urlscan.io logo urlscan.io
SecurityTrails logo

grodno.btrans.by Open in urlscan Pro
185.105.109.12  Public Scan

Go To Rescan Add Verdict Report
URL: https://grodno.btrans.by/trollejbus/9
Submission: On November 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 34 HTTP transactions. The main IP is 185.105.109.12, located in Russian Federation and belongs to EUROBYTE, RU. The main domain is grodno.btrans.by.
TLS certificate: Issued by R3 on October 6th 2023. Valid for: 3 months.
This is the only time grodno.btrans.by was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 185.105.109.12 210079 (EUROBYTE)
7 216.58.212.130 15169 (GOOGLE)
6 13 87.250.250.119 208398 (TELETECH)
4 216.58.206.34 15169 (GOOGLE)
2 216.58.212.161 15169 (GOOGLE)
1 142.250.181.226 15169 (GOOGLE)
1 178.250.7.12 ()
34 8
11    185.105.109.12 (Russian Federation)

ASN210079 (EUROBYTE, RU)
PTR: softovik.net
grodno.btrans.by
btrans.by
7    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net
pagead2.googlesyndication.com
13    87.250.250.119 (Russian Federation)

ASN208398 (TELETECH, RS)
PTR: mc.yandex.ru
mc.yandex.ru
mc.yandex.com
mc.yandex.by
4    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net
googleads.g.doubleclick.net
2    216.58.212.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f1.1e100.net
tpc.googlesyndication.com
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
www.googletagservices.com
1    178.250.7.12 (None, )

ASN- ()
rtb.fr3.eu.criteo.com
Apex Domain
Subdomains		 Transfer
11 btrans.by
grodno.btrans.by
btrans.by
34 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
198 KB
7 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 8755
3 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
25 KB
4 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4034
71 KB
2 yandex.by
mc.yandex.by — Cisco Umbrella Rank: 190466
723 B
1 criteo.com
ads.eu.criteo.com Failed
rtb.fr3.eu.criteo.com
126 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
64 KB
34 8
Domain Requested by
10 btrans.by grodno.btrans.by
7 mc.yandex.com 3 redirects grodno.btrans.by
mc.yandex.ru
7 pagead2.googlesyndication.com grodno.btrans.by
pagead2.googlesyndication.com
www.googletagservices.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 mc.yandex.ru 2 redirects grodno.btrans.by
2 tpc.googlesyndication.com googleads.g.doubleclick.net
2 mc.yandex.by 1 redirects grodno.btrans.by
1 rtb.fr3.eu.criteo.com googleads.g.doubleclick.net
1 www.googletagservices.com googleads.g.doubleclick.net
1 grodno.btrans.by
0 ads.eu.criteo.com Failed googleads.g.doubleclick.net
34 11

This site contains links to these domains. Also see Links.

Domain
vk.com
www.facebook.com
connect.ok.ru
Subject Issuer Validity Valid
grodno.btrans.by
R3		 2023-10-06 -
2024-01-04		 3 months crt.sh
btrans.by
R3		 2023-10-06 -
2024-01-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-08-14 -
2024-01-24		 5 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-07 -
2023-12-30		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://grodno.btrans.by/trollejbus/9
Frame ID: A0599DBD814E10724690C820ABD2DF48
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 4EEF93EF8739A7BB0D77F8C32A51C948
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4372351829904532&output=html&adk=1812271804&adf=3025194257&lmt=1699967441&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x1080_l%7C164x810_r&format=0x0&url=https%3A%2F%2Fgrodno.btrans.by%2Ftrollejbus%2F9&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700830030939&bpp=7&bdt=999&idt=278&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6271304130281&frm=20&pv=2&ga_vid=108305024.1700830031&ga_sid=1700830031&ga_hid=1060992466&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798934%2C31078297%2C44807763%2C44808148%2C44808284%2C44809053%2C44809072&oid=2&pvsid=1175201902341324&tmod=2043834442&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=292
Frame ID: 1D548421DB24FDF8ADE9B7AA604B070D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4372351829904532&output=html&h=280&adk=1213588912&adf=1185358063&pi=t.aa~a.1669732969~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1699967441&rafmt=1&to=qs&pwprc=7254885643&format=1200x280&url=https%3A%2F%2Fgrodno.btrans.by%2Ftrollejbus%2F9&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700830030946&bpp=1&bdt=1006&idt=289&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6271304130281&frm=20&pv=1&ga_vid=108305024.1700830031&ga_sid=1700830031&ga_hid=1060992466&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=183&ady=224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798934%2C31078297%2C44807763%2C44808148%2C44808284%2C44809053%2C44809072&oid=2&pvsid=1175201902341324&tmod=2043834442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=295
Frame ID: 1C080E0A233E43F00FA0EE228CAD270C
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWCbTwAKj5EKmq7QAAY2xklSWj8DYcrarK1D7w&u=%7CHerTKmpJUphwof9BqZkmjo4ihTFIQ34%2BhxTmizlmDoU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86yZ8SwZcZX4Og6fSTPEgv9VMHNRBcFMOqrlhynRPhMSM6HI1TuKG-WyAUxMSIxahYnXQY9zZaNzukq8Vm1asoOuMgmqx4ixLwLtJ8p6Z8mqpX26-5PQSCy3yMfRInkWcDBeCEUFiWhFU7zqlZCMEuyDa2dfSslsoe5ChokiUWHa8N9sciUZS6qdGJkFYmysPT4veL5VLGVU7mPUel2bZSFE2Q-l0DkQBxeFXOibhMn5N5iKzs7mkKXvGBLSEp6c4zh0X36YtCjAFNpq2Qx2IFRQYVZhSJbNgwBFf-TrWezZemq0D7OYuMAlzPed-vH4NLNt12_T0RpgPZho2H5dOeWrUFmjcsS00eXgMY6ay3ZIEijLurf-ATY-I3PkNasLEjnZ1euP4oX5sFKJol6jQB_Yf1xqlxKhvCU9yJttIvneNqsrwGwKXLCJBncTTdVmLtGPwni0KZFTaMrusrEppSQANXY44Hm3BQks7MR7gLY8jFY_rWytHDgIjKa72CVMeMZ1VPS0q8NXasPKQt5_ZHVkxyf10Ww8u5GsAvcB-Q4_0MlAA-xkS4Cgm0TdmtbKnLA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD0Q9T5tgZZGfKtDd6gTG7ZjoDcme0rFcpfyT93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi00MzcyMzUxODI5OTA0NTMyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0MM98ARMeSntiUMJmgHfPnQenPv7vivfC6_G8WiwBSAPYv4Ercjfk24khGWDsKQE9wHE8BCgUVyMv8miViSwi_jGI-fUkLtCF7VP-0rj2MKn-xHRMjl0E7lps4f3EiesmfbxG3QFMBZM9d39_htcUVgGlyXdglTUjkhubM5R7ykGryXfahWJoxShM9vK3tCGnp1EaiO04BKISx_GmmVok7UxlJTW--XUApPkY-Ls2qprj0bvLl9ewjlzPojBktDzxXLO92pqYX_VSHeLF3hGAvmABviF5cKri-CxggGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2EYXbsjb7Xh9lg75Rj7EE7K2OZow%26client%3Dca-pub-4372351829904532%26adurl%3D
Frame ID: 3A96F43B669183E7D7E3224C95E75DF7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Расписание троллейбуса №9 Гродно | Расписание троллейбусов

