ramones.batzbatz.ru Open in urlscan Pro
95.216.228.165 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
Submission: On July 02 via manual (July 2nd 2019, 6:51:47 am UTC) from PL

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 7 countries across 20 domains to perform 23 HTTP transactions. The main IP is 95.216.228.165, located in Finland and belongs to HETZNER-AS, DE. The main domain is ramones.batzbatz.ru.

This is the only time ramones.batzbatz.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	95.216.228.165 95.216.228.165	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:81d::2013	15169 (GOOGLE) (GOOGLE - Google LLC)
1	148.251.136.163 148.251.136.163	24940 (HETZNER-AS) (HETZNER-AS)
1 2	148.251.159.22 148.251.159.22	24940 (HETZNER-AS) (HETZNER-AS)
1	195.201.194.138 195.201.194.138	24940 (HETZNER-AS) (HETZNER-AS)
1	138.201.138.222 138.201.138.222	24940 (HETZNER-AS) (HETZNER-AS)
2 3	23.105.254.92 23.105.254.92	7979 (SERVERS) (SERVERS - Servers.com)
1	2a00:1450:400... 2a00:1450:4001:806::2013	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	138.201.36.215 138.201.36.215	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1	142.234.39.43 142.234.39.43	7979 (SERVERS) (SERVERS - Servers.com)
1	207.154.204.189 207.154.204.189	14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean)
4	136.243.149.224 136.243.149.224	24940 (HETZNER-AS) (HETZNER-AS)
1 2	91.216.195.18 91.216.195.18	12516 (WEBORAMA ...) (WEBORAMA Weborama provides Internet Services)
2 3	95.216.101.186 95.216.101.186	24940 (HETZNER-AS) (HETZNER-AS)
2 2	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	195.209.108.37 195.209.108.37	52007 (ADRIVER-AS) (ADRIVER-AS)
1	95.216.2.91 95.216.2.91	24940 (HETZNER-AS) (HETZNER-AS)
2 2	144.76.85.254 144.76.85.254	24940 (HETZNER-AS) (HETZNER-AS)
1	212.76.131.50 212.76.131.50	42632 (MNOGOBYTE...) (MNOGOBYTE-AS Moscow)
1	62.113.208.140 62.113.208.140	47447 (TTM) (TTM)
1	93.184.221.133 93.184.221.133	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
23	19

1 95.216.228.165 (Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.228.216.95.clients.your-server.de

ramones.batzbatz.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

sync2.audtd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.136.163 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.163.136.251.148.clients.your-server.de

sync.teamrtb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.251.159.22 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.22.159.251.148.clients.your-server.de

t02.rbnt.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.194.138 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.138.194.201.195.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.138.222 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.222.138.201.138.clients.your-server.de

bodaybo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.105.254.92 (Russian Federation) 2 redirects

ASN7979 (SERVERS - Servers.com, Inc., US)
PTR: mixer.mixmarket.biz

d.tds.mixmarket.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
udata.mixmarket.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

sync.audtd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.36.215 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.215.36.201.138.clients.your-server.de

x.instreamatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.234.39.43 (Netherlands)

ASN7979 (SERVERS - Servers.com, Inc., US)

livestatisc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.154.204.189 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)

static.weborama.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 136.243.149.224 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.149.243.136.clients.your-server.de

pixel.vihub.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.vihub.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.216.195.18 (France) 1 redirects

ASN12516 (WEBORAMA Weborama provides Internet Services, FR)
PTR: std-collect-lb-c03-01-vip.weborama.fr

wam.solution.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.216.101.186 (Finland) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.186.101.216.95.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.2 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.37 (Russian Federation) 2 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.216.2.91 (Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.91.2.216.95.clients.your-server.de

cs.digitalbox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 144.76.85.254 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.254.85.76.144.clients.your-server.de

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.76.131.50 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)
PTR: vs25.videonow.ru

sync.videonow.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.113.208.140 (Germany)

