS1qdjUwZ3hwei0xeWlrOjA6NjA2NDk6MDozMw**&subacc4=60649&sxl=0&brl=0&subacc3=0
Title: Женщина в свои 48 лет выглядит, как девочка! Вот ее хитрость: на ночь...

Search URL Search Domain Scan URL

URL: http://ctr-media.org/?ed=_e_K84sSY3PTLE1NDExVistTi0CcSzUCsC0oam5hVpJrq0BAA%3D%3D&sub_id=66850&s_trk=Cgiqw3Yp0qXz2RCCpMnKARibyqXmBQ**&subid2=U0NCLTE2My1zc3AtMzYwZmVkNWYtZTA3My1kN2MwLWIwMmMtMTU1NjcwMjQ5MS1qdjUwZ3hwei0xeWlrOjA6NjA2NDk6MDozMw**&subacc4=60649&sxl=0&brl=0&subacc3=0
Title: Помолодевшая на 10 лет женщина поразила своим методом! Перед сном втирала

Search URL Search Domain Scan URL

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

URL: http://add.coolreferat.com/upload/
Title: опубликовать

Search URL Search Domain Scan URL

URL: https://mgid.com/advertisers?utm_source=widget&utm_medium=text&utm_campaign=add&utm_content=355720

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3506993/i/80633/0/pp/1/1?h=ZsL9hz4w0a3ciOnVzdKcRkayNRWelO-hYxSz2UnBosfWjofWtpGAGH4Cm07fpLje&rid=81f61396-6bf2-11e9-920c-246e96783022&tt=Direct

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3422558/i/80633/0/pp/2/1?h=GTDD1PmhYt585CbDosS8LOzp0zmMFd_tWcr_xJi_cP3BxKfMLjT-DbCwppAPczR5&rid=81f61396-6bf2-11e9-920c-246e96783022&tt=Direct

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3238037/i/80633/0/pp/3/1?h=u1P1w_zk4EeyC__Zl-bZ90HHQfsmX02AdlctVt6Esr6m7o0dkGm0i01x8C45-Hw_&rid=81f61396-6bf2-11e9-920c-246e96783022&tt=Direct

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3205653/i/80633/0/pp/4/1?h=a95edpAGZERHK3Gald6NS4yiZm6hPKWCzEnQ1bAM5W8w6sVRZiBJJP3qX2TF_Pu4&rid=81f61396-6bf2-11e9-920c-246e96783022&tt=Direct

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://st.pc.adonweb.ru/js/adv_out.js HTTP 301
https://pay-click.ru/js/adv_out.js

Request Chain 5

http://counter.yadro.ru/hit?t21.6;r;s1600*1200*24;uhttp%3A//bus.znate.ru/;0.6558218109299494 HTTP 302
http://counter.yadro.ru/hit?q;t21.6;r;s1600*1200*24;uhttp%3A//bus.znate.ru/;0.6558218109299494

Request Chain 17

http://sync.xoalt.com/?src=pc1 HTTP 302
http://sync3.adsniper.ru/?src=ss1&s_data=CAEQABibyqXmBVIF0uPO5AI* HTTP 302
http://sync3.adsniper.ru/?src=ss1&s_data=CAIQARibyqXmBVIF0uPO5AKiARCBt-L0a_IR6YpTDMR6bS_v HTTP 302
http://sync.xoalt.com/?src=pc1&s_data=CAIQABibyqXmBaIBEIG34vRr8hHpilMMxHptL-8* HTTP 302
http://sync.xoalt.com/?src=pc1&s_data=CAIQARibyqXmBaIBEIG34vRr8hHpilMMxHptL-8*

Request Chain 29

https://x.bidswitch.net/sync?dsp_id=303&user_id=j41vA88SZJl2 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=j41vA88SZJl2 HTTP 302
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=e86579a2-61fa-4cf5-9234-5956f7498125 HTTP 303
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=e86579a2-61fa-4cf5-9234-5956f7498125&_li_chk=true&previous_uuid=738c81601a5c4994b07887d6883ff2ab

Request Chain 31

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=ajQxdkE4OFNaSmwy&muidn=j41vA88SZJl2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=ajQxdkE4OFNaSmwy&muidn=j41vA88SZJl2&google_tc= HTTP 302
https://cm.mgid.com/google?muidn=j41vA88SZJl2&google_ula={guid},5&google_gid=CAESENpunI478sOYB7CNevnkVE4&google_cver=1

Request Chain 33

https://recreativ.ru/mtch/13/j41vA88SZJl2/?fredir=1 HTTP 302
https://cm.mgid.com/m?cdsp=341188&c=43113026552

Request Chain 34

https://udata.mixmarket.biz/tr.php?syncnet=28&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D311971%26mode%3Dinverse%26c%3D%24UID HTTP 301
https://cm.mgid.com/m?cdsp=311971&mode=inverse&c=0

