www.cities2visit.eu Open in urlscan Pro
2a05:1500:100::50 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.cities2visit.eu/
Submission: On April 19 via automatic, source certstream-suspicious (April 19th 2020, 12:28:31 am UTC)

Summary HTTP 23 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 9 domains to perform 23 HTTP transactions. The main IP is 2a05:1500:100::50, located in Netherlands and belongs to ASTRALUS, NL. The main domain is www.cities2visit.eu.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 8th 2020. Valid for: 3 months.

This is the only time www.cities2visit.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2a05:1500:100... 2a05:1500:100::50	48635 (ASTRALUS) (ASTRALUS)
7	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE)
2 2	104.92.100.37 104.92.100.37	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	23.53.43.74 23.53.43.74	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
1	151.101.113.6 151.101.113.6	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:821::2001	15169 (GOOGLE) (GOOGLE)
23	7

7 2a05:1500:100::50 (Netherlands)

ASN48635 (ASTRALUS, NL)

www.cities2visit.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.92.100.37 (Netherlands) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-100-37.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.53.43.74 (United States) 1 redirects

ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-53-43-74.deploy.static.akamaitechnologies.com

ui2.awin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

a1.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.6 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

b1.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	cities2visit.eu www.cities2visit.eu	30 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	132 KB
4	doubleclick.net googleads.g.doubleclick.net
4	awin1.com 2 redirects www.awin1.com a1.awin1.com b1.awin1.com	18 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.com adservice.google.com	839 B
1	google.de adservice.google.de	839 B
1	awin.com 1 redirects ui2.awin.com	204 B
0	cookie-script.com Failed chs03.cookie-script.com Failed
23	9

	Domain	Requested by
7	www.cities2visit.eu	www.cities2visit.eu
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	pagead2.googlesyndication.com	www.cities2visit.eu pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.awin1.com	2 redirects
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	b1.awin1.com	www.cities2visit.eu
1	a1.awin1.com	www.cities2visit.eu
1	ui2.awin.com	1 redirects
0	chs03.cookie-script.com Failed	www.cities2visit.eu
23	12

This site contains links to these domains. Also see Links.

Domain
www.awin1.com
www.facebook.com
www.linkedin.com
twitter.com

Subject Issuer	Validity	Valid
www.cities2visit.eu Let's Encrypt Authority X3	`2020-02-08` - `2020-05-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-03` - `2021-03-18`	a year	crt.sh
o.ssl.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-17` - `2021-03-23`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.cities2visit.eu/
Frame ID: 9123C2378F73AAE03234BBC62C76695F
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200413/r20190131/zrt_lookup.html
Frame ID: 83060FAACDE1631A45C895EA5EFFE5C6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7934141666771297&output=html&adk=1812271804&adf=3025194257&lmt=1586937157&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.cities2visit.eu%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1587256090199&bpp=11&bdt=56&idt=70&shv=r20200413&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7556191133077&frm=20&pv=2&ga_vid=1702231247.1587256090&ga_sid=1587256090&ga_hid=980845514&ga_fc=0&iag=0&icsg=10920&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44717539&oid=3&pvsid=2060583493402388&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=82
Frame ID: 410748060477D14D053F854487ECABE9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7934141666771297&output=html&h=600&slotname=8676514954&adk=3004359946&adf=575442966&w=160&lmt=1586937157&psa=0&guci=1.2.0.0.2.2.0.0&format=160x600&url=https%3A%2F%2Fwww.cities2visit.eu%2F&flash=0&wgl=1&adsid=NT&dt=1587256090210&bpp=5&bdt=67&idt=94&shv=r20200413&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7556191133077&frm=20&pv=1&ga_vid=1702231247.1587256090&ga_sid=1587256090&ga_hid=980845514&ga_fc=0&iag=0&icsg=43688&dssz=12&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=18&ady=248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44717539&oid=3&pvsid=2060583493402388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=31&ifi=1&uci=a!1&fsb=1&xpc=d8iaoudALX&p=https%3A//www.cities2visit.eu&dtd=97
Frame ID: 22F3F8DFBFD946CEC029E97B2616ADA6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7934141666771297&output=html&h=250&slotname=6569226369&adk=1816768801&adf=2242673846&w=300&lmt=1586937157&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fwww.cities2visit.eu%2F&flash=0&wgl=1&adsid=NT&dt=1587256090215&bpp=2&bdt=73&idt=97&shv=r20200413&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=7556191133077&frm=20&pv=1&ga_vid=1702231247.1587256090&ga_sid=1587256090&ga_hid=980845514&ga_fc=0&iag=0&icsg=43688&dssz=12&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1200&ady=367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44717539&oid=3&pvsid=2060583493402388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0zg7jZ7r2E&p=https%3A//www.cities2visit.eu&dtd=99
Frame ID: 94FCEDDC50ED55E80AF1481E14347613
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 71F17E92B40DBEE8884C9811ED9903E5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Page Statistics

23
Requests

96 %
HTTPS

50 %
IPv6

9
Domains

12
Subdomains

7
IPs

3
Countries

209 kB
Transfer

470 kB
Size

1
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.awin1.com/cread.php?s=2239555&v=8111&q=345770&r=371519
Title:

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php
Title:

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/share
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Cities2visit-443666132849633/
Title:

Search URL Search Domain Scan URL

URL: https://www.awin1.com/cread.php?s=2534325&v=8379&q=317282&r=371519
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://www.awin1.com/cshow.php?s=2239555&v=8111&q=345770&r=371519 HTTP 302
https://ui2.awin.com/ads/awin/12430/imgatg_mocomuseum_468x60-1534837653912.gif HTTP 301
https://a1.awin1.com/ads/awin/12430/imgatg_mocomuseum_468x60-1534837653912.gif

Request Chain 7

https://www.awin1.com/cshow.php?s=2534325&v=8379&q=317282&r=371519 HTTP 302
https://b1.awin1.com/blank/gif/300/250

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.cities2visit.eu/ 11 KB
5 KB 127ms
56ms Document
text/html 2a05:1500:100::50
ASTRALUS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cities2visit.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:1500:100::50 , Netherlands, ASN48635 (ASTRALUS, NL),
Reverse DNS
Software: CLB/No-Cache /
Resource Hash: 682b15e5da7f6aa6083b15b3ea9538f2c859ec5ae0fcc6d62ef2cea248978828

Request headers

Host: www.cities2visit.eu
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 4406
content-type: text/html; charset=UTF-8
date: Sun, 19 Apr 2020 00:28:10 GMT
etag: "2cd2-5a34f998fc337-gzip"
last-modified: Wed, 15 Apr 2020 07:52:37 GMT
vary: Accept-Encoding
x-cache: yes
server: CLB/No-Cache
age: 0
x-clb-cache: No
x-clb-hits: 0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 108 KB
39 KB 36ms
20ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.cities2visit.eu
URL: https://www.cities2visit.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13aa6363edf0d9dcb32899a36525bf360642341f96693e5f62e90ea868888ebd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cities2visit.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 19 Apr 2020 00:28:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 39452
x-xss-protection: 0
server: cafe
etag: 2834666070277554483
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 19 Apr 2020 00:28:10 GMT

GET
H2

200

imgatg_mocomuseum_468x60-1534837653912.gif
a1.awin1.com/ads/awin/12430/
Redirect Chain

https://www.awin1.com/cshow.php?s=2239555&v=8111&q=345770&r=371519
https://ui2.awin.com/ads/awin/12430/imgatg_mocomuseum_468x60-1534837653912.gif
https://a1.awin1.com/ads/awin/12430/imgatg_mocomuseum_468x60-1534837653912.gif

16 KB
16 KB

148ms
77ms

Image
image/gif

151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a1.awin1.com/ads/awin/12430/imgatg_mocomuseum_468x60-1534837653912.gif
Requested by: Host: www.cities2visit.eu
URL: https://www.cities2visit.eu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: f235bd534f1c0f25bfa6c5b34311cfa701c4a3fc3c5381620c886509eacf793f

Request headers

Referer: https://www.cities2visit.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 19 Apr 2020 00:28:10 GMT
x-pad: avoid browser bug
server: Apache
age: 0
x-cache: MISS, MISS
content-type: image/gif
status: 200
expires: Sun, 19 Apr 2020 12:28:10 GMT
cache-control: max-age=43200
x-cache-hits: 0, 0
accept-ranges: bytes
x-timer: S1587256091.543558,VS0,VE45
content-length: 16624
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-fra19179-FRA, cache-hhn4071-HHN

Redirect headers

Location: https://a1.awin1.com/ads/awin/12430/imgatg_mocomuseum_468x60-1534837653912.gif
Date: Sun, 19 Apr 2020 00:28:10 GMT
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK Button%20FB.png
www.cities2visit.eu/images/ 603 B
942 B 66ms
64ms Image
image/png 2a05:1500:100::50
ASTRALUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cities2visit.eu/images/Button%20FB.png
Requested by: Host: www.cities2visit.eu
URL: https://www.cities2visit.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:1500:100::50 , Netherlands, ASN48635 (ASTRALUS, NL),
Reverse DNS
Software: CLB/Cache /
Resource Hash: ce51a8242cd7db442e699ae88aed60a8411c521792e72bc744725596b2593d45

Request headers

Referer: https://www.cities2visit.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 19 Apr 2020 00:28:10 GMT
last-modified: Sun, 10 Dec 2017 10:33:24 GMT
server: CLB/Cache
age: 0
etag: "25b-55ff9f2948e0f"
x-cache: yes
content-type: image/png
cache-control: max-age=2700
x-clb-cache: No
accept-ranges: bytes
content-length: 603
x-clb-hits: 0
expires: Sun, 19 Apr 2020 01:13:10 GMT

GET
H/1.1 200
OK Button%20linkedin%20.png
www.cities2visit.eu/images/ 676 B
1015 B 105ms
80ms Image
image/png 2a05:1500:100::50
ASTRALUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cities2visit.eu/images/Button%20linkedin%20.png
Requested by: Host: www.cities2visit.eu
URL: https://www.cities2visit.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:1500:100::50 , Netherlands, ASN48635 (ASTRALUS, NL),
Reverse DNS
Software: CLB/Cache /
Resource Hash: 4e857e52f3825038a21bb1fd8a89a150038f6d6418f994abb2b315380e0bc36f

Request headers

Referer: https://www.cities2visit.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 19 Apr 2020 00:28:10 GMT
last-modified: Sun, 10 Dec 2017 10:33:24 GMT
server: CLB/Cache
age: 0
etag: "2a4-55ff9f29637d8"
x-cache: yes
content-type: image/png
cache-control: max-age=2700
x-clb-cache: No
accept-ranges: bytes
content-length: 676
x-clb-hits: 0
expires: Sun, 19 Apr 2020 01:13:10 GMT

GET
H/1.1 200
OK Button%20pinterest.png
www.cities2visit.eu/images/ 960 B
1 KB 123ms
98ms Image
image/png 2a05:1500:100::50
ASTRALUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cities2visit.eu/images/Button%20pinterest.png
Requested by: Host: www.cities2visit.eu
URL: https://www.cities2visit.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:1500:100::50 , Netherlands, ASN48635 (ASTRALUS, NL),
Reverse DNS
Software: CLB/Cache /
Resource Hash: a0f0ca2effd9bcf6990c2d541e97b4fe34ff52e380b3d08f343f5720e4b8c5b2

Request headers

Referer: https://www.cities2visit.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 19 Apr 2020 00:28:10 GMT
last-modified: Sun, 10 Dec 2017 10:33:25 GMT
server: CLB/Cache
age: 0
etag: "3c0-55ff9f297ddb8"
x-cache: yes
content-type: image/png
cache-control: max-age=2700
x-clb-cache: No
accept-ranges: bytes
content-length: 960
x-clb-hits: 0
expires: Sun, 19 Apr 2020 01:13:10 GMT

GET
H/1.1 200
OK Buttun%20twitter.png
www.cities2visit.eu/images/ 710 B
1 KB 105ms
80ms Image
image/png 2a05:1500:100::50
ASTRALUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cities2visit.eu/images/Buttun%20twitter.png
Requested by: Host: www.cities2visit.eu
URL: https://www.cities2visit.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:1500:100::50 , Netherlands, ASN48635 (ASTRALUS, NL),
Reverse DNS
Software: CLB/Cache /
Resource Hash: 535d31e27871183b70513eff7e011bce2ff2ce3b30bc589b6ebbd805ea0b3ebb

Request headers

Referer: https://www.cities2visit.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 19 Apr 2020 00:28:10 GMT
last-modified: Sun, 10 Dec 2017 10:33:25 GMT
server: CLB/Cache
age: 0
etag: "2c6-55ff9f297ddb8"
x-cache: yes
content-type: image/png
cache-control: max-age=2700
x-clb-cache: No
accept-ranges: bytes
content-length: 710
x-clb-hits: 0
expires: Sun, 19 Apr 2020 01:13:10 GMT

GET
H/1.1 200
OK facebook%20volg.png
www.cities2visit.eu/images/ 19 KB
20 KB 119ms
94ms Image
image/png 2a05:1500:100::50
ASTRALUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cities2visit.eu/images/facebook%20volg.png
Requested by: Host: www.cities2visit.eu
URL: https://www.cities2visit.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:1500:100::50 , Netherlands, ASN48635 (ASTRALUS, NL),
Reverse DNS
Software: CLB/Cache /
Resource Hash: 1c81396bd33a29ba8180009eb2fd06b5b12f40003d10500588281aed800cffaa

Request headers

Referer: https://www.cities2visit.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 19 Apr 2020 00:28:10 GMT
last-modified: Mon, 08 Jul 2019 17:06:50 GMT
server: CLB/Cache
age: 0
etag: "4d4a-58d2e78549824"
x-cache: yes
content-type: image/png
cache-control: max-age=2700
x-clb-cache: No
accept-ranges: bytes
content-length: 19786
x-clb-hits: 0
expires: Sun, 19 Apr 2020 01:13:10 GMT

GET
H/1.1

200
OK

250
b1.awin1.com/blank/gif/300/
Redirect Chain

https://www.awin1.com/cshow.php?s=2534325&v=8379&q=317282&r=371519
https://b1.awin1.com/blank/gif/300/250

497 B
804 B

104ms
32ms

Image
image/gif

151.101.113.6
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1.awin1.com/blank/gif/300/250
Requested by: Host: www.cities2visit.eu
URL: https://www.cities2visit.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.6 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.3.z-SNAPSHOT) /
Resource Hash: e4af13a26c711d508fd60ea58971fae2cf1b0df6be21fccd3a5f1310ed5488c4

Request headers

Referer: https://www.cities2visit.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 19 Apr 2020 00:28:10 GMT
Via: 1.1 varnish
Server: Jetty(9.3.z-SNAPSHOT)
Age: 307
X-Served-By: cache-hhn4038-HHN
X-Cache: HIT
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Timer: S1587256090.388616,VS0,VE0
Content-Length: 497
X-Cache-Hits: 5

Redirect headers

Date: Sun, 19 Apr 2020 00:28:10 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://b1.awin1.com/blank/gif/300/250
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK Up.gif
www.cities2visit.eu/images/ 1 KB
2 KB 151ms
101ms Image
image/gif 2a05:1500:100::50
ASTRALUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cities2visit.eu/images/Up.gif
Requested by: Host: www.cities2visit.eu
URL: https://www.cities2visit.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:1500:100::50 , Netherlands, ASN48635 (ASTRALUS, NL),
Reverse DNS
Software: CLB/Cache /
Resource Hash: f9752781f9619814ef9a61c678bfb7037043ac82bb623862f27c0ecff5f609be

Request headers

Referer: https://www.cities2visit.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 19 Apr 2020 00:28:10 GMT
last-modified: Sun, 10 Dec 2017 10:33:26 GMT
server: CLB/Cache
age: 0
etag: "515-55ff9f2abbf8f"
x-cache: yes
content-type: image/gif
cache-control: max-age=2700
x-clb-cache: No
accept-ranges: bytes
content-length: 1301
x-clb-hits: 0
expires: Sun, 19 Apr 2020 01:13:10 GMT

GET ba59f36ccb8567a39d7f20723c8bfe75.js
chs03.cookie-script.com/s/ 0
0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
839 B 27ms
14ms Script
application/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cities2visit.eu

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cities2visit.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 19 Apr 2020 00:28:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
839 B 51ms
37ms Script
application/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cities2visit.eu

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cities2visit.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 19 Apr 2020 00:28:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200413/r20190131/ 216 KB
81 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200413/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c87169546ac06464ec623c994f762ed646d22a821568fdd4d6b78da21a72d92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cities2visit.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 19 Apr 2020 00:28:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 83122
x-xss-protection: 0
server: cafe
etag: 9756899714300984333
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Apr 2020 00:28:10 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200413/r20190131/ Frame 8306 0
0 7ms
5ms Document
text/html 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200413/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200413/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cities2visit.eu/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.cities2visit.eu/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Tue, 14 Apr 2020 02:35:42 GMT
expires: Tue, 28 Apr 2020 02:35:42 GMT
content-type: text/html; charset=UTF-8
etag: 1284906565632978074
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4913
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 424348
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 4107 0
0 47ms
47ms Document
text/html 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7934141666771297&output=html&adk=1812271804&adf=3025194257&lmt=1586937157&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.cities2visit.eu%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1587256090199&bpp=11&bdt=56&idt=70&shv=r20200413&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7556191133077&frm=20&pv=2&ga_vid=1702231247.1587256090&ga_sid=1587256090&ga_hid=980845514&ga_fc=0&iag=0&icsg=10920&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44717539&oid=3&pvsid=2060583493402388&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=82

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200413/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7934141666771297&output=html&adk=1812271804&adf=3025194257&lmt=1586937157&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.cities2visit.eu%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1587256090199&bpp=11&bdt=56&idt=70&shv=r20200413&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7556191133077&frm=20&pv=2&ga_vid=1702231247.1587256090&ga_sid=1587256090&ga_hid=980845514&ga_fc=0&iag=0&icsg=10920&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44717539&oid=3&pvsid=2060583493402388&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=82
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cities2visit.eu/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.cities2visit.eu/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 19 Apr 2020 00:28:10 GMT
server: cafe
content-length: 531
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 19-Apr-2020 00:43:10 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires: Sun, 19 Apr 2020 00:28:10 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 17ms
13ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200413/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e422e4d828685e6b1f90a96c4562faf22e7c5c13e2f3e2fe1953a10f69ae32e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cities2visit.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 19 Apr 2020 00:28:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1587123250781365"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28347
x-xss-protection: 0
expires: Sun, 19 Apr 2020 00:28:10 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 22F3 0
0 105ms
104ms Document
text/html 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7934141666771297&output=html&h=600&slotname=8676514954&adk=3004359946&adf=575442966&w=160&lmt=1586937157&psa=0&guci=1.2.0.0.2.2.0.0&format=160x600&url=https%3A%2F%2Fwww.cities2visit.eu%2F&flash=0&wgl=1&adsid=NT&dt=1587256090210&bpp=5&bdt=67&idt=94&shv=r20200413&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7556191133077&frm=20&pv=1&ga_vid=1702231247.1587256090&ga_sid=1587256090&ga_hid=980845514&ga_fc=0&iag=0&icsg=43688&dssz=12&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=18&ady=248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44717539&oid=3&pvsid=2060583493402388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=31&ifi=1&uci=a!1&fsb=1&xpc=d8iaoudALX&p=https%3A//www.cities2visit.eu&dtd=97

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200413/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7934141666771297&output=html&h=600&slotname=8676514954&adk=3004359946&adf=575442966&w=160&lmt=1586937157&psa=0&guci=1.2.0.0.2.2.0.0&format=160x600&url=https%3A%2F%2Fwww.cities2visit.eu%2F&flash=0&wgl=1&adsid=NT&dt=1587256090210&bpp=5&bdt=67&idt=94&shv=r20200413&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7556191133077&frm=20&pv=1&ga_vid=1702231247.1587256090&ga_sid=1587256090&ga_hid=980845514&ga_fc=0&iag=0&icsg=43688&dssz=12&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=18&ady=248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44717539&oid=3&pvsid=2060583493402388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=31&ifi=1&uci=a!1&fsb=1&xpc=d8iaoudALX&p=https%3A//www.cities2visit.eu&dtd=97
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cities2visit.eu/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.cities2visit.eu/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 19 Apr 2020 00:28:10 GMT
server: cafe
content-length: 201
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 19-Apr-2020 00:43:10 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires: Sun, 19 Apr 2020 00:28:10 GMT
cache-control: private

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 94FC 0
0 82ms
82ms Document
text/html 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7934141666771297&output=html&h=250&slotname=6569226369&adk=1816768801&adf=2242673846&w=300&lmt=1586937157&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fwww.cities2visit.eu%2F&flash=0&wgl=1&adsid=NT&dt=1587256090215&bpp=2&bdt=73&idt=97&shv=r20200413&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=7556191133077&frm=20&pv=1&ga_vid=1702231247.1587256090&ga_sid=1587256090&ga_hid=980845514&ga_fc=0&iag=0&icsg=43688&dssz=12&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1200&ady=367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44717539&oid=3&pvsid=2060583493402388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0zg7jZ7r2E&p=https%3A//www.cities2visit.eu&dtd=99

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200413/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7934141666771297&output=html&h=250&slotname=6569226369&adk=1816768801&adf=2242673846&w=300&lmt=1586937157&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fwww.cities2visit.eu%2F&flash=0&wgl=1&adsid=NT&dt=1587256090215&bpp=2&bdt=73&idt=97&shv=r20200413&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=7556191133077&frm=20&pv=1&ga_vid=1702231247.1587256090&ga_sid=1587256090&ga_hid=980845514&ga_fc=0&iag=0&icsg=43688&dssz=12&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1200&ady=367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44717539&oid=3&pvsid=2060583493402388&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0zg7jZ7r2E&p=https%3A//www.cities2visit.eu&dtd=99
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cities2visit.eu/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.cities2visit.eu/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 19 Apr 2020 00:28:10 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 19-Apr-2020 00:43:10 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires: Sun, 19 Apr 2020 00:28:10 GMT
cache-control: private

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 6 KB
6 KB 28ms
17ms XHR
application/json 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200413&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200413/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

955f244085655f2d670a0254da37a18f92413406c033dc4b70da3e991618e96c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cities2visit.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 19 Apr 2020 00:28:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5042
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 26ms
13ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200413/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cities2visit.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 19 Apr 2020 00:28:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Sun, 19 Apr 2020 00:28:10 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 71F1 0
0 6ms
5ms Document
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cities2visit.eu/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.cities2visit.eu/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Sat, 18 Apr 2020 22:28:38 GMT
expires: Sun, 18 Apr 2021 22:28:38 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 7172
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
123 B 14ms
13ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200413&jk=2060583493402388&bg=!goGlgZlYEma2lpvvdq0CAAAAQVIAAAAJmQFfn7LRUWTqPN2y7PSEj51t4_QVAapt8jqIvqI6_m71Nzh1oreysQ7fKAZZfasV-n35d7PWR4xxflrqi-4H9NAlnBIexoYdPIsDofPCrMVa-XSQRyB8mQe7ttb8jdcmlcyPRZ56WU3X4yWu0I6YTxHPcD1b4na4zVTuyfG1p96HtqN6rVxG0LAckI2371vgC2OHdHCqwoB55arVSziQ1_1HsWO2pdyIfLqyX2XlAobHGTpEUG-BMEV0IcQe8iNQ7aGb50mAag8h-9PmAlj-htGEpdKNeSRDdyNtlwzSErab8c4liJDLeR3jKCL0EB_4Bi-XsDRgg34CponZ4Xh24gUqMY4F0eQrCacrP_Ct_yBHuK6cGkIvG34s2cVYtwQumbfBRmnHTmOCVn-KzNnZwGN7S261hiXGWat7zeNWu11CeFXPgat20YSYHsbcnCTBP9eX--Koka4cs0bx41N1l_Fz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cities2visit.eu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Apr 2020 00:28:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: chs03.cookie-script.com
URL: https://chs03.cookie-script.com/s/ba59f36ccb8567a39d7f20723c8bfe75.js

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 08:54:16	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a1.awin1.com
adservice.google.com
adservice.google.de
b1.awin1.com
chs03.cookie-script.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
ui2.awin.com
www.awin1.com
www.cities2visit.eu
www.googletagservices.com
chs03.cookie-script.com
104.92.100.37
151.101.113.6
151.101.114.110
23.53.43.74
2a00:1450:4001:818::2002
2a00:1450:4001:81b::2002
2a00:1450:4001:821::2001
2a05:1500:100::50
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
13aa6363edf0d9dcb32899a36525bf360642341f96693e5f62e90ea868888ebd
1c81396bd33a29ba8180009eb2fd06b5b12f40003d10500588281aed800cffaa
4e857e52f3825038a21bb1fd8a89a150038f6d6418f994abb2b315380e0bc36f
535d31e27871183b70513eff7e011bce2ff2ce3b30bc589b6ebbd805ea0b3ebb
682b15e5da7f6aa6083b15b3ea9538f2c859ec5ae0fcc6d62ef2cea248978828
7c87169546ac06464ec623c994f762ed646d22a821568fdd4d6b78da21a72d92
955f244085655f2d670a0254da37a18f92413406c033dc4b70da3e991618e96c
a0f0ca2effd9bcf6990c2d541e97b4fe34ff52e380b3d08f343f5720e4b8c5b2
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
ce51a8242cd7db442e699ae88aed60a8411c521792e72bc744725596b2593d45
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e422e4d828685e6b1f90a96c4562faf22e7c5c13e2f3e2fe1953a10f69ae32e5
e4af13a26c711d508fd60ea58971fae2cf1b0df6be21fccd3a5f1310ed5488c4
f235bd534f1c0f25bfa6c5b34311cfa701c4a3fc3c5381620c886509eacf793f
f9752781f9619814ef9a61c678bfb7037043ac82bb623862f27c0ecff5f609be

www.cities2visit.eu Open in urlscan Pro 2a05:1500:100::50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

23 Requests

96 %HTTPS

50 %IPv6

9 Domains

12 Subdomains

7 IPs

3 Countries

209 kBTransfer

470 kBSize

1 Cookies

6 Outgoing links

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

1 Cookies

Indicators

www.cities2visit.eu Open in urlscan Pro
2a05:1500:100::50 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

96 %
HTTPS

50 %
IPv6

9
Domains

12
Subdomains

7
IPs

3
Countries

209 kB
Transfer

470 kB
Size

1
Cookies

23 HTTP transactions
0 data transactions