ASN47447 (TTM, DE)

stats.weborama.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.184.221.133 (London, United Kingdom)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

cstatic.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	vihub.ru pixel.vihub.ru dmp.vihub.ru	11 KB
3	1dmp.io 2 redirects sync.1dmp.io	1 KB
3	weborama.fr 1 redirects wam.solution.weborama.fr cstatic.weborama.fr	1 KB
3	mixmarket.biz 2 redirects d.tds.mixmarket.biz udata.mixmarket.biz	1 KB
2	aidata.io 2 redirects x01.aidata.io	1 KB
2	adriver.ru 2 redirects ad.adriver.ru	1 KB
2	doubleclick.net 2 redirects cm.g.doubleclick.net	920 B
2	weborama.io static.weborama.io stats.weborama.io	9 KB
2	rbnt.org 1 redirects t02.rbnt.org	1 KB
2	audtd.com sync2.audtd.com sync.audtd.com	696 B
1	videonow.ru sync.videonow.ru	573 B
1	digitalbox.ru cs.digitalbox.ru	531 B
1	livestatisc.com livestatisc.com	560 B
1	mail.ru ad.mail.ru	445 B
1	instreamatic.com 1 redirects x.instreamatic.com	437 B
1	bodaybo.net bodaybo.net	271 B
1	otm-r.com sync.dmp.otm-r.com	103 B
1	teamrtb.net sync.teamrtb.net	263 B
1	batzbatz.ru ramones.batzbatz.ru	2 KB
0	dskrt.net Failed s.dskrt.net Failed dsp.dskrt.net Failed
23	20

	Domain	Requested by
3	sync.1dmp.io	2 redirects ramones.batzbatz.ru
3	dmp.vihub.ru	pixel.vihub.ru ramones.batzbatz.ru
2	x01.aidata.io	2 redirects
2	ad.adriver.ru	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	wam.solution.weborama.fr	1 redirects ramones.batzbatz.ru
2	d.tds.mixmarket.biz	1 redirects ramones.batzbatz.ru
2	t02.rbnt.org	1 redirects ramones.batzbatz.ru
1	cstatic.weborama.fr	static.weborama.io
1	stats.weborama.io	ramones.batzbatz.ru
1	sync.videonow.ru	ramones.batzbatz.ru
1	cs.digitalbox.ru	ramones.batzbatz.ru
1	pixel.vihub.ru	ramones.batzbatz.ru
1	static.weborama.io	ramones.batzbatz.ru
1	livestatisc.com	ramones.batzbatz.ru
1	ad.mail.ru	ramones.batzbatz.ru
1	x.instreamatic.com	1 redirects
1	sync.audtd.com	ramones.batzbatz.ru
1	udata.mixmarket.biz	1 redirects
1	bodaybo.net	ramones.batzbatz.ru
1	sync.dmp.otm-r.com	ramones.batzbatz.ru
1	sync.teamrtb.net	ramones.batzbatz.ru
1	sync2.audtd.com	ramones.batzbatz.ru
1	ramones.batzbatz.ru
0	dsp.dskrt.net Failed	ramones.batzbatz.ru
0	s.dskrt.net Failed	ramones.batzbatz.ru
23	26

This site contains no links.

Subject Issuer	Validity	Valid
	`1970-01-01` - `1970-01-01`	a few seconds	crt.sh
livestatisc.com Let's Encrypt Authority X3	`2019-05-06` - `2019-08-04`	3 months	crt.sh
sync.1dmp.io Let's Encrypt Authority X3	`2019-04-30` - `2019-07-29`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
Frame ID: 29DC8ED719C6085DD0469E2976995E45
Requests: 22 HTTP requests in this frame

Frame: http://cstatic.weborama.fr/iframe/external_all.html
Frame ID: C03E250129E890EFB291A4430E3116AC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Page Statistics

23
Requests

9 %
HTTPS

14 %
IPv6

20
Domains

26
Subdomains

19
IPs

7
Countries

28 kB
Transfer

24 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://t02.rbnt.org/rsc.php?mode=bu&pkey=c9c47ae4e558bb681274f5e3f29c61e2&scr=1&p=advmaker&callback=AdvMakerMyragon&sitename=76133 HTTP 302
http://t02.rbnt.org/rsc.php?mode=bu&pkey=c9c47ae4e558bb681274f5e3f29c61e2&scr=1&p=advmaker&callback=AdvMakerMyragon&sitename=76133&csc=1

Request Chain 7

http://d.tds.mixmarket.biz/rd/?uid=43&geo=XY&callback=advMM HTTP 302
https://udata.mixmarket.biz/getpsid/?urlback=http%3a%2f%2fd.tds.mixmarket.biz%2frd%2f%3fuid%3d43%26decb64%3d1%26callback%3dYWR2TU0%3d HTTP 301
http://d.tds.mixmarket.biz/rd/?uid=43&decb64=1&callback=YWR2TU0=&mpsid=841113770

