towns.su Open in urlscan Pro
151.248.116.85 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://towns.su/
Submission Tags: l4ing ☭ tld su ru rf cccp h8 t* Search All
Submission: On January 20 via manual (January 20th 2024, 1:33:40 pm UTC) from LU — Scanned from DE

Summary HTTP 56 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 12 domains to perform 56 HTTP transactions. The main IP is 151.248.116.85, located in Russian Federation and belongs to AS-REG, RU. The main domain is towns.su.

This is the only time towns.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	151.248.116.85 151.248.116.85	197695 (AS-REG) (AS-REG)
6	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	46.4.75.61 46.4.75.61	24940 (HETZNER-AS) (HETZNER-AS)
1 1	81.19.89.16 81.19.89.16	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
2	81.19.89.17 81.19.89.17	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
1 2	81.200.113.97 81.200.113.97	198610 (BEGET-AS) (BEGET-AS)
4	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	89.208.236.251 89.208.236.251	12695 (DINET-AS) (DINET-AS)
2 3	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
5	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
16	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
56	18

6 151.248.116.85 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: medien.su

towns.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.75.61 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: r0.refer.ru

www.refer.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.19.89.16 (Russian Federation) 1 redirects

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

counter.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.19.89.17 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

counter.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kraken.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.200.113.97 (St Petersburg, Russian Federation) 1 redirects

ASN198610 (BEGET-AS, RU)

www.siteedit.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.208.236.251 (Reutov, Russian Federation)

ASN12695 (DINET-AS, RU)

hit37.hotlog.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.163.52.67 (Russian Federation) 2 redirects

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

d5.c9.be.a1.top.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	criteo.net static.criteo.net — Cisco Umbrella Rank: 657 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9386 csm.eu.criteo.net — Cisco Umbrella Rank: 8850	303 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	239 KB
6	towns.su towns.su	39 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	18 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 8778 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 15457 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10462	62 KB
3	mail.ru 2 redirects d5.c9.be.a1.top.mail.ru top-fwz1.mail.ru — Cisco Umbrella Rank: 10239	4 KB
3	rambler.ru 1 redirects counter.rambler.ru — Cisco Umbrella Rank: 149568 kraken.rambler.ru — Cisco Umbrella Rank: 35890	120 KB
2	siteedit.ru 1 redirects www.siteedit.ru	3 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	65 KB
1	hotlog.ru hit37.hotlog.ru
1	refer.ru www.refer.ru	2 KB
56	12

	Domain	Requested by
16	imageproxy.eu.criteo.net	ads.eu.criteo.com
7	static.criteo.net	ads.eu.criteo.com
6	pagead2.googlesyndication.com	towns.su pagead2.googlesyndication.com tpc.googlesyndication.com
6	towns.su	towns.su
5	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	top-fwz1.mail.ru	1 redirects towns.su
2	www.siteedit.ru	1 redirects towns.su
2	counter.rambler.ru	1 redirects towns.su
1	www.google.com	tpc.googlesyndication.com
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	rtb.nl3.eu.criteo.com	googleads.g.doubleclick.net
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	kraken.rambler.ru	towns.su
1	d5.c9.be.a1.top.mail.ru	1 redirects
1	hit37.hotlog.ru	towns.su
1	www.refer.ru	towns.su
56	19

This site contains links to these domains. Also see Links.

Domain
kartina.tv
click.hotlog.ru
top.mail.ru
www.refer.ru
top100.rambler.ru

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.rambler.ru GlobalSign GCC R3 DV TLS CA 2020	`2023-04-17` - `2024-05-18`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-03` - `2024-02-28`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-27` - `2024-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 7 frames:

Primary Page: http://towns.su/
Frame ID: 1FDDA4EA0865BB59596B003166861B16
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html
Frame ID: 5E67E5B79ACB45317B74028B5A33AC73
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1503831618444475&output=html&h=280&slotname=8709876412&adk=3764791118&adf=3567694344&pi=t.ma~as.8709876412&w=788&fwrn=4&fwrnh=100&lmt=1582926621&rafmt=1&format=788x280&url=http%3A%2F%2Ftowns.su%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705757615742&bpp=6&bdt=156&idt=212&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&correlator=5199152039530&frm=20&pv=2&ga_vid=812720517.1705757616&ga_sid=1705757616&ga_hid=733284262&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=65&ady=1318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C31080558%2C95321957%2C95321627%2C95321966%2C95322165&oid=2&pvsid=3651417164516693&tmod=1090012602&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=219
Frame ID: 2A378CE969A1FE1EE139AE7281F0B307
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1503831618444475&output=html&adk=1312905894&adf=165033605&lmt=1582926621&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_r&format=0x0&url=http%3A%2F%2Ftowns.su%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&dt=1705757616136&bpp=1&bdt=550&idt=1&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=788x280&nras=1&correlator=5199152039530&frm=20&pv=1&ga_vid=812720517.1705757616&ga_sid=1705757616&ga_hid=733284262&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C31080558%2C95321957%2C95321627%2C95321966%2C95322165&oid=2&pvsid=3651417164516693&tmod=1090012602&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&ifi=2&uci=a!2&fsb=1&dtd=8
Frame ID: 02710CBA9E83BCC4FE37A2A4330EC66D
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZavLsAABAIID5_NDAAIe_En0Y7o_ujJXBMmLZg&u=%7ChbEtUfHfSgTjZa3ZVtmj%2FJCVav0yhgaz2GMLDLz5KNg%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86yE0NxnWJ0kh_D2fbxYnxxHI22TZvvcBgHtA6OBtjsNt83S3J4rCtkMqGQR8IYVKM7vbzc-1bXG3IRJoAyK8yb3AOzvuLETWqhsmvkVfiuLuaMcgaCjOApy5K_VaPBbFEXGpF11p-HumeeRSfIca753_69dHGL3jTfDGagYeXqjKw6TxTDmUjPOAh2XaK3TAPERBnM-cVlA6trpGWglB9bQTEjkYgM9agsyhG1xmgPaKlVFWiklDzN02y00T4O6_-oWAtM2QI5_EvEWAwX7xx88nJ7GkbQLziom-xGS1yJHIo1SemJZciwbzDonkh4XoMb3p6LVgjd1ElXdvoHlgm1nXVtF75ow4GwrNcOzuqPHf9Scxv-DhpqhMlx-5In5zTG6bvL7hOrW3t7mskL7n6AueuLLVVOfVEly-nNLvCEfwV0Hg_ayOOEXroXN9pfdha-gwWAyHx8t8V8AI4AyBtxtXmM8WR_TFnHJYuB0INwlyYWFeHvAj0eK68IiIvT1aYDxZcK00_Rp-HsEXsHW0DOoedooZMDFtIfukHvH1628kdSof-xGJSkNqcik4B3iC_Asp8ZQc3YmqFWeWrabefgA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJ4E3sMurZYKBBMPmn88P_L2I8AfJntKxXPWR3r6xAcCNtwEQASAAYJWSmoKsB4IBF2NhLXB1Yi0xNTAzODMxNjE4NDQ0NDc1yAEJqQKdimvoZUiyPqgDAcgDAqoE3AFP0OvNKRUOf1slz53RwBXt1GhUZs_GACWYq_Ue4TPa_Ao6oQE38lEcRlaj-dEInri0BIvshZGSM7NEc6kmscJzD225v5-rayWDNmjdIt34nU2kIsXsFFW_SVOMEIB-QvLyr66UXqqvsClWolO-K3ZmVNKEK8JA1vC5KU9FU9EmJ-Lw_dYteu7j9BmmHF3MRabwOHHBRmUp9cM0dlmYrRu_NRrtaPsy4mVsPnUr_rthA336xp_4hlHIpa-Nu9BRQR7SXSfPcCh_kHkFIke-DrWe32DtFmjrfuJYq3CXgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYoZ2YporsgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_32Y_Fsx-lDi8hm8tHmKtjq4dh36Q%26client%3Dca-pub-1503831618444475%26adurl%3D
Frame ID: FA85AD642E705C5B63102607C0D33247
Requests: 26 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BF5D41674A453A324974D177277D21B6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 95757A2F990C2400F92A83056D40240E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Города России, стран ближнего и дальнего зарубежья в Интернете