35 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response bus.znate.ru/	21 KB 6 KB	45ms 14ms	Document text/html	5.9.154.210 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://bus.znate.ru/ Protocol HTTP/1.1 Server 5.9.154.210 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.210.154.9.5.clients.your-server.de Software nginx/1.2.1 / PHP/5.4.45-0+deb7u12 Resource Hash `989fb827cf37b47c586877cffab79dbe73205c127646eac067f369468efcf33d` Request headers Host bus.znate.ru Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Server nginx/1.2.1 Date Wed, 01 May 2019 09:21:30 GMT Content-Type text/html; charset=utf-8 Content-Length 5408 Connection keep-alive X-Powered-By PHP/5.4.45-0+deb7u12 Expires Sat, 11 May 2019 09:21:30 GMT Cache-Control max-age=86400 Vary Accept-Encoding Content-Encoding gzip
GET H/1.1	200 OK	bus.css bus.znate.ru/	3 KB 1 KB	13ms 11ms	Stylesheet text/css	5.9.154.210 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://bus.znate.ru/bus.css Requested by Host: bus.znate.ru URL: http://bus.znate.ru/ Protocol HTTP/1.1 Server 5.9.154.210 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.210.154.9.5.clients.your-server.de Software nginx/1.2.1 / Resource Hash `ae18bd24feeb090db811fe74610790df4deaa4616fa1c698c143ade41d036e7e` Request headers Referer http://bus.znate.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 01 May 2019 09:21:30 GMT Content-Encoding gzip Last-Modified Fri, 01 Aug 2014 08:43:26 GMT Server nginx/1.2.1 ETag "ca7-4ff8d61f8a780" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 972 Expires Fri, 31 May 2019 09:21:30 GMT
GET H/1.1	200 OK	doc32.png bus.znate.ru/i/	2 KB 2 KB	45ms 31ms	Image image/png	5.9.154.210 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://bus.znate.ru/i/doc32.png Requested by Host: bus.znate.ru URL: http://bus.znate.ru/ Protocol HTTP/1.1 Server 5.9.154.210 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.210.154.9.5.clients.your-server.de Software nginx/1.2.1 / Resource Hash `ad47aa5ddee201231a37b58762acb4b34a1d40ae62c29c8e910aedf462336d4a` Request headers Referer http://bus.znate.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 01 May 2019 09:21:30 GMT Last-Modified Fri, 30 Sep 2011 17:30:00 GMT Server nginx/1.2.1 ETag "864-4ae2bf9865600" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 2148
GET H/1.1	200 OK	pdf32.png bus.znate.ru/i/	2 KB 2 KB	57ms 11ms	Image image/png	5.9.154.210 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://bus.znate.ru/i/pdf32.png Requested by Host: bus.znate.ru URL: http://bus.znate.ru/ Protocol HTTP/1.1 Server 5.9.154.210 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.210.154.9.5.clients.your-server.de Software nginx/1.2.1 / Resource Hash `47c331bde1400a2f6bfa8ae6252adad7d0bf776a0cb238f9cf46de4ff996f9d7` Request headers Referer http://bus.znate.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 01 May 2019 09:21:30 GMT Last-Modified Wed, 15 Aug 2012 15:14:08 GMT Server nginx/1.2.1 ETag "613-4c74f60d8b000" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 1555
GET H/1.1	200 OK	rtf32.png bus.znate.ru/i/	2 KB 2 KB	62ms 18ms	Image image/png	5.9.154.210 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://bus.znate.ru/i/rtf32.png Requested by Host: bus.znate.ru URL: http://bus.znate.ru/ Protocol HTTP/1.1 Server 5.9.154.210 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.210.154.9.5.clients.your-server.de Software nginx/1.2.1 / Resource Hash `ad47aa5ddee201231a37b58762acb4b34a1d40ae62c29c8e910aedf462336d4a` Request headers Referer http://bus.znate.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 01 May 2019 09:21:30 GMT Last-Modified Fri, 30 Sep 2011 17:30:00 GMT Server nginx/1.2.1 ETag "864-4ae2bf9865600" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 2148
GET H2	200	adv_out.js Show response pay-click.ru/js/ Redirect Chain http://st.pc.adonweb.ru/js/adv_out.js https://pay-click.ru/js/adv_out.js	8 KB 8 KB	72ms 17ms	Script application/javascript	88.208.41.105 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://pay-click.ru/js/adv_out.js Requested by Host: bus.znate.ru URL: http://bus.znate.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 88.208.41.105 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx / Resource Hash `2aa3e66601e5663d6a79dedffc23c7fb4b19b2017cc796085d42324556b7d003` Request headers Referer http://bus.znate.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 01 May 2019 09:21:31 GMT last-modified Mon, 13 Oct 2014 12:47:33 GMT server nginx etag "543bc9e5-1f9f" content-type application/javascript status 200 cache-control max-age=259200 accept-ranges bytes content-length 8095 expires Sat, 04 May 2019 09:21:31 GMT Redirect headers Date Wed, 01 May 2019 09:21:30 GMT Server nginx/1.13.0 Content-Type text/html Location https://pay-click.ru/js/adv_out.js Cache-Control max-age=2592000 Connection keep-alive Content-Length 178 Expires Fri, 31 May 2019 09:21:30 GMT
GET H/1.1	200 OK	hit counter.yadro.ru/ Redirect Chain http://counter.yadro.ru/hit?t21.6;r;s1600120024;uhttp%3A//bus.znate.ru/;0.6558218109299494 *http://counter.yadro.ru/hit?q;t21.6;r;s1600120024;uhttp%3A//bus.znate.ru/;0.6558218109299494*	2 KB 2 KB	66ms 65ms	Image image/gif	88.212.196.77 UNITEDNET
General Check archive.org Show headers Download Go to Show image Full URL http://counter.yadro.ru/hit?q;t21.6;r;s1600120024;uhttp%3A//bus.znate.ru/;0.6558218109299494 Requested by Host: bus.znate.ru URL: http://bus.znate.ru/ Protocol HTTP/1.1 Server 88.212.196.77 , Russian Federation, ASN39134 (UNITEDNET, RU), Reverse DNS host37.rax.ru Software 0W/0.8c / Resource Hash `e09940f0589d6d25444c870ea2b5ee25ee88dbbc6f6a1898242c890dc880f74a` Request headers Referer http://bus.znate.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Pragma no-cache Date Wed, 01 May 2019 09:21:31 GMT Server 0W/0.8c P3P policyref="/w3c/p3p.xml", CP="UNI" Cache-control no-cache Connection Close Content-Type image/gif Content-Length 1566 Expires Mon, 30 Apr 2018 21:00:00 GMT Redirect headers Pragma no-cache Date Wed, 01 May 2019 09:21:31 GMT Server 0W/0.8c P3P policyref="/w3c/p3p.xml", CP="UNI" Location http://counter.yadro.ru/hit?q;t21.6;r;s1600120024;uhttp%3A//bus.znate.ru/;0.6558218109299494 Cache-control no-cache Content-Type text/html Content-Length 32 Expires Mon, 30 Apr 2018 21:00:00 GMT
GET H/1.1	200 OK	bus.znate.ru.47070.js Show response jsc.dt00.net/b/u/ Frame 77DD	107 KB 28 KB	639ms 546ms	Script text/javascript	88.212.201.95 UNITEDNET
General Check archive.org Show headers Download Go to Full URL http://jsc.dt00.net/b/u/bus.znate.ru.47070.js?t=119419 Requested by Host: bus.znate.ru URL: http://bus.znate.ru/ Protocol HTTP/1.1 Server 88.212.201.95 , Russian Federation, ASN39134 (UNITEDNET, RU), Reverse DNS 95-201-212-88.host.exepto.ru Software nginx / Resource Hash `ffdb2ab8b24633d360db0d8b8e79dd776f39eaf51200f9f211bcec0cb2c5bd70` Request headers Referer http://bus.znate.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 01 May 2019 09:21:31 GMT Content-Encoding gzip Last-Modified Wed, 17 Apr 2019 13:22:03 GMT Server nginx x-amz-request-id 2A53DB1A03495044 ETag "24e1a7a54b6c80f33a64e15d02670a9b" Content-Type text/javascript Cache-Control max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 28670 x-amz-id-2 KSJfgUWeMSieUy/jaSQFvWfuQ7sSQTGsn0B1nQfKzHJnDkNSp+WzTkCELetXg7m4iwqC2BZdxns=
GET H/1.1	200 OK	adv_out.php Show response n.pay-click.ru/	621 B 548 B	89ms 12ms	Script text/javascript	31.172.81.23 DE-FIRSTCOLO www....
General Check archive.org Show headers Download Go to Full URL http://n.pay-click.ru/adv_out.php?Id=72605&from_static=1&RNum=3291&hours=9&BlockIds=72605&Referer= Requested by Host: pay-click.ru URL: https://pay-click.ru/js/adv_out.js Protocol HTTP/1.1 Server 31.172.81.23 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE), Reverse DNS Software nginx/1.10.3 / Resource Hash `9f07607c59cb090fc6fe17799fc5ae47c2827629438ee339e31808f5a2f979e8` Request headers Referer http://bus.znate.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Wed, 01 May 2019 09:21:33 GMT Content-Encoding gzip Vary Accept-Encoding Server nginx/1.10.3 Connection keep-alive Transfer-Encoding chunked Content-Type text/javascript; charset=utf-8
GET H/1.1	200 OK	adv_out.js Show response ad.pay-click.ru/	43 KB 15 KB	101ms 9ms	Script text/javascript	31.172.81.24 DE-FIRSTCOLO www....
General Check archive.org Show headers Download Go to Full URL http://ad.pay-click.ru/adv_out.js?Id=60649&SubId=0 Requested by Host: n.pay-click.ru URL: http://n.pay-click.ru/adv_out.php?Id=72605&from_static=1&RNum=3291&hours=9&BlockIds=72605&Referer= Protocol HTTP/1.1 Server 31.172.81.24 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE), Reverse DNS Software nginx/1.10.3 / Resource Hash `34ddbdf28858d7b1e2c4c464e83c669ff242de86b672b8c7af6ed6765be625ad` Request headers Referer http://bus.znate.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 01 May 2019 09:21:33 GMT Content-Encoding gzip Vary Accept-Encoding Server nginx/1.10.3 Connection keep-alive Transfer-Encoding chunked Content-Type text/javascript; charset=utf-8
GET H/1.1	200 OK	e.js Show response sync.users-api.com/	64 B 544 B	31ms 7ms	Script application/x-javascript	31.172.81.242 DE-FIRSTCOLO www....
General Check archive.org Show headers Download Go to Full URL http://sync.users-api.com/e.js Requested by Host: ad.pay-click.ru URL: http://ad.pay-click.ru/adv_out.js?Id=60649&SubId=0 Protocol HTTP/1.1 Server 31.172.81.242 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE), Reverse DNS Software nginx/1.10.3 / Resource Hash `9bebab022f7f38d274b1ec3d13be90d1c174c9153fc268e490f4fc49e260fa74` Request headers Referer http://bus.znate.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 01 May 2019 09:21:33 GMT Content-Encoding gzip Last-Modified Wed, 26 Jul 2017 12:01:01 GMT Server nginx/1.10.3 etag W/"686897696a7c876b7e1" Vary Accept-Encoding, Accept-Encoding Content-Type application/x-javascript access-control-allow-origin * cache-control private, immutable, no-transform access-control-allow-credentials true Connection keep-alive Transfer-Encoding chunked
GET H/1.1	200 OK	a Show response ad.pay-click.ru/	44 KB 13 KB	31ms 30ms	Script text/javascript	31.172.81.24 DE-FIRSTCOLO www....
General Check archive.org Show headers Download Go to Full URL http://ad.pay-click.ru/a?Id=60649&uid=ssp-360fed5f-e073-d7c0-b02c-1556702491&sync=0&hours=9&ajax=0&domain=ad.pay-click.ru&unq=1&sub_id=0&cookies=1&_c=e30%3D&RNum=8100&docurl_=aHV2cz40NWl9fDjChXpuwoJ0PsKDwodC&client_info=eyJ3aW4iOnsidyI6MTU4NSwiaCI6MjAwMX0sInNjcmVlbiI6eyJ3aWR0aCI6MTYwMCwiaGVpZ2h0IjoxMjAwLCJjb2xvckRlcHRoIjoyNCwicGl4ZWxEZXB0aCI6MjR9LCJuYXZpZ2F0b3IiOnsibGFuZ3VhZ2UiOiJlbi1VUyIsImJyb3dzZXJMYW5ndWFnZSI6IiIsInN5c3RlbUxhbmd1YWdlIjoiIiwidXNlckxhbmd1YWdlIjoiIiwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ2ZW5kb3IiOiJHb29nbGUgSW5jLiIsInRpbWVab25lIjowLCJkYXRlIjoiMjAxOS0wNS0wMVQwOToyMTozMS4yNTRaIiwiaG91ciI6OSwid2lkdGgiOjE2MDAsImhlaWdodCI6MTIwMCwicGx1Z2lucyI6W10sImZsYXNoVmVyc2lvbiI6ZmFsc2UsImNvbm5lY3Rpb25UeXBlIjoidW5kZWYifX0%3D&doc_inf=eyJ0aXRsZSI6IiVEMCU5MSVEMCVCOCVEMCVCNyVEMCVCRCVEMCVCNSVEMSU4MS0lRDAlQkYlRDAlQkIlRDAlQjAlRDAlQkQlRDElOEIiLCJkZXNjcmlwdGlvbiI6IiIsImNoYXJTZXQiOiJVVEYtOCJ9&set=e30%3D&ver=8&bln=0 Requested by Host: ad.pay-click.ru URL: http://ad.pay-click.ru/adv_out.js?Id=60649&SubId=0 Protocol HTTP/1.1 Server 31.172.81.24 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE), Reverse DNS Software nginx/1.10.3 / Resource Hash `e0d1282c1985071d1eb879d5cc138d6c8f522d51170079f481044fff60a47cc4` Request headers Referer http://bus.znate.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 01 May 2019 09:21:33 GMT Content-Encoding gzip Vary Accept-Encoding Server nginx/1.10.3 Connection keep-alive Transfer-Encoding chunked Content-Type text/javascript; charset=utf-8
GET H/1.1	204 No Content	track.gif xl-trk.com/	0 136 B	46ms 15ms	Image text/plain	88.208.41.101 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL http://xl-trk.com/track.gif?a=ssr_render1&c=60649 Protocol HTTP/1.1 Server 88.208.41.101 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://bus.znate.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers X-Upstream 192.168.11.101:8085 Date Wed, 01 May 2019 09:21:31 GMT Server nginx Connection keep-alive
GET H/1.1	200 OK	img_200x200.jpg cdn.user-api.com/r/588ec95c287f3e89138b4e94/	41 KB 42 KB	54ms 12ms	Image image/jpeg	2a03:90c0:9997::9997 GCORE
General Check archive.org Show headers Download Go to Show image Full URL http://cdn.user-api.com/r/588ec95c287f3e89138b4e94/img_200x200.jpg Protocol HTTP/1.1 Server 2a03:90c0:9997::9997 , Austria, ASN199524 (GCORE, AT), Reverse DNS Software nginx / Resource Hash `4b93d59f97124cc1c920ff7cbe320fda101e38eb0866e06de424e162352df00a` Request headers Referer http://bus.znate.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers X-ID cec-up-gc11 Date Wed, 01 May 2019 09:21:31 GMT Last-Modified Mon, 30 Jan 2017 05:04:31 GMT Server nginx ETag "588ec95f-a517" X-Cached-Since 2019-04-30T02:39:52+00:00 Content-Type image/jpeg Access-Control-Allow-Origin * Cache HIT Connection keep-alive Accept-Ranges bytes Access-Control-Allow-Headers * Content-Length 42263
GET H/1.1	200 OK	img_200x200.gif cdn.user-api.com/r/ss_bfba1ec3193527e2416798ed9109aed41471925722/	187 KB 188 KB	55ms 13ms	Image image/gif	2a03:90c0:9997::9997 GCORE
General Check archive.org Show headers Download Go to Show image Full URL http://cdn.user-api.com/r/ss_bfba1ec3193527e2416798ed9109aed41471925722/img_200x200.gif Protocol HTTP/1.1 Server 2a03:90c0:9997::9997 , Austria, ASN199524 (GCORE, AT), Reverse DNS Software nginx / Resource Hash `e335c208432a769946e8d5a06a349690af1a5cb9616ee73009ee975c89471ef0` Request headers Referer http://bus.znate.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers X-ID cec-up-gc11 Date Wed, 01 May 2019 09:21:31 GMT Last-Modified Tue, 23 Aug 2016 04:15:22 GMT Server nginx ETag "57bbcdda-2ed72" X-Cached-Since 2019-04-30T02:39:52+00:00 Content-Type image/gif Access-Control-Allow-Origin * Cache HIT Connection keep-alive Accept-Ranges bytes Access-Control-Allow-Headers * Content-Length 191858
GET H/1.1	200 OK	img_200x200.gif cdn.user-api.com/r/582be1d6287f3e64138b46db/	90 KB 90 KB	55ms 13ms	Image image/gif	2a03:90c0:9997::9997 GCORE
General Check archive.org Show headers Download Go to Show image Full URL http://cdn.user-api.com/r/582be1d6287f3e64138b46db/img_200x200.gif Protocol HTTP/1.1 Server 2a03:90c0:9997::9997 , Austria, ASN199524 (GCORE, AT), Reverse DNS Software nginx / Resource Hash `0ed13da48ecc7158a6c2a256ebfb6cb144c5ac739a851651b8fe11b1f5921864` Request headers Referer http://bus.znate.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers X-ID cec-up-a10 Date Wed, 01 May 2019 09:21:31 GMT Last-Modified Wed, 23 Nov 2016 11:17:48 GMT Server nginx ETag "58357adc-16838" X-Cached-Since 2019-04-29T07:43:00+00:00 Content-Type image/gif Access-Control-Allow-Origin * Cache HIT Connection keep-alive Accept-Ranges bytes Access-Control-Allow-Headers * Content-Length 92216
GET H/1.1	200 OK	st ad.pay-click.ru/	119 B 119 B	12ms 10ms	Image image/png	31.172.81.24 DE-FIRSTCOLO www....
General Check archive.org Show headers Download Go to Show image Full URL http://ad.pay-click.ru/st?d=eyJ0aW1lIjoxNTU2NzAyNDkxLCJhZG5faWQiOjE0LCJhZHRfaWQiOjEsImNvZGVfaWQiOjYwNjQ5LCJzaXRlX2lkIjozNDAxNiwic3ViX2lkIjoiMCIsImNucl9jb2RlIjoiREVVIiwiY2l0eSI6IkJlcmxpbiIsImRzcCI6MTYzLCJhZHRfZm9ybWF0IjoiM3gxIn0 Protocol HTTP/1.1 Server 31.172.81.24 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE), Reverse DNS Software nginx/1.10.3 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://bus.znate.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache Date Wed, 01 May 2019 09:21:33 GMT Server nginx/1.10.3 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" access-control-allow-origin * cache-control no-cache, no-store Connection keep-alive Content-Type image/png Content-Length 119
GET H/1.1	204 No Content	track.gif xl-trk.com/	0 136 B	45ms 14ms	Image text/plain	88.208.41.101 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL http://xl-trk.com/track.gif?a=ssr_runtime1&c=60649 Protocol HTTP/1.1 Server 88.208.41.101 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://bus.znate.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers X-Upstream 192.168.11.101:8085 Date Wed, 01 May 2019 09:21:31 GMT Server nginx Connection keep-alive
GET H/1.1	200 OK	/ sync.xoalt.com/ Redirect Chain http://sync.xoalt.com/?src=pc1 http://sync3.adsniper.ru/?src=ss1&s_data=CAEQABibyqXmBVIF0uPO5AI* http://sync3.adsniper.ru/?src=ss1&s_data=CAIQARibyqXmBVIF0uPO5AKiARCBt-L0a_IR6YpTDMR6bS_v http://sync.xoalt.com/?src=pc1&s_data=CAIQABibyqXmBaIBEIG34vRr8hHpilMMxHptL-8* http://sync.xoalt.com/?src=pc1&s_data=CAIQARibyqXmBaIBEIG34vRr8hHpilMMxHptL-8*	341 B 341 B	7ms 6ms	Image text/html	31.172.81.159 DE-FIRSTCOLO www....
General Check archive.org Show headers Download Go to Show image Full URL http://sync.xoalt.com/?src=pc1&s_data=CAIQARibyqXmBaIBEIG34vRr8hHpilMMxHptL-8* Protocol HTTP/1.1 Server 31.172.81.159 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://bus.znate.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 01 May 2019 09:21:31 GMT Server nginx ETag 81b7e2f4-6bf2-11e9-8a53-0cc47a6d2fef P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Cache-Control no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0 Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 341 Redirect headers Date Wed, 01 May 2019 09:21:31 GMT Server nginx ETag 81b7e2f4-6bf2-11e9-8a53-0cc47a6d2fef P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Location //sync.xoalt.com/?src=pc1&s_data=CAIQARibyqXmBaIBEIG34vRr8hHpilMMxHptL-8* Cache-Control no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0 Connection keep-alive Content-Type application/javascript Content-Length 0
GET DATA	200 OK	truncated /	213 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `fe659323463cecb7ef5d20bcc789bdd7493700c4dce3d95fc55b094fe8d2c91e` Request headers Referer http://bus.znate.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	1 Show response servicer-eu.mgid.com/355720/	3 KB 2 KB	149ms 60ms	Script application/x-javascript	104.16.130.5 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://servicer-eu.mgid.com/355720/1?w=368&h=662&cols=0&pv=5&cbuster=1556702491689772358526&ref=&lu=http%3A%2F%2Fbus.znate.ru%2F&pageView=1&pvid=16a72b2f42bb1600732&implVersion=9 Requested by Host: jsc.dt00.net URL: http://jsc.dt00.net/b/u/bus.znate.ru.47070.js?t=119419 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.130.5 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `90cac1e2a2aa7ff1b711a4a5e7183ec0e44027c89770fac2b02be0850b44969d` Request headers Referer http://bus.znate.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Wed, 01 May 2019 09:21:31 GMT content-encoding br server cloudflare p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript; charset=utf-8 status 200 cache-control max-age=0, no-store, no-cache, must-revalidate access-control-allow-credentials true cf-ray 4d00af8dac2bc277-FRA
GET H2	200	i.js Show response cm.mgid.com/	583 B 673 B	429ms 120ms	Script application/javascript	96.46.176.148 Servers.com
General Check archive.org Show headers Download Go to Full URL https://cm.mgid.com/i.js?cbuster=1556702491849859929539 Requested by Host: jsc.dt00.net URL: http://jsc.dt00.net/b/u/bus.znate.ru.47070.js?t=119419 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 96.46.176.148 Dallas, United States, ASN7979 (SERVERS - Servers.com, Inc., US), Reverse DNS Software nginx/1.15.7 / Resource Hash `d7feecbf5e014c6e0222a7c45c895961a743027159e90f36bce2a2b6ae6780d0` Request headers Referer http://bus.znate.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Wed, 01 May 2019 09:21:32 GMT content-encoding gzip server nginx/1.15.7 vary Accept-Encoding p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" status 200 cache-control max-age=0, no-store, no-cache, must-revalidate access-control-allow-credentials true content-type application/javascript
GET H2	200	i-noref.js Show response cm.mgid.com/ Frame BC79	280 B 558 B	423ms 121ms	Script application/javascript	96.46.176.148 Servers.com
General Check archive.org Show headers Download Go to Full URL https://cm.mgid.com/i-noref.js?cbuster=1556702491856597429105 Requested by Host: jsc.dt00.net URL: http://jsc.dt00.net/b/u/bus.znate.ru.47070.js?t=119419 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 96.46.176.148 Dallas, United States, ASN7979 (SERVERS - Servers.com, Inc., US), Reverse DNS Software nginx/1.15.7 / Resource Hash `1465569736cc787b40f47185ba7515fb4cb4bdfc7f77db2a64d40f006ac39a85` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Wed, 01 May 2019 09:21:32 GMT content-encoding gzip server nginx/1.15.7 vary Accept-Encoding p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" status 200 cache-control max-age=0, no-store, no-cache, must-revalidate access-control-allow-credentials true content-type application/javascript
GET H2	200	by_mgid_adc_logo_mini.svg cdn.mgid.com/images/	2 KB 1 KB	25ms 11ms	Image image/svg+xml	104.16.130.5 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.mgid.com/images/by_mgid_adc_logo_mini.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.130.5 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `ed09341e9cf6bbb14bd17e6a28e4d1c53c63826aec2f79fa598c475f86e02f1e` Request headers Referer http://bus.znate.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 01 May 2019 09:21:31 GMT content-encoding br cf-cache-status HIT last-modified Mon, 01 Apr 2019 10:39:06 GMT server cloudflare x-amz-request-id 0F94D3DDAC4BCFFF etag W/"5f3390adb0b6aeb988c5d7415b31cbe1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/svg+xml status 200 cache-control public, max-age=14400 cf-ray 4d00af8e3e1dc277-FRA x-amz-id-2 UI7e3KYXWO6qjxBHRgIXBC3FudXZKZ2mS+JVIexXj25P9fQGp4sCTkJQXAyAE5ThL3dWemtmIN8= expires Wed, 01 May 2019 13:21:31 GMT
GET H2	200	aHR0cDovL2ltZy11cy5tZ2lkLmNvbS90LzIwMTktMDQvMzU0OTI2L2VlMTgzMTBmZmJhZmNjODk1YjBjM2RlN2MxZDNmOTM2LmpwZw**.webp s-img.mgid.com/g/3506993/140x140/37x0x493x493/	3 KB 3 KB	22ms 9ms	Image image/webp	104.16.130.5 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/3506993/140x140/37x0x493x493/aHR0cDovL2ltZy11cy5tZ2lkLmNvbS90LzIwMTktMDQvMzU0OTI2L2VlMTgzMTBmZmJhZmNjODk1YjBjM2RlN2MxZDNmOTM2LmpwZw.webp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.130.5 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `f16c3b5e17c46e53f229b9e9bd86c816bac51261eb882b4c4fbba7dc559157bb` Request headers Referer http://bus.znate.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 01 May 2019 09:21:31 GMT cf-cache-status HIT last-modified Thu, 18 Apr 2019 19:06:44 GMT server cloudflare access-control-allow-origin** , expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp status 200 cache-control public, max-age=86400 accept-ranges bytes cf-ray 4d00af8e3e1ec277-FRA content-length 3314 expires Thu, 02 May 2019 09:21:31 GMT
GET H2	200	aHR0cDovL2ltZy11cy5tZ2lkLmNvbS90LzIwMTktMDMvMjc5MzU4L2IzYTBlNDdjYWZkOTlmMzdhMGM3NDNmNWRkZjFlZGZlLmpwZw**.webp s-img.mgid.com/g/3422558/140x140/167x0x971x971/	3 KB 3 KB	26ms 13ms	Image image/webp	104.16.130.5 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/3422558/140x140/167x0x971x971/aHR0cDovL2ltZy11cy5tZ2lkLmNvbS90LzIwMTktMDMvMjc5MzU4L2IzYTBlNDdjYWZkOTlmMzdhMGM3NDNmNWRkZjFlZGZlLmpwZw.webp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.130.5 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `4ff76bc7eace2159de54ecaf6ceac587a41d0046c9150c9d75da5eafa90aa629` Request headers Referer http://bus.znate.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 01 May 2019 09:21:31 GMT cf-cache-status HIT last-modified Wed, 27 Mar 2019 14:48:53 GMT server cloudflare access-control-allow-origin** , expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp status 200 cache-control public, max-age=86400 accept-ranges bytes cf-ray 4d00af8e3e1fc277-FRA content-length 3126 expires Thu, 02 May 2019 09:21:31 GMT
GET H2	200	aHR0cDovL2ltZy11cy5tZ2lkLmNvbS90ZWFzZXIvMjAxOS0wMS0yOC8zNTQ5MjYvZDE2Yjg3Nzg3YWJmNmJjZjE1N2U0OGQ3ZThkMTE4OGIuanBlZz90PTE1NDg2ODcxMDI2MDE*.webp s-img.mgid.com/g/3238037/140x140/164x0x400x400/	2 KB 2 KB	24ms 12ms	Image image/webp	104.16.130.5 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/3238037/140x140/164x0x400x400/aHR0cDovL2ltZy11cy5tZ2lkLmNvbS90ZWFzZXIvMjAxOS0wMS0yOC8zNTQ5MjYvZDE2Yjg3Nzg3YWJmNmJjZjE1N2U0OGQ3ZThkMTE4OGIuanBlZz90PTE1NDg2ODcxMDI2MDE.webp Protocol* H2 Security TLS 1.3, , AES_128_GCM Server 104.16.130.5 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `733b768e83592a00546a58f285ad620947f41900c441099695a373bbaa231a51` Request headers Referer http://bus.znate.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 01 May 2019 09:21:31 GMT cf-cache-status HIT last-modified Sat, 13 Apr 2019 09:54:44 GMT server cloudflare access-control-allow-origin , expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp status 200 cache-control public, max-age=86400 accept-ranges bytes cf-ray 4d00af8e3e21c277-FRA content-length 2086 expires Thu, 02 May 2019 09:21:31 GMT
GET H2	200	aHR0cDovL2ltZy11cy5tZ2lkLmNvbS90ZW1wLzIwMTktMDEtMTUvMzUyODgyL2E2MTExZDMyOWFkYjQ4ZGQyMTE3OWNjMDA2M2Y4MjBlLmpwZWc_dD0xNTQ3NTUzMjgxMzcz.webp s-img.mgid.com/g/3205653/140x140/31x0x328x328/	3 KB 3 KB	25ms 14ms	Image image/webp	104.16.130.5 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/3205653/140x140/31x0x328x328/aHR0cDovL2ltZy11cy5tZ2lkLmNvbS90ZW1wLzIwMTktMDEtMTUvMzUyODgyL2E2MTExZDMyOWFkYjQ4ZGQyMTE3OWNjMDA2M2Y4MjBlLmpwZWc_dD0xNTQ3NTUzMjgxMzcz.webp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.130.5 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `096a764e35f9a0a7e1eb9952a4aadaff71eae3d80ec8db4949951fb512c0afaf` Request headers Referer http://bus.znate.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 01 May 2019 09:21:31 GMT cf-cache-status HIT last-modified Mon, 22 Apr 2019 15:35:23 GMT server cloudflare access-control-allow-origin , expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp status 200 cache-control public, max-age=86400 accept-ranges bytes cf-ray 4d00af8e3e23c277-FRA content-length 3106 expires Thu, 02 May 2019 09:21:31 GMT
GET H2	200	c c.mgid.com/ Frame 77DD	43 B 278 B	428ms 99ms	Image image/gif	96.46.176.148 Servers.com
General Check archive.org Show headers Download Go to Show image Full URL https://c.mgid.com/c?pv=2&f=1&v=140\|140\|0\|a95edpAGZERHK3Gald6NS4yiZm6hPKWCzEnQ1bAM5W8w6sVRZiBJJP3qX2TF_Pu4&fw=1&v=140\|140\|0\|u1P1w_zk4EeyC__Zl-bZ90HHQfsmX02AdlctVt6Esr6m7o0dkGm0i01x8C45-Hw_&v=140\|140\|0\|GTDD1PmhYt585CbDosS8LOzp0zmMFd_tWcr_xJi_cP3BxKfMLjT-DbCwppAPczR5&v=140\|140\|0\|ZsL9hz4w0a3ciOnVzdKcRkayNRWelO-hYxSz2UnBosfWjofWtpGAGH4Cm07fpLje&cid=355720&h2=jMX-hNFsyEz0ssrK-8e8HFlBrYxyUp2E5JVj1l4HvK8&rid=81f61396-6bf2-11e9-920c-246e96783022&tt=Direct&cbuster=1556702491862246870934&tpl=0 Protocol* H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 96.46.176.148 Dallas, United States, ASN7979 (SERVERS - Servers.com, Inc., US), Reverse DNS Software nginx/1.15.7 / Resource Hash `aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22` Request headers Referer http://bus.znate.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Wed, 01 May 2019 09:21:32 GMT server nginx/1.15.7 p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" status 200 cache-control max-age=0, no-store, no-cache, must-revalidate access-control-allow-credentials true content-type image/gif
GET H2	200	/ cm.steepto.com/setmuidn/	0 309 B	580ms 142ms	Image image/gif	64.58.116.134 Servers.com
General Check archive.org Show headers Download Go to Show image Full URL https://cm.steepto.com/setmuidn/?muidf=j41vA88SZJl2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 64.58.116.134 Dallas, United States, ASN7979 (SERVERS - Servers.com, Inc., US), Reverse DNS Software nginx/1.15.7 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://bus.znate.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Wed, 01 May 2019 09:21:32 GMT server nginx/1.15.7 p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" status 200 cache-control max-age=0, no-store, no-cache, must-revalidate access-control-allow-credentials true content-type image/gif
GET H/1.1	200 OK	52164 i.liadm.com/s/ Redirect Chain https://x.bidswitch.net/sync?dsp_id=303&user_id=j41vA88SZJl2 https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=j41vA88SZJl2 https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=e86579a2-61fa-4cf5-9234-5956f7498125 https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=e86579a2-61fa-4cf5-9234-5956f7498125&_li_chk=true&previous_uuid=738c81601a5c4994b07887d6883ff2ab	43 B 332 B	95ms 95ms	Image image/gif	52.4.94.17 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=e86579a2-61fa-4cf5-9234-5956f7498125&_li_chk=true&previous_uuid=738c81601a5c4994b07887d6883ff2ab Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.4.94.17 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-52-4-94-17.compute-1.amazonaws.com Software / Resource Hash `caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c` Request headers Referer http://bus.znate.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 01 May 2019 09:21:32 GMT Cache-Control no-store Connection keep-alive Content-Length 43 Content-Type image/gif Redirect headers Location /s/52164?bidder_id=5298&licd=&bidder_uuid=e86579a2-61fa-4cf5-9234-5956f7498125&_li_chk=true&previous_uuid=738c81601a5c4994b07887d6883ff2ab Date Wed, 01 May 2019 09:21:32 GMT Connection keep-alive Content-Length 0
GET H2	200	/ cm.lentainform.com/setmuidn/	0 275 B	243ms 66ms	Image image/gif	88.212.196.59 UNITEDNET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.lentainform.com/setmuidn/?muidf=j41vA88SZJl2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 88.212.196.59 , Russian Federation, ASN39134 (UNITEDNET, RU), Reverse DNS 59-196-212-88.host.exepto.ru Software nginx/1.15.7 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://bus.znate.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers status 200 pragma no-cache date Wed, 01 May 2019 09:21:32 GMT cache-control max-age=0, no-store, no-cache, must-revalidate server nginx/1.15.7 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" content-type image/gif
GET H2	200	google cm.mgid.com/ Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=ajQxdkE4OFNaSmwy&muidn=j41vA88SZJl2 https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=ajQxdkE4OFNaSmwy&muidn=j41vA88SZJl2&google_tc= https://cm.mgid.com/google?muidn=j41vA88SZJl2&google_ula={guid},5&google_gid=CAESENpunI478sOYB7CNevnkVE4&google_cver=1	0 285 B	96ms 95ms	Image text/plain	96.46.176.148 Servers.com
General Check archive.org Show headers Download Go to Show image Full URL https://cm.mgid.com/google?muidn=j41vA88SZJl2&google_ula={guid},5&google_gid=CAESENpunI478sOYB7CNevnkVE4&google_cver=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 96.46.176.148 Dallas, United States, ASN7979 (SERVERS - Servers.com, Inc., US), Reverse DNS Software nginx/1.15.7 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://bus.znate.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Wed, 01 May 2019 09:21:32 GMT content-encoding gzip server nginx/1.15.7 vary Accept-Encoding p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" status 200 cache-control max-age=0, no-store, no-cache, must-revalidate access-control-allow-credentials true content-type text/plain Redirect headers pragma no-cache date Wed, 01 May 2019 09:21:32 GMT server HTTP server (unknown) location https://cm.mgid.com/google?muidn=j41vA88SZJl2&google_ula={guid},5&google_gid=CAESENpunI478sOYB7CNevnkVE4&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 302 cache-control no-cache, must-revalidate content-type text/html; charset=UTF-8 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39" content-length 327 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ cm.marketgid.com/setmuidn/	0 273 B	241ms 65ms	Image image/gif	88.212.201.80 UNITEDNET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.marketgid.com/setmuidn/?muidf=j41vA88SZJl2 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 88.212.201.80 , Russian Federation, ASN39134 (UNITEDNET, RU), Reverse DNS 80-201-212-88.host.exepto.ru Software nginx/1.15.7 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://bus.znate.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers status 200 pragma no-cache date Wed, 01 May 2019 09:21:32 GMT cache-control max-age=0, no-store, no-cache, must-revalidate server nginx/1.15.7 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" content-type image/gif
GET H2	200	m cm.mgid.com/ Frame BC79 Redirect Chain https://recreativ.ru/mtch/13/j41vA88SZJl2/?fredir=1 https://cm.mgid.com/m?cdsp=341188&c=43113026552	43 B 327 B	103ms 102ms	Image image/gif	96.46.176.148 Servers.com
General Check archive.org Show headers Download Go to Show image Full URL https://cm.mgid.com/m?cdsp=341188&c=43113026552 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 96.46.176.148 Dallas, United States, ASN7979 (SERVERS - Servers.com, Inc., US), Reverse DNS Software nginx/1.15.7 / Resource Hash `aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Wed, 01 May 2019 09:21:32 GMT server nginx/1.15.7 p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" status 200 cache-control max-age=0, no-store, no-cache, must-revalidate access-control-allow-credentials true content-type image/gif Redirect headers location https://cm.mgid.com/m?cdsp=341188&c=43113026552 HN b6 Date Wed, 01 May 2019 09:21:32 GMT Server nginx Connection close Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	m cm.mgid.com/ Frame BC79 Redirect Chain https://udata.mixmarket.biz/tr.php?syncnet=28&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D311971%26mode%3Dinverse%26c%3D%24UID https://cm.mgid.com/m?cdsp=311971&mode=inverse&c=0	43 B 327 B	108ms 108ms	Image image/gif	96.46.176.148 Servers.com
General Check archive.org Show headers Download Go to Show image Full URL https://cm.mgid.com/m?cdsp=311971&mode=inverse&c=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 96.46.176.148 Dallas, United States, ASN7979 (SERVERS - Servers.com, Inc., US), Reverse DNS Software nginx/1.15.7 / Resource Hash `aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Wed, 01 May 2019 09:21:32 GMT server nginx/1.15.7 p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" status 200 cache-control max-age=0, no-store, no-cache, must-revalidate access-control-allow-credentials true content-type image/gif Redirect headers Location https://cm.mgid.com/m?cdsp=311971&mode=inverse&c=0 Date Wed, 01 May 2019 09:21:32 GMT Server nginx/1.14.2 Connection keep-alive Transfer-Encoding chunked

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bus.znate.ru/	1970-01-19 00:25:55	Name: SC_unique_60649 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.pay-click.ru
bus.znate.ru
c.mgid.com
cdn.mgid.com
cdn.user-api.com
cm.g.doubleclick.net
cm.lentainform.com
cm.marketgid.com
cm.mgid.com
cm.steepto.com
counter.yadro.ru
i.liadm.com
jsc.dt00.net
n.pay-click.ru
pay-click.ru
recreativ.ru
s-img.mgid.com
servicer-eu.mgid.com
st.pc.adonweb.ru
sync.users-api.com
sync.xoalt.com
sync3.adsniper.ru
udata.mixmarket.biz
x.bidswitch.net
xl-trk.com
104.16.130.5
136.243.84.74
172.217.16.194
18.153.11.5
185.56.233.120
23.105.254.60
2a03:90c0:9997::9997
31.172.81.159
31.172.81.23
31.172.81.24
31.172.81.242
5.9.154.210
52.4.94.17
64.58.116.134
88.208.41.101
88.208.41.105
88.212.196.59
88.212.196.77
88.212.201.80
88.212.201.95
96.46.176.148
096a764e35f9a0a7e1eb9952a4aadaff71eae3d80ec8db4949951fb512c0afaf
0ed13da48ecc7158a6c2a256ebfb6cb144c5ac739a851651b8fe11b1f5921864
1465569736cc787b40f47185ba7515fb4cb4bdfc7f77db2a64d40f006ac39a85
2aa3e66601e5663d6a79dedffc23c7fb4b19b2017cc796085d42324556b7d003
34ddbdf28858d7b1e2c4c464e83c669ff242de86b672b8c7af6ed6765be625ad
47c331bde1400a2f6bfa8ae6252adad7d0bf776a0cb238f9cf46de4ff996f9d7
4b93d59f97124cc1c920ff7cbe320fda101e38eb0866e06de424e162352df00a
4ff76bc7eace2159de54ecaf6ceac587a41d0046c9150c9d75da5eafa90aa629
733b768e83592a00546a58f285ad620947f41900c441099695a373bbaa231a51
90cac1e2a2aa7ff1b711a4a5e7183ec0e44027c89770fac2b02be0850b44969d
989fb827cf37b47c586877cffab79dbe73205c127646eac067f369468efcf33d
9bebab022f7f38d274b1ec3d13be90d1c174c9153fc268e490f4fc49e260fa74
9f07607c59cb090fc6fe17799fc5ae47c2827629438ee339e31808f5a2f979e8
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad47aa5ddee201231a37b58762acb4b34a1d40ae62c29c8e910aedf462336d4a
ae18bd24feeb090db811fe74610790df4deaa4616fa1c698c143ade41d036e7e
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d7feecbf5e014c6e0222a7c45c895961a743027159e90f36bce2a2b6ae6780d0
e09940f0589d6d25444c870ea2b5ee25ee88dbbc6f6a1898242c890dc880f74a
e0d1282c1985071d1eb879d5cc138d6c8f522d51170079f481044fff60a47cc4
e335c208432a769946e8d5a06a349690af1a5cb9616ee73009ee975c89471ef0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed09341e9cf6bbb14bd17e6a28e4d1c53c63826aec2f79fa598c475f86e02f1e
f16c3b5e17c46e53f229b9e9bd86c816bac51261eb882b4c4fbba7dc559157bb
fe659323463cecb7ef5d20bcc789bdd7493700c4dce3d95fc55b094fe8d2c91e
ffdb2ab8b24633d360db0d8b8e79dd776f39eaf51200f9f211bcec0cb2c5bd70

bus.znate.ru Open in urlscan Pro 5.9.154.210 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

35 Requests

49 %HTTPS

5 %IPv6

19 Domains

25 Subdomains

17 IPs

6 Countries

420 kBTransfer

570 kBSize

1 Cookies

10 Outgoing links

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bus.znate.ru Open in urlscan Pro
5.9.154.210 Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

49 %
HTTPS

5 %
IPv6

19
Domains

25
Subdomains

17
IPs

6
Countries

420 kB
Transfer

570 kB
Size

1
Cookies

35 HTTP transactions
1 data transactions