Request Chain 9

http://x.instreamatic.com/v2/mark/787.gif HTTP 302
http://ad.mail.ru/cm.gif?p=66&id=7b5dba14105c5290

Request Chain 13

http://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=prd&d.format=jsonp&d.key=uAzzwE627eck&d.callback=jsonp_bsgrj5mbxcn4pny HTTP 302
http://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=161781&d.A=prd&d.format=jsonp&d.key=uAzzwE627eck&d.callback=jsonp_bsgrj5mbxcn4pny

Request Chain 15

http://sync.1dmp.io/pixel.gif?cid=5cf84683-2e0c-42f6-ad4f-7502fc73b092&pid=1c414efa-7700-4fed-9953-20c233fe626d&uid=be0e237b-6427-477d-b6d1-a9e9a9bb5107 HTTP 302
http://sync.1dmp.io/pixel.gif?cid=5cf84683-2e0c-42f6-ad4f-7502fc73b092&pid=1c414efa-7700-4fed-9953-20c233fe626d&uid=be0e237b-6427-477d-b6d1-a9e9a9bb5107&cs=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cleverdata_dmp&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cleverdata_dmp&google_cm=&google_tc= HTTP 302
https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEDE1lHz5cMMMKosemEduob8&google_gid=CAESEDE1lHz5cMMMKosemEduob8&google_cver=1

Request Chain 16

http://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5166553&bn=5166553&rnd=be0e237b-6427-477d-b6d1-a9e9a9bb5107 HTTP 302
http://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5166553&bn=5166553&rnd=be0e237b-6427-477d-b6d1-a9e9a9bb5107&tuid=-6009588607 HTTP 302
http://dmp.vihub.ru/match?sysid=adr&redir=no&uid=AAyOoBU4z-HPuyY63kn4OoQ

Request Chain 18

http://x01.aidata.io/0.gif?pid=VIHUB&id=be0e237b-6427-477d-b6d1-a9e9a9bb5107 HTTP 302
http://x01.aidata.io/0.gif?pid=VIHUB&id=be0e237b-6427-477d-b6d1-a9e9a9bb5107&bounce=1 HTTP 302
http://dmp.vihub.ru/match?sysid=ai&redir=no&uid=BtPO6BRKIMuL2by5FSOY0w

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set fpx.php Show response
ramones.batzbatz.ru/x/ 5 KB
2 KB 1181ms
36ms Document
text/html 95.216.228.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
Protocol: HTTP/1.1
Server: 95.216.228.165 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.228.216.95.clients.your-server.de
Software: openresty / PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1
Resource Hash: 250c6873bb82e58e7fb6e4577095624b9e5158d50390a420d7adc45a1ab34c87

Request headers

Host: ramones.batzbatz.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: openresty
Date: Tue, 02 Jul 2019 06:51:28 GMT
Content-Type: text/html; charset=windows-1251
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Tue, 01 Jan 2000 00:00:00 GMT
Last-Modified: Tue, 02 Jul 2019 06:51:28 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Pragma: no-cache
Access-Control-Allow-Origin: *
Set-Cookie: a7d83=1; expires=Tue, 02-Jul-2019 07:21:28 GMT; Max-Age=1800; path=/; domain=.am15.net
Content-Encoding: gzip

GET
H/1.1 204
No Content advmaker
sync2.audtd.com/ 0
348 B 38ms
32ms Image
text/html 2a00:1450:4001:81d::2013
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sync2.audtd.com/advmaker
Requested by: Host: ramones.batzbatz.ru
URL: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
Protocol: HTTP/1.1
Security: , ,
Server: 2a00:1450:4001:81d::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Jul 2019 06:51:28 GMT
Server: Google Frontend
Vary: Origin
Content-Type: text/html
X-Cloud-Trace-Context: 6c9a1c5f999f13fdc83bbecad588b487
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK adteam_sync.php
sync.teamrtb.net/x/ 43 B
263 B 74ms
62ms Image
image/gif 148.251.136.163
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sync.teamrtb.net/x/adteam_sync.php?uid=
Requested by: Host: ramones.batzbatz.ru
URL: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
Protocol: HTTP/1.1
Security: , ,
Server: 148.251.136.163 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.163.136.251.148.clients.your-server.de
Software: openresty / PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 02 Jul 2019 06:51:28 GMT
Server: openresty
Connection: keep-alive
X-Powered-By: PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1

200
OK

rsc.php Show response
t02.rbnt.org/
Redirect Chain

http://t02.rbnt.org/rsc.php?mode=bu&pkey=c9c47ae4e558bb681274f5e3f29c61e2&scr=1&p=advmaker&callback=AdvMakerMyragon&sitename=76133
http://t02.rbnt.org/rsc.php?mode=bu&pkey=c9c47ae4e558bb681274f5e3f29c61e2&scr=1&p=advmaker&callback=AdvMakerMyragon&sitename=76133&csc=1

20 B
477 B

16ms
15ms

Script
text/javascript

148.251.159.22
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://t02.rbnt.org/rsc.php?mode=bu&pkey=c9c47ae4e558bb681274f5e3f29c61e2&scr=1&p=advmaker&callback=AdvMakerMyragon&sitename=76133&csc=1

Requested by

Host: ramones.batzbatz.ru
URL: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372

Protocol

HTTP/1.1

Security

, ,

Server

148.251.159.22 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.22.159.251.148.clients.your-server.de

Software

nginx /

Resource Hash

21b82e2818317d8154b0015d7a606c590429a8645c79d2f90922449c805a2fd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Jul 2019 06:51:28 GMT
Last-Modified: Tue, 02 Jul 2019 06:51:28 GMT
Server: nginx
Strict-Transport-Security: max-age=0
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 02 Jul 2019 06:51:28 GMT
Last-Modified: Tue, 02 Jul 2019 06:51:28 GMT
Server: nginx
Strict-Transport-Security: max-age=0
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: /rsc.php?mode=bu&pkey=c9c47ae4e558bb681274f5e3f29c61e2&scr=1&p=advmaker&callback=AdvMakerMyragon&sitename=76133&csc=1
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 204
No Content aotm.js Show response
sync.dmp.otm-r.com/match/ 0
103 B 26ms
13ms Script
text/plain 195.201.194.138
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://sync.dmp.otm-r.com/match/aotm.js
Requested by: Host: ramones.batzbatz.ru
URL: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
Protocol: HTTP/1.1
Security: , ,
Server: 195.201.194.138 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.138.194.201.195.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Connection: keep-alive
Date: Tue, 02 Jul 2019 06:51:28 GMT
Server: nginx

GET take
s.dskrt.net/ 0
0

GET advmaker
dsp.dskrt.net/ 0
0

GET
H/1.1 200
OK / Show response
bodaybo.net/ 18 B
271 B 25ms
12ms Script
text/plain 138.201.138.222
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://bodaybo.net/?ssp=10&callback=advmakerfunc
Requested by: Host: ramones.batzbatz.ru
URL: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
Protocol: HTTP/1.1
Security: , ,
Server: 138.201.138.222 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.222.138.201.138.clients.your-server.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: c6558f04bb80d726bc9298f8a8a5e2ac8d74fa29313064bb87b6295acf195715

Request headers

Referer: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 02 Jul 2019 06:51:28 GMT
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive
Content-Length: 18

GET
H/1.1

200

/ Show response
d.tds.mixmarket.biz/rd/
Redirect Chain

http://d.tds.mixmarket.biz/rd/?uid=43&geo=XY&callback=advMM
https://udata.mixmarket.biz/getpsid/?urlback=http%3a%2f%2fd.tds.mixmarket.biz%2frd%2f%3fuid%3d43%26decb64%3d1%26callback%3dYWR2TU0%3d
http://d.tds.mixmarket.biz/rd/?uid=43&decb64=1&callback=YWR2TU0=&mpsid=841113770

10 B
400 B

49ms
49ms

Script
application/x-javascript

23.105.254.92
Servers.com

General

Check archive.org

Show headers Download Go to

Full URL: http://d.tds.mixmarket.biz/rd/?uid=43&decb64=1&callback=YWR2TU0=&mpsid=841113770
Requested by: Host: ramones.batzbatz.ru
URL: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
Protocol: HTTP/1.1
Security: , ,
Server: 23.105.254.92 , Russian Federation, ASN7979 (SERVERS - Servers.com, Inc., US),
Reverse DNS: mixer.mixmarket.biz
Software: nginx/1.14.2 /
Resource Hash: 5e77ccd9d5a28937962f0ab9d14ae70433911234074aa42bcd316224c1f2ded8

Request headers

Referer: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 02 Jul 2019 06:51:29 GMT
Server: nginx/1.14.2
Connection: keep-alive
P3P: policyref="http://tds.mixmarket.biz/w3c/p3p.xml",CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Transfer-Encoding: chunked
Content-Type: application/x-javascript

Redirect headers

Pragma: no-cache
Date: Tue, 02 Jul 2019 06:51:29 GMT
Server: nginx/1.14.2
P3P: policyref="http://mixmarket.biz/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Location: http://d.tds.mixmarket.biz/rd/?uid=43&decb64=1&callback=YWR2TU0=&mpsid=841113770
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0

GET
H/1.1 204
No Content advmaker Show response
sync.audtd.com/match/ 0
348 B 38ms
31ms Script
text/html 2a00:1450:4001:806::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://sync.audtd.com/match/advmaker?type=js&uid=
Requested by: Host: ramones.batzbatz.ru
URL: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
Protocol: HTTP/1.1
Security: , ,
Server: 2a00:1450:4001:806::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Jul 2019 06:51:28 GMT
Server: Google Frontend
Vary: Origin
Content-Type: text/html
X-Cloud-Trace-Context: 1a1fcc41bc9c0f0b53d7acd801a2f73f
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

cm.gif
ad.mail.ru/
Redirect Chain

http://x.instreamatic.com/v2/mark/787.gif
http://ad.mail.ru/cm.gif?p=66&id=7b5dba14105c5290

43 B
445 B

115ms
69ms

Image
image/gif

2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ad.mail.ru/cm.gif?p=66&id=7b5dba14105c5290
Requested by: Host: ramones.batzbatz.ru
URL: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
Protocol: HTTP/1.1
Security: , ,
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 02 Jul 2019 06:51:28 GMT
Last-Modified: Tue, 02 Jul 2019 06:51:28 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=21600
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Tue, 02 Jul 2019 12:51:28 GMT

Redirect headers

Date: Tue, 02 Jul 2019 06:51:28 GMT
Server: nginx/1.4.6 (Ubuntu)
Content-Type: text/plain; charset=utf-8
Location: http://ad.mail.ru/cm.gif?p=66&id=7b5dba14105c5290
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 0
Expires: Tue, 02 Jul 2019 06:51:27 GMT

GET
H2 200 / Show response
livestatisc.com/ads/ 27 B
560 B 107ms
35ms Script
text/javascript 142.234.39.43
Servers.com

General

Check archive.org

Show headers Download Go to

Full URL

https://livestatisc.com/ads/

Requested by

Host: ramones.batzbatz.ru
URL: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

142.234.39.43 , Netherlands, ASN7979 (SERVERS - Servers.com, Inc., US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

8e5c8c8c6ce6d248248203aa122e599b19bc42dde85c2134868f7da5cca488a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 02 Jul 2019 06:51:30 GMT
access-control-request-method: *
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
status: 200
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: Microsoft-HTTPAPI/2.0
etag: W/"8e5c8c8c6ce6d248248203aa122e599b"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, PUT, DELETE, GET, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Set-Cookie

GET
H/1.1 200
OK 556d807310823b694772f699.js Show response
static.weborama.io/ 9 KB
9 KB 16ms
7ms Script
application/javascript 207.154.204.189
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: http://static.weborama.io/556d807310823b694772f699.js
Requested by: Host: ramones.batzbatz.ru
URL: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
Protocol: HTTP/1.1
Security: , ,
Server: 207.154.204.189 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.6.2 /
Resource Hash: d22f3bebb926a603525fe11e87bde207fc9d948a582c227be9405e3b05302d65

Request headers

Referer: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 02 Jul 2019 06:46:53 GMT
Last-Modified: Tue, 27 Dec 2016 15:33:29 GMT
Server: nginx/1.6.2
ETag: "586289c9-233b"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9019

GET
H/1.1 200
OK smartPixel.min.js Show response
pixel.vihub.ru/smart/_pub/advmaker/dist/ 9 KB
9 KB 24ms
11ms Script
application/javascript 136.243.149.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pixel.vihub.ru/smart/_pub/advmaker/dist/smartPixel.min.js
Requested by: Host: ramones.batzbatz.ru
URL: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
Protocol: HTTP/1.1
Security: , ,
Server: 136.243.149.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.149.243.136.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash: a72f6e287ccbd8e44f5f415148688ca4cc0abddd57e0b14e62560eb7e3152397

Request headers

Referer: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 02 Jul 2019 06:51:30 GMT
Last-Modified: Wed, 26 Jul 2017 10:56:15 GMT
Server: nginx/1.12.2
ETag: "5978754f-232e"
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Content-Type: application/javascript
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length: 9006

GET
H/1.1

200
OK

dispatch.fcgi Show response
wam.solution.weborama.fr/fcgi-bin/
Redirect Chain

http://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=prd&d.format=jsonp&d.key=uAzzwE627eck&d.callback=jsonp_bsgrj5mbxcn4pny
http://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=161781&d.A=prd&d.format=jsonp&d.key=uAzzwE627eck&d.callback=jsonp_bsgrj5mbxcn4pny

119 B
648 B

29ms
28ms

Script
application/json

91.216.195.18
WEBORAMA Weborama...

General

Check archive.org

Show headers Download Go to

Full URL: http://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=161781&d.A=prd&d.format=jsonp&d.key=uAzzwE627eck&d.callback=jsonp_bsgrj5mbxcn4pny
Requested by: Host: ramones.batzbatz.ru
URL: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
Protocol: HTTP/1.1
Security: , ,
Server: 91.216.195.18 , France, ASN12516 (WEBORAMA Weborama provides Internet Services, FR),
Reverse DNS: std-collect-lb-c03-01-vip.weborama.fr
Software: Apache /
Resource Hash: a7e91cb1ea04897b069f6c33fdc28dceea9bfb448e7e445da5720bade30f7ef8

Request headers

Referer: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Jul 2019 06:51:30 GMT
Last-Modified: Tue, 02 Jul 2019 06:51:30 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Type: application/json
Expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 02 Jul 2019 06:51:30 GMT
Last-Modified: Tue, 02 Jul 2019 06:51:30 GMT
Server: Apache
Location: http://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=161781&d.A=prd&d.format=jsonp&d.key=uAzzwE627eck&d.callback=jsonp_bsgrj5mbxcn4pny
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1 200
OK pixeljs Show response
dmp.vihub.ru/ 1 KB
2 KB 25ms
12ms Script
application/javascript 136.243.149.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://dmp.vihub.ru/pixeljs?sa=17
Requested by: Host: pixel.vihub.ru
URL: http://pixel.vihub.ru/smart/_pub/advmaker/dist/smartPixel.min.js
Protocol: HTTP/1.1
Security: , ,
Server: 136.243.149.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.149.243.136.clients.your-server.de
Software: fasthttp /
Resource Hash: f9c1ccb7435ca9bd0e81e5887e4dfa8e2838127f12251ca58f7ebf43845b3509

Request headers

Referer: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 02 Jul 2019 06:51:30 GMT
Server: fasthttp
Connection: keep-alive
Content-Length: 1394
Content-Type: application/javascript

GET
H2

200

pixel.gif
sync.1dmp.io/
Redirect Chain

http://sync.1dmp.io/pixel.gif?cid=5cf84683-2e0c-42f6-ad4f-7502fc73b092&pid=1c414efa-7700-4fed-9953-20c233fe626d&uid=be0e237b-6427-477d-b6d1-a9e9a9bb5107
http://sync.1dmp.io/pixel.gif?cid=5cf84683-2e0c-42f6-ad4f-7502fc73b092&pid=1c414efa-7700-4fed-9953-20c233fe626d&uid=be0e237b-6427-477d-b6d1-a9e9a9bb5107&cs=1
https://cm.g.doubleclick.net/pixel?google_nid=cleverdata_dmp&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=cleverdata_dmp&google_cm=&google_tc=
https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEDE1lHz5cMMMKosemEduob8&google_gid=CAESEDE1lHz5cMMMKosemEduob8&google_cver=1

35 B
267 B

1122ms
33ms

Image
image/gif

95.216.101.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEDE1lHz5cMMMKosemEduob8&google_gid=CAESEDE1lHz5cMMMKosemEduob8&google_cver=1
Requested by: Host: ramones.batzbatz.ru
URL: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 95.216.101.186 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.186.101.216.95.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 02 Jul 2019 06:51:32 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
expires: 0
server: nginx
content-length: 35
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 02 Jul 2019 06:51:31 GMT
server: HTTP server (unknown)
location: https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEDE1lHz5cMMMKosemEduob8&google_gid=CAESEDE1lHz5cMMMKosemEduob8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 375
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

match
dmp.vihub.ru/
Redirect Chain

http://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5166553&bn=5166553&rnd=be0e237b-6427-477d-b6d1-a9e9a9bb5107
http://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5166553&bn=5166553&rnd=be0e237b-6427-477d-b6d1-a9e9a9bb5107&tuid=-6009588607
http://dmp.vihub.ru/match?sysid=adr&redir=no&uid=AAyOoBU4z-HPuyY63kn4OoQ

35 B
178 B

15ms
12ms

Image
image/gif

136.243.149.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dmp.vihub.ru/match?sysid=adr&redir=no&uid=AAyOoBU4z-HPuyY63kn4OoQ
Requested by: Host: ramones.batzbatz.ru
URL: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
Protocol: HTTP/1.1
Security: , ,
Server: 136.243.149.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.149.243.136.clients.your-server.de
Software: fasthttp /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 02 Jul 2019 06:51:31 GMT
Server: fasthttp
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

Redirect headers

Location: //dmp.vihub.ru/match?sysid=adr&redir=no&uid=AAyOoBU4z-HPuyY63kn4OoQ
Pragma: no-cache
Date: Tue, 02 Jul 2019 06:51:31 GMT
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Content-type: text/html
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK match
cs.digitalbox.ru/ 35 B
531 B 1093ms
34ms Image
image/gif 95.216.2.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cs.digitalbox.ru/match?sysid=vh&uid=be0e237b-6427-477d-b6d1-a9e9a9bb5107
Requested by: Host: ramones.batzbatz.ru
URL: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
Protocol: HTTP/1.1
Security: , ,
Server: 95.216.2.91 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.91.2.216.95.clients.your-server.de
Software: fasthttp /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 02 Jul 2019 06:51:31 GMT
Server: fasthttp
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Content-Type: image/gif
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length: 35

GET
H/1.1

200
OK

match
dmp.vihub.ru/
Redirect Chain

http://x01.aidata.io/0.gif?pid=VIHUB&id=be0e237b-6427-477d-b6d1-a9e9a9bb5107
http://x01.aidata.io/0.gif?pid=VIHUB&id=be0e237b-6427-477d-b6d1-a9e9a9bb5107&bounce=1
http://dmp.vihub.ru/match?sysid=ai&redir=no&uid=BtPO6BRKIMuL2by5FSOY0w

35 B
178 B

14ms
13ms

Image
image/gif

136.243.149.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dmp.vihub.ru/match?sysid=ai&redir=no&uid=BtPO6BRKIMuL2by5FSOY0w
Requested by: Host: ramones.batzbatz.ru
URL: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
Protocol: HTTP/1.1
Security: , ,
Server: 136.243.149.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.149.243.136.clients.your-server.de
Software: fasthttp /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 02 Jul 2019 06:51:31 GMT
Server: fasthttp
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 02 Jul 2019 06:51:31 GMT
Last-Modified: Tue, 02 Jul 2019 06:51:30 GMT
Server: nginx
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
Location: http://dmp.vihub.ru/match?sysid=ai&redir=no&uid=BtPO6BRKIMuL2by5FSOY0w
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 0
Expires: Tue, 02 Jul 2019 06:51:30 GMT

GET
H/1.1 204
No Content ssp
sync.videonow.ru/ 0
573 B 1117ms
46ms Image
application/json 212.76.131.50
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sync.videonow.ru/ssp?dsp=16&uuid=be0e237b-6427-477d-b6d1-a9e9a9bb5107
Requested by: Host: ramones.batzbatz.ru
URL: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
Protocol: HTTP/1.1
Security: , ,
Server: 212.76.131.50 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS: vs25.videonow.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 02 Jul 2019 06:51:31 GMT
Server: nginx
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://ramones.batzbatz.ru
Connection: keep-alive
Access-Control-Allow-Credentials: true
X-Source-Node: vs25.videonow.ru

GET
H/1.1 204
No Content /
stats.weborama.io/ 0
103 B 27ms
8ms Image
text/plain 62.113.208.140
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://stats.weborama.io/?key=556d807310823b694772f699&mode=new
Requested by: Host: ramones.batzbatz.ru
URL: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
Protocol: HTTP/1.1
Security: , ,
Server: 62.113.208.140 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Connection: keep-alive
Date: Tue, 02 Jul 2019 06:51:30 GMT
Server: nginx

GET
H/1.1 200
OK external_all.html
cstatic.weborama.fr/iframe/ Frame C03E 0
0 16ms
8ms Document
text/html 93.184.221.133
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: http://cstatic.weborama.fr/iframe/external_all.html
Requested by: Host: static.weborama.io
URL: http://static.weborama.io/556d807310823b694772f699.js
Protocol: HTTP/1.1
Server: 93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8FC7) /
Resource Hash

Request headers

Host: cstatic.weborama.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://ramones.batzbatz.ru/x/fpx.php?s=76133&w=10500&t=cu&rand=1214912372

Response headers

Content-Encoding: gzip
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Content-Type: text/html
Date: Tue, 02 Jul 2019 06:51:32 GMT
Etag: "100879202"
Expires: Tue, 09 Jul 2019 06:51:32 GMT
Last-Modified: Thu, 27 Jun 2019 08:58:18 GMT
P3P: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
Server: ECAcc (frc/8FC7)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 1967

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s.dskrt.net
URL: http://s.dskrt.net/take?your_id=&ssp=advmaker

Domain: dsp.dskrt.net
URL: http://dsp.dskrt.net/advmaker?ip=141.98.102.254&site=76133&uid=&domain=

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.adriver.ru
ad.mail.ru
bodaybo.net
cm.g.doubleclick.net
cs.digitalbox.ru
cstatic.weborama.fr
d.tds.mixmarket.biz
dmp.vihub.ru
dsp.dskrt.net
livestatisc.com
pixel.vihub.ru
ramones.batzbatz.ru
s.dskrt.net
static.weborama.io
stats.weborama.io
sync.1dmp.io
sync.audtd.com
sync.dmp.otm-r.com
sync.teamrtb.net
sync.videonow.ru
sync2.audtd.com
t02.rbnt.org
udata.mixmarket.biz
wam.solution.weborama.fr
x.instreamatic.com
x01.aidata.io
dsp.dskrt.net
s.dskrt.net
136.243.149.224
138.201.138.222
138.201.36.215
142.234.39.43
144.76.85.254
148.251.136.163
148.251.159.22
195.201.194.138
195.209.108.37
207.154.204.189
212.76.131.50
216.58.206.2
23.105.254.92
2a00:1148:db00::17
2a00:1450:4001:806::2013
2a00:1450:4001:81d::2013
62.113.208.140
91.216.195.18
93.184.221.133
95.216.101.186
95.216.2.91
95.216.228.165
21b82e2818317d8154b0015d7a606c590429a8645c79d2f90922449c805a2fd9
250c6873bb82e58e7fb6e4577095624b9e5158d50390a420d7adc45a1ab34c87
5e77ccd9d5a28937962f0ab9d14ae70433911234074aa42bcd316224c1f2ded8
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e5c8c8c6ce6d248248203aa122e599b19bc42dde85c2134868f7da5cca488a9
a72f6e287ccbd8e44f5f415148688ca4cc0abddd57e0b14e62560eb7e3152397
a7e91cb1ea04897b069f6c33fdc28dceea9bfb448e7e445da5720bade30f7ef8
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
c6558f04bb80d726bc9298f8a8a5e2ac8d74fa29313064bb87b6295acf195715
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d22f3bebb926a603525fe11e87bde207fc9d948a582c227be9405e3b05302d65
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f9c1ccb7435ca9bd0e81e5887e4dfa8e2838127f12251ca58f7ebf43845b3509

ramones.batzbatz.ru Open in urlscan Pro 95.216.228.165 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

23 Requests

9 %HTTPS

14 %IPv6

20 Domains

26 Subdomains

19 IPs

7 Countries

28 kBTransfer

24 kBSize

0 Cookies

0 Outgoing links

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

0 Cookies

Indicators

ramones.batzbatz.ru Open in urlscan Pro
95.216.228.165 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

9 %
HTTPS

14 %
IPv6

20
Domains

26
Subdomains

19
IPs

7
Countries

28 kB
Transfer

24 kB
Size

0
Cookies

23 HTTP transactions
0 data transactions