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Liveinternet (Analytics) Expand

Overall confidence: 100%
Detected patterns

<script[^<>]*>[^]{0,128}?src\s*=\s*['"]//counter\.yadro\.ru/hit(?:;\S+)?\?(?:t\d+\.\d+;)?r

Page Statistics

56
Requests

79 %
HTTPS

56 %
IPv6

12
Domains

19
Subdomains

18
IPs

3
Countries

855 kB
Transfer

1619 kB
Size

9
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://kartina.tv/shop/?ref_id=625707

Search URL Search Domain Scan URL

URL: http://click.hotlog.ru/?2124869

Search URL Search Domain Scan URL

URL: http://top.mail.ru/jump?from=2004269

Search URL Search Domain Scan URL

URL: http://www.refer.ru/

Search URL Search Domain Scan URL

URL: https://top100.rambler.ru/home?id=2433705

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

http://counter.rambler.ru/top100.jcn?2433705 HTTP 307
https://counter.rambler.ru/top100.jcn?2433705

Request Chain 6

http://www.siteedit.ru/public/technology/default.gif HTTP 301
https://www.siteedit.ru/public/technology/default.gif

Request Chain 12

http://d5.c9.be.a1.top.mail.ru/counter?id=2004269;t=137;js=13;r=;j=false;s=1600*1200;d=24;rand=0.4070023083228216 HTTP 302
https://top-fwz1.mail.ru/counter?id=2004269;t=137;js=13;r=;j=false;s=1600*1200;d=24;rand=0.4070023083228216 HTTP 302
https://top-fwz1.mail.ru/counter2?id=2004269;t=137;js=13;r=;j=false;s=1600*1200;d=24;rand=0.4070023083228216

56 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
towns.su/ 11 KB
12 KB 369ms
163ms Document
text/html 151.248.116.85
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: http://towns.su/
Protocol: HTTP/1.1
Server: 151.248.116.85 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: medien.su
Software: nginx/0.8.54 / PHP/5.3.3
Resource Hash: 2ebb27509de7a97a2e0b01c86628db2abea69ff944222a201f0e16a205d7b0a9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: public
Connection: close
Content-Type: text/html; charset=utf-8
Date: Sat, 20 Jan 2024 13:33:35 GMT
Expires: Fri, 01 Jan 2014 05:00:00 GMT
Last-Modified: Fri, 28 Feb 2020 21:50:21 GMT
Pragma: no-cache
Server: nginx/0.8.54
Transfer-Encoding: chunked
X-Powered-By: PHP/5.3.3

GET
H/1.1 200
OK default.css
towns.su/www/skin/ 13 KB
14 KB 103ms
51ms Stylesheet
text/css 151.248.116.85
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: http://towns.su/www/skin/default.css
Requested by: Host: towns.su
URL: http://towns.su/
Protocol: HTTP/1.1
Server: 151.248.116.85 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: medien.su
Software: nginx/0.8.54 /
Resource Hash: 4559fa7b731683476d9c218616476bbcea9efbd4185aaf26441a692e4a6e4cab

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://towns.su/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

Date: Sat, 20 Jan 2024 13:33:35 GMT
Last-Modified: Thu, 19 Oct 2017 19:23:47 GMT
Server: nginx/0.8.54
Connection: close
Accept-Ranges: bytes
Content-Length: 13820
Content-Type: text/css

GET
H/1.1 200
OK skin_home.css
towns.su/www/skin/ 500 B
710 B 122ms
69ms Stylesheet
text/css 151.248.116.85
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: http://towns.su/www/skin/skin_home.css
Requested by: Host: towns.su
URL: http://towns.su/
Protocol: HTTP/1.1
Server: 151.248.116.85 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: medien.su
Software: nginx/0.8.54 /
Resource Hash: f66d71b99f27c33a58f98090f6fd47d02035d2c8e09d1ddeed5f7003df9e6408

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://towns.su/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

Date: Sat, 20 Jan 2024 13:33:35 GMT
Last-Modified: Sun, 23 Jul 2017 11:32:10 GMT
Server: nginx/0.8.54
Connection: close
Accept-Ranges: bytes
Content-Length: 500
Content-Type: text/css

GET
H/1.1 200
OK kartina-tv-72890.png
towns.su/www/images/ 11 KB
12 KB 120ms
67ms Image
image/png 151.248.116.85
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://towns.su/www/images/kartina-tv-72890.png
Requested by: Host: towns.su
URL: http://towns.su/
Protocol: HTTP/1.1
Server: 151.248.116.85 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: medien.su
Software: nginx/0.8.54 /
Resource Hash: 0536e613b48b77600a96adf4a55e312f8f37d37a3a2319ba061e3d6c3829b6fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://towns.su/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

Date: Sat, 20 Jan 2024 13:33:35 GMT
Last-Modified: Sun, 23 Jul 2017 11:32:10 GMT
Server: nginx/0.8.54
Connection: close
Accept-Ranges: bytes
Content-Length: 11580
Content-Type: image/png

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
54 KB 81ms
62ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: towns.su
URL: http://towns.su/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f57712c5b31707c44aca2a872ad31df115519727ffc221511454e9cb931e3be3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://towns.su/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

Date: Sat, 20 Jan 2024 13:33:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 54236
X-XSS-Protection: 0
Server: cafe
ETag: 10223576780122514403
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600, stale-while-revalidate=3600
Timing-Allow-Origin: *
Link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
Expires: Sat, 20 Jan 2024 13:33:35 GMT

