urlscan.io logo urlscan.io
SecurityTrails logo

geocult.ru Open in urlscan Pro
185.182.111.117  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://geocult.ru/
Effective URL: https://geocult.ru/
Submission: On December 05 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 52 IPs in 9 countries across 38 domains to perform 322 HTTP transactions. The main IP is 185.182.111.117, located in Russian Federation and belongs to AS-REG, RU. The main domain is geocult.ru.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on June 24th 2023. Valid for: a year.
This is the only time geocult.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 67 185.182.111.117 197695 (AS-REG)
48 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 88.212.201.198 39134 (UNITEDNET)
1 20 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
26 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
13 24 172.217.18.98 15169 (GOOGLE)
5 11 172.64.151.101 13335 (CLOUDFLAR...)
5 8 37.252.171.53 29990 (ASN-APPNEX)
4 142.250.181.230 15169 (GOOGLE)
8 94.130.102.164 24940 (HETZNER-AS)
32 2a00:1450:400... 15169 (GOOGLE)
1 4 138.201.63.149 24940 (HETZNER-AS)
1 4 138.201.63.157 24940 (HETZNER-AS)
1 85.14.248.71 24961 (MYLOC-AS ...)
2 2a0b:4d07:101::1 44239 (PROINITY ...)
5 91.121.248.44 16276 (OVH)
2 18.170.182.156 16509 (AMAZON-02)
2 23.56.205.163 16625 (AKAMAI-AS)
2 4 216.58.206.38 15169 (GOOGLE)
1 1 94.23.99.218 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
2 35.244.159.8 396982 (GOOGLE-CL...)
2 2.16.97.41 16625 (AKAMAI-AS)
2 108.157.4.70 16509 (AMAZON-02)
2 18.154.63.65 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 3.71.149.231 16509 (AMAZON-02)
1 2 108.129.52.148 16509 (AMAZON-02)
2 4 2001:678:cb4:... 56396 (AMOBEE)
1 1 35.194.66.159 396982 (GOOGLE-CL...)
2 15.197.193.217 16509 (AMAZON-02)
2 2 2a05:d018:d29... 16509 (AMAZON-02)
1 178.250.1.9 44788 (ASN-CRITE...)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
2 2 35.186.193.173 15169 (GOOGLE)
2 216.58.212.130 15169 (GOOGLE)
4 142.250.186.130 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:9000:223... 16509 (AMAZON-02)
7 2600:1f18:1ac... 14618 (AMAZON-AES)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 151.101.2.49 54113 (FASTLY)
1 3.67.231.56 16509 (AMAZON-02)
4 35.176.121.206 16509 (AMAZON-02)
322 52
67    185.182.111.117 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: geocult.ru
geocult.ru
48    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.google.com
3    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.googleapis.com
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    88.212.201.198 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru
counter.yadro.ru
20    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
26    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
24    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
cm.g.doubleclick.net
11    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
8    37.252.171.53 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
4    142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
ad.doubleclick.net
8    94.130.102.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.102.130.94.clients.your-server.de
hal9000.redintelligence.net
32    2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    138.201.63.149 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.149.63.201.138.clients.your-server.de
hal90009.redintelligence.net
4    138.201.63.157 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.157.63.201.138.clients.your-server.de
hal90007.redintelligence.net
1    85.14.248.71 (Neukirchen-Vluyn, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
2    2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
adv.office-partner.de
5    91.121.248.44 (France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu
pv.medialead.de
2    18.170.182.156 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-170-182-156.eu-west-2.compute.amazonaws.com
track.webgains.com
2    23.56.205.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-205-163.deploy.static.akamaitechnologies.com
www.awin1.com
4    216.58.206.38 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f6.1e100.net
5994599.fls.doubleclick.net
1    94.23.99.218 (France)

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu
medialead.de
2    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
2    2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com
sync.teads.tv
2    108.157.4.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-70.dus51.r.cloudfront.net
analytics.webgains.io
2    18.154.63.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-63-65.dus51.r.cloudfront.net
cdn.track.production.webgains.team
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    108.129.52.148 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-129-52-148.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
4    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
1    35.194.66.159 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.66.194.35.bc.googleusercontent.com
um.simpli.fi
2    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    2a05:d018:d29:3602:8b08:3c9:f238:ee96 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    2a05:d01c:1d8:8101:1f18:2983:dac6:b09 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ius.ctnsnet.com
2    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net
www.googleadservices.com
4    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2600:9000:223f:4e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
7    2600:1f18:1aca:4282:681e:bcdb:1ca2:a385 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
1    2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
1    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    3.67.231.56 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-231-56.eu-central-1.compute.amazonaws.com
x.bidswitch.net
4    35.176.121.206 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-121-206.eu-west-2.compute.amazonaws.com
api.webgains.io
Apex Domain
Subdomains		 Transfer
74 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
827 KB
67 geocult.ru
geocult.ru
263 KB
58 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
ad.doubleclick.net — Cisco Umbrella Rank: 139
5994599.fls.doubleclick.net — Cisco Umbrella Rank: 98422
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
263 KB
32 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
651 KB
16 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 37721
hal90009.redintelligence.net — Cisco Umbrella Rank: 205785
hal90007.redintelligence.net — Cisco Umbrella Rank: 268469
136 KB
11 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 900
static.adsafeprotected.com — Cisco Umbrella Rank: 602
dt.adsafeprotected.com — Cisco Umbrella Rank: 567
102 KB
11 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
7 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
6 KB
8 gstatic.com
www.gstatic.com
fonts.gstatic.com
70 KB
8 google.com
translate.google.com — Cisco Umbrella Rank: 1298
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 2693
adservice.google.com — Cisco Umbrella Rank: 93
32 KB
6 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 24395
api.webgains.io — Cisco Umbrella Rank: 59842
37 KB
6 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 47317
medialead.de — Cisco Umbrella Rank: 46843
2 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
383 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
389 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 773
r.turn.com — Cisco Umbrella Rank: 3570
2 KB
3 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
2 KB
3 googleapis.com
translate.googleapis.com — Cisco Umbrella Rank: 947
fonts.googleapis.com — Cisco Umbrella Rank: 29
82 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
29 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
2 ctnsnet.com
ius.ctnsnet.com — Cisco Umbrella Rank: 6100
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
297 B
2 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 61264
3 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1299
326 B
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 491
400 B
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 13930
1 KB
2 webgains.com
track.webgains.com — Cisco Umbrella Rank: 49821
4 KB
2 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 128498
2 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6765
515 B
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 12199
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
146 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
589 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2627
104 B
1 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 1771
297 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 550
363 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
759 B
1 exactag.com
m.exactag.com — Cisco Umbrella Rank: 11353
1 KB
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
322 38
Domain Requested by
67 geocult.ru 1 redirects geocult.ru
48 pagead2.googlesyndication.com geocult.ru
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
32 s0.2mdn.net geocult.ru
s0.2mdn.net
googleads.g.doubleclick.net
26 tpc.googlesyndication.com googleads.g.doubleclick.net
geocult.ru
tpc.googlesyndication.com
s0.2mdn.net
pagead2.googlesyndication.com
24 cm.g.doubleclick.net 13 redirects googleads.g.doubleclick.net
geocult.ru
20 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
geocult.ru
11 dsum-sec.casalemedia.com 5 redirects googleads.g.doubleclick.net
8 hal9000.redintelligence.net googleads.g.doubleclick.net
hal90007.redintelligence.net
hal90009.redintelligence.net
8 ib.adnxs.com 5 redirects googleads.g.doubleclick.net
7 dt.adsafeprotected.com googleads.g.doubleclick.net
6 www.googletagservices.com googleads.g.doubleclick.net
geocult.ru
5 pv.medialead.de hal90009.redintelligence.net
hal90007.redintelligence.net
googleads.g.doubleclick.net
5 fonts.gstatic.com geocult.ru
fonts.googleapis.com
5 www.googletagmanager.com www.google-analytics.com
adv.office-partner.de
www.googletagmanager.com
4 api.webgains.io analytics.webgains.io
4 googleads4.g.doubleclick.net geocult.ru
4 5994599.fls.doubleclick.net 2 redirects geocult.ru
googleads.g.doubleclick.net
4 hal90007.redintelligence.net 1 redirects googleads.g.doubleclick.net
hal90007.redintelligence.net
4 hal90009.redintelligence.net 1 redirects googleads.g.doubleclick.net
hal90009.redintelligence.net
4 ad.doubleclick.net googleads.g.doubleclick.net
geocult.ru
4 www.google.com 1 redirects geocult.ru
googleads.g.doubleclick.net
3 www.gstatic.com geocult.ru
www.gstatic.com
2 static.adsafeprotected.com googleads.g.doubleclick.net
2 cdnjs.cloudflare.com s0.2mdn.net
2 www.googleadservices.com geocult.ru
2 ius.ctnsnet.com 2 redirects
2 pr-bh.ybp.yahoo.com 2 redirects
2 match.adsrvr.org googleads.g.doubleclick.net
2 r.turn.com geocult.ru
googleads.g.doubleclick.net
2 ad.turn.com 2 redirects
2 fw.adsafeprotected.com 1 redirects geocult.ru
2 adservice.google.com 5994599.fls.doubleclick.net
2 cdn.track.production.webgains.team googleads.g.doubleclick.net
2 analytics.webgains.io track.webgains.com
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 fonts.googleapis.com hal90007.redintelligence.net
hal90009.redintelligence.net
2 www.awin1.com hal90009.redintelligence.net
googleads.g.doubleclick.net
2 track.webgains.com geocult.ru
2 adv.office-partner.de hal90009.redintelligence.net
hal90007.redintelligence.net
2 www.google.de geocult.ru
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 counter.yadro.ru 1 redirects geocult.ru
2 www.google-analytics.com geocult.ru
www.google-analytics.com
1 x.bidswitch.net googleads.g.doubleclick.net
1 sync-tm.everesttech.net 1 redirects
1 dclk-match.dotomi.com googleads.g.doubleclick.net
1 ag.innovid.com googleads.g.doubleclick.net
1 dis.criteo.com googleads.g.doubleclick.net
1 um.simpli.fi 1 redirects
1 ups.analytics.yahoo.com googleads.g.doubleclick.net
1 medialead.de 1 redirects
1 m.exactag.com googleads.g.doubleclick.net
1 region1.analytics.google.com www.googletagmanager.com
1 translate.googleapis.com
1 translate.google.com geocult.ru
0 sync.search.spotxchange.com Failed googleads.g.doubleclick.net
322 57

This site contains links to these domains. Also see Links.

Domain
translate.google.com
Subject Issuer Validity Valid
geocult.ru
AlphaSSL CA - SHA256 - G4		 2023-06-24 -
2024-07-25		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
redintelligence.net
R3		 2023-10-10 -
2024-01-08		 3 months crt.sh
*.exactag.com
Sectigo ECC Domain Validation Secure Server CA		 2023-08-22 -
2024-09-15		 a year crt.sh
adv.office-partner.de
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
pv.medialead.de
R3		 2023-12-04 -
2024-03-03		 3 months crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-05-15 -
2024-06-13		 a year crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
*.webgains.io
Amazon RSA 2048 M01		 2023-07-24 -
2024-08-22		 a year crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M03		 2023-08-30 -
2024-09-27		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.innovid.com
RapidSSL TLS RSA CA G1		 2023-03-15 -
2024-04-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M02		 2023-05-09 -
2024-06-07		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh

This page contains 40 frames:

Primary Page: https://geocult.ru/
Frame ID: AB24B1D8E56FFAF3E3E98941A48DF77B
Requests: 88 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/zrt_lookup_fy2021.html
Frame ID: 37BCD8269C0A51FD43D21AF2DF1BC716
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: D93D9AF4BEB2DDDD841038006D5C5D75
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&adk=1812271804&adf=3025194257&lmt=1693404896&plaf=2%3A2%2C7%3A2&plat=3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403288&bpp=3&bdt=195&idt=311&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8731344217390&frm=20&pv=2&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=331
Frame ID: D7AD36C874E507456918A49509B21DD6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403291&bpp=1&bdt=198&idt=335&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=338
Frame ID: BED428000777263CB714546F7494E2F8
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=4347476252&adk=504672438&adf=3417920651&pi=t.ma~as.4347476252&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403292&bpp=1&bdt=200&idt=339&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=342
Frame ID: 75D986D29DE72C016C38180AD455AD50
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403292&bpp=1&bdt=200&idt=347&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=348
Frame ID: F498E7A673923CC416C7109C1A8ABEFF
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNWfytLEZIb3Rzm4ORabFoP38cCIlyiSMdsnnO-bMBqbgSQZJjwvBJ_3N_xUiPhqaWSVhpyKtJ4ketscyQ_OCHN7HTbHNGw_FlbHclPOE9sZt_km0lrRjWZ_KKRydlormow5DKzX8KwDLL7qrHjl1RwKW_GaMNUeIW27PAlo0Z1PG0zCkv4
Frame ID: 5A4F62204F60C67CB9664F2FD3F34F45
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNUGv7FXZ0aEXCUXpZIBwmvCCZWWUwJSR-uFgzj1LhKOpTWt97-3ZZU77cjoVZ3bF8DLgLdT5-XHD8Pss6jp-aA2OFKZ8tG5gmpHmOym5lhQV4TWWGAwolkLqsgmITL2iP5aK9CWCe0s2j654dR0yb7dU-dHH3fDXS7zm_zvlW1bcxoBTiM
Frame ID: C855947F0B09E10E8D2FC35D87009079
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1252&idt=-M&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=10
Frame ID: 8959BCFB7963EF208E92F09511608B3F
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1253&idt=0&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=12
Frame ID: 2A7019D837038EB32FD167ECBF4E19F5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 54FAED065D21CE4DB1BDA1272792D55B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY0oro4gEwAQ&v=APEucNV43S2kbvK3AoU5zrPTMQSg0b-YSdPWgVZlxicq4diHS-brAYXEVxTU7kZKUz0eSeZ-F3hGEk2oVyNBMthDyC49LzL31-cak_LSE236xPS_kvuIaQA_iO23YqCBuy3p9RrQnVI9emy78eXBpZLrirA6fMOdoJ0XuU_hz7Cr29eBOyFe160
Frame ID: 79E0C4DE6F25626C703C6849EFC076D0
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Frame ID: BC14FECB692FA658D3DA1D87CCF20DCC
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: EF552CEC37C7DED642274ED5AB760BA0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: C97BE93E38F3E488498EEAF396911A00
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 9E0889753C04C8BF7A343E58DBC27EA8
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=J4FK7qRkCH&t=1&renderingType=2&ev=01_250
Frame ID: 9D6A3C6B59CC95406C65987D17C810CA
Requests: 12 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 372F41B3B120E071EFB9E7E8C9421D61
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=96583300048368004444556012529009&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 094004390E8DDD804371948309A4E1BA
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: C007E79624B47351315DA54E980AC343
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=36847600040911104444994012529007&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 861D1E3A14ABEAF19BE66E229B5C750F
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMrSs_D194IDFaHHOwIdYT4Fyw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1320501837867.7158
Frame ID: 2484EAE0FC8D36DD55A25512D980E6BE
Requests: 2 HTTP requests in this frame

Frame: https://hal90007.redintelligence.net/request_content.php?s=36847600040911104444994012529007&a=9f0734ff
Frame ID: 6B7697033C0616AD946A6D7891EF4C41
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGP6N3_QBMAE&v=APEucNVxXyfYqIMP1lnG3-i-wjQsIcJ4A_jtZ59YcEFVr0uk701VjaKNLOAnVqE_JdKz7Ut1akTdrL7FG0ZsLMXJJhQX7VWe_bi5vjgR9GN9aEK2Y_rkUr2l8BSsjctI19DITmi_mcGTavHTJM5jAcFHR0FXX-FLzT5XzjKpPbUZRmdCrfFeydo
Frame ID: F1C4D701E433CBB748ECEC4CD2B2231A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: C7713776574C4B833E6E6A7389746E66
Requests: 26 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CK_es_D194IDFePMOwIdchgETw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7421131836471.022
Frame ID: A9FEF741A7B5FCD32B57689DFCE4D052
Requests: 2 HTTP requests in this frame

Frame: https://hal90009.redintelligence.net/request_content.php?s=96583300048368004444556012529009&a=429de8bd
Frame ID: 5CDC1CF4ADDA62C079377B2A95025796
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWB9LgEEPPdwM0EGKXp5PoBMAE&v=APEucNU3i8gpnDmB9pbC06fDXBwNEPbPL0Qs8SCzZsBupizGGLGueL6G0-mTj8QfNbwpkpDTWXKp-TNlTeOwVbteGZq2fYZq33K8yoZyWkzk6PTU9m7nwdZjpynZxMW57IkhQ6WR46E__WX9_MPWiyGYhJAxekQX98XG0VNO0f0XMMqp-b6wBks
Frame ID: 0627D0434E09C2C8ECCA237F7F9FD830
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: A8FB6D294A351174848384CF57D50041
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FAE3D8E5C9DF49C3DCBCCAD7C9CA0B4B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FC132064DDE965DBE58D824C50DD6B1B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 3C934937E3E9895E091D3B44849B7EB7
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Frame ID: 97CA021C82723174163E65679772AADB
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: D38C0EBB6D878F50C0806639EDCCA312
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: B4F25C1584A341DC4EAEAAB91F129E6A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 98C8D05439A1BB273C8A7B1B2D03B55B
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/449926147639558759/women-160x600_de/index.html?ev=01_250
Frame ID: 2DB5FC87A97BCA06B6AAC5F788DCC862
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 566563A5B2F7A97BCD98DA180B5DA4A4
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: 16F69BDB7523522FBE01ACCB06CF74D8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Geocult.ru - Астрологический дневник. Натальная карта, Лунный календарь, Астрология.

Page URL History Show full URLs

  1. http://geocult.ru/ HTTP 301
    https://geocult.ru/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- All in One SEO Pack ([\d.]+)
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

322
Requests

90 %
HTTPS

45 %
IPv6

38
Domains

57
Subdomains

52
IPs

9
Countries

3303 kB
Transfer

8184 kB
Size

32
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://geocult.ru/ HTTP 301
    https://geocult.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63
  • https://counter.yadro.ru/hit?t44.6;r;s1600*1200*24;uhttps%3A//geocult.ru/;0.9610326889097542 HTTP 302
  • https://counter.yadro.ru/hit?q;t44.6;r;s1600*1200*24;uhttps%3A//geocult.ru/;0.9610326889097542
Request Chain 101
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOznmaukima9m4fTW_FNUco&google_cver=1
Request Chain 102
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW7lBGwgmAmK1u-LWDSnIwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpLklVdFVw2g8myp1B5WMw&google_cver=1
Request Chain 103
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENf-jeo3g4SoxlAWiY3mNqk&google_cver=1
Request Chain 104
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI5OTEzODIzNzUyNDY2NTg2Ng%3D%3D
Request Chain 105
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpLklVdFVw2g8myp1B5WMw&google_cver=1
Request Chain 106
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW7lBGwgmAmK1u-LWDSnIwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpLklVdFVw2g8myp1B5WMw&google_cver=1
Request Chain 107
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJakeL5BnyDrEoGEoDB_a68&google_cver=1
Request Chain 108
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI5OTEzODIzNzUyNDY2NTg2Ng%3D%3D
Request Chain 135
  • https://hal90009.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=55ec811907&subid=&uid=7d9ff7c1ff1a7f81&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfoufA-VuZfCaLLOptOUPrrus0Amm5b2gaZ2cnKfJD_AuEAEg1MealwFglYKAgLAHyAEJqQItzKQgCzCyPqgDAcgDmwSqBN4BT9BwQfF9DL_2kxjOU1C2wJ7GRpHnmmOuawCGopIlVvqR6aExWTqG8r94ZItq_EpN3pWqhW1VjsMNpTsNkzTeIrKGobzEpxJF3bRebclhBgeh9gNtT1OCc7QympbuhCq3WWK-kzLMsfwvqgmfyyMINWOXrjUZXs79A7y1r7s4zga341uSrW-8VqdpKyMbZGLMVID9yPzgqzI4KZiTqSkMc2R3GJ5pXF7vuLF1qFNeYuEYkPFbh-3U_x1XDiHnDsOhFFzxP16PAfHB9Cb6JSjD-NYNpOWybH5qXU90iqlgwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLDy6-_194IDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAru7sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNHF86hX2HGE09gXCpvp5PIVdzkeb0NIfXkQqw_5m9dAa0eWLBMN9iI8iRt7ZlxO9A6HOWQ1YV_X4mOqMEWo6k-wAL_ekJ3kl4Y10YAQ%26sig%3DAOD64_1axh9X3It710RN4QiVoXZAS8rOLg%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-C0wm2_mn2FDxxYfh2Hl2xPPBKOMrmYM9iY34F1Qcx7YivITHfQU_2XaYgvdkqiCQbmousCha60B6Hc14IQKTCIQ9NXjAOCQ0O3HOUST3wnq0EiD4lLZlZS-0jSjb_ruDSOMIxewV2jeE5s-NUrYNKIGgKPRuMCA47cPs5Y8RBJ_IWa2w0%26cry%3D1%26dbm_d%3DAKAmf-DvhNlxJhFv_lEzT4wXw8dPrMc9LZ5RGIi76wKuXsX_rJo2JYGilxRpz_pImeMLnQBdDfeHUVU3BzO2ZGFej5DV24TwJ6AmA-xWURhYwnNgAlWyjJF3HUTf98jhXZGKEKYq5uqVqedX3jVi01HCokSbhWFfRILKd8fr-hSLAb0jrz9kB-OZrJhaUcunebCWdcmxQK3D59vEwNozwQT-ZUHmv87C3Sb2LmZyi48j2VXzxcqAnpmnaL2qseDaUWtpORUxe-8hInHO0zsp4XnTwURq1riH-eaKiTa5j1wJOPPuTxtu5qDJ86X3O4t9j1wZCwruPQ5hR7lUSDMxcQetaJ713swugb95JHGZNCUuyiLBAtGuxzGGY01Rb73jLo0TISilU7ht28Fdy_r5kT5znaoJeX-BeKpgwAFwBz9aBQJyUAqwuLC72Eh_6MIXcjMiBDCgzaffYVfqs8tIXK78ocQXyaIN-74eM3EZmiWUaHxMOX0zL1y05AYmuZ0SqGymghvaQZ93nCu4Y_rU40uZbvZ3PR_qGeTb-Jc9iO_anR5AOSuXqU4%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=5967515733121&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90009.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=55ec811907&subid=&uid=7d9ff7c1ff1a7f81&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfoufA-VuZfCaLLOptOUPrrus0Amm5b2gaZ2cnKfJD_AuEAEg1MealwFglYKAgLAHyAEJqQItzKQgCzCyPqgDAcgDmwSqBN4BT9BwQfF9DL_2kxjOU1C2wJ7GRpHnmmOuawCGopIlVvqR6aExWTqG8r94ZItq_EpN3pWqhW1VjsMNpTsNkzTeIrKGobzEpxJF3bRebclhBgeh9gNtT1OCc7QympbuhCq3WWK-kzLMsfwvqgmfyyMINWOXrjUZXs79A7y1r7s4zga341uSrW-8VqdpKyMbZGLMVID9yPzgqzI4KZiTqSkMc2R3GJ5pXF7vuLF1qFNeYuEYkPFbh-3U_x1XDiHnDsOhFFzxP16PAfHB9Cb6JSjD-NYNpOWybH5qXU90iqlgwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLDy6-_194IDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAru7sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNHF86hX2HGE09gXCpvp5PIVdzkeb0NIfXkQqw_5m9dAa0eWLBMN9iI8iRt7ZlxO9A6HOWQ1YV_X4mOqMEWo6k-wAL_ekJ3kl4Y10YAQ%26sig%3DAOD64_1axh9X3It710RN4QiVoXZAS8rOLg%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-C0wm2_mn2FDxxYfh2Hl2xPPBKOMrmYM9iY34F1Qcx7YivITHfQU_2XaYgvdkqiCQbmousCha60B6Hc14IQKTCIQ9NXjAOCQ0O3HOUST3wnq0EiD4lLZlZS-0jSjb_ruDSOMIxewV2jeE5s-NUrYNKIGgKPRuMCA47cPs5Y8RBJ_IWa2w0%26cry%3D1%26dbm_d%3DAKAmf-DvhNlxJhFv_lEzT4wXw8dPrMc9LZ5RGIi76wKuXsX_rJo2JYGilxRpz_pImeMLnQBdDfeHUVU3BzO2ZGFej5DV24TwJ6AmA-xWURhYwnNgAlWyjJF3HUTf98jhXZGKEKYq5uqVqedX3jVi01HCokSbhWFfRILKd8fr-hSLAb0jrz9kB-OZrJhaUcunebCWdcmxQK3D59vEwNozwQT-ZUHmv87C3Sb2LmZyi48j2VXzxcqAnpmnaL2qseDaUWtpORUxe-8hInHO0zsp4XnTwURq1riH-eaKiTa5j1wJOPPuTxtu5qDJ86X3O4t9j1wZCwruPQ5hR7lUSDMxcQetaJ713swugb95JHGZNCUuyiLBAtGuxzGGY01Rb73jLo0TISilU7ht28Fdy_r5kT5znaoJeX-BeKpgwAFwBz9aBQJyUAqwuLC72Eh_6MIXcjMiBDCgzaffYVfqs8tIXK78ocQXyaIN-74eM3EZmiWUaHxMOