rf-town.ru Open in urlscan Pro
94.198.242.161 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://rf-town.ru/
Submission Tags: ru l4ing www h8 misc Search All
Submission: On January 04 via manual (January 4th 2023, 12:28:37 am UTC) from UA — Scanned from DE

Summary HTTP 52 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 19 IPs in 6 countries across 16 domains to perform 52 HTTP transactions. The main IP is 94.198.242.161, located in Prague, Czech Republic and belongs to GM-AS, SC. The main domain is rf-town.ru.

This is the only time rf-town.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	94.198.242.161 94.198.242.161	62160 (GM-AS) (GM-AS)
5 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
4 7	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
4 6	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
1	2606:4700:303... 2606:4700:3033::6815:2bc9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	94.75.234.115 94.75.234.115	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 6	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
3	85.192.12.169 85.192.12.169	12695 (DINET-AS) (DINET-AS)
1 2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	89.22.236.113 89.22.236.113	207651 (VDSINA-NL) (VDSINA-NL)
1	95.168.170.7 95.168.170.7	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
6	85.192.12.174 85.192.12.174	12695 (DINET-AS) (DINET-AS)
3	193.106.93.124 193.106.93.124	48614 (ITSOFT-AS) (ITSOFT-AS)
1	185.15.175.132 185.15.175.132	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1 2	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
2 2	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
3	95.163.155.37 95.163.155.37	12695 (DINET-AS) (DINET-AS)
52	19

11 94.198.242.161 (Prague, Czech Republic)

ASN62160 (GM-AS, SC)

rf-town.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 88.212.202.52 (Russian Federation) 4 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 95.163.52.67 (Russian Federation) 4 redirects

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

da.c7.be.a1.top.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:2bc9 (United States)

ASN13335 (CLOUDFLARENET, US)

tnb.rf-town.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.75.234.115 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

dab.rf-town.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 85.192.12.169 (Russian Federation)

ASN12695 (DINET-AS, RU)

oba.rf-town.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

developers.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.22.236.113 (Meppel, Netherlands)

ASN207651 (VDSINA-NL, RU)
PTR: host-89-22-236-113.hosted-by-vdsina.ru

pit.barbos.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.168.170.7 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

st.directadvert.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 85.192.12.174 (Russian Federation)

ASN12695 (DINET-AS, RU)

tat3ayogh6.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmpprof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dprof.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.106.93.124 (Russian Federation)

ASN48614 (ITSOFT-AS, RU)

prodmp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.15.175.132 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.196.115 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.163.155.37 (Russian Federation)

ASN12695 (DINET-AS, RU)

cau1aighae.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	rf-town.ru rf-town.ru tnb.rf-town.ru dab.rf-town.ru oba.rf-town.ru	778 KB
10	google.com 2 redirects apis.google.com — Cisco Umbrella Rank: 163 developers.google.com — Cisco Umbrella Rank: 11382 accounts.google.com — Cisco Umbrella Rank: 113	133 KB
7	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 7498	3 KB
7	yadro.ru 4 redirects counter.yadro.ru — Cisco Umbrella Rank: 5399	3 KB
6	mail.ru 4 redirects da.c7.be.a1.top.mail.ru top-fwz1.mail.ru — Cisco Umbrella Rank: 5047	6 KB
5	yandex.ru 3 redirects mc.yandex.ru — Cisco Umbrella Rank: 1851 an.yandex.ru — Cisco Umbrella Rank: 3245	58 KB
4	dmpprof.com dmpprof.com — Cisco Umbrella Rank: 8995	1 KB
3	cau1aighae.com cau1aighae.com — Cisco Umbrella Rank: 85819	75 KB
3	prodmp.ru prodmp.ru — Cisco Umbrella Rank: 36726	445 B
2	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 2157	1 KB
2	barbos.ru pit.barbos.ru — Cisco Umbrella Rank: 270471	7 KB
1	dprof.site dprof.site — Cisco Umbrella Rank: 170242	537 B
1	digitaltarget.ru dmg.digitaltarget.ru — Cisco Umbrella Rank: 13473	341 B
1	tat3ayogh6.com tat3ayogh6.com — Cisco Umbrella Rank: 96576	49 KB
1	directadvert.ru st.directadvert.ru — Cisco Umbrella Rank: 510084	5 KB
1	gstatic.com ssl.gstatic.com	5 KB
52	16

	Domain	Requested by
11	rf-town.ru	rf-town.ru
7	mc.yandex.com	3 redirects rf-town.ru
7	counter.yadro.ru	4 redirects rf-town.ru
6	apis.google.com	1 redirects rf-town.ru apis.google.com accounts.google.com
4	dmpprof.com	oba.rf-town.ru rf-town.ru
4	top-fwz1.mail.ru	2 redirects rf-town.ru
3	cau1aighae.com	rf-town.ru
3	prodmp.ru	tat3ayogh6.com oba.rf-town.ru rf-town.ru
3	oba.rf-town.ru	rf-town.ru oba.rf-town.ru
3	mc.yandex.ru	2 redirects rf-town.ru
2	ads.betweendigital.com	2 redirects
2	an.yandex.ru	1 redirects rf-town.ru
2	pit.barbos.ru	rf-town.ru
2	accounts.google.com	apis.google.com rf-town.ru
2	developers.google.com	1 redirects apis.google.com
2	da.c7.be.a1.top.mail.ru	2 redirects
1	dprof.site	oba.rf-town.ru
1	dmg.digitaltarget.ru	oba.rf-town.ru
1	tat3ayogh6.com	oba.rf-town.ru
1	st.directadvert.ru	rf-town.ru
1	ssl.gstatic.com	accounts.google.com
1	dab.rf-town.ru	rf-town.ru
1	tnb.rf-town.ru	rf-town.ru
52	23

This site contains links to these domains. Also see Links.

Domain
code.directadvert.ru
www.directadvert.ru
ac-dir-co.cau1aighae.com
top.mail.ru
www.liveinternet.ru

Subject Issuer	Validity	Valid
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
pit.barbos.ru R3	`2022-11-30` - `2023-02-28`	3 months	crt.sh
pwrlkyotm.com R3	`2022-11-20` - `2023-02-18`	3 months	crt.sh
prodmp.ru R3	`2022-12-27` - `2023-03-27`	3 months	crt.sh
dmpprof.com R3	`2022-11-19` - `2023-02-17`	3 months	crt.sh
dmg.digitaltarget.ru R3	`2022-11-07` - `2023-02-05`	3 months	crt.sh
fnhffxhnqd.com R3	`2022-12-05` - `2023-03-05`	3 months	crt.sh

This page contains 3 frames:

Primary Page: http://rf-town.ru/
Frame ID: 85993BC5BF761F92EB7846302BC6CD75
Requests: 46 HTTP requests in this frame

Frame: https://developers.google.com/
Frame ID: 2055AF87FEEE6707C74C64B78543F7A5
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Frf-town.ru&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
Frame ID: 3CC405D2131938BE53F99BF54E210C85
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Карта России с городами. Карта России по областям. Карты России с городами и областями

Detected technologies

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Liveinternet (Analytics) Expand

Overall confidence: 100%
Detected patterns

<script[^<>]*>[^]{0,128}?src\s*=\s*['"]//counter\.yadro\.ru/hit(?:;\S+)?\?(?:t\d+\.\d+;)?r

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

52
Requests

48 %
HTTPS

37 %
IPv6

16
Domains

23
Subdomains

19
IPs

6
Countries

1115 kB
Transfer

1638 kB
Size

27
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://code.directadvert.ru/click/?y=1&x=C3nIPzPoFUSA4K9qufDzAMW2czhY37QvsFMMuWBhP0V81zRhUZKVTs7hPe/IkbO15s8JFtbVyeuMr6Mup6bJ1MSY2R758iEijnMNsF+ErDOQbpWGowkfgcnQecPUlUszdRcKKqvtmTGh2jkkteb/l/c9POdlsZ1a1Hgty8i5fu5tk4Gb+vJDUnaDJSTTidKLww+ITGWauSLNcC0afVAo4RoqqzEKrcusf1EWgPNzXEUp8ftSYoT0QmCmYSggyxkzbjlNo+NNvFOLVToYW0Qlq4Pkjwcgc+Z5CxCj9POwVQ/intUm7C0q1MDf2mpGsUe1K8djW12wy6069I6DMTeFGhc9mAhAgEfCNGOmgmIvnA8Vz2nMDC4GpAvE2H0/m+1yPJrkqlaUvz3+irHQ/0aCJM71/Tj6NCAo+njp0wMMWcPgvhOX4fB2Xhkfvzd91KYiKqNDYv2EZXMBmLMZz3Dc5FMcgVOpr5szMlOP6B9Fa4hfVFt0r2pBjgv7o0/xIPynTC23bpR1pdpT23UrizRS6FA35VVGb/n2AIfBNJsyHexr+iFGZGiUXwtzEVjOUuxbX2RA9EWQZRfTNBstxUdd41Y7dU35+eFW02SisQEY2iBpxLX9JfSSq9S++EG1e52pFKnqwP64JV4FVEXIkc7/ee0wuhBevRZ0Bx0Z/9vbUaDHs/rvlcRWOG577XASmaDJXIPI74RdzZLwpwpN7ZaJw95b/25bfjVHRuIT8/8up/5UaerufRw373wOEVYrlktNpdkDWKLkIwXEQBk0B8dY8ggDM1mzW9XmPKCCrgC0c/LBSmwNjjueKF84TymLT0ib4KTa50zuHlYBvHcz7Ejh067hdKrAmnBK2d5YQ/3qi/lL9PY1uSBPJh4gdxsgL1/1jcBGR0c7Ik1hrAg5C2TT03ZyIcORdqvZ3ao8nPD2x4HX+S8V4UDF1wRNHYov9JG4No/DhxVFkd+M+KFAB54tDtDBitc5OsSeOHCz3zNDX+xf57CO9+wDR5uBGKNMjOEBJLeCcQx9ucnKSML3BMc5LkYvv+2WAYQcFXH/pR7nwA8N5A4aQG1LahkrqH0sPoofcg5Bh3LPaFxuH4pXOPg5vNPwKZCut/WQjgH1bUUDxyXtmxymJw7ofQ7cuAOYLC7Tcp2Ga0O7mo2BnPJIhTZMpAbvpu5C0j28F2eOiGT1DOK1KlYbMALZ/rvD7B9uQe8cLIskBNUrUcSiuGBt4Ex7Fcbrs0YiyzLDinn3rc2Py1GJJ8WXaye3/j1TI8mtzv+2s6tj8Zu1065YFVNzAYGaG9XfRHJNk1Pa8hQIOzUzjADaN29GSnbHrhZLx7X32dNm3s69JsGTvpnZncj5CRGn1Soy9MrIGeM+rrQlPUCW7HtlXcX7GpI6eQzagweJnlycWlEVOLfURtMr8tKPZqvt3tSwe5t2AtbmHtIdXq+jiuJTPR2Lh6ab12wVZ8SbnISDne03WU9NtTWuPBugKQy9JA==
Title: Звезда "Оптимистической трагедии": почему ее личная жизнь не сложилась

Search URL Search Domain Scan URL

URL: https://code.directadvert.ru/click/?y=1&x=USxzs6u9ZjqZdUtuHRPFvbI/apuCkqM2nrVkt3ggoK876g348wr0xOAcSjY37NubqfDl10SjDgJRMjFVLe4D+PQ2QbX9Q2f+UEzKQi8LrvnjNV1pHlUAK9ABfZVL+X13irwZzmqJaRbXWZo1Wr5jLXrsL6tQOVYf5HDy+kHWEFSnu9nrBqc5GHpbAPDsdnyFV9TmssGfErBRilibs87dPICmOJl/Xofi/TD/rff3duzfenm9vrfej6RX3oVL9Z3nT3DXOzKS28wG2wZb41/i2dypbAy1Ccjp7zJXdO689GSjNQB398FcgM9j5DPnlGD5FvmTWH7Or8UkrESrwtw5G6Dj7g+mfNxd53W6njV7ztdPGj0EH8yZz8L7V5D4MfB4AN/jyql75BkTEb9oGVmuxtJYfWXERFC2eV5bkqlyMRWMVQY+xhBfQDv7CV0xFHvIMkEqfZErm+GtkElq/fisOS0XOvytANj6/o2OASFxRFC1ErAG26vNDSIlzV+HjbjueX9jiDyhzFeaW8f1rYm7IRKpihoyz7Hl1MNxdreOOQr8sBG0Ruu/MaXWPq4js0jn88oTjWhiGC82zSEsNwZ9nnN8mOW0fWl7oeh7rb0byazKjPDpTGw4z3EJtfIu7GatSISGbGgBQDDfPq2UtS5S03T9wXZkwpAmjfbXf1TW1hltWmtJIem8Vxic1VhoCsNEdzDNTGoCgS4sFU9SeRrnlkC3wTTt9nbziChsCZ6xhDaxpb+Rn7/zZIzmysZnkG1EHADJ6m1He+jsvNkEwFdzLu602wD4z4fdw6Ot9uSc/hiUq6AIgRn+WMNrKbJiEUXdHOOLrIgVcdbmvy4JEGYfi2WNwqIkb/sewHPtP4GIl4DOumPT44y/TvmUxPFJftPJYL2jlX9JhnfW3vb/gVdDY+vc0aVbKJD6aAsaTw4IX4LJCX1JQtWkv7u279s203EjjhepXRHJo5F2yEIVEGV2Q7QbKJ3FKxtH75wT2yKKqQ/D7WvoZoEgDw40DRDogDGEb02o3vVw352OBDx/5eohp/QCo7ZTmobgHGGqu4Il9UaB7qnkJ8hYj6aslEBK+Ly9zpXt3BJNqJrpyeD8997MFWhIFBesWtCZ5qijjWKuasWSwJ6CM8If8y4Ec2UN2oZc4fVfKuf/EI013poViYT2VBwZnsUH/tQ2L290Vo552w6kMDQZOZLBpl5F1rsnsMWeM/4JCANu2EumJUe2ZRLb09UNb+9H5Tc2FW6wWHL7irF0ER8KvmUSiJgaxgLOGDq/WSoLxcDDfmLbLNCogjyOvh7ahiu8Wm/XCaKBcGogg6Xoc4myv5lj9NKGd42cQea0KCs9ZC9r97C7agYPPEx5ip3kjhe6DbCIBNH8P9R06MK6UTfGHPCwoogM2LjmGBo9BnjidP+FKuifGnuqgGm7NaOcqMB2Ey43vmw4B4tcU4cfE6+qDPGXv3nRS+EtcAdCPuGBDGznAAmkGzDEJT1mNw==
Title: Как погибла Клара Лучко, звезда "Кубанских казаков"

Search URL Search Domain Scan URL

URL: https://code.directadvert.ru/click/?y=1&x=8A10UmHQY6FzHRUqaZDvu1ULau4U4J+0aBiIFtVolevjnqrDPnMJ4XHhC3bj7vZKLHklqEUUfuJN25rufsMeq+i31+aBvfyA7sbt64FUGejFAzlJAu3LVT7og+1YyOcgJ86R9sk/265V11WAYNYN8R+xOGAFAsvD0kWq8EHfx0e6/tyVMny5bXJ0/Ah9czESwYkw/+GZIqUyKKl76cNSywWuT8wSNuOYVETCUO6iwNVSdj7gl6aPn6EhW8qbNQdEr11WwcmvagY7FbxtFZkQxOcuH7C4/RJ669o+t7NF486FD6zbJTMxBLp7Kdbc7cyCaIURdvV7sSB6pLWheFQMfL1j8NKHtZXsvk0iSnDyepq/nA/6FzbqT+nlIvpmsNn8KRveJTVfRNfr5YLPF3xV4NOp4wCGPNHTLz6kChvnRNW9Q4CwHQxlLSXviRpqZSOMWJnXd/osjxLpJNYsxb1++kFS1iTQ+0oM2RNeCM6ysy0HdqQ5JHNWtgqc+XObt/iaUMLWZrTuSm9CKgIEZHkLwgZfvWlQX18CIHZoQJtLr7692Nfs7ThyCINxSFZ9qwqy9ixgZtE6MCP9/YB//8Dipep5Px3rB1vlgGiy6/hjFH5lXu2M7keTwknKTkgvfeppQaXTDz7fIVbWbhbfROgNeP1z0Sz93xZYkgzlhNl6bOzT/uGb6Opa5EHui3ODma+07CyTORdTetIf5tl5ooxX5G1yu6VQZnK9mPeZw64y/rwNwM0yNz9j29wZcIPOzvi4UZnl9C6ZwYaby4SkCjthXEOsvbpNP8VYwoOtJigW/YaHf0a7CiQN6fCuRZCEzidxemfCeMJy4iXvtmHQT21XnBnJO7YeaKPE0CIkvbp31/66Xy1pgu7eKucWeXFZ4N7NDfPwm77Sxw9hKPtLlJtAK7HR0IC6CF5H16hTlyzzocvk3uJGhKJCcnl++f9tD9+++J+adBVQSfiU8Wj129dMC/FfZJn0tVzVen1Ue0iM6zygBkIlaNeoxJT0neDYfyiumF84qbgTaXuOUWnl1LrPCqtva+k4QEGjdzkf+44ifWHDUFwyJuL/WLE6RO9S+bhpqNSiNXg6TiIlSg5m3itoC28bvcCYtMVU55AUHYVOwpYMqgYo5RckrNefHuDAHC4bXbKap+FbRD+QRsE7qpdnxB1NKSfphmAHbYfSxKWwVVxoLjvCshpFUqzRxyU/RhqT4kQzRezP4ySvGfTuT7GWlsNdYQLYLK4jVCxq4fG2u1O2xO7RdJmRrSrI9+XR4PGIvGTksNNORkdmnUondauhhoN1XmSPU5yldGtpG/RpZMC9xyGdo/ffW8mGPbVynfRl1GVQ0RglpunGAPhnaE36Ul/Pi7pBWifIqoXH/hylRb8ugirOelggDrNabnZTmBEaCX5OACdSAlSmYdWRCQWQZKj89paQRdOnO5kqunwnkd0OpCZ3US44LbrELLC2CEu771UeJgsuqexetdNodHm+Qg==
Title: Как погибла Клара Лучко, звезда "Кубанских казаков"

Search URL Search Domain Scan URL

URL: http://www.directadvert.ru/text/landingpartners?ref=34751&source=directadvert.ru&medium=adp&campaign=adp_user_ref&ad=adp_204727

Search URL Search Domain Scan URL

URL: http://ac-dir-co.cau1aighae.com/?imp_id=78901aed-839b-404a-abdf-6fa9a7363fab&ad_url=NB2HI4B2F4XXE5LTNVQWS3RONFXGM3ZPONUG653CNF5C64TPPJQS243ZMFRGS5DPOZQS24TBONZWWYL2MFWGCLLQOJQXMZDVFVXS2Z3VPJSWK5TPPEXT65LUNVPXG33VOJRWKPLBMRZWE2LEONUXIZLTEZ2XI3K7MNXW45DFNZ2D2MJWGI2TQNZGOV2G2X3UMVZG2PJRGAWTEMZWGQ4Q====&bid_req_id=f94940f2-1263-442c-9046-f991812c4fea&bid_id=b0001f4c-7de3-4cff-b351-27eedf21b770&s=DJTU4GNVFCUSO6BQAMBOGLJL2SNBOOIKV7THVBMCGSW2ZDRAANK7L7NDLSZ3ATAFKI46SAVLJ7QAC72QIGVZ5ZFGWDKWAUT4ZHPWW3VU2CQ6XUZGOLL2LQHSENXZCFORYJNA7PYEUJMNX3BQMDLUC4QOTFYNHLFYIG6VZ6WBUXHX2ENTG7G2GSFSDSJ7ESA4SPYXVEVHNDGVOEPF2HEOEUSDIJLUOCMHWHLDY2OTNEC4E5A5XZY56ZHJEEYK5RX2&n_url=http%3A%2F%2Foba.rf-town.ru%2Fclick%2Fv2%2Frtb%2F%3Fdata%3DkpZB2OyM0ESW%252Ft6LX7p0fuJGGoGQaSg6UUBOgbu728f3bBY3h%252Bk95hvk4B4n07aV%252BWmNQVoqhPRv6HNm1one8j37JOf%252FfuXyR1BJdEKVLa7Q0JTh6kqiccUiU%252BjD0gE0ZH9SyuRrnfYj9F1fz7xUKtw5wWyhxCdoruelIP6T3HhnQl%252BPj9r4Ccru9K%252FiOxMpDVbe1KJ95vjm4N2%252FBvvWV0Alh3EukfB7roQHpEeHh1kwHUebPoeW6idhNHXls%252F2MEln2q0h0aYHK9dchW4MO3o5qnmuiA2y0PXOJ93MfeC%252Fa3ZZzEsyrUoyGI%252FhR6JVxIHoDVdN%252BQgXuGLhP9%252BoqjNgSdp01dbEEQDKXw9LoFwirl03WEZE7y4M4AtK8d0X9cbnpsGn5XN%252B%252Fx%252FytWYByK%252BzmGC6aTiUTlpEN0gcDhL3Mf1FJCD7yzI%252FvdcWmggL7ouC39YwyT0Sm%252FuB9nuLmhIzWnd5mtg3o18AlGi67YjQZNuSeFUKXNMyHMbsQAZmh0j3oo03mSdyhDYACPzV8Fgx5rKWXBR8wSq1EZkNCvwJhwq44Zxja8x3NRwBHTxiw%26price%3D%24%7BPRICE%7D
Title: Вся Россия стихла, узнав, кто такая Лариса Гузеева на самом деле 14 ч. назад

Search URL Search Domain Scan URL

URL: http://ac-dir-co.cau1aighae.com/?imp_id=b6003ac4-0155-433a-ae3e-86e76fecce93&ad_url=NB2HI4B2F4XWOZLUFVXGK53TFZUW4L3TNBXXOYTJPIXW63TBFVXGKLLQOJXXG5DJNRQS23LFNZ4WCLLBNRSWW43FPEWWW4TBOZRWQZLONNXS25TTOBXW23TJNQWWWYLLFVRHE33TNFWC2YTFOJSW2ZLONZ2XS5JNPJUGK3TVF47XK5DNL5ZW65LSMNST2YLEONRGSZDTNF2GK4ZGOV2G2X3DN5XHIZLOOQ6TCNRVG4ZTIJTVORWV65DFOJWT2MJQFUZDGNRUHE======&bid_req_id=f94940f2-1263-442c-9046-f991812c4fea&bid_id=af17f2ac-027c-44b4-8915-5a1633a68076&s=S37Q6MMVTLBURNSFEDO6LBGSEOLTW2UFFMOKR4JKFRZII53OGOYHENSLMUNPZTCBSRMHCSTYWG5A2VRRC5YP7CFXSGMNKVUD3M7Y2AVU2CQ6XUZGOLL2LQHSENXZCFORYJNA7PYEUJMNX3BQMDLUC4QOTFYNHLFYIG6VZ6WBUXHX2ENTG7G2GSFSDSJ7ESA4SPYXVEVHNDGVPA4GGEW7LDVEQE3GDVP56ZMDGBM4HLYHLVR4YOXLA5CDIYRNJMVA&n_url=http%3A%2F%2Foba.rf-town.ru%2Fclick%2Fv2%2Frtb%2F%3Fdata%3DczpWGsohQW4fFWZJDnt1qqKRe6jrfGp2gZWFD5ngP1xAkS7ZUAsdbO30ROTzR26xu%252BmuK6oAM4k62RbREfd36grUb7E5mAgKqLztp95GDsoaxyNPxwSbW4cR5kk1bWub7sPAFYsLsI58b4zLEjlfzWzUCR2Wm%252FVXqqDqLKbTcLqL2kBaSVFb8RNM%252BUuXsed29IGFxi24u3TDqlRx320OaV%252BOWqdWvu8IlkubATIRIVAJZ2u5Co5lskiQ7ggugKOBNxj0o4yTZKoh3lF3IRz0pSV66o%252FkIPRIarwdSDmYCffP8yvBhKvON%252Bvjs4%252FPpcWZBHMVKYqd%252Bz2DyuaaclAz%252B4rnr7hV7vpIb7PIAm4Npzccv43ZrVTx2qx7b57lkmg9dnOYL6eKOvTqLHUwiJtz1pgFP9jFdDuRUfTsoU3Q%252BS%252FuO07wVRw%252FiykpFGuk1Vq2FNu%252Bor25uGfjXtevPrzp%252BoFSZcL1snxKB3PFq0lJFmMNOk%252B5yYxMB0Do1pHKCCX44A0iC3KkeU0TcVRe4KtWIlBPp1Z4NrrAh1A%252FD49qb4WcsEKlJv5X3BV4heWchPga%26price%3D%24%7BPRICE%7D
Title: Красавчик правда? А теперь смотрите, с кем он живет (фото жены) 12 ч. назад

Search URL Search Domain Scan URL

URL: http://ac-dir-co.cau1aighae.com/?imp_id=92f724ca-090c-4a69-aeea-a68cb11d26a4&ad_url=NB2HI4B2F4XWOZLUFVXGK53TFZUW4L3TNBXXOYTJPIXXA5LUMFSXILLEMF2HSLLJFVXGC6TWMFXGS6LBFVUXU3LVMNUGK3TOPF4S2Z3BNRVWS3RNNNZHK4DON4WW64DPPJXXE2LMON4WCLZ7OV2G2X3TN52XEY3FHVQWI43CNFSHG2LUMVZSM5LUNVPWG33OORSW45B5GE3DENJYGUTHK5DNL52GK4TNHUYTALJSGM3DIOI=&bid_req_id=f94940f2-1263-442c-9046-f991812c4fea&bid_id=cb855508-152e-4838-bb72-66ea5e25b83f&s=7BU3EQWVKKD4XLF35ZGD27UZ7NE57KFTEP72KFFSSGPVGCDHAHMA2BOSKTT2ET272NARCPFQXI7AIMFSHEAMA6VUM3ODENOZVWRFCHCZWMAQN5T3KHBBJ4R4RR2T5UNOJKEK3XAJ2OCTN5QSD2RQZHHKR4QBUXUQGG6JQFINC3YDHHBJL2X2ZW2ZPFL4V3KTJLPLLJ25IDHD4TXJ7IM6U7RA77KCHB2N23ZMR5WFHDUBF75YLT4VSJKGJAFSMAD3&n_url=http%3A%2F%2Foba.rf-town.ru%2Fclick%2Fv2%2Frtb%2F%3Fdata%3DY3xCR%252FQ59rrcbrfFOIh4afCoGghqweTC%252Fv0pt%252BhuvYXM1n3k6NTDeE97%252FZYfAb6XLJZfhwZWHopgprP14q6Jsupzl8YOT4Gc3i0NN4gqSeIs%252FJOtpignvf0HAPVimp6QLPGX5WciMck6SWOyW%252B9c%252FYYizMsRiCYtvzDwLMfTtGzK%252FuALND7%252BDwcvBelMd7XFgjGemx9RyBnQHc6GSL7RPIqAHwJUuQMMv3kNkXbWqPLO1ZY2opLGvK%252F7%252FWGp1dMvIW6KQaR7zDencV1LFato4tISCWSYj1rURB91P8ehFqckAV46Y1rWGPBNsw8FLNSq5%252FolA208S5oPICx77IQO9Wq0YZ%252FAOrmS%252BdZ27viFDnMbDROkoG3cH47pfDwlBx1BNFOuVrfi%252BGorN%252Bt2F4Z8cZLF%252B9T84XuvRrNPFRdqx6DEaPclcZACoKnikQ%252F41Lk9qolwUftZgkiLOqhoja%252FMMUkz6ranK5s3uqhBVju3BYEFkH7X5kr18v0R0SQaODBbT%252FDCwBAZ9AGGTNAH35hNyTrSf8wCF%252Bl4wwyRFVr6JZPe4b2JoQ0d8TUKWihuFTHF%26price%3D%24%7BPRICE%7D
Title: Страшное разоблачение: Галкин опозорен до конца жизни 14 ч. назад

Search URL Search Domain Scan URL

URL: http://top.mail.ru/jump?from=1997431

Search URL Search Domain Scan URL

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//rf-town.ru/;0.1298720201129575 HTTP 302
https://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//rf-town.ru/;0.1298720201129575 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//rf-town.ru/;0.1298720201129575

Request Chain 2

http://da.c7.be.a1.top.mail.ru/counter?id=1997431;js=13;r=;j=false;s=1600*1200;d=24;rand=0.40443034685239976 HTTP 302
https://top-fwz1.mail.ru/counter?id=1997431;js=13;r=;j=false;s=1600*1200;d=24;rand=0.40443034685239976 HTTP 302
https://top-fwz1.mail.ru/counter2?id=1997431;js=13;r=;j=false;s=1600*1200;d=24;rand=0.40443034685239976

Request Chain 17

http://da.c7.be.a1.top.mail.ru/counter?id=1997431;t=216;l=1 HTTP 302
https://top-fwz1.mail.ru/counter?id=1997431;t=216;l=1 HTTP 302
https://top-fwz1.mail.ru/counter2?id=1997431;t=216;l=1

Request Chain 21

https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&annotation=inline&width=250&hl=ru&origin=http%3A%2F%2Frf-town.ru&url=http%3A%2F%2Frf-town.ru%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__ HTTP 301
http://developers.google.com/ HTTP 301
https://developers.google.com/

Request Chain 27

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9872.j44t9CIwJSVoTR8JnuVxz0F9t1BHmhnkFwQs1La9xc_Oz_Bb52UsQllMC9Nc0Wnr.zmQnMHHXrVRHEVNIpdnECYS4CnA%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9872.ammmxIXeylvOAMDuPdXdgaA4zWvvWxDHF3d6hXnZ-_JixAsgCz_4iuTFiMbKlwptospPJ-Fe2VMXulOcR12T8jkOLFdohuvGgfvmE8UbIIw%2C.56jT83YP5EqTRdqVrP5m3pEsEFY%2C

Request Chain 30

http://counter.yadro.ru/hit;All_da_nnn_dn_realty?r;s1600*1200*24;uhttp%3A//rf-town.ru/;0.04893921776108989 HTTP 302
https://counter.yadro.ru/hit;All_da_nnn_dn_realty?r;s1600*1200*24;uhttp%3A//rf-town.ru/;0.04893921776108989 HTTP 302
https://counter.yadro.ru/hit;All_da_nnn_dn_realty?q;r;s1600*1200*24;uhttp%3A//rf-town.ru/;0.04893921776108989

Request Chain 34

https://mc.yandex.com/watch/7430869?wmode=7&page-url=http%3A%2F%2Frf-town.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A776n41m7q3df66onruy8z%3Afp%3A106%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A330299960449%3Ahid%3A131271520%3Az%3A0%3Ai%3A20230104002824%3Aet%3A1672792105%3Ac%3A1%3Arn%3A975638498%3Arqn%3A1%3Au%3A1672792105295953753%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A36%2C14%2C14%2C8%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1672792104319%3Arqnl%3A1%3Ast%3A1672792105%3At%3A%D0%9A%D0%B0%D1%80%D1%82%D0%B0%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D1%81%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%D0%B0%D0%BC%D0%B8.%20%D0%9A%D0%B0%D1%80%D1%82%D0%B0%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%BF%D0%BE%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D1%8F%D0%BC.%20%D0%9A%D0%B0%D1%80%D1%82%D1%8B%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D1%81%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%D0%B0%D0%BC%D0%B8%20%D0%B8%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D1%8F%D0%BC%D0%B8&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/7430869/1?wmode=7&page-url=http%3A%2F%2Frf-town.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A776n41m7q3df66onruy8z%3Afp%3A106%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A330299960449%3Ahid%3A131271520%3Az%3A0%3Ai%3A20230104002824%3Aet%3A1672792105%3Ac%3A1%3Arn%3A975638498%3Arqn%3A1%3Au%3A1672792105295953753%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A36%2C14%2C14%2C8%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1672792104319%3Arqnl%3A1%3Ast%3A1672792105%3At%3A%D0%9A%D0%B0%D1%80%D1%82%D0%B0%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D1%81%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%D0%B0%D0%BC%D0%B8.%20%D0%9A%D0%B0%D1%80%D1%82%D0%B0%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%BF%D0%BE%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D1%8F%D0%BC.%20%D0%9A%D0%B0%D1%80%D1%82%D1%8B%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D1%81%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%D0%B0%D0%BC%D0%B8%20%D0%B8%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D1%8F%D0%BC%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 35

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9872.EBZ6NF8Yw1OeJknoWBhrmeMm-oxuMSAVYqz9kaYVPts4kj7_xZ9W28URyDbmClMp.fJ3rzC5rCu_C0qfxCFjxkx9icfI%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9872.0EYcVV5-4a5RaZ-8g9EzL20QBrSYsI0P6ndnDTXn0DmhuO4H6ZRA08wuRKpikQojcycblQvecAVB_a1OW0lnBTXm0vtekME55J-mYkwfF1I%2C.AGKWcTqpRp1u-6xMPZtAgMy1u04%2C

Request Chain 42

https://an.yandex.ru/mapuid/profitclicksdspis/6e4b5a3b-3d72-429c-a31a-8f5335487bcb HTTP 302
https://an.yandex.ru/mapuid/profitclicksdspis/6e4b5a3b-3d72-429c-a31a-8f5335487bcb?redir-setuniq=1

Request Chain 44

https://ads.betweendigital.com/match?bidder_id=44931&callback_url=https%3A%2F%2Fdmpprof.com%2Fmatching%2Fexternal%3Fsid%3D44931%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=44931&callback_url=https%3A%2F%2Fdmpprof.com%2Fmatching%2Fexternal%3Fsid%3D44931%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://dmpprof.com/matching/external?sid=44931&uid=475ee980-aaa0-5204-b7cb-1c0ad47fd420

52 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
rf-town.ru/ 19 KB
19 KB 64ms
13ms Document
text/html 94.198.242.161
GM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://rf-town.ru/
Protocol: HTTP/1.1
Server: 94.198.242.161 Prague, Czech Republic, ASN62160 (GM-AS, SC),
Reverse DNS
Software: Apache /
Resource Hash: da8a68faabe837b347183533d295007b629d3ca00f09ce4f8690643b2c7d5681

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: close
Content-Type: text/html
Date: Wed, 04 Jan 2023 00:28:24 GMT
Server: Apache
Transfer-Encoding: chunked

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 162 KB
57 KB 223ms
106ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: rf-town.ru
URL: http://rf-town.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

f5cecd59e22ff2b722cedfe2f33d92d2504a97cdf33d4f24b8dbc735eb575558

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:28:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Fri, 30 Dec 2022 07:53:53 GMT
etag: "63ae6ee1-e2ff"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 58111
expires: Wed, 04 Jan 2023 01:28:24 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//rf-town.ru/;0.1298720201129575
https://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//rf-town.ru/;0.1298720201129575
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//rf-town.ru/;0.1298720201129575

43 B
528 B

52ms
52ms

Image
image/gif

88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//rf-town.ru/;0.1298720201129575

Requested by

Host: rf-town.ru
URL: http://rf-town.ru/

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 04 Jan 2023 00:28:31 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Mon, 03 Jan 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 04 Jan 2023 00:28:31 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//rf-town.ru/;0.1298720201129575
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Mon, 03 Jan 2022 21:00:00 GMT

GET
H2

200

counter2
top-fwz1.mail.ru/
Redirect Chain

http://da.c7.be.a1.top.mail.ru/counter?id=1997431;js=13;r=;j=false;s=1600*1200;d=24;rand=0.40443034685239976
https://top-fwz1.mail.ru/counter?id=1997431;js=13;r=;j=false;s=1600*1200;d=24;rand=0.40443034685239976
https://top-fwz1.mail.ru/counter2?id=1997431;js=13;r=;j=false;s=1600*1200;d=24;rand=0.40443034685239976

43 B
962 B

46ms
46ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter2?id=1997431;js=13;r=;j=false;s=1600*1200;d=24;rand=0.40443034685239976

Requested by

Host: rf-town.ru
URL: http://rf-town.ru/

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:28:24 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

date: Wed, 04 Jan 2023 00:28:24 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 0
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
accept-ch-lifetime: 86400
location: https://top-fwz1.mail.ru/counter2?id=1997431;js=13;r=;j=false;s=1600*1200;d=24;rand=0.40443034685239976
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 409
Conflict xf9vqupkyu1iloaj287a3fc4a388d48f3be6dfa2c0c721717
tnb.rf-town.ru/apiek8219129i79921j7bi97/2qtlviek897i/ 0
0 104ms
18ms Script
text/html 2606:4700:3033::6815:2bc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tnb.rf-town.ru/apiek8219129i79921j7bi97/2qtlviek897i/xf9vqupkyu1iloaj287a3fc4a388d48f3be6dfa2c0c721717
Requested by: Host: rf-town.ru
URL: http://rf-town.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:2bc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H/1.1 200
OK 1046436_SMALL_0_0.jpg
rf-town.ru/ 75 KB
76 KB 19ms
10ms Image
image/jpeg 94.198.242.161
GM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rf-town.ru/1046436_SMALL_0_0.jpg
Requested by: Host: rf-town.ru
URL: http://rf-town.ru/
Protocol: HTTP/1.1
Server: 94.198.242.161 Prague, Czech Republic, ASN62160 (GM-AS, SC),
Reverse DNS
Software: Apache /
Resource Hash: 328c6aaae6956a6a812aff3c00a6babaea824d98edbd468993c9df7189f44a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 04 Jan 2023 00:28:24 GMT
Last-Modified: Wed, 02 Mar 2011 09:46:54 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 77272
Content-Type: image/jpeg

GET
H/1.1 200
OK 1046436_SMALL_1_0.jpg
rf-town.ru/ 68 KB
69 KB 17ms
9ms Image
image/jpeg 94.198.242.161
GM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rf-town.ru/1046436_SMALL_1_0.jpg
Requested by: Host: rf-town.ru
URL: http://rf-town.ru/
Protocol: HTTP/1.1
Server: 94.198.242.161 Prague, Czech Republic, ASN62160 (GM-AS, SC),
Reverse DNS
Software: Apache /
Resource Hash: dd76fa75d32ecb8e41ea8e4c462375abb3e25e1830e8064742346c0d9f37e630

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 04 Jan 2023 00:28:24 GMT
Last-Modified: Wed, 02 Mar 2011 09:46:52 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 69945
Content-Type: image/jpeg

GET
H/1.1 200
OK 1046436_SMALL_2_0.jpg
rf-town.ru/ 65 KB
65 KB 18ms
10ms Image
image/jpeg 94.198.242.161
GM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rf-town.ru/1046436_SMALL_2_0.jpg
Requested by: Host: rf-town.ru
URL: http://rf-town.ru/
Protocol: HTTP/1.1
Server: 94.198.242.161 Prague, Czech Republic, ASN62160 (GM-AS, SC),
Reverse DNS
Software: Apache /
Resource Hash: 3a2fc9cd855ee527653ef181becdce8b5dd71a4807bb34517b9994fa2ffae427

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 04 Jan 2023 00:28:24 GMT
Last-Modified: Wed, 02 Mar 2011 09:46:51 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 66248
Content-Type: image/jpeg

GET
H/1.1 200
OK 1046436_SMALL_3_0.jpg
rf-town.ru/ 61 KB
62 KB 84ms
9ms Image
image/jpeg 94.198.242.161
GM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rf-town.ru/1046436_SMALL_3_0.jpg
Requested by: Host: rf-town.ru
URL: http://rf-town.ru/
Protocol: HTTP/1.1
Server: 94.198.242.161 Prague, Czech Republic, ASN62160 (GM-AS, SC),
Reverse DNS
Software: Apache /
Resource Hash: eff9349281e8e82fa3b77d7b9f7966769cd1cce797408f06727c0a40a3d239c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 04 Jan 2023 00:28:24 GMT
Last-Modified: Wed, 02 Mar 2011 09:46:47 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 62772
Content-Type: image/jpeg

GET
H/1.1 200
OK 1046436_SMALL_4_0.jpg
rf-town.ru/ 66 KB
66 KB 105ms
9ms Image
image/jpeg 94.198.242.161
GM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rf-town.ru/1046436_SMALL_4_0.jpg
Requested by: Host: rf-town.ru
URL: http://rf-town.ru/
Protocol: HTTP/1.1
Server: 94.198.242.161 Prague, Czech Republic, ASN62160 (GM-AS, SC),
Reverse DNS
Software: Apache /
Resource Hash: b20014b00e923d281ae7eee832d5a3dc5055175e1b3ab841b19334043655141d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 04 Jan 2023 00:28:24 GMT
Last-Modified: Wed, 02 Mar 2011 09:46:47 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 67459
Content-Type: image/jpeg

GET
H/1.1 200
OK 1046436_SMALL_0_1.jpg
rf-town.ru/ 71 KB
71 KB 111ms
11ms Image
image/jpeg 94.198.242.161
GM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rf-town.ru/1046436_SMALL_0_1.jpg
Requested by: Host: rf-town.ru
URL: http://rf-town.ru/
Protocol: HTTP/1.1
Server: 94.198.242.161 Prague, Czech Republic, ASN62160 (GM-AS, SC),
Reverse DNS
Software: Apache /
Resource Hash: bc36e152c4155ad15b22a8b4774cd41f243324d9ab8a59df06111696fa713eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 04 Jan 2023 00:28:24 GMT
Last-Modified: Wed, 02 Mar 2011 09:46:55 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 72247
Content-Type: image/jpeg

GET
H/1.1 200
OK 1046436_SMALL_1_1.jpg
rf-town.ru/ 69 KB
69 KB 66ms
10ms Image
image/jpeg 94.198.242.161
GM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rf-town.ru/1046436_SMALL_1_1.jpg
Requested by: Host: rf-town.ru
URL: http://rf-town.ru/
Protocol: HTTP/1.1
Server: 94.198.242.161 Prague, Czech Republic, ASN62160 (GM-AS, SC),
Reverse DNS
Software: Apache /
Resource Hash: 1fa24f900e9c5e063ac61b59212776701eff80d75955fb6c91a11a8f5462b690

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 04 Jan 2023 00:28:24 GMT
Last-Modified: Wed, 02 Mar 2011 09:46:51 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 70939
Content-Type: image/jpeg

GET
H/1.1 200
OK 1046436_SMALL_2_1.jpg
rf-town.ru/ 72 KB
73 KB 14ms
11ms Image
image/jpeg 94.198.242.161
GM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rf-town.ru/1046436_SMALL_2_1.jpg
Requested by: Host: rf-town.ru
URL: http://rf-town.ru/
Protocol: HTTP/1.1
Server: 94.198.242.161 Prague, Czech Republic, ASN62160 (GM-AS, SC),
Reverse DNS
Software: Apache /
Resource Hash: e85a72596d083eb7936f8923d2f52d0565ea195526901de21461bb90f48e2146

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 04 Jan 2023 00:28:24 GMT
Last-Modified: Wed, 02 Mar 2011 09:46:50 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 74237
Content-Type: image/jpeg

GET
H/1.1 200
OK 1046436_SMALL_3_1.jpg
rf-town.ru/ 71 KB
71 KB 9ms
9ms Image
image/jpeg 94.198.242.161
GM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rf-town.ru/1046436_SMALL_3_1.jpg
Requested by: Host: rf-town.ru
URL: http://rf-town.ru/
Protocol: HTTP/1.1
Server: 94.198.242.161 Prague, Czech Republic, ASN62160 (GM-AS, SC),
Reverse DNS
Software: Apache /
Resource Hash: e706310f2bdf09850ca30d6c3bb7a19a93c06b87cc464dd04a2d4de178923503

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 04 Jan 2023 00:28:24 GMT
Last-Modified: Wed, 02 Mar 2011 09:46:48 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 72989
Content-Type: image/jpeg

GET
H/1.1 200
OK 1046436_SMALL_4_1.jpg
rf-town.ru/ 65 KB
66 KB 11ms
10ms Image
image/jpeg 94.198.242.161
GM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rf-town.ru/1046436_SMALL_4_1.jpg
Requested by: Host: rf-town.ru
URL: http://rf-town.ru/
Protocol: HTTP/1.1
Server: 94.198.242.161 Prague, Czech Republic, ASN62160 (GM-AS, SC),
Reverse DNS
Software: Apache /
Resource Hash: 23da2173dc85f241cc769fc2d750d451c65e81fc697527ef8e2651cad4f87aba

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 04 Jan 2023 00:28:24 GMT
Last-Modified: Wed, 02 Mar 2011 09:46:47 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 66975
Content-Type: image/jpeg

GET
H/1.1 200
OK 204727.js Show response
dab.rf-town.ru/data/ 13 KB
14 KB 366ms
113ms Script
application/x-javascript 94.75.234.115
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://dab.rf-town.ru/data/204727.js?async=1&div=4931aab204727&t=0.35132672538352705
Requested by: Host: rf-town.ru
URL: http://rf-town.ru/
Protocol: HTTP/1.1
Server: 94.75.234.115 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: fa2cc5c9c96898a2cf3179ce1d8a7061bfcf7f2664b0c6944e8f245509913f0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 04 Jan 2023 00:28:24 GMT
Server: nginx
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR", policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Content-Type: application/x-javascript; charset=windows-1251
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 13424

GET
H2 200 plusone.js Show response
apis.google.com/js/ 54 KB
21 KB 58ms
26ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: rf-town.ru
URL: http://rf-town.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25c0fd538b26adf8a809192896df0c4c00b16e4667fd609a49fd7636125a1083

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 04 Jan 2023 00:28:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20933
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "32382e1707655955"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Jan 2023 00:28:24 GMT

GET
H/1.1 200
OK script.js Show response
oba.rf-town.ru/ 132 KB
50 KB 334ms
59ms Script
application/javascript 85.192.12.169
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://oba.rf-town.ru/script.js
Requested by: Host: rf-town.ru
URL: http://rf-town.ru/
Protocol: HTTP/1.1
Server: 85.192.12.169 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 6e0c845a2e49b9c0e1c1e74567bf26f1ca1bbe83dec77da097a58223cd057ece

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 04 Jan 2023 00:28:24 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
X-Adsbid-Request: p2slhsbajf2g
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
Connection: keep-alive

GET
H2

200

counter2
top-fwz1.mail.ru/
Redirect Chain

http://da.c7.be.a1.top.mail.ru/counter?id=1997431;t=216;l=1
https://top-fwz1.mail.ru/counter?id=1997431;t=216;l=1
https://top-fwz1.mail.ru/counter2?id=1997431;t=216;l=1

882 B
2 KB

47ms
46ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter2?id=1997431;t=216;l=1

Requested by

Host: rf-town.ru
URL: http://rf-town.ru/

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

3f83b1fe72a2d039b7f84dd220f89116cc47d5a0715a06ec4ace33627e8ba838

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:28:24 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 882
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

date: Wed, 04 Jan 2023 00:28:24 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 0
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
accept-ch-lifetime: 86400
location: https://top-fwz1.mail.ru/counter2?id=1997431;t=216;l=1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
OK logo
counter.yadro.ru/ 220 B
441 B 7172ms
42ms Image
image/gif 88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://counter.yadro.ru/logo?16.3
Requested by: Host: rf-town.ru
URL: http://rf-town.ru/
Protocol: HTTP/1.1
Server: 88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host152.rax.ru
Software: 0W/0.8c /
Resource Hash: 3568db8b84f010fb9dc3106d49a52d776403887a15b878a0b638e63dcfdbb204

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 04 Jan 2023 00:28:31 GMT
Server: 0W/0.8c
Content-Type: image/gif
Cache-control: no-cache
Connection: Close
Content-Length: 220
Expires: Mon, 03 Jan 2022 21:00:00 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/ 146 KB
50 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b1054ff4b673a0f4fe9e7b4ddd66330a82e6f09f73587fd4b18af8c854c3133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 17:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51245
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 15:21:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jan 2024 17:38:32 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/ 100 KB
34 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3524b02165475e202deed795bca547984a0d70bc7bf17e4ac5b10db72482fe0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 17:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35176
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 15:21:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jan 2024 17:38:32 GMT

GET
H2

200

/
developers.google.com/ Frame 2055
Redirect Chain

https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&annotation=inline&width=250&hl=ru&origin=http%3A%2F%2Frf-town.ru&url=http%3A%2F%2Frf-town.ru%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fsc...
http://developers.google.com/
https://developers.google.com/

0
0

1777ms
1749ms

Document
text/html

2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://developers.google.com/

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-GSRY6pu9SzK9RTROJxym/i8NOfjqvR' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://rf-town.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 26738
content-security-policy: base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-GSRY6pu9SzK9RTROJxym/i8NOfjqvR' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
content-type: text/html; charset=utf-8
date: Wed, 04 Jan 2023 00:28:26 GMT
expires: 0
last-modified: Thu, 22 Dec 2022 09:20:01 GMT
pragma: no-cache
server: Google Frontend
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
x-cloud-trace-context: da2cf51601c97f9c870f782902f81b73
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

Redirect headers

Content-Length: 0
Content-Type: text/html
Date: Wed, 04 Jan 2023 00:28:24 GMT
Location: https://developers.google.com/
Server: Google Frontend
X-Cloud-Trace-Context: 09d503106591bb7df95aca86d7953337

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame 3CC4 566 B
903 B 89ms
57ms Document
text/html 2a00:1450:4001:829::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Frf-town.ru&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_1?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

38cf86e5fdc19953d2cc9b7363fc0ccc20d884402ce3f845d5a4e9d874eb0197

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Dc2hdMiULiGlR39XhVm4_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rf-town.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Dc2hdMiULiGlR39XhVm4_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
content-type: text/html; charset=utf-8
date: Wed, 04 Jan 2023 00:28:24 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 cspreport
accounts.google.com/o/ Frame 3CC4 0
20 B 40ms
20ms Other
text/html 2a00:1450:4001:829::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/cspreport

Requested by

Host: rf-town.ru
URL: http://rf-town.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aWVkYGvlbUysz9nFOjZjsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Frf-town.ru&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 00:28:24 GMT
content-security-policy: script-src 'report-sample' 'nonce-aWVkYGvlbUysz9nFOjZjsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1832714284-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame 3CC4 10 KB
5 KB 46ms
8ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Frf-town.ru&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 17:38:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4294
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 19:08:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jan 2024 17:38:33 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame 3CC4 17 KB
7 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a72a95f45380c28a3d910c4f43c02ce7992a1ba853f410f9f53a45f18433470b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 04 Jan 2023 00:28:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6901
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "c75ce447b1f6d98e"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Jan 2023 00:28:24 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/ Frame 3CC4 54 KB
19 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e533aa8b1cd8002c05dfd711e18ac03974ddaad1cd915004fd9b5c3aac50e377