GET
H/1.1 200
OK green_a.gif
www.refer.ru/images/ref_buttons/ 2 KB
2 KB 89ms
45ms Image
image/gif 46.4.75.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.refer.ru/images/ref_buttons/green_a.gif
Requested by: Host: towns.su
URL: http://towns.su/
Protocol: HTTP/1.1
Server: 46.4.75.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: r0.refer.ru
Software: nginx/0.8.19 /
Resource Hash: aec502b3f2dfd70a4040529d8a5b22f8fa7eabf250deadbad70b9522fbdb0329

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://towns.su/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

Date: Sat, 20 Jan 2024 13:33:35 GMT
Last-Modified: Tue, 25 Sep 2007 01:47:48 GMT
Server: nginx/0.8.19
ETag: "3f063b6-6cb-43aebec98b900"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 1739
Expires: Mon, 19 Feb 2024 13:33:35 GMT

GET
H2

200

top100.jcn Show response
counter.rambler.ru/
Redirect Chain

http://counter.rambler.ru/top100.jcn?2433705
https://counter.rambler.ru/top100.jcn?2433705

118 KB
119 KB

254ms
131ms

Script
application/javascript

81.19.89.17
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.rambler.ru/top100.jcn?2433705
Requested by: Host: towns.su
URL: http://towns.su/
Protocol: H2
Server: 81.19.89.17 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx /
Resource Hash: 9c53f9e47eb9abdbee06a522db17a250b6f77710a2fce4652cbd35a55cb273e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://towns.su/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

content-type: application/octet-stream, application/javascript
date: Sat, 20 Jan 2024 13:33:35 GMT
server: nginx
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"

Redirect headers

Date: Sat, 20 Jan 2024 13:33:35 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Location: https://counter.rambler.ru/top100.jcn?2433705
P3P: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Content-Length: 164

GET
H2

200

default.gif
www.siteedit.ru/public/technology/
Redirect Chain

http://www.siteedit.ru/public/technology/default.gif
https://www.siteedit.ru/public/technology/default.gif

3 KB
3 KB

215ms
78ms

Image
image/gif

81.200.113.97
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.siteedit.ru/public/technology/default.gif
Requested by: Host: towns.su
URL: http://towns.su/
Protocol: H2
Server: 81.200.113.97 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: cc9a9147b0883dd6e1ca6ff2a8191a9ac106bbd00583fa2588e5aa019f63dbf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://towns.su/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Sat, 20 Jan 2024 13:33:35 GMT
last-modified: Fri, 31 Aug 2007 18:00:00 GMT
server: nginx-reuseport/1.21.1
accept-ranges: bytes
etag: "b50-43902976c0800"
content-length: 2896
content-type: image/gif

Redirect headers

Location: https://www.siteedit.ru/public/technology/default.gif
Date: Sat, 20 Jan 2024 13:33:35 GMT
Server: nginx-reuseport/1.21.1
Connection: keep-alive
Keep-Alive: timeout=30
Content-Length: 340
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK semenu.js Show response
towns.su/system/main/ 454 B
680 B 122ms
68ms Script
application/x-javascript 151.248.116.85
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: http://towns.su/system/main/semenu.js
Requested by: Host: towns.su
URL: http://towns.su/
Protocol: HTTP/1.1
Server: 151.248.116.85 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: medien.su
Software: nginx/0.8.54 /
Resource Hash: 886c469274de1dd8cae9eceac51afbc3fad08fce849f233eba5ca603f36bfea1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://towns.su/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

Date: Sat, 20 Jan 2024 13:33:35 GMT
Last-Modified: Fri, 27 Mar 2009 09:56:56 GMT
Server: nginx/0.8.54
Connection: close
Accept-Ranges: bytes
Content-Length: 454
Content-Type: application/x-javascript

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/ Frame 5E67 9 KB
4 KB 72ms
21ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://towns.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15
accept-language: de-DE,de;q=0.9

Response headers

age: 47532
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 00:21:23 GMT
etag: 9219409622527106327
expires: Sat, 03 Feb 2024 00:21:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/ 403 KB
137 KB 124ms
78ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1503831618444475&plah=towns.su&bust=31080558

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

681b1383b5e254057f28aaeab8de1dab492740da73afe595f0992194b9a49c6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://towns.su/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Sat, 20 Jan 2024 13:33:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139808
x-xss-protection: 0
server: cafe
etag: 16433439448364513620
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 20 Jan 2024 13:33:35 GMT

GET
H/1.1 200
OK headerright.gif
towns.su/www/skin/ 341 B
552 B 110ms
55ms Image
image/gif 151.248.116.85
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://towns.su/www/skin/headerright.gif
Requested by: Host: towns.su
URL: http://towns.su/www/skin/default.css
Protocol: HTTP/1.1
Server: 151.248.116.85 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: medien.su
Software: nginx/0.8.54 /
Resource Hash: 96c2e71df53baad5c0aa6cc389589c7df1caa50acfae8927557264b2d846c843

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://towns.su/www/skin/default.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

Date: Sat, 20 Jan 2024 13:33:35 GMT
Last-Modified: Sun, 23 Jul 2017 11:32:10 GMT
Server: nginx/0.8.54
Connection: close
Accept-Ranges: bytes
Content-Length: 341
Content-Type: image/gif

GET
H/1.1 404
Not Found count
hit37.hotlog.ru/cgi-bin/hotlog/ 0
0 294ms
62ms Image
text/plain 89.208.236.251
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hit37.hotlog.ru/cgi-bin/hotlog/count?0.4625894444401033&s=2124869&im=213&r=&pg=http%3A//towns.su/&j=N&wh=1600x1200&px=24&js=1.3
Requested by: Host: towns.su
URL: http://towns.su/
Protocol: HTTP/1.1
Server: 89.208.236.251 Reutov, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://towns.su/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

GET
H2

200

counter2
top-fwz1.mail.ru/
Redirect Chain

http://d5.c9.be.a1.top.mail.ru/counter?id=2004269;t=137;js=13;r=;j=false;s=1600*1200;d=24;rand=0.4070023083228216
https://top-fwz1.mail.ru/counter?id=2004269;t=137;js=13;r=;j=false;s=1600*1200;d=24;rand=0.4070023083228216
https://top-fwz1.mail.ru/counter2?id=2004269;t=137;js=13;r=;j=false;s=1600*1200;d=24;rand=0.4070023083228216

1 KB
2 KB

63ms
63ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter2?id=2004269;t=137;js=13;r=;j=false;s=1600*1200;d=24;rand=0.4070023083228216