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

34
Requests

88 %
HTTPS

0 %
IPv6

8
Domains

11
Subdomains

8
IPs

2
Countries

393 kB
Transfer

1166 kB
Size

23
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10197.OkK7C-t1pB7NHMep6JLQmmTcd3nXAPUMg1AgtsMas8NBI5O19JTNYjG4SkuV0pqh.4Lv_Je2PB2oC6AX5CpHDGA609Us%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10197.K5sW69Pa7sjiNtKzWfAKAPRVqExOgL2LahZWo0it4YiL8o8ijlR0da6O8BUML7CqRH90S9XliMQSjPpTmeul0b6pkncLj0li-GgkMHznX7SvreBUYZYQ_J5cNqahbWIz1SGX9KlmvVUNIbrnfiO9LpvcaMRjz41oEM3STQfS7XlyrBz4_PYK3WkhBRjc3yZO7d8k4B632VsM81d-aWqSYUGQ5qwPjx4tEIBnoeQLHZc%2C.zVivANGFRDc2RUYeELW0rOde9Oo%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10197.geKaSbBapEuS0wAWyrzbc65o8qmJwDW1CAj-A65TSUpl9ID9atfx2VvTyte4JMlNyNvb14l6B5Y0STeioTY8gtfhpfLpQekjreimQZ0jR_ayDVVk8yD01vh8v5mC5p5xi602o0uGoiv7iWp4NRvjZAr_tv2dYLahNb3k1_9tXtJZVzQTkC6l3z-_LU6L1pEXcUYUG_wNUfe-AZwB4La9MQ%2C%2C.SLasInLJ9wwsvs5zpKwG2sCe8IQ%2C
Request Chain 20
  • https://mc.yandex.by/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.by&token=10197.TycwVtvCJFvUmHrkTHKpeV3wUOt5gUs1YBQADzhl5fieU030_Azv2W8WDVfyTtq0.szlMvaT3mc65J6fm9Zkic6WjJDA%2C HTTP 302
  • https://mc.yandex.by/sync_cookie_image_decide?token=10197.Cz4MVpB22Ei54gmI4v2U0FCnDT6HvCMZfQ-PlxAi4gjkVxKNlfFqlcQYv9Hm-0j42uGa5BYQoC7RpWknW8Zj-IZu-PFCMa4uwW4rqWPcZv3-FLEeIv0TGFY7VeC_gumL4qCja2hZV88ytZvpiH66wShtv05kXDV1L5ynpbV_wgcznHnzt7ldazDd8mM1shuM220vshTsCdn6BI0wVp58xF9XMc4llSoTnGW3o8R_ME8%2C.9p4kg6_u4FWUnUOnI-HYeYlHVU0%2C
Request Chain 23
  • https://mc.yandex.com/watch/28700948?wmode=7&page-url=https%3A%2F%2Fgrodno.btrans.by%2Ftrollejbus%2F9&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A642%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1170%3Acn%3A1%3Adp%3A0%3Als%3A270423628353%3Ahid%3A158632537%3Az%3A60%3Ai%3A20231124134711%3Aet%3A1700830032%3Ac%3A1%3Arn%3A1906963%3Arqn%3A1%3Au%3A1700830032964979759%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C377%2C190%2C1%2C0%2C0%2C%2C827%2C0%2C%2C%2C%2C1440%3Aco%3A0%3Acpf%3A1%3Ans%3A1700830029328%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1700830032%3At%3A%D0%A0%D0%B0%D1%81%D0%BF%D0%B8%D1%81%D0%B0%D0%BD%D0%B8%D0%B5%20%D1%82%D1%80%D0%BE%D0%BB%D0%BB%D0%B5%D0%B9%D0%B1%D1%83%D1%81%D0%B0%20%E2%84%969%20%D0%93%D1%80%D0%BE%D0%B4%D0%BD%D0%BE%20%7C%20%D0%A0%D0%B0%D1%81%D0%BF%D0%B8%D1%81%D0%B0%D0%BD%D0%B8%D0%B5%20%D1%82%D1%80%D0%BE%D0%BB%D0%BB%D0%B5%D0%B9%D0%B1%D1%83%D1%81%D0%BE%D0%B2&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
  • https://mc.yandex.com/watch/28700948/1?wmode=7&page-url=https%3A%2F%2Fgrodno.btrans.by%2Ftrollejbus%2F9&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A642%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1170%3Acn%3A1%3Adp%3A0%3Als%3A270423628353%3Ahid%3A158632537%3Az%3A60%3Ai%3A20231124134711%3Aet%3A1700830032%3Ac%3A1%3Arn%3A1906963%3Arqn%3A1%3Au%3A1700830032964979759%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C377%2C190%2C1%2C0%2C0%2C%2C827%2C0%2C%2C%2C%2C1440%3Aco%3A0%3Acpf%3A1%3Ans%3A1700830029328%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1700830032%3At%3A%D0%A0%D0%B0%D1%81%D0%BF%D0%B8%D1%81%D0%B0%D0%BD%D0%B8%D0%B5%20%D1%82%D1%80%D0%BE%D0%BB%D0%BB%D0%B5%D0%B9%D0%B1%D1%83%D1%81%D0%B0%20%E2%84%969%20%D0%93%D1%80%D0%BE%D0%B4%D0%BD%D0%BE%20%7C%20%D0%A0%D0%B0%D1%81%D0%BF%D0%B8%D1%81%D0%B0%D0%BD%D0%B8%D0%B5%20%D1%82%D1%80%D0%BE%D0%BB%D0%BB%D0%B5%D0%B9%D0%B1%D1%83%D1%81%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 9
grodno.btrans.by/trollejbus/ 		27 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://grodno.btrans.by/trollejbus/9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.105.109.12 , Russian Federation, ASN210079 (EUROBYTE, RU),
Reverse DNS
softovik.net
Software
nginx /
Resource Hash
240e6c7181d8ada34ecc41a1055e20c3dd6688f69ef5a1f0afb515af415f48f9
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
5465
content-security-policy
block-all-mixed-content
content-type
text/html; charset=utf-8
date
Fri, 24 Nov 2023 12:47:09 GMT
last-modified
Tue, 14 Nov 2023 13:10:41 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
header.v6.desktop.css
btrans.by/css/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://btrans.by/css/header.v6.desktop.css?v=7.8.8
Requested by
Host: grodno.btrans.by
URL: https://grodno.btrans.by/trollejbus/9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.105.109.12 , Russian Federation, ASN210079 (EUROBYTE, RU),
Reverse DNS
softovik.net
Software
nginx /
Resource Hash
7a53b94390e12ac799ea714b4c00907ac4febeb53e1bdaf632ae9c2bdda36f95
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://grodno.btrans.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:47:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content
last-modified
Mon, 15 Jun 2020 21:59:52 GMT
server
nginx
content-encoding
gzip
etag
W/"5ee7ef58-67e7"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-xss-protection
1; mode=block
expires
Sat, 23 Nov 2024 12:47:10 GMT
trollejbus.svg
btrans.by/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://btrans.by/images/trollejbus.svg
Requested by
Host: grodno.btrans.by
URL: https://grodno.btrans.by/trollejbus/9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.105.109.12 , Russian Federation, ASN210079 (EUROBYTE, RU),
Reverse DNS
softovik.net
Software
nginx /
Resource Hash
dfcfe31069367b6f21faa809a6c33080de46ba53ddf9f034a7c05505bf1b3e1b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://grodno.btrans.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:47:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content
last-modified
Sun, 14 Jun 2020 15:09:52 GMT
server
nginx
etag
"5ee63dc0-610"
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1552
x-xss-protection
1; mode=block
expires
Sat, 23 Nov 2024 12:47:10 GMT
send.svg
btrans.by/images/ 		661 B
976 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://btrans.by/images/send.svg
Requested by
Host: grodno.btrans.by
URL: https://grodno.btrans.by/trollejbus/9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.105.109.12 , Russian Federation, ASN210079 (EUROBYTE, RU),
Reverse DNS
softovik.net
Software
nginx /
Resource Hash
b3d21bc9abce195938d17a93cd253b3df5ba0f597dc9af1c426675abefade72d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://grodno.btrans.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:47:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content
last-modified
Sun, 14 Jun 2020 15:09:52 GMT
server
nginx
etag
"5ee63dc0-295"
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
661
x-xss-protection
1; mode=block
expires
Sat, 23 Nov 2024 12:47:10 GMT
plane.svg
btrans.by/images/ 		661 B
976 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://btrans.by/images/plane.svg
Requested by
Host: grodno.btrans.by
URL: https://grodno.btrans.by/trollejbus/9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.105.109.12 , Russian Federation, ASN210079 (EUROBYTE, RU),
Reverse DNS
softovik.net
Software
nginx /
Resource Hash
a6845bbe077e3d398b1c29607d284630ac5d3807bfd2ec1c901a61e6880da168
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://grodno.btrans.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:47:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content
last-modified
Sun, 14 Jun 2020 15:09:52 GMT
server
nginx
etag
"5ee63dc0-295"
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
661
x-xss-protection
1; mode=block
expires
Sat, 23 Nov 2024 12:47:10 GMT
common.v6.desktop.css
btrans.by/css/ 		41 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://btrans.by/css/common.v6.desktop.css?v=7.8.8
Requested by
Host: grodno.btrans.by
URL: https://grodno.btrans.by/trollejbus/9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.105.109.12 , Russian Federation, ASN210079 (EUROBYTE, RU),
Reverse DNS
softovik.net
Software
nginx /
Resource Hash
42ea7b2d2229d4d55c0cc28d4fcaea4969671a8a08cca56fe71b1c3c225c3485
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://grodno.btrans.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:47:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content
last-modified
Mon, 15 Jun 2020 21:59:53 GMT
server
nginx
content-encoding
gzip
etag
W/"5ee7ef59-a3a0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-xss-protection
1; mode=block
expires
Sat, 23 Nov 2024 12:47:10 GMT
raspisanie-v-vk.svg
btrans.by/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://btrans.by/images/raspisanie-v-vk.svg
Requested by
Host: grodno.btrans.by
URL: https://grodno.btrans.by/trollejbus/9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.105.109.12 , Russian Federation, ASN210079 (EUROBYTE, RU),
Reverse DNS
softovik.net
Software
nginx /
Resource Hash
f0c5b2046f2d31a7dfa07e77d79c51356d249b415b8e04150e9cd73857506592
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://grodno.btrans.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:47:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content
last-modified
Sun, 14 Jun 2020 15:09:52 GMT
server
nginx
etag
"5ee63dc0-48c"
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1164
x-xss-protection
1; mode=block
expires
Sat, 23 Nov 2024 12:47:10 GMT
raspisanie-v-facebook.svg
btrans.by/images/ 		345 B
660 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://btrans.by/images/raspisanie-v-facebook.svg
Requested by
Host: grodno.btrans.by
URL: https://grodno.btrans.by/trollejbus/9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.105.109.12 , Russian Federation, ASN210079 (EUROBYTE, RU),
Reverse DNS
softovik.net
Software
nginx /
Resource Hash
59e1c6f70fef2780328a27a1eef981a1d6b99af092a4b471c6368f2942063ba0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://grodno.btrans.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:47:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content
last-modified
Sun, 14 Jun 2020 15:09:52 GMT
server
nginx
etag
"5ee63dc0-159"
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
345
x-xss-protection
1; mode=block
expires
Sat, 23 Nov 2024 12:47:10 GMT
raspisanie-v-odnoklassniki.svg
btrans.by/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://btrans.by/images/raspisanie-v-odnoklassniki.svg
Requested by
Host: grodno.btrans.by
URL: https://grodno.btrans.by/trollejbus/9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.105.109.12 , Russian Federation, ASN210079 (EUROBYTE, RU),
Reverse DNS
softovik.net
Software
nginx /
Resource Hash
9dd8a1adc49f2e14a471eb193a27ec3e4bea4e733fafcf1bd85134e2de7a9a25
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://grodno.btrans.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:47:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content
last-modified
Sun, 14 Jun 2020 15:09:52 GMT
server
nginx
etag
"5ee63dc0-545"
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1349
x-xss-protection
1; mode=block
expires
Sat, 23 Nov 2024 12:47:10 GMT
obratnaja-svijaz.svg
btrans.by/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://btrans.by/images/obratnaja-svijaz.svg
Requested by
Host: grodno.btrans.by
URL: https://grodno.btrans.by/trollejbus/9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.105.109.12 , Russian Federation, ASN210079 (EUROBYTE, RU),
Reverse DNS
softovik.net
Software
nginx /
Resource Hash
c1816eea9309e9793f8f11f2ebacbad43c088fa68b444f046b03e2135f17a310
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://grodno.btrans.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:47:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content
last-modified
Sun, 14 Jun 2020 15:09:52 GMT
server
nginx
etag
"5ee63dc0-797"
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1943
x-xss-protection
1; mode=block
expires
Sat, 23 Nov 2024 12:47:10 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		151 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: grodno.btrans.by
URL: https://grodno.btrans.by/trollejbus/9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
d9a83d4e00042947fcffb4700c096813a6d6ec95e44282c1da2a9d3f08568ac0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://grodno.btrans.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:47:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52953
x-xss-protection
0
server
cafe
etag
14927339052880455953
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 12:47:10 GMT
tag.js
mc.yandex.ru/metrika/ 		200 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: grodno.btrans.by
URL: https://grodno.btrans.by/trollejbus/9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
c3d606568f389989dd02561ca2b0d20d29eeb477ed633a690a518879748f487a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://grodno.btrans.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:47:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 24 Nov 2023 08:37:03 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"656060af-113c3"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
70595
expires
Fri, 24 Nov 2023 13:47:11 GMT
header.v6.desktop.css
btrans.by/css/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://btrans.by/css/header.v6.desktop.css?v=7.8.8
Requested by
Host: grodno.btrans.by
URL: https://grodno.btrans.by/trollejbus/9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.105.109.12 , Russian Federation, ASN210079 (EUROBYTE, RU),
Reverse DNS
softovik.net
Software
nginx /
Resource Hash
7a53b94390e12ac799ea714b4c00907ac4febeb53e1bdaf632ae9c2bdda36f95
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://grodno.btrans.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:47:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content
last-modified
Mon, 15 Jun 2020 21:59:52 GMT
server
nginx
content-encoding
gzip
etag
W/"5ee7ef58-67e7"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-xss-protection
1; mode=block
expires
Sat, 23 Nov 2024 12:47:10 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 		400 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4372351829904532&plah=grodno.btrans.by
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
6fb2366d912eaa1b92da556743e2ed6d9d25c1765f101863940c6c0ffedec160
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://grodno.btrans.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:47:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138525
x-xss-protection
0
server
cafe
etag
5577807948470387803
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 12:47:11 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 4EEF 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://grodno.btrans.by/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
18406
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 07:40:25 GMT
etag
16674218716276178799
expires
Fri, 08 Dec 2023 07:40:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=2318838674479344&num=0&dvc=0&eid=44759876%2C44759927%2C44798934%2C31078297
Requested by
Host: grodno.btrans.by
URL: https://grodno.btrans.by/trollejbus/9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://grodno.btrans.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 12:47:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 1D54 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4372351829904532&output=html&adk=1812271804&adf=3025194257&lmt=1699967441&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x1080_l%7C164x810_r&format=0x0&url=https%3A%2F%2Fgrodno.btrans.by%2Ftrollejbus%2F9&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700830030939&bpp=7&bdt=999&idt=278&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6271304130281&frm=20&pv=2&ga_vid=108305024.1700830031&ga_sid=1700830031&ga_hid=1060992466&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798934%2C31078297%2C44807763%2C44808148%2C44808284%2C44809053%2C44809072&oid=2&pvsid=1175201902341324&tmod=2043834442&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=292
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4372351829904532&plah=grodno.btrans.by
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
c8484009e5c872f1c68dba8ac054559ed333eb6ab9314e3c1f0d23ae42581ce8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://grodno.btrans.by/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
5554
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 12:47:12 GMT
expires
Fri, 24 Nov 2023 12:47:12 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=A&cls=scroll-top&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: grodno.btrans.by
URL: https://grodno.btrans.by/trollejbus/9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://grodno.btrans.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 12:47:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=menu&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: grodno.btrans.by
URL: https://grodno.btrans.by/trollejbus/9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://grodno.btrans.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 12:47:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 1C08 		36 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4372351829904532&output=html&h=280&adk=1213588912&adf=1185358063&pi=t.aa~a.1669732969~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1699967441&rafmt=1&to=qs&pwprc=7254885643&format=1200x280&url=https%3A%2F%2Fgrodno.btrans.by%2Ftrollejbus%2F9&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700830030946&bpp=1&bdt=1006&idt=289&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6271304130281&frm=20&pv=1&ga_vid=108305024.1700830031&ga_sid=1700830031&ga_hid=1060992466&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=183&ady=224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798934%2C31078297%2C44807763%2C44808148%2C44808284%2C44809053%2C44809072&oid=2&pvsid=1175201902341324&tmod=2043834442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=295
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4372351829904532&plah=grodno.btrans.by
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
130ef8e49866181d0bf96110a9f182b4ca50315565109863cc9b049bd5e860b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://grodno.btrans.by/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
14715
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 12:47:12 GMT
expires
Fri, 24 Nov 2023 12:47:12 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10197.OkK7C-t1pB7NHMep6JLQmmTcd3nXAPUMg1AgtsMas8NBI5O19JTNYjG4SkuV0pqh.4Lv_Je2PB2oC6AX5CpHDGA609Us%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10197.K5sW69Pa7sjiNtKzWfAKAPRVqExOgL2LahZWo0it4YiL8o8ijlR0da6O8BUML7CqRH90S9XliMQSjPpTmeul0b6pkncLj0li-GgkMHznX7SvreBUYZYQ_J5cNqahbWIz1SGX9KlmvV...
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10197.geKaSbBapEuS0wAWyrzbc65o8qmJwDW1CAj-A65TSUpl9ID9atfx2VvTyte4JMlNyNvb14l6B5Y0STeioTY8gtfhpfLpQekjreimQZ0jR_ayD...
62 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10197.geKaSbBapEuS0wAWyrzbc65o8qmJwDW1CAj-A65TSUpl9ID9atfx2VvTyte4JMlNyNvb14l6B5Y0STeioTY8gtfhpfLpQekjreimQZ0jR_ayDVVk8yD01vh8v5mC5p5xi602o0uGoiv7iWp4NRvjZAr_tv2dYLahNb3k1_9tXtJZVzQTkC6l3z-_LU6L1pEXcUYUG_wNUfe-AZwB4La9MQ%2C%2C.SLasInLJ9wwsvs5zpKwG2sCe8IQ%2C
Requested by
Host: grodno.btrans.by
URL: https://grodno.btrans.by/trollejbus/9
Protocol
H2
Server
87.250.250.119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
ee2f91e85185c10fb4e2511b377b30b0df780f841cfc89c132d1f1b16c158437
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://grodno.btrans.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:47:12 GMT
strict-transport-security
max-age=31536000
content-length
62
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10197.geKaSbBapEuS0wAWyrzbc65o8qmJwDW1CAj-A65TSUpl9ID9atfx2VvTyte4JMlNyNvb14l6B5Y0STeioTY8gtfhpfLpQekjreimQZ0jR_ayDVVk8yD01vh8v5mC5p5xi602o0uGoiv7iWp4NRvjZAr_tv2dYLahNb3k1_9tXtJZVzQTkC6l3z-_LU6L1pEXcUYUG_wNUfe-AZwB4La9MQ%2C%2C.SLasInLJ9wwsvs5zpKwG2sCe8IQ%2C
date
Fri, 24 Nov 2023 12:47:12 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
sync_cookie_image_decide
mc.yandex.by/
Redirect Chain
  • https://mc.yandex.by/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.by&token=10197.TycwVtvCJFvUmHrkTHKpeV3wUOt5gUs1YBQADzhl5fieU030_Azv2W8WDVfyTtq0.szlMvaT3mc65J6fm9Zkic6WjJDA%2C
  • https://mc.yandex.by/sync_cookie_image_decide?token=10197.Cz4MVpB22Ei54gmI4v2U0FCnDT6HvCMZfQ-PlxAi4gjkVxKNlfFqlcQYv9Hm-0j42uGa5BYQoC7RpWknW8Zj-IZu-PFCMa4uwW4rqWPcZv3-FLEeIv0TGFY7VeC_gumL4qCja2hZV88...
43 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.by/sync_cookie_image_decide?token=10197.Cz4MVpB22Ei54gmI4v2U0FCnDT6HvCMZfQ-PlxAi4gjkVxKNlfFqlcQYv9Hm-0j42uGa5BYQoC7RpWknW8Zj-IZu-PFCMa4uwW4rqWPcZv3-FLEeIv0TGFY7VeC_gumL4qCja2hZV88ytZvpiH66wShtv05kXDV1L5ynpbV_wgcznHnzt7ldazDd8mM1shuM220vshTsCdn6BI0wVp58xF9XMc4llSoTnGW3o8R_ME8%2C.9p4kg6_u4FWUnUOnI-HYeYlHVU0%2C
Requested by
Host: grodno.btrans.by
URL: https://grodno.btrans.by/trollejbus/9
Protocol
H2
Server
87.250.250.119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://grodno.btrans.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:47:12 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.by/sync_cookie_image_decide?token=10197.Cz4MVpB22Ei54gmI4v2U0FCnDT6HvCMZfQ-PlxAi4gjkVxKNlfFqlcQYv9Hm-0j42uGa5BYQoC7RpWknW8Zj-IZu-PFCMa4uwW4rqWPcZv3-FLEeIv0TGFY7VeC_gumL4qCja2hZV88ytZvpiH66wShtv05kXDV1L5ynpbV_wgcznHnzt7ldazDd8mM1shuM220vshTsCdn6BI0wVp58xF9XMc4llSoTnGW3o8R_ME8%2C.9p4kg6_u4FWUnUOnI-HYeYlHVU0%2C
date
Fri, 24 Nov 2023 12:47:11 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: grodno.btrans.by
URL: https://grodno.btrans.by/trollejbus/9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://grodno.btrans.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:47:11 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 24 Nov 2023 08:37:03 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"656060af-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 24 Nov 2023 13:47:11 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=1&wpc=ca-pub-4372351829904532&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=false&a=6%2C1%2C5%2C7&apv=20231114_093510&sat=1700691606916&afm=0&as_count=0&d_count=0&ng_count=0&am_count=1&atf_count=1&mdns=0&alldns=0.114&allp=12&fd=(0%2C7%2C0)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=2464&abl=false&rr=n&su=grodno.btrans.by&pvc=1175201902341324&r=0.1&eid=44759876%2C44759927%2C44798934%2C31078297%2C44807763%2C44808148%2C44808284%2C44809053%2C44809072
Requested by
Host: grodno.btrans.by
URL: https://grodno.btrans.by/trollejbus/9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://grodno.btrans.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 12:47:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
mc.yandex.com/watch/28700948/
Redirect Chain
  • https://mc.yandex.com/watch/28700948?wmode=7&page-url=https%3A%2F%2Fgrodno.btrans.by%2Ftrollejbus%2F9&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A642%3Af...
  • https://mc.yandex.com/watch/28700948/1?wmode=7&page-url=https%3A%2F%2Fgrodno.btrans.by%2Ftrollejbus%2F9&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A642%3...
455 B
538 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/28700948/1?wmode=7&page-url=https%3A%2F%2Fgrodno.btrans.by%2Ftrollejbus%2F9&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A642%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1170%3Acn%3A1%3Adp%3A0%3Als%3A270423628353%3Ahid%3A158632537%3Az%3A60%3Ai%3A20231124134711%3Aet%3A1700830032%3Ac%3A1%3Arn%3A1906963%3Arqn%3A1%3Au%3A1700830032964979759%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C377%2C190%2C1%2C0%2C0%2C%2C827%2C0%2C%2C%2C%2C1440%3Aco%3A0%3Acpf%3A1%3Ans%3A1700830029328%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1700830032%3At%3A%D0%A0%D0%B0%D1%81%D0%BF%D0%B8%D1%81%D0%B0%D0%BD%D0%B8%D0%B5%20%D1%82%D1%80%D0%BE%D0%BB%D0%BB%D0%B5%D0%B9%D0%B1%D1%83%D1%81%D0%B0%20%E2%84%969%20%D0%93%D1%80%D0%BE%D0%B4%D0%BD%D0%BE%20%7C%20%D0%A0%D0%B0%D1%81%D0%BF%D0%B8%D1%81%D0%B0%D0%BD%D0%B8%D0%B5%20%D1%82%D1%80%D0%BE%D0%BB%D0%BB%D0%B5%D0%B9%D0%B1%D1%83%D1%81%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
Requested by
Host: grodno.btrans.by
URL: https://grodno.btrans.by/trollejbus/9
Protocol
H2
Server
87.250.250.119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
76af8b6264b60144076439e0147d5de053ce7e0c76283c7c5f0252d9d746dc2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://grodno.btrans.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 12:47:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 24-Nov-2023 12:47:12 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://grodno.btrans.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
455
x-xss-protection
1; mode=block
expires
Fri, 24-Nov-2023 12:47:12 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Nov 2023 12:47:12 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 24-Nov-2023 12:47:12 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/28700948/1?wmode=7&page-url=https%3A%2F%2Fgrodno.btrans.by%2Ftrollejbus%2F9&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A642%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1170%3Acn%3A1%3Adp%3A0%3Als%3A270423628353%3Ahid%3A158632537%3Az%3A60%3Ai%3A20231124134711%3Aet%3A1700830032%3Ac%3A1%3Arn%3A1906963%3Arqn%3A1%3Au%3A1700830032964979759%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C377%2C190%2C1%2C0%2C0%2C%2C827%2C0%2C%2C%2C%2C1440%3Aco%3A0%3Acpf%3A1%3Ans%3A1700830029328%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1700830032%3At%3A%D0%A0%D0%B0%D1%81%D0%BF%D0%B8%D1%81%D0%B0%D0%BD%D0%B8%D0%B5%20%D1%82%D1%80%D0%BE%D0%BB%D0%BB%D0%B5%D0%B9%D0%B1%D1%83%D1%81%D0%B0%20%E2%84%969%20%D0%93%D1%80%D0%BE%D0%B4%D0%BD%D0%BE%20%7C%20%D0%A0%D0%B0%D1%81%D0%BF%D0%B8%D1%81%D0%B0%D0%BD%D0%B8%D0%B5%20%D1%82%D1%80%D0%BE%D0%BB%D0%BB%D0%B5%D0%B9%D0%B1%D1%83%D1%81%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
access-control-allow-origin
https://grodno.btrans.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 24-Nov-2023 12:47:12 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 1C08 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4372351829904532&output=html&h=280&adk=1213588912&adf=1185358063&pi=t.aa~a.1669732969~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1699967441&rafmt=1&to=qs&pwprc=7254885643&format=1200x280&url=https%3A%2F%2Fgrodno.btrans.by%2Ftrollejbus%2F9&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700830030946&bpp=1&bdt=1006&idt=289&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6271304130281&frm=20&pv=1&ga_vid=108305024.1700830031&ga_sid=1700830031&ga_hid=1060992466&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=183&ady=224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798934%2C31078297%2C44807763%2C44808148%2C44808284%2C44809053%2C44809072&oid=2&pvsid=1175201902341324&tmod=2043834442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 08:54:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
13971
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 08 Dec 2023 08:54:22 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 1C08 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4372351829904532&output=html&h=280&adk=1213588912&adf=1185358063&pi=t.aa~a.1669732969~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1699967441&rafmt=1&to=qs&pwprc=7254885643&format=1200x280&url=https%3A%2F%2Fgrodno.btrans.by%2Ftrollejbus%2F9&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700830030946&bpp=1&bdt=1006&idt=289&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6271304130281&frm=20&pv=1&ga_vid=108305024.1700830031&ga_sid=1700830031&ga_hid=1060992466&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=183&ady=224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798934%2C31078297%2C44807763%2C44808148%2C44808284%2C44809053%2C44809072&oid=2&pvsid=1175201902341324&tmod=2043834442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f1.1e100.net
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
9478
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 08 Dec 2023 10:09:15 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 1C08 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4372351829904532&output=html&h=280&adk=1213588912&adf=1185358063&pi=t.aa~a.1669732969~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1699967441&rafmt=1&to=qs&pwprc=7254885643&format=1200x280&url=https%3A%2F%2Fgrodno.btrans.by%2Ftrollejbus%2F9&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700830030946&bpp=1&bdt=1006&idt=289&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6271304130281&frm=20&pv=1&ga_vid=108305024.1700830031&ga_sid=1700830031&ga_hid=1060992466&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=183&ady=224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798934%2C31078297%2C44807763%2C44808148%2C44808284%2C44809053%2C44809072&oid=2&pvsid=1175201902341324&tmod=2043834442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:47:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 12:47:13 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 3A96 		0
0
truncated
/ Frame 1C08 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
16030b90d79cfebbeda4289dda708bc793374c7dc04754b261ac6d7f7a261f6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 1C08 		0
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CZfHhT5tgZZGfKtDd6gTG7ZjoDcme0rFcpfyT93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi00MzcyMzUxODI5OTA0NTMyyAEJqQLjpLaZ-EuyPqgDAcgDAqoEzwFP0MM98ARMeSntiUMJmgHfPnQenPv7vivfC6_G8WiwBSAPYv4Ercjfk24khGWDsKQE9wHE8BCgUVyMv8miViSwi_jGI-fUkLtCF7VP-0rj2MKn-xHRMjl0E7lps4f3EiesmfbxG3QFMBZM9d39_htcUVgGlyXdglTUjkhubM5R7ykGryXfahWJoxShM9vK3tCGnp1EaiO04BKISx_GmmVok7UxlJTW--XUQJHF8WJ_CpfNX2E1on-3ZjdUND7LvMhxcbrzUZjVf1PN0L0fN5GABviF5cKri-CxggGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDM3MjM1MTgyOTkwNDUzMhgA&sigh=dQYGja7WxS8&uach_m=%5BUACH%5D&cid=CAQSTgDICaaNJZDlpRBHV-n2J1EgvVRniDXAjKUTfrpbzvREwVoOx8rUUeEZWot9lk6QEn_2YUxeUW-r28xRKAgFDvB2Mghy2IyI8I28xHfwYhgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4372351829904532&output=html&h=280&adk=1213588912&adf=1185358063&pi=t.aa~a.1669732969~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1699967441&rafmt=1&to=qs&pwprc=7254885643&format=1200x280&url=https%3A%2F%2Fgrodno.btrans.by%2Ftrollejbus%2F9&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700830030946&bpp=1&bdt=1006&idt=289&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6271304130281&frm=20&pv=1&ga_vid=108305024.1700830031&ga_sid=1700830031&ga_hid=1060992466&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=183&ady=224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798934%2C31078297%2C44807763%2C44808148%2C44808284%2C44809053%2C44809072&oid=2&pvsid=1175201902341324&tmod=2043834442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4372351829904532&output=html&h=280&adk=1213588912&adf=1185358063&pi=t.aa~a.1669732969~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1699967441&rafmt=1&to=qs&pwprc=7254885643&format=1200x280&url=https%3A%2F%2Fgrodno.btrans.by%2Ftrollejbus%2F9&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700830030946&bpp=1&bdt=1006&idt=289&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6271304130281&frm=20&pv=1&ga_vid=108305024.1700830031&ga_sid=1700830031&ga_hid=1060992466&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=183&ady=224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798934%2C31078297%2C44807763%2C44808148%2C44808284%2C44809053%2C44809072&oid=2&pvsid=1175201902341324&tmod=2043834442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=295
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 24 Nov 2023 12:47:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 24 Nov 2023 12:47:13 GMT
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 1C08 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kuz_GLr5RLAJmAKdg2ICAgAAAGt5nVBNtxpHKtaBCRBPm2Blng7TKoAWTWnsUAAAEgAACgpBUVVCRHdFQkR3&wp=ZWCbTwAKj5EKmq7QAAY2xklSWj8DYcrarK1D7w&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4372351829904532&output=html&h=280&adk=1213588912&adf=1185358063&pi=t.aa~a.1669732969~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1699967441&rafmt=1&to=qs&pwprc=7254885643&format=1200x280&url=https%3A%2F%2Fgrodno.btrans.by%2Ftrollejbus%2F9&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700830030946&bpp=1&bdt=1006&idt=289&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6271304130281&frm=20&pv=1&ga_vid=108305024.1700830031&ga_sid=1700830031&ga_hid=1060992466&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=183&ady=224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798934%2C31078297%2C44807763%2C44808148%2C44808284%2C44809053%2C44809072&oid=2&pvsid=1175201902341324&tmod=2043834442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.12 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 12:47:15 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
178293
server
Kestrel
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 1C08 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstJPUQQpMMK6uazJMSSJoqxqsazpD6WPIX-OhaJhgmAGj7weFgcC6YykaVHEPeFLjWvjgxlPa7Hz1TB80a-P4-zt2QinQEv2Xhw6BIe5vcuSz5fLi6i&sig=Cg0ArKJSzAEmKijrIXCLEAE&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1213588912&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700830031241&rpt=2304&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 12:47:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
28700948
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/28700948?wv-part=1&wv-type=7&wmode=0&wv-hit=158632537&page-url=https%3A%2F%2Fgrodno.btrans.by%2Ftrollejbus%2F9&rn=960328142&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1700830035%3Aw%3A1600x1200%3Av%3A1170%3Az%3A60%3Ai%3A20231124134714%3Au%3A1700830032964979759%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Ast%3A1700830035&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://grodno.btrans.by/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 12:47:14 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 24-Nov-2023 12:47:14 GMT
content-type
image/gif
access-control-allow-origin
https://grodno.btrans.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 24-Nov-2023 12:47:14 GMT
28700948
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/28700948?wv-part=1&wv-type=7&wmode=0&wv-hit=158632537&page-url=https%3A%2F%2Fgrodno.btrans.by%2Ftrollejbus%2F9&rn=284161212&browser-info=we%3A1%3Aet%3A1700830035%3Aw%3A1600x1200%3Av%3A1170%3Az%3A60%3Ai%3A20231124134715%3Au%3A1700830032964979759%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Ast%3A1700830035&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://grodno.btrans.by/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 12:47:15 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 24-Nov-2023 12:47:15 GMT
content-type
image/gif
access-control-allow-origin
https://grodno.btrans.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 24-Nov-2023 12:47:15 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ads.eu.criteo.com
URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWCbTwAKj5EKmq7QAAY2xklSWj8DYcrarK1D7w&u=%7CHerTKmpJUphwof9BqZkmjo4ihTFIQ34%2BhxTmizlmDoU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86yZ8SwZcZX4Og6fSTPEgv9VMHNRBcFMOqrlhynRPhMSM6HI1TuKG-WyAUxMSIxahYnXQY9zZaNzukq8Vm1asoOuMgmqx4ixLwLtJ8p6Z8mqpX26-5PQSCy3yMfRInkWcDBeCEUFiWhFU7zqlZCMEuyDa2dfSslsoe5ChokiUWHa8N9sciUZS6qdGJkFYmysPT4veL5VLGVU7mPUel2bZSFE2Q-l0DkQBxeFXOibhMn5N5iKzs7mkKXvGBLSEp6c4zh0X36YtCjAFNpq2Qx2IFRQYVZhSJbNgwBFf-TrWezZemq0D7OYuMAlzPed-vH4NLNt12_T0RpgPZho2H5dOeWrUFmjcsS00eXgMY6ay3ZIEijLurf-ATY-I3PkNasLEjnZ1euP4oX5sFKJol6jQB_Yf1xqlxKhvCU9yJttIvneNqsrwGwKXLCJBncTTdVmLtGPwni0KZFTaMrusrEppSQANXY44Hm3BQks7MR7gLY8jFY_rWytHDgIjKa72CVMeMZ1VPS0q8NXasPKQt5_ZHVkxyf10Ww8u5GsAvcB-Q4_0MlAA-xkS4Cgm0TdmtbKnLA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD0Q9T5tgZZGfKtDd6gTG7ZjoDcme0rFcpfyT93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi00MzcyMzUxODI5OTA0NTMyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0MM98ARMeSntiUMJmgHfPnQenPv7vivfC6_G8WiwBSAPYv4Ercjfk24khGWDsKQE9wHE8BCgUVyMv8miViSwi_jGI-fUkLtCF7VP-0rj2MKn-xHRMjl0E7lps4f3EiesmfbxG3QFMBZM9d39_htcUVgGlyXdglTUjkhubM5R7ykGryXfahWJoxShM9vK3tCGnp1EaiO04BKISx_GmmVok7UxlJTW--XUApPkY-Ls2qprj0bvLl9ewjlzPojBktDzxXLO92pqYX_VSHeLF3hGAvmABviF5cKri-CxggGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2EYXbsjb7Xh9lg75Rj7EE7K2OZow%26client%3Dca-pub-4372351829904532%26adurl%3D

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| scr function| gtag object| dataLayer function| ym object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state object| google_image_requests function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| Ya object| yaCounter28700948 object| googletag

23 Cookies

Domain/Path Name / Value
.yandex.ru/ Name: i
Value: //XYHlcsWbYZ8cf/sX+qfgh8gE8Qr2F9Qfe/0UTqhn1mfJAEJFKA6QRrdHZev0PxIhvDrPh5pms0JWv/vSb3YKNEfRc=
.yandex.ru/ Name: yandexuid
Value: 5101187411700830031
.btrans.by/ Name: _ym_uid
Value: 1700830032964979759
.btrans.by/ Name: _ym_d
Value: 1700830032
.yandex.com/ Name: i
Value: 1ErCPh71yxP+Xz97CRNDLebolXM7rz/gE5VkiyXVK/v+LahFgspQogn5Dh7P7WPM+YtkoFSHBmCk8L5XoGdDRp4m+f8=
.yandex.com/ Name: yandexuid
Value: 7829988911700830031
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 592721567fake
.btrans.by/ Name: _ym_isad
Value: 2
.mc.yandex.by/ Name: sync_cookie_csrf
Value: 3345031963fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3533493233fake
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.by/ Name: yandexuid
Value: 5101187411700830031
.yandex.by/ Name: yuidss
Value: 5101187411700830031
.yandex.by/ Name: i
Value: //XYHlcsWbYZ8cf/sX+qfgh8gE8Qr2F9Qfe/0UTqhn1mfJAEJFKA6QRrdHZev0PxIhvDrPh5pms0JWv/vSb3YKNEfRc=
.mc.yandex.by/ Name: sync_cookie_ok
Value: synced
mc.yandex.com/ Name: yabs-sid
Value: 269023541700830032
.yandex.com/ Name: yuidss
Value: 7829988911700830031
.yandex.com/ Name: ymex
Value: 1732366032.yrts.1700830032
.yandex.com/ Name: bh
Value: KgI/MA==
.btrans.by/ Name: _ym_visorc
Value: w
.btrans.by/ Name: __gads
Value: ID=5825b6b779495053:T=1700830031:RT=1700830031:S=ALNI_Mb3AykRtMoYpMitHgyXtaYITgD4DQ
.btrans.by/ Name: __gpi
Value: UID=00000cdb07620f57:T=1700830031:RT=1700830031:S=ALNI_Maqo8LTvpwK0xoFV0Sah9bFIgk3hw
.doubleclick.net/ Name: IDE
Value: AHWqTUl5ijY82o3vwpS1XSz4SGNd5ZCOTjMV552fu5ptPedW4FBQYCbVDz6UOtR7qxY

2 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10197.geKaSbBapEuS0wAWyrzbc65o8qmJwDW1CAj-A65TSUpl9ID9atfx2VvTyte4JMlNyNvb14l6B5Y0STeioTY8gtfhpfLpQekjreimQZ0jR_ayDVVk8yD01vh8v5mC5p5xi602o0uGoiv7iWp4NRvjZAr_tv2dYLahNb3k1_9tXtJZVzQTkC6l3z-_LU6L1pEXcUYUG_wNUfe-AZwB4La9MQ%2C%2C.SLasInLJ9wwsvs5zpKwG2sCe8IQ%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4372351829904532&output=html&h=280&adk=1213588912&adf=1185358063&pi=t.aa~a.1669732969~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1699967441&rafmt=1&to=qs&pwprc=7254885643&format=1200x280&url=https%3A%2F%2Fgrodno.btrans.by%2Ftrollejbus%2F9&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700830030946&bpp=1&bdt=1006&idt=289&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6271304130281&frm=20&pv=1&ga_vid=108305024.1700830031&ga_sid=1700830031&ga_hid=1060992466&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=183&ady=224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798934%2C31078297%2C44807763%2C44808148%2C44808284%2C44809053%2C44809072&oid=2&pvsid=1175201902341324&tmod=2043834442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=295
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
btrans.by
googleads.g.doubleclick.net
grodno.btrans.by
mc.yandex.by
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
rtb.fr3.eu.criteo.com
tpc.googlesyndication.com
www.googletagservices.com
ads.eu.criteo.com
142.250.181.226
178.250.7.12
185.105.109.12
216.58.206.34
216.58.212.130
216.58.212.161
87.250.250.119
130ef8e49866181d0bf96110a9f182b4ca50315565109863cc9b049bd5e860b6
16030b90d79cfebbeda4289dda708bc793374c7dc04754b261ac6d7f7a261f6d
240e6c7181d8ada34ecc41a1055e20c3dd6688f69ef5a1f0afb515af415f48f9
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
42ea7b2d2229d4d55c0cc28d4fcaea4969671a8a08cca56fe71b1c3c225c3485
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59e1c6f70fef2780328a27a1eef981a1d6b99af092a4b471c6368f2942063ba0
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
6fb2366d912eaa1b92da556743e2ed6d9d25c1765f101863940c6c0ffedec160
76af8b6264b60144076439e0147d5de053ce7e0c76283c7c5f0252d9d746dc2f
7a53b94390e12ac799ea714b4c00907ac4febeb53e1bdaf632ae9c2bdda36f95
9dd8a1adc49f2e14a471eb193a27ec3e4bea4e733fafcf1bd85134e2de7a9a25
a6845bbe077e3d398b1c29607d284630ac5d3807bfd2ec1c901a61e6880da168
b3d21bc9abce195938d17a93cd253b3df5ba0f597dc9af1c426675abefade72d
c1816eea9309e9793f8f11f2ebacbad43c088fa68b444f046b03e2135f17a310
c3d606568f389989dd02561ca2b0d20d29eeb477ed633a690a518879748f487a
c8484009e5c872f1c68dba8ac054559ed333eb6ab9314e3c1f0d23ae42581ce8
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d9a83d4e00042947fcffb4700c096813a6d6ec95e44282c1da2a9d3f08568ac0
dfcfe31069367b6f21faa809a6c33080de46ba53ddf9f034a7c05505bf1b3e1b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee2f91e85185c10fb4e2511b377b30b0df780f841cfc89c132d1f1b16c158437
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c5b2046f2d31a7dfa07e77d79c51356d249b415b8e04150e9cd73857506592