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 17:38:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19257
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 15:21:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jan 2024 17:38:34 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9872.j44t9CIwJSVoTR8JnuVxz0F9t1BHmhnkFwQs1La9xc_Oz_Bb52UsQllMC9Nc0Wnr.zmQnMHHXrVRHEVNIpdnECYS4CnA%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9872.ammmxIXeylvOAMDuPdXdgaA4zWvvWxDHF3d6hXnZ-_JixAsgCz_4iuTFiMbKlwptospPJ-Fe2VMXulOcR12T8jkOLFdohuvGgfvmE8UbIIw%2C.56jT83YP5EqTRdqVrP5m3pEsEFY%2C

75 B
75 B

56ms
56ms

Image
text/html

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9872.ammmxIXeylvOAMDuPdXdgaA4zWvvWxDHF3d6hXnZ-_JixAsgCz_4iuTFiMbKlwptospPJ-Fe2VMXulOcR12T8jkOLFdohuvGgfvmE8UbIIw%2C.56jT83YP5EqTRdqVrP5m3pEsEFY%2C

Requested by

Host: rf-town.ru
URL: http://rf-town.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:28:24 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9872.ammmxIXeylvOAMDuPdXdgaA4zWvvWxDHF3d6hXnZ-_JixAsgCz_4iuTFiMbKlwptospPJ-Fe2VMXulOcR12T8jkOLFdohuvGgfvmE8UbIIw%2C.56jT83YP5EqTRdqVrP5m3pEsEFY%2C
date: Wed, 04 Jan 2023 00:28:24 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK image.php
pit.barbos.ru/ 3 KB
3 KB 58ms
18ms Image
image/jpeg 89.22.236.113
VDSINA-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pit.barbos.ru/image.php?object_id=41FF85C4-8D1B-176A-A322-B4A9F866899D&width=120&height=120
Requested by: Host: rf-town.ru
URL: http://rf-town.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.22.236.113 Meppel, Netherlands, ASN207651 (VDSINA-NL, RU),
Reverse DNS: host-89-22-236-113.hosted-by-vdsina.ru
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c928baf9204a952d213008ea56d8aa5e571e2d2b994bd4b0e4536fbdbf8f69c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 04 Jan 2023 00:28:24 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/jpeg

GET
H/1.1 200
OK image.php
pit.barbos.ru/ 3 KB
3 KB 73ms
23ms Image
image/jpeg 89.22.236.113
VDSINA-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pit.barbos.ru/image.php?object_id=CBFE01E0-5548-61FC-8567-7378F1ACA50F&width=120&height=120
Requested by: Host: rf-town.ru
URL: http://rf-town.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.22.236.113 Meppel, Netherlands, ASN207651 (VDSINA-NL, RU),
Reverse DNS: host-89-22-236-113.hosted-by-vdsina.ru
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2ad8ce285b7d80b248fb760d72cf26bf8be79b42c353f0d60a37be6f90ee9024

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 04 Jan 2023 00:28:24 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/jpeg

GET
H/1.1

200
OK

hit;All_da_nnn_dn_realty
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit;All_da_nnn_dn_realty?r;s1600*1200*24;uhttp%3A//rf-town.ru/;0.04893921776108989
https://counter.yadro.ru/hit;All_da_nnn_dn_realty?r;s1600*1200*24;uhttp%3A//rf-town.ru/;0.04893921776108989
https://counter.yadro.ru/hit;All_da_nnn_dn_realty?q;r;s1600*1200*24;uhttp%3A//rf-town.ru/;0.04893921776108989

43 B
528 B

53ms
53ms

Image
image/gif

88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;All_da_nnn_dn_realty?q;r;s1600*1200*24;uhttp%3A//rf-town.ru/;0.04893921776108989

Requested by

Host: rf-town.ru
URL: http://rf-town.ru/

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 04 Jan 2023 00:28:31 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Mon, 03 Jan 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 04 Jan 2023 00:28:31 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit;All_da_nnn_dn_realty?q;r;s1600*1200*24;uhttp%3A//rf-town.ru/;0.04893921776108989
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Mon, 03 Jan 2022 21:00:00 GMT

GET
H/1.1 200
OK logo.svg
st.directadvert.ru/directadvert/img/widgets/ 4 KB
5 KB 36ms
12ms Image
image/svg+xml 95.168.170.7
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://st.directadvert.ru/directadvert/img/widgets/logo.svg
Requested by: Host: rf-town.ru
URL: http://rf-town.ru/
Protocol: HTTP/1.1
Server: 95.168.170.7 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: b729a847f717fac6d49d41bce006e4aae31aa27974070caf6ee8de29b1fa2e1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 04 Jan 2023 00:28:24 GMT
Last-Modified: Wed, 09 Feb 2022 06:18:28 GMT
Server: nginx
ETag: "62035cb4-114a"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4426

GET
H2 200 38a89e25.js Show response
tat3ayogh6.com/pixels/ 141 KB
49 KB 214ms
106ms Script
application/javascript 85.192.12.174
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tat3ayogh6.com/pixels/38a89e25.js
Requested by: Host: oba.rf-town.ru
URL: http://oba.rf-town.ru/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: ad98066bb3005055c4da457787c9a47040bab6d0dac769b7aa7ea7a063bbc26e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:28:24 GMT
cache-control: no-store
content-encoding: gzip
last-modified: Tue, 27 Dec 2022 12:43:25 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
111 B 53ms
53ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: rf-town.ru
URL: http://rf-town.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:28:24 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 30 Dec 2022 07:53:53 GMT
etag: "63ae6ee1-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 04 Jan 2023 01:28:24 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/7430869/
Redirect Chain

https://mc.yandex.com/watch/7430869?wmode=7&page-url=http%3A%2F%2Frf-town.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A776n41m7q3df66onruy8z%3Afp%3A106%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3...
https://mc.yandex.com/watch/7430869/1?wmode=7&page-url=http%3A%2F%2Frf-town.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A776n41m7q3df66onruy8z%3Afp%3A106%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US...

454 B
563 B

57ms
56ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/7430869/1?wmode=7&page-url=http%3A%2F%2Frf-town.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A776n41m7q3df66onruy8z%3Afp%3A106%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A330299960449%3Ahid%3A131271520%3Az%3A0%3Ai%3A20230104002824%3Aet%3A1672792105%3Ac%3A1%3Arn%3A975638498%3Arqn%3A1%3Au%3A1672792105295953753%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A36%2C14%2C14%2C8%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1672792104319%3Arqnl%3A1%3Ast%3A1672792105%3At%3A%D0%9A%D0%B0%D1%80%D1%82%D0%B0%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D1%81%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%D0%B0%D0%BC%D0%B8.%20%D0%9A%D0%B0%D1%80%D1%82%D0%B0%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%BF%D0%BE%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D1%8F%D0%BC.%20%D0%9A%D0%B0%D1%80%D1%82%D1%8B%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D1%81%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%D0%B0%D0%BC%D0%B8%20%D0%B8%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D1%8F%D0%BC%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: rf-town.ru
URL: http://rf-town.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

c5b07db8011150c41e54a28275ced842ab71bd70138ee2cb58d0cb4f1526f378

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 00:28:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 04-Jan-2023 00:28:24 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: http://rf-town.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 454
x-xss-protection: 1; mode=block
expires: Wed, 04-Jan-2023 00:28:24 GMT

Redirect headers

pragma: no-cache
date: Wed, 04 Jan 2023 00:28:24 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 04-Jan-2023 00:28:24 GMT
location: /watch/7430869/1?wmode=7&page-url=http%3A%2F%2Frf-town.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A776n41m7q3df66onruy8z%3Afp%3A106%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A330299960449%3Ahid%3A131271520%3Az%3A0%3Ai%3A20230104002824%3Aet%3A1672792105%3Ac%3A1%3Arn%3A975638498%3Arqn%3A1%3Au%3A1672792105295953753%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A36%2C14%2C14%2C8%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1672792104319%3Arqnl%3A1%3Ast%3A1672792105%3At%3A%D0%9A%D0%B0%D1%80%D1%82%D0%B0%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D1%81%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%D0%B0%D0%BC%D0%B8.%20%D0%9A%D0%B0%D1%80%D1%82%D0%B0%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%BF%D0%BE%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D1%8F%D0%BC.%20%D0%9A%D0%B0%D1%80%D1%82%D1%8B%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D1%81%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%D0%B0%D0%BC%D0%B8%20%D0%B8%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D1%8F%D0%BC%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: http://rf-town.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 04-Jan-2023 00:28:24 GMT

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9872.EBZ6NF8Yw1OeJknoWBhrmeMm-oxuMSAVYqz9kaYVPts4kj7_xZ9W28URyDbmClMp.fJ3rzC5rCu_C0qfxCFjxkx9icfI%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9872.0EYcVV5-4a5RaZ-8g9EzL20QBrSYsI0P6ndnDTXn0DmhuO4H6ZRA08wuRKpikQojcycblQvecAVB_a1OW0lnBTXm0vtekME55J-mYkwfF1I%2C.AGKWcTqpRp1u-6xMPZ...

43 B
67 B

57ms
56ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9872.0EYcVV5-4a5RaZ-8g9EzL20QBrSYsI0P6ndnDTXn0DmhuO4H6ZRA08wuRKpikQojcycblQvecAVB_a1OW0lnBTXm0vtekME55J-mYkwfF1I%2C.AGKWcTqpRp1u-6xMPZtAgMy1u04%2C

Requested by

Host: rf-town.ru
URL: http://rf-town.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:28:25 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9872.0EYcVV5-4a5RaZ-8g9EzL20QBrSYsI0P6ndnDTXn0DmhuO4H6ZRA08wuRKpikQojcycblQvecAVB_a1OW0lnBTXm0vtekME55J-mYkwfF1I%2C.AGKWcTqpRp1u-6xMPZtAgMy1u04%2C
date: Wed, 04 Jan 2023 00:28:25 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 pclicks.js Show response
prodmp.ru/ 0
224 B 144ms
45ms Script
text/javascript 193.106.93.124
ITSOFT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://prodmp.ru/pclicks.js
Requested by: Host: tat3ayogh6.com
URL: https://tat3ayogh6.com/pixels/38a89e25.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.106.93.124 , Russian Federation, ASN48614 (ITSOFT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: text/javascript
date: Wed, 04 Jan 2023 00:28:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 internal Show response
dmpprof.com/matching/ 150 B
672 B 143ms
46ms Fetch
application/json 85.192.12.174
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dmpprof.com/matching/internal?event=view&aid=0&ssp_id=8&href=http%3A%2F%2Frf-town.ru%2F&title=%D0%9A%D0%B0%D1%80%D1%82%D0%B0%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D1%81%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%D0%B0%D0%BC%D0%B8.%20%D0%9A%D0%B0%D1%80%D1%82%D0%B0%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%BF%D0%BE%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D1%8F%D0%BC.%20%D0%9A%D0%B0%D1%80%D1%82%D1%8B%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D1%81%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%D0%B0%D0%BC%D0%B8%20%D0%B8%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D1%8F%D0%BC%D0%B8&dmp_print_id=f923e007be34ddd0702554035fe80c4e
Requested by: Host: oba.rf-town.ru
URL: http://oba.rf-town.ru/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 89f50237858766b9f0c709ceeee0a21670fda520a4a20b9153b5fc95bb64538e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:28:25 GMT
server: nginx/1.18.0
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: http://rf-town.ru
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 150

OPTIONS
H/1.1 204
No Content /
oba.rf-town.ru/json/ Frame 0
0 87ms
44ms Preflight 85.192.12.169
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://oba.rf-town.ru/json/?4a69c5c=6e4b5a3b-3d72-429c-a31a-8f5335487bcb&3e39188=23649&27de3eb=128464%2C1183
Protocol: HTTP/1.1
Server: 85.192.12.169 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-language,x-real-url
Access-Control-Request-Method: GET
Origin: http://rf-town.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Language, X-Real-Url, Content-Type
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: http://rf-town.ru
Allow: GET, OPTIONS
Connection: keep-alive
Date: Wed, 04 Jan 2023 00:28:25 GMT
Server: nginx/1.18.0

GET
H/1.1 200
OK / Show response
oba.rf-town.ru/json/ 18 KB
8 KB 169ms
169ms Fetch
text/plain 85.192.12.169
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://oba.rf-town.ru/json/?4a69c5c=6e4b5a3b-3d72-429c-a31a-8f5335487bcb&3e39188=23649&27de3eb=128464%2C1183
Requested by: Host: oba.rf-town.ru
URL: http://oba.rf-town.ru/script.js
Protocol: HTTP/1.1
Server: 85.192.12.169 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 53a35fa68eb2846336e06769913a35a9404e28a015e02c19ab0321890bc304d5

Request headers

X-Real-Url: http://rf-town.ru/
Referer: http://rf-town.ru/
X-Language: en-us
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 04 Jan 2023 00:28:25 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
X-Adsbid-Request: pidwxgun4e6oy6uw
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: http://rf-town.ru
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Real-Url, Content-Type

GET
H2 200 demography Show response
prodmp.ru/pclicks/ 3 B
131 B 46ms
45ms Fetch
application/json 193.106.93.124
ITSOFT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://prodmp.ru/pclicks/demography?domain=rf-town.ru
Requested by: Host: oba.rf-town.ru
URL: http://oba.rf-town.ru/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.106.93.124 , Russian Federation, ASN48614 (ITSOFT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: http://rf-town.ru
date: Wed, 04 Jan 2023 00:28:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 3
content-type: application/json

GET
H/1.1 200
OK / Show response
dmg.digitaltarget.ru/2/ 26 B
341 B 137ms
44ms Fetch
text/json 185.15.175.132
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://dmg.digitaltarget.ru/2/?a=850
Requested by: Host: oba.rf-town.ru
URL: http://oba.rf-town.ru/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.15.175.132 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5d3c81d38fa32915be4a76abd4173e77b0cc342b91643f8ef994a2bbe26abad9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 04 Jan 2023 00:28:25 GMT
Server: nginx
Access-Control-Allow-Methods: GET
Content-Type: text/json
Access-Control-Allow-Origin: http://rf-town.ru
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type
Content-Length: 26

GET
H2

200

6e4b5a3b-3d72-429c-a31a-8f5335487bcb
an.yandex.ru/mapuid/profitclicksdspis/
Redirect Chain

https://an.yandex.ru/mapuid/profitclicksdspis/6e4b5a3b-3d72-429c-a31a-8f5335487bcb
https://an.yandex.ru/mapuid/profitclicksdspis/6e4b5a3b-3d72-429c-a31a-8f5335487bcb?redir-setuniq=1

43 B
108 B

56ms
56ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/profitclicksdspis/6e4b5a3b-3d72-429c-a31a-8f5335487bcb?redir-setuniq=1

Requested by

Host: rf-town.ru
URL: http://rf-town.ru/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 00:28:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 04 Jan 2023 00:28:25 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 04 Jan 2023 00:28:25 GMT

Redirect headers

pragma: no-cache
date: Wed, 04 Jan 2023 00:28:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 04 Jan 2023 00:28:25 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/profitclicksdspis/6e4b5a3b-3d72-429c-a31a-8f5335487bcb?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 04 Jan 2023 00:28:25 GMT

GET
H2 200 profitclicks
prodmp.ru/ 0
90 B 45ms
45ms Image
text/html 193.106.93.124
ITSOFT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prodmp.ru/profitclicks?uid=6e4b5a3b-3d72-429c-a31a-8f5335487bcb
Requested by: Host: rf-town.ru
URL: http://rf-town.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.106.93.124 , Russian Federation, ASN48614 (ITSOFT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:28:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/html;charset=utf-8

GET
H2

200

external
dmpprof.com/matching/
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=44931&callback_url=https%3A%2F%2Fdmpprof.com%2Fmatching%2Fexternal%3Fsid%3D44931%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=44931&callback_url=https%3A%2F%2Fdmpprof.com%2Fmatching%2Fexternal%3Fsid%3D44931%26uid%3D%24%7BUSER_ID%7D&crf=1
https://dmpprof.com/matching/external?sid=44931&uid=475ee980-aaa0-5204-b7cb-1c0ad47fd420

0
0

43ms
43ms

Image
application/json

85.192.12.174
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmpprof.com/matching/external?sid=44931&uid=475ee980-aaa0-5204-b7cb-1c0ad47fd420
Requested by: Host: rf-town.ru
URL: http://rf-town.ru/
Protocol: H2
Server: 85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

location: https://dmpprof.com/matching/external?sid=44931&uid=475ee980-aaa0-5204-b7cb-1c0ad47fd420
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

POST
H2 200 enr Show response
dmpprof.com/ 2 B
350 B 43ms
43ms Fetch
text/plain 85.192.12.174
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dmpprof.com/enr?href=http%3A%2F%2Frf-town.ru%2F&title=%D0%9A%D0%B0%D1%80%D1%82%D0%B0%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D1%81%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%D0%B0%D0%BC%D0%B8.%20%D0%9A%D0%B0%D1%80%D1%82%D0%B0%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%BF%D0%BE%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D1%8F%D0%BC.%20%D0%9A%D0%B0%D1%80%D1%82%D1%8B%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D1%81%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%D0%B0%D0%BC%D0%B8%20%D0%B8%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D1%8F%D0%BC%D0%B8
Requested by: Host: oba.rf-town.ru
URL: http://oba.rf-town.ru/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: http://rf-town.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 04 Jan 2023 00:28:25 GMT
server: nginx/1.18.0
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
content-type: text/plain; charset=utf-8
access-control-allow-origin: http://rf-town.ru
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
content-length: 2

POST
H2 200 enr Show response
dmpprof.com/ 2 B
350 B 46ms
44ms Fetch
text/plain 85.192.12.174
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dmpprof.com/enr?href=http%3A%2F%2Frf-town.ru%2F&title=%D0%9A%D0%B0%D1%80%D1%82%D0%B0%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D1%81%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%D0%B0%D0%BC%D0%B8.%20%D0%9A%D0%B0%D1%80%D1%82%D0%B0%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%BF%D0%BE%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D1%8F%D0%BC.%20%D0%9A%D0%B0%D1%80%D1%82%D1%8B%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D1%81%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%D0%B0%D0%BC%D0%B8%20%D0%B8%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D1%8F%D0%BC%D0%B8
Requested by: Host: oba.rf-town.ru
URL: http://oba.rf-town.ru/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: http://rf-town.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 04 Jan 2023 00:28:25 GMT
server: nginx/1.18.0
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
content-type: text/plain; charset=utf-8
access-control-allow-origin: http://rf-town.ru
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
content-length: 2

GET
H2 200 mapping Show response
dprof.site/matching/ 17 B
537 B 57ms
45ms Fetch
application/json 85.192.12.174
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dprof.site/matching/mapping?uid=6e4b5a3b-3d72-429c-a31a-8f5335487bcb
Requested by: Host: oba.rf-town.ru
URL: http://oba.rf-town.ru/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:28:25 GMT
server: nginx/1.18.0
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: http://rf-town.ru
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 17

GET
DATA 200
OK truncated
/ 306 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8dc66a646d00dcaa6a2204e194a8b209b9c5bbf6251b4f93b9824c62ab51317

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 f4d8e0a2-773a-42d9-8f67-1a10d1857cac.jpg
cau1aighae.com/images/ 24 KB
24 KB 152ms
46ms Image
image/jpeg 95.163.155.37
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cau1aighae.com/images/f4d8e0a2-773a-42d9-8f67-1a10d1857cac.jpg
Requested by: Host: rf-town.ru
URL: http://rf-town.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.155.37 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 20cccee734cda23ee44c8e92b0acbb3ac26cf4397cd3ae6da0db6d25cb8d491a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:28:25 GMT
last-modified: Thu, 01 Dec 2022 12:41:20 GMT
server: nginx/1.18.0
etag: "6388a0f0-5efd"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=315360000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 24317
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 b81b0680-ae1c-42ea-a8b1-7e3264cc713b.jpg
cau1aighae.com/images/ 22 KB
22 KB 247ms
141ms Image
image/jpeg 95.163.155.37
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cau1aighae.com/images/b81b0680-ae1c-42ea-a8b1-7e3264cc713b.jpg
Requested by: Host: rf-town.ru
URL: http://rf-town.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.155.37 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e15ef0572f932ed4ef88a18def1f83360da3e7e7864706439dab2dd821201f6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:28:25 GMT
last-modified: Fri, 09 Dec 2022 11:56:06 GMT
server: nginx/1.18.0
etag: "63932256-5630"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=315360000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 22064
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bf93dc94-c70b-4116-898f-854f81ed4eb2.jpg
cau1aighae.com/images/ 29 KB
29 KB 247ms
141ms Image
image/jpeg 95.163.155.37
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cau1aighae.com/images/bf93dc94-c70b-4116-898f-854f81ed4eb2.jpg
Requested by: Host: rf-town.ru
URL: http://rf-town.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.155.37 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 3f645ab71f9a347fde0cacdf964abac9477d57c6377b1c89d4b8f7d534231b2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf-town.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:28:25 GMT
last-modified: Thu, 01 Dec 2022 12:40:35 GMT
server: nginx/1.18.0
etag: "6388a0c3-7329"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=315360000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 29481
expires: Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rf-town.ru/	1970-01-20 17:25:28	Name: _ym_uid Value: 1672792105295953753
.rf-town.ru/	1970-01-20 17:25:28	Name: _ym_d Value: 1672792105
.mc.yandex.com/	1970-01-20 08:39:52	Name: sync_cookie_csrf Value: 3930332678fake
.dab.rf-town.ru/	1970-01-20 08:49:56	Name: s Value:
rf-town.ru/	1969-12-31 23:59:59	Name: __da_as Value:
.mc.yandex.ru/	1970-01-20 08:39:52	Name: sync_cookie_csrf Value: 2740266138fake
.mail.ru/	1970-01-20 17:26:54	Name: VID Value: 2mYLQ0048o2E00000m1WP42E:::0-0-0-8cf20e8:CAASELqk-Ep7D-sih1y93K3rN6YaYIGwwyK05YqAwxJ82WlTCKrdUZI_J2xRcF2vs_W4Ox1DhzhQQsWYXkKiemgFuDeIFMfQQ2i-5LB3Ij23IAkU_AyIBFmRndKn018znRIE4mQd8O8jG-YcqIb-Y3HqSvYHPA
.rf-town.ru/	1970-01-20 08:41:04	Name: _ym_isad Value: 2
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 342032031672792104
.yandex.com/	1970-01-20 18:15:52	Name: i Value: UVru78aCCKe/Pv7YDFLx/P78v+/x7nGZCyZNyDN6NPPCRSgCd6n3tG6MBsk4j/XCJTX/yCzpqIqUyuQnuiIltip+Vxw=
.yandex.com/	1970-01-20 17:25:28	Name: yandexuid Value: 2553906331672792104
.yandex.com/	1970-01-20 17:25:28	Name: yuidss Value: 2553906331672792104
.yandex.com/	1970-01-20 17:25:28	Name: ymex Value: 1704328104.yc.1672792104#1704328104.yrts.1672792104#1704328104.yrtsi.1672792104
prodmp.ru/	1970-01-20 10:49:28	Name: rai Value: af182428bf59c3611b441e67555f6291
dmpprof.com/	1970-01-20 18:15:52	Name: uid Value: 6e4b5a3b-3d72-429c-a31a-8f5335487bcb
.betweendigital.com/	1970-01-20 17:25:28	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 17:25:28	Name: tuuid Value: 475ee980-aaa0-5204-b7cb-1c0ad47fd420
.betweendigital.com/	1970-01-20 17:25:28	Name: ss Value: 1
.betweendigital.com/	1970-01-20 17:25:28	Name: ut Value: Y7TIKQAM1Si_GPRmQvqKGn-eNty3JjlbedICNg==
dmpprof.com/	1970-01-20 09:00:01	Name: enrich_data_v2_5 Value: 1672792105
dmpprof.com/	1970-01-20 08:40:35	Name: nmatch Value: 44931_475ee980-aaa0-5204-b7cb-1c0ad47fd420
.yandex.ru/	1970-01-20 18:15:52	Name: yuidss Value: 9967736111672792105
.yandex.ru/	1970-01-20 18:15:52	Name: yandexuid Value: 9967736111672792105
dmpprof.com/	1970-01-20 09:00:01	Name: enrich_data_v2_2 Value: 1672792105
dprof.site/	1970-01-20 18:15:52	Name: uid Value: 6e4b5a3b-3d72-429c-a31a-8f5335487bcb
.yadro.ru/	1970-01-20 17:25:15	Name: FTID Value: 1ZjCWl1BK7eT1ZjCWl003FtX
.yadro.ru/	1970-01-20 17:25:15	Name: VID Value: 10DbsY1PKEOT1ZjCWl003FuB

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://tnb.rf-town.ru/apiek8219129i79921j7bi97/2qtlviek897i/xf9vqupkyu1iloaj287a3fc4a388d48f3be6dfa2c0c721717 Message: Failed to load resource: the server responded with a status of 409 (Conflict)
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9872.ammmxIXeylvOAMDuPdXdgaA4zWvvWxDHF3d6hXnZ-_JixAsgCz_4iuTFiMbKlwptospPJ-Fe2VMXulOcR12T8jkOLFdohuvGgfvmE8UbIIw%2C.56jT83YP5EqTRdqVrP5m3pEsEFY%2C Message: Failed to load resource: the server responded with a status of 400 ()
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://developers.google.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ads.betweendigital.com
an.yandex.ru
apis.google.com
cau1aighae.com
counter.yadro.ru
da.c7.be.a1.top.mail.ru
dab.rf-town.ru
developers.google.com
dmg.digitaltarget.ru
dmpprof.com
dprof.site
mc.yandex.com
mc.yandex.ru
oba.rf-town.ru
pit.barbos.ru
prodmp.ru
rf-town.ru
ssl.gstatic.com
st.directadvert.ru
tat3ayogh6.com
tnb.rf-town.ru
top-fwz1.mail.ru
185.15.175.132
188.42.196.115
193.106.93.124
2606:4700:3033::6815:2bc9
2a00:1450:4001:806::200e
2a00:1450:4001:80b::200e
2a00:1450:4001:829::200d
2a00:1450:4001:82b::2003
2a02:6b8::1:119
2a02:6b8::90
85.192.12.169
85.192.12.174
88.212.202.52
89.22.236.113
94.198.242.161
94.75.234.115
95.163.155.37
95.163.52.67
95.168.170.7
0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275
1fa24f900e9c5e063ac61b59212776701eff80d75955fb6c91a11a8f5462b690
20cccee734cda23ee44c8e92b0acbb3ac26cf4397cd3ae6da0db6d25cb8d491a
23da2173dc85f241cc769fc2d750d451c65e81fc697527ef8e2651cad4f87aba
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
25c0fd538b26adf8a809192896df0c4c00b16e4667fd609a49fd7636125a1083
2ad8ce285b7d80b248fb760d72cf26bf8be79b42c353f0d60a37be6f90ee9024
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
328c6aaae6956a6a812aff3c00a6babaea824d98edbd468993c9df7189f44a16
3524b02165475e202deed795bca547984a0d70bc7bf17e4ac5b10db72482fe0c
3568db8b84f010fb9dc3106d49a52d776403887a15b878a0b638e63dcfdbb204
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
38cf86e5fdc19953d2cc9b7363fc0ccc20d884402ce3f845d5a4e9d874eb0197
3a2fc9cd855ee527653ef181becdce8b5dd71a4807bb34517b9994fa2ffae427
3b1054ff4b673a0f4fe9e7b4ddd66330a82e6f09f73587fd4b18af8c854c3133
3f645ab71f9a347fde0cacdf964abac9477d57c6377b1c89d4b8f7d534231b2d
3f83b1fe72a2d039b7f84dd220f89116cc47d5a0715a06ec4ace33627e8ba838
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
53a35fa68eb2846336e06769913a35a9404e28a015e02c19ab0321890bc304d5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5d3c81d38fa32915be4a76abd4173e77b0cc342b91643f8ef994a2bbe26abad9
6e0c845a2e49b9c0e1c1e74567bf26f1ca1bbe83dec77da097a58223cd057ece
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
89f50237858766b9f0c709ceeee0a21670fda520a4a20b9153b5fc95bb64538e
a72a95f45380c28a3d910c4f43c02ce7992a1ba853f410f9f53a45f18433470b
ad98066bb3005055c4da457787c9a47040bab6d0dac769b7aa7ea7a063bbc26e
b20014b00e923d281ae7eee832d5a3dc5055175e1b3ab841b19334043655141d
b729a847f717fac6d49d41bce006e4aae31aa27974070caf6ee8de29b1fa2e1d
bc36e152c4155ad15b22a8b4774cd41f243324d9ab8a59df06111696fa713eb5
c5b07db8011150c41e54a28275ced842ab71bd70138ee2cb58d0cb4f1526f378
c928baf9204a952d213008ea56d8aa5e571e2d2b994bd4b0e4536fbdbf8f69c7
da8a68faabe837b347183533d295007b629d3ca00f09ce4f8690643b2c7d5681
dd76fa75d32ecb8e41ea8e4c462375abb3e25e1830e8064742346c0d9f37e630
e15ef0572f932ed4ef88a18def1f83360da3e7e7864706439dab2dd821201f6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e533aa8b1cd8002c05dfd711e18ac03974ddaad1cd915004fd9b5c3aac50e377
e706310f2bdf09850ca30d6c3bb7a19a93c06b87cc464dd04a2d4de178923503
e85a72596d083eb7936f8923d2f52d0565ea195526901de21461bb90f48e2146
eff9349281e8e82fa3b77d7b9f7966769cd1cce797408f06727c0a40a3d239c8
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f5cecd59e22ff2b722cedfe2f33d92d2504a97cdf33d4f24b8dbc735eb575558
f8dc66a646d00dcaa6a2204e194a8b209b9c5bbf6251b4f93b9824c62ab51317
fa2cc5c9c96898a2cf3179ce1d8a7061bfcf7f2664b0c6944e8f245509913f0c

rf-town.ru Open in urlscan Pro 94.198.242.161 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

52 Requests

48 %HTTPS

37 %IPv6

16 Domains

23 Subdomains

19 IPs

6 Countries

1115 kBTransfer

1638 kBSize

27 Cookies

9 Outgoing links

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

rf-town.ru Open in urlscan Pro
94.198.242.161 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

48 %
HTTPS

37 %
IPv6

16
Domains

23
Subdomains

19
IPs

6
Countries

1115 kB
Transfer

1638 kB
Size

27
Cookies

52 HTTP transactions
1 data transactions