Requested by

Host: towns.su
URL: http://towns.su/

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

dab3e286e0d6ef4ede0c478696cef9e5566cae68289334ec9bc3eaa450d4548f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://towns.su/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Sat, 20 Jan 2024 13:33:36 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 1207
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

date: Sat, 20 Jan 2024 13:33:36 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 0
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
accept-ch-lifetime: 86400
location: https://top-fwz1.mail.ru/counter2?id=2004269;t=137;js=13;r=;j=false;s=1600*1200;d=24;rand=0.4070023083228216
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2A37 30 KB
13 KB 471ms
471ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1503831618444475&output=html&h=280&slotname=8709876412&adk=3764791118&adf=3567694344&pi=t.ma~as.8709876412&w=788&fwrn=4&fwrnh=100&lmt=1582926621&rafmt=1&format=788x280&url=http%3A%2F%2Ftowns.su%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705757615742&bpp=6&bdt=156&idt=212&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&correlator=5199152039530&frm=20&pv=2&ga_vid=812720517.1705757616&ga_sid=1705757616&ga_hid=733284262&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=65&ady=1318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C31080558%2C95321957%2C95321627%2C95321966%2C95322165&oid=2&pvsid=3651417164516693&tmod=1090012602&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=219

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1503831618444475&plah=towns.su&bust=31080558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50bcf609a88d0d45234f320ecdda61ef1f66232dd2e3a3f6037175ed1b128947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://towns.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 13510
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 13:33:36 GMT
expires: Sat, 20 Jan 2024 13:33:36 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
kraken.rambler.ru/cnt/v2/ 595 B
1 KB 87ms
81ms Image
image/gif 81.19.89.17
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=2433705&session_id=1961869388_1705757616129&session_number=1&session_event_number=1&version=3.15.1i&counter_type=web&experiment=%5B%5B%22exp_ws%22%2C%22no%22%5D%5D&top100_id=t1.2433705.839396824.1705757616128&adtech_uid=b5b20989-b62f-466f-a6b4-d68075d6b957&adtech_uid_scope=towns.su&fingerprint=pA8AAENKs1e4yIzbAe5T1gA%3D&url=http%3A%2F%2Ftowns.su%2F&request_id=1705757616.128-820055437&event_id=223276161316552&meta=%7B%22title%22%3A%22%D0%93%D0%BE%D1%80%D0%BE%D0%B4%D0%B0%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%2C%20%D1%81%D1%82%D1%80%D0%B0%D0%BD%20%D0%B1%D0%BB%D0%B8%D0%B6%D0%BD%D0%B5%D0%B3%D0%BE%20%D0%B8%20%D0%B4%D0%B0%D0%BB%D1%8C%D0%BD%D0%B5%D0%B3%D0%BE%20%D0%B7%D0%B0%D1%80%D1%83%D0%B1%D0%B5%D0%B6%D1%8C%D1%8F%20%D0%B2%20%D0%98%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B5%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221600x1200%22%2C%22browser_size%22%3A%221600x1200%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22MacIntel%22%2C%22timezone%22%3A%22-60%22%7D&rn=408168852
Requested by: Host: towns.su
URL: http://towns.su/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.17 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx /
Resource Hash: bed2365e0935b48d4d3b1392538a2bf1add63576b70f840e09ecd0ac619e234e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://towns.su/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Sat, 20 Jan 2024 13:33:36 GMT
last-modified: Tue, 12 Nov 2019 12:50:59 GMT
server: nginx
x-srv: 1kraken-prod0002.ad.rambler.tech
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
etag: "5dcaaab3-253"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 595

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0271 0
19 B 31ms
31ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1503831618444475&output=html&adk=1312905894&adf=165033605&lmt=1582926621&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_r&format=0x0&url=http%3A%2F%2Ftowns.su%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&dt=1705757616136&bpp=1&bdt=550&idt=1&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=788x280&nras=1&correlator=5199152039530&frm=20&pv=1&ga_vid=812720517.1705757616&ga_sid=1705757616&ga_hid=733284262&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C31080558%2C95321957%2C95321627%2C95321966%2C95322165&oid=2&pvsid=3651417164516693&tmod=1090012602&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&ifi=2&uci=a!2&fsb=1&dtd=8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://towns.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 13:33:36 GMT
expires: Sat, 20 Jan 2024 13:33:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 2A37 3 KB
1 KB 96ms
23ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1503831618444475&output=html&h=280&slotname=8709876412&adk=3764791118&adf=3567694344&pi=t.ma~as.8709876412&w=788&fwrn=4&fwrnh=100&lmt=1582926621&rafmt=1&format=788x280&url=http%3A%2F%2Ftowns.su%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705757615742&bpp=6&bdt=156&idt=212&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&correlator=5199152039530&frm=20&pv=2&ga_vid=812720517.1705757616&ga_sid=1705757616&ga_hid=733284262&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=65&ady=1318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C31080558%2C95321957%2C95321627%2C95321966%2C95322165&oid=2&pvsid=3651417164516693&tmod=1090012602&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=219

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Sat, 20 Jan 2024 13:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 329
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Feb 2024 13:28:07 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 2A37 20 KB
9 KB 93ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Fri, 19 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68677
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 18:28:59 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2A37 206 KB
65 KB 128ms
75ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Sat, 20 Jan 2024 13:33:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jan 2024 13:33:36 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame FA85 248 KB
62 KB 195ms
123ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZavLsAABAIID5_NDAAIe_En0Y7o_ujJXBMmLZg&u=%7ChbEtUfHfSgTjZa3ZVtmj%2FJCVav0yhgaz2GMLDLz5KNg%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86yE0NxnWJ0kh_D2fbxYnxxHI22TZvvcBgHtA6OBtjsNt83S3J4rCtkMqGQR8IYVKM7vbzc-1bXG3IRJoAyK8yb3AOzvuLETWqhsmvkVfiuLuaMcgaCjOApy5K_VaPBbFEXGpF11p-HumeeRSfIca753_69dHGL3jTfDGagYeXqjKw6TxTDmUjPOAh2XaK3TAPERBnM-cVlA6trpGWglB9bQTEjkYgM9agsyhG1xmgPaKlVFWiklDzN02y00T4O6_-oWAtM2QI5_EvEWAwX7xx88nJ7GkbQLziom-xGS1yJHIo1SemJZciwbzDonkh4XoMb3p6LVgjd1ElXdvoHlgm1nXVtF75ow4GwrNcOzuqPHf9Scxv-DhpqhMlx-5In5zTG6bvL7hOrW3t7mskL7n6AueuLLVVOfVEly-nNLvCEfwV0Hg_ayOOEXroXN9pfdha-gwWAyHx8t8V8AI4AyBtxtXmM8WR_TFnHJYuB0INwlyYWFeHvAj0eK68IiIvT1aYDxZcK00_Rp-HsEXsHW0DOoedooZMDFtIfukHvH1628kdSof-xGJSkNqcik4B3iC_Asp8ZQc3YmqFWeWrabefgA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJ4E3sMurZYKBBMPmn88P_L2I8AfJntKxXPWR3r6xAcCNtwEQASAAYJWSmoKsB4IBF2NhLXB1Yi0xNTAzODMxNjE4NDQ0NDc1yAEJqQKdimvoZUiyPqgDAcgDAqoE3AFP0OvNKRUOf1slz53RwBXt1GhUZs_GACWYq_Ue4TPa_Ao6oQE38lEcRlaj-dEInri0BIvshZGSM7NEc6kmscJzD225v5-rayWDNmjdIt34nU2kIsXsFFW_SVOMEIB-QvLyr66UXqqvsClWolO-K3ZmVNKEK8JA1vC5KU9FU9EmJ-Lw_dYteu7j9BmmHF3MRabwOHHBRmUp9cM0dlmYrRu_NRrtaPsy4mVsPnUr_rthA336xp_4hlHIpa-Nu9BRQR7SXSfPcCh_kHkFIke-DrWe32DtFmjrfuJYq3CXgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYoZ2YporsgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_32Y_Fsx-lDi8hm8tHmKtjq4dh36Q%26client%3Dca-pub-1503831618444475%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8f69febd1fb60ba6df98d9260f61fc58c9c578e6697c682513d4e82047bcde2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 13:33:35 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=fvKxiO0PRHCOeH_9sWuyoSDo1VwkNeZ7A0Z65fK2VPzTbUSE3ML5Fe5NF6YEwR5iJL8NpSkXP6jXxNWVcOTLkjt9cwiBYKwYSaX9QE8JxvJ0z39Io3R4u7p-YFXWZoWh8UKfC1kFmkpTHONcYWW7080fjO3JqFrH96z7whSJnmx94uqutk5SLbUZRR1Bo_Gbk8UquQGSq4GCUOoKT86BO2f7X8Rpv23tkpaleJtlEuA9a476tFKxBUUd1qz4BS2e6W6EnA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 86666368
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 2A37 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 266da33f59f6d5965a16d6ee188df395dc0a1c85bf7577ceadea37a00e46eb89

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2A37 0
19 B 56ms
55ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CW0HLsMurZYKBBMPmn88P_L2I8AfJntKxXPWR3r6xAcCNtwEQASAAYJWSmoKsB4IBF2NhLXB1Yi0xNTAzODMxNjE4NDQ0NDc1yAEJqQKdimvoZUiyPqgDAcgDAqoE2QFP0OvNKRUOf1slz53RwBXt1GhUZs_GACWYq_Ue4TPa_Ao6oQE38lEcRlaj-dEInri0BIvshZGSM7NEc6kmscJzD225v5-rayWDNmjdIt34nU2kIsXsFFW_SVOMEIB-QvLyr66UXqqvsClWolO-K3ZmVNKEK8JA1vC5KU9FU9EmJ-Lw_dYteu7j9BmmHF3MRabwOHHBRmUp9cM0dlmYrRu_NRrtaPsy4mVsPnUr_rthA336xt36p8NINn-wHQB2m5LytIPBVyLJmlcdoPN2MxNsYH7BDvAh6sKxgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYoZ2YporsgwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMTUwMzgzMTYxODQ0NDQ3NRgA&sigh=LiI1lcYIa2w&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_ILbuqcBHKsAeHSQgyd-t2esBU2wK9byOZ6Hc58wc1VTXoyXFpJYoZpCqaye07n5cTYUsb10MAuI3PFsB-1fye92fpFG3HMVYBIAYAQ&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1503831618444475&output=html&h=280&slotname=8709876412&adk=3764791118&adf=3567694344&pi=t.ma~as.8709876412&w=788&fwrn=4&fwrnh=100&lmt=1582926621&rafmt=1&format=788x280&url=http%3A%2F%2Ftowns.su%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705757615742&bpp=6&bdt=156&idt=212&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&correlator=5199152039530&frm=20&pv=2&ga_vid=812720517.1705757616&ga_sid=1705757616&ga_hid=733284262&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=65&ady=1318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C31080558%2C95321957%2C95321627%2C95321966%2C95322165&oid=2&pvsid=3651417164516693&tmod=1090012602&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=219
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 20 Jan 2024 13:33:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 2A37 0
126 B 129ms
43ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=ko7EGMz6RJQGmAKdg2ICAgAAAI-b44wBkZEF6pCItxCvy6tlvHa54KwIJXkOSQAAEgAACgpBUVVCQVFFQkFR&wp=ZavLsAABAIID5_NDAAIe_En0Y7o_ujJXBMmLZg&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Sat, 20 Jan 2024 13:33:36 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 120697
server: Kestrel
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame FA85 2 KB
1 KB 108ms
39ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZavLsAABAIID5_NDAAIe_En0Y7o_ujJXBMmLZg&u=%7ChbEtUfHfSgTjZa3ZVtmj%2FJCVav0yhgaz2GMLDLz5KNg%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86yE0NxnWJ0kh_D2fbxYnxxHI22TZvvcBgHtA6OBtjsNt83S3J4rCtkMqGQR8IYVKM7vbzc-1bXG3IRJoAyK8yb3AOzvuLETWqhsmvkVfiuLuaMcgaCjOApy5K_VaPBbFEXGpF11p-HumeeRSfIca753_69dHGL3jTfDGagYeXqjKw6TxTDmUjPOAh2XaK3TAPERBnM-cVlA6trpGWglB9bQTEjkYgM9agsyhG1xmgPaKlVFWiklDzN02y00T4O6_-oWAtM2QI5_EvEWAwX7xx88nJ7GkbQLziom-xGS1yJHIo1SemJZciwbzDonkh4XoMb3p6LVgjd1ElXdvoHlgm1nXVtF75ow4GwrNcOzuqPHf9Scxv-DhpqhMlx-5In5zTG6bvL7hOrW3t7mskL7n6AueuLLVVOfVEly-nNLvCEfwV0Hg_ayOOEXroXN9pfdha-gwWAyHx8t8V8AI4AyBtxtXmM8WR_TFnHJYuB0INwlyYWFeHvAj0eK68IiIvT1aYDxZcK00_Rp-HsEXsHW0DOoedooZMDFtIfukHvH1628kdSof-xGJSkNqcik4B3iC_Asp8ZQc3YmqFWeWrabefgA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJ4E3sMurZYKBBMPmn88P_L2I8AfJntKxXPWR3r6xAcCNtwEQASAAYJWSmoKsB4IBF2NhLXB1Yi0xNTAzODMxNjE4NDQ0NDc1yAEJqQKdimvoZUiyPqgDAcgDAqoE3AFP0OvNKRUOf1slz53RwBXt1GhUZs_GACWYq_Ue4TPa_Ao6oQE38lEcRlaj-dEInri0BIvshZGSM7NEc6kmscJzD225v5-rayWDNmjdIt34nU2kIsXsFFW_SVOMEIB-QvLyr66UXqqvsClWolO-K3ZmVNKEK8JA1vC5KU9FU9EmJ-Lw_dYteu7j9BmmHF3MRabwOHHBRmUp9cM0dlmYrRu_NRrtaPsy4mVsPnUr_rthA336xp_4hlHIpa-Nu9BRQR7SXSfPcCh_kHkFIke-DrWe32DtFmjrfuJYq3CXgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYoZ2YporsgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_32Y_Fsx-lDi8hm8tHmKtjq4dh36Q%26client%3Dca-pub-1503831618444475%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Sat, 20 Jan 2024 13:33:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 14 Jan 2025 13:33:36 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame FA85 2 KB
1 KB 104ms
35ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Sat, 20 Jan 2024 13:33:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 14 Jan 2025 13:33:36 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame FA85 308 B
636 B 105ms
37ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Sat, 20 Jan 2024 13:33:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 14 Jan 2025 13:33:36 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame FA85 293 B
622 B 103ms
34ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Sat, 20 Jan 2024 13:33:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Tue, 14 Jan 2025 13:33:36 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame FA85 43 B
348 B 88ms
29ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=UBS0796CE6D-1zVCyUDLT1rTLHTKBVgneWj0ITPMHKmQHKBl0X9eWMOi9fdjtgjDRbkvSicA1CUGLbVpsoJsJ_ekYIFLD72cxSepo44XiCX_GtVSox_76bP-kkrZ-Y2710RkdGAbyQH56xNklPag7XUaS9dDMl2JiHUiZQL4x0tyYHjTf052QUed5CBpQOMwN5_3jW-cS9wTrVyXe6Mrp848NXH1GbAMQF7ZWg5l0sZFffnn-ygCCCIgLTPgiHudOI9KP8NHvV4OvjOi8X_TygSyJsZpjogozCa86qcmy2CH_YTxI2mTFLN8ikXhIGuX5ecn0paPfh91MMwdy4lPduxdkjutY5tiWdB7XiQ-w2lO3q39QWe-pNBR5BkHAtocHFUN2mUlYspmoeLuUY1h_WG5C8l54LB60lBTXLjLm0PxXycm

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 13:33:36 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1517871
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame FA85 12 KB
6 KB 43ms
43ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Sat, 20 Jan 2024 13:33:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 14 Jan 2025 13:33:36 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame FA85 37 KB
38 KB 195ms
126ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2Ffc5b2532e4ff4326a459f87c7b9b521f_eu_oveckarna_vertikalni_hneda.png&v=3&w=392&rid=4&s=fA85hpHjfO8Zrgo9-7n4deCz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ec43544fe6d6c3115fb302b8709e2631e922da2c4d8e5b0dbfae00bbcac2492d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Sat, 20 Jan 2024 13:33:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 38196
expires: Mon, 06 Jan 2025 01:54:31 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame FA85 16 KB
16 KB 158ms
89ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F18413_102.jpg%3F1680159946_2&v=3&w=800&rid=4&s=6GZ-z3UnPHH7JWpJ_vUFM29H&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

60ed3aa0d99f8b282f785e4f698796a7bf88ecd66bc6e05943dd007eab7a6f45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Sat, 20 Jan 2024 13:33:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 16282
expires: Sat, 03 Feb 2024 04:47:19 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame FA85 20 KB
21 KB 184ms
115ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F7589_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=QvWAiJw45SA2Nxl5GvGoazQu&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

631ef40533993f8b4aad96351b89da51af46cb360957a7495ccf2616918f64ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Sat, 20 Jan 2024 13:33:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 20960
expires: Fri, 02 Feb 2024 13:03:08 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame FA85 18 KB
19 KB 212ms
143ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F1%2F11461_102.jpg%3F1637921114_2&v=3&w=800&rid=4&s=nK4TKOFBzfHIIkA2nAKvp5i6&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b66f93fc3b1482af938e98a0ed7118f89835238a5434d16854d6fa691efb944c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Sat, 20 Jan 2024 13:33:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 18874
expires: Sat, 03 Feb 2024 04:35:54 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame FA85 27 KB
27 KB 147ms
78ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F11463_102.jpg%3F1637921162_2&v=3&w=800&rid=4&s=roh5iC6wcuNgIZlqL0AhDz-j&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

67ad16ab28687c889d92dae815a4dc86bd744568c994d14d307cd890d09e26a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Sat, 20 Jan 2024 13:33:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 27166
expires: Sat, 03 Feb 2024 04:28:09 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame FA85 12 KB
12 KB 111ms
42ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F6%2F8236_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=P5mhH5gFjmG1_jQYQfekpmb0&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

846dbf808016b540ed729ead9df2f8383bb04c9ccf9d579f5fcac922cbd53e01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Sat, 20 Jan 2024 13:33:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 12262
expires: Fri, 02 Feb 2024 12:26:32 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame FA85 15 KB
16 KB 110ms
110ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F7%2F7957_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=H3vTFG2Mu-TORbyXV24T3QLl&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

adb3b62e672d9a356859138296231cefe0b3f67af4604b20b7a8ad8554d8e7f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Sat, 20 Jan 2024 13:33:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 15760
expires: Tue, 06 Feb 2024 10:15:42 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame FA85 4 KB
4 KB 111ms
110ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F11129_102.jpg%3F1636111187_2&v=3&w=800&rid=4&s=aXMKJPSZvpYJHB8wxWoi76_3&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f6ee2e9106907cb4fa67a3cc5b22a0eefe4ce671a18f3a6a4e0a3615441eea21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Sat, 20 Jan 2024 13:33:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 4264
expires: Fri, 02 Feb 2024 22:15:30 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame FA85 19 KB
19 KB 125ms
124ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F0%2F2200_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=y1FfLT3OIoFUY9BG1dQvcb57&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

67ae5cb9a4c423af33efb21376c45272784c5c6cb0327b5aff4916f80e059bdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Sat, 20 Jan 2024 13:33:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 19566
expires: Sun, 04 Feb 2024 20:24:17 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame FA85 19 KB
19 KB 115ms
114ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F4%2F2204_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=owQ2WY3CxCFUf4ETDUw4IY-t&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

80400bac369ea4484573731db58d2181679dda28b7cbcef7ee604353ad9a1335

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Sat, 20 Jan 2024 13:33:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 19086
expires: Fri, 02 Feb 2024 21:55:52 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame FA85 25 KB
25 KB 120ms
120ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F9759_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=DQE5zF_suhnNTq68_gj2IktV&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fe2b3053ad417b537977abd4bdec5062b69552ee2fa59d7e0d1ad2e7e2ff6d97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Sat, 20 Jan 2024 13:33:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 25428
expires: Fri, 02 Feb 2024 12:06:46 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame FA85 12 KB
12 KB 141ms
140ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F4%2F7324_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=IwKD1BpsjPQVn0ngJwm0OU-m&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

40674b7bb03a2ff6fe675dc543de0a2f4ad096e9bb06425d556a1fff9b39a6d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Sat, 20 Jan 2024 13:33:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 12278
expires: Fri, 02 Feb 2024 20:27:05 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame FA85 15 KB
15 KB 128ms
128ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F5413_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=TE_lzCSHaTbV33ZphnFmc8vk&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

267c82df1e306daf3771ccae836dd5b2450ef21ba3145ad1e479225b48d32e53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Sat, 20 Jan 2024 13:33:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 15302
expires: Sat, 03 Feb 2024 05:58:42 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame FA85 19 KB
19 KB 136ms
136ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F7%2F9747_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=isLH-aZOaI_JYFgESiQHfOTG&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b3158d5fcdc230f5c988d1e0addd7f6d078f43256d5ee2a87f931bdd31682336

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Sat, 20 Jan 2024 13:33:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 19366
expires: Sat, 03 Feb 2024 00:00:47 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame FA85 12 KB
12 KB 133ms
133ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F23339_102.jpg%3F1704438275_2&v=3&w=800&rid=4&s=TsFiQvcXGYuPDVF0qtsJbS8J&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6ba45d6846604aa2e9abd68111b2a59e328196d1f3e2568128977eab392a730d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Sat, 20 Jan 2024 13:33:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 12030
expires: Sat, 10 Feb 2024 04:44:20 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame FA85 17 KB
17 KB 141ms
141ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F2%2F23222_102.jpg%3F1702454389_2&v=3&w=800&rid=4&s=l2pBD7v6lpktHfJMkjvp9ic_&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

280d9680e16e1ad97b29049c284e11537821b737db288039817debb64f13e215

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Sat, 20 Jan 2024 13:33:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 17040
expires: Sun, 11 Feb 2024 18:36:52 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame FA85 0
128 B 107ms
36ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=fvKxiO0PRHCOeH_9sWuyoSDo1VwkNeZ7A0Z65fK2VPzTbUSE3ML5Fe5NF6YEwR5iJL8NpSkXP6jXxNWVcOTLkjt9cwiBYKwYSaX9QE8JxvJ0z39Io3R4u7p-YFXWZoWh8UKfC1kFmkpTHONcYWW7080fjO3JqFrH96z7whSJnmx94uqutk5SLbUZRR1Bo_Gbk8UquQGSq4GCUOoKT86BO2f7X8Rpv23tkpaleJtlEuA9a476tFKxBUUd1qz4BS2e6W6EnA&sds=2&rev=90272.1&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 20 Jan 2024 13:33:36 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame FA85 2 KB
1 KB 39ms
38ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Sat, 20 Jan 2024 13:33:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 14 Jan 2025 13:33:36 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame FA85 2 KB
1 KB 34ms
34ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Sat, 20 Jan 2024 13:33:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 14 Jan 2025 13:33:36 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 108ms
65ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240118&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

748db03f1df9ddebfdfacc2475b2488ef666204cfee7ef3559017a12befe0004

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://towns.su/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Sat, 20 Jan 2024 13:33:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12144
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://towns.su/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Sat, 20 Jan 2024 13:33:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 20 Jan 2024 13:33:37 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BF5D 13 KB
5 KB 21ms
21ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://towns.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 102
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 13:31:55 GMT
expires: Sun, 19 Jan 2025 13:31:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9575 829 B
1 KB 84ms
33ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cd6fc29c813276e6003d0d6f52f4f456aa9606e4e656ebb891278eb415859cd6

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce--DrqWYcGXnFmgJL0JtTQig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://towns.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'nonce--DrqWYcGXnFmgJL0JtTQig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 13:33:37 GMT
expires: Sat, 20 Jan 2024 13:33:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame BF5D 39 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Fri, 19 Jan 2024 14:00:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84813
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 14:00:04 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9575 0
0 166ms
166ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240118&jk=3651417164516693&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BF5D 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?BgAb7g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

date: Sat, 20 Jan 2024 13:33:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 172ms
172ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240118&jk=3651417164516693&bg=!AAOlA0zNAAa8BdJLnAU7ADQBe5WfOOT1xWaq6hQ3H3lYWODxSaEQ6NYM4nuUe7abCeS1ieToTtC-w9yIcbHf3a8RXwv_AgAAAD1SAAAAAmgBBwoARIUI6JEonfCB4zKP_sN49c7bpx2pg0Ke7AxVFw2GQ-IFVSr-nr7KTHX7fRPGgu0ydb9jLJs8bTwmM2Fj4mZhrEEZRH0XmQKqsWDlzw5oce8K4GocxOvSV8xyJQGdozAPxbiuQkrcCjWhjclaLzyAMYSAVmGP6lhWXsBla19QWS1PLpbE17HgyxwPVx5sNt3q4nuNwi0_aNgw5PYoh-ajlExsQ7Zr96OYa7v8MtxhOyQWMUib9-EvuNvsPYMct595dQjBhtVEMlFuapXRJSTrr252i7r5NWO0rdG99qsnFtQ5CqMqfc5lAPyhR05RsnhXd2qIo8nu1BxCHHB-J4velP8M6FsFoDiGpL4AVGvsaWgOwUpSvz-f8pbcAwkou7r9tsthVRMGwKGsPkwnhzwg01StP6PjMfXYR5ffC6fZbgRYRWs5OSESM5IgeEME2AmTVzFN23gxXeJP8GhV5y_FcfvORBxPaRPCEN_VKLwbsNqDtGlK5Bkd6tCL_8C5v_DPzkagiTG482Mdq9H64GbH7AY5yAUy6DhNUIlMDd5GVirmSr9SegylGr-vuFh8mRnGM2hbc4Yr-MmyELRZsNaqr3pBmLEITaDKKwtIEv5VtRDsGzfMrBswDhgGYVi1ztREahf53r-RzyqeDsjF0HawE1iDc-0fk_Pi5Yt-pp_PR_WYcd_sPiIWqmamcEz88Zux03vDA9b5L71S987GklivGtoGci6nL2ZD87XM7ykIh1vCeLp4nfGYnRDp6U-oR2SnTLdwUN2JFSv2-CEDIiwE9xx7j5avmJ99ZfWlql0zEHaJmN4VQE9l159vMHXrP1IVYbjL7E8sLbyxF-IIY6PpTJPNXHpUV7bRbEXbVVvSryQHKf3GieoN-lEZ56cRtCueULo94yHOHSL4A9NpYI9bOtMftEoLDK2OnBUFrHWs_UL6NGqIaTbMxQUT9BNtOIgA5b3_v_hayldPwiQPbSdbSiTFTs73qqeVNabQd0KgS_-1mg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://towns.su/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15

Response headers

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
towns.su/	1969-12-31 23:59:59	Name: PHPSESSID Value: edbd716a32ada04145f5c5514fdfab78
.towns.su/	1970-01-21 02:34:53	Name: adtech_uid Value: b5b20989-b62f-466f-a6b4-d68075d6b957%3Atowns.su
.towns.su/	1970-01-21 02:34:53	Name: top100_id Value: t1.2433705.839396824.1705757616128
.towns.su/	1970-01-21 02:34:53	Name: t3_sid_2433705 Value: s1.1961869388.1705757616129.1705757616129.1.1
.towns.su/	1970-01-21 03:25:17	Name: last_visit Value: 1705754016130%3A%3A1705757616130
.doubleclick.net/	1970-01-20 17:49:18	Name: test_cookie Value: CheckForPermission
.mail.ru/	1970-01-21 02:36:20	Name: VID Value: 1wVowg1NYt2M00001E2SbCoM:::0-0-0-ac62470-0:CAASEPz1VbO0HyPVzgKCU6jBcUoaYECnqFGxk6Ukbpy22RbQXE-nqevuu1lNdXH5oy5P6ZHjuJaYd05uWC7qZn98fRGYmgFbDWga7ffrK0tptTqPytKG2Q7_NDaTNmiXQCIj1u4vqwV4t3y6Dzhc-4kUUqcy7A
.towns.su/	1970-01-21 03:10:53	Name: __gads Value: ID=a9c7f0a4e4bf9efd:T=1705757615:RT=1705757615:S=ALNI_MYju5_KgpdbqlZKza1rM4Fhdk9Aag
.towns.su/	1970-01-21 03:10:53	Name: __gpi Value: UID=00000d4560ded2f7:T=1705757615:RT=1705757615:S=ALNI_Mb6CqD7MKrN6l8ALetLgTaKcGAnUg

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://hit37.hotlog.ru/cgi-bin/hotlog/count?0.4625894444401033&s=2124869&im=213&r=&pg=http%3A//towns.su/&j=N&wh=1600x1200&px=24&js=1.3 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1503831618444475&output=html&h=280&slotname=8709876412&adk=3764791118&adf=3567694344&pi=t.ma~as.8709876412&w=788&fwrn=4&fwrnh=100&lmt=1582926621&rafmt=1&format=788x280&url=http%3A%2F%2Ftowns.su%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705757615742&bpp=6&bdt=156&idt=212&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&correlator=5199152039530&frm=20&pv=2&ga_vid=812720517.1705757616&ga_sid=1705757616&ga_hid=733284262&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=65&ady=1318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C44759837%2C31080558%2C95321957%2C95321627%2C95321966%2C95322165&oid=2&pvsid=3651417164516693&tmod=1090012602&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=219 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
cat.nl3.eu.criteo.com
counter.rambler.ru
csm.eu.criteo.net
d5.c9.be.a1.top.mail.ru
googleads.g.doubleclick.net
hit37.hotlog.ru
imageproxy.eu.criteo.net
kraken.rambler.ru
pagead2.googlesyndication.com
rtb.nl3.eu.criteo.com
static.criteo.net
top-fwz1.mail.ru
towns.su
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.refer.ru
www.siteedit.ru
151.248.116.85
178.250.1.6
2a00:1450:4001:802::2001
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
46.4.75.61
81.19.89.16
81.19.89.17
81.200.113.97
89.208.236.251
95.163.52.67
0536e613b48b77600a96adf4a55e312f8f37d37a3a2319ba061e3d6c3829b6fd
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
266da33f59f6d5965a16d6ee188df395dc0a1c85bf7577ceadea37a00e46eb89
267c82df1e306daf3771ccae836dd5b2450ef21ba3145ad1e479225b48d32e53
280d9680e16e1ad97b29049c284e11537821b737db288039817debb64f13e215
2ebb27509de7a97a2e0b01c86628db2abea69ff944222a201f0e16a205d7b0a9
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
40674b7bb03a2ff6fe675dc543de0a2f4ad096e9bb06425d556a1fff9b39a6d7
4559fa7b731683476d9c218616476bbcea9efbd4185aaf26441a692e4a6e4cab
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50bcf609a88d0d45234f320ecdda61ef1f66232dd2e3a3f6037175ed1b128947
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
60ed3aa0d99f8b282f785e4f698796a7bf88ecd66bc6e05943dd007eab7a6f45
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
631ef40533993f8b4aad96351b89da51af46cb360957a7495ccf2616918f64ac
67ad16ab28687c889d92dae815a4dc86bd744568c994d14d307cd890d09e26a5
67ae5cb9a4c423af33efb21376c45272784c5c6cb0327b5aff4916f80e059bdc
681b1383b5e254057f28aaeab8de1dab492740da73afe595f0992194b9a49c6b
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
6ba45d6846604aa2e9abd68111b2a59e328196d1f3e2568128977eab392a730d
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
748db03f1df9ddebfdfacc2475b2488ef666204cfee7ef3559017a12befe0004
80400bac369ea4484573731db58d2181679dda28b7cbcef7ee604353ad9a1335
846dbf808016b540ed729ead9df2f8383bb04c9ccf9d579f5fcac922cbd53e01
886c469274de1dd8cae9eceac51afbc3fad08fce849f233eba5ca603f36bfea1
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f69febd1fb60ba6df98d9260f61fc58c9c578e6697c682513d4e82047bcde2c
96c2e71df53baad5c0aa6cc389589c7df1caa50acfae8927557264b2d846c843
9c53f9e47eb9abdbee06a522db17a250b6f77710a2fce4652cbd35a55cb273e8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
adb3b62e672d9a356859138296231cefe0b3f67af4604b20b7a8ad8554d8e7f5
aec502b3f2dfd70a4040529d8a5b22f8fa7eabf250deadbad70b9522fbdb0329
b3158d5fcdc230f5c988d1e0addd7f6d078f43256d5ee2a87f931bdd31682336
b66f93fc3b1482af938e98a0ed7118f89835238a5434d16854d6fa691efb944c
bed2365e0935b48d4d3b1392538a2bf1add63576b70f840e09ecd0ac619e234e
cc9a9147b0883dd6e1ca6ff2a8191a9ac106bbd00583fa2588e5aa019f63dbf5
cd6fc29c813276e6003d0d6f52f4f456aa9606e4e656ebb891278eb415859cd6
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
dab3e286e0d6ef4ede0c478696cef9e5566cae68289334ec9bc3eaa450d4548f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
ec43544fe6d6c3115fb302b8709e2631e922da2c4d8e5b0dbfae00bbcac2492d
f57712c5b31707c44aca2a872ad31df115519727ffc221511454e9cb931e3be3
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f66d71b99f27c33a58f98090f6fd47d02035d2c8e09d1ddeed5f7003df9e6408
f6ee2e9106907cb4fa67a3cc5b22a0eefe4ce671a18f3a6a4e0a3615441eea21
fe2b3053ad417b537977abd4bdec5062b69552ee2fa59d7e0d1ad2e7e2ff6d97

towns.su Open in urlscan Pro 151.248.116.85 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

56 Requests

79 %HTTPS

56 %IPv6

12 Domains

19 Subdomains

18 IPs

3 Countries

855 kBTransfer

1619 kBSize

9 Cookies

5 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

towns.su Open in urlscan Pro
151.248.116.85 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

79 %
HTTPS

56 %
IPv6

12
Domains

19
Subdomains

18
IPs

3
Countries

855 kB
Transfer

1619 kB
Size

9
Cookies

56 HTTP transactions
1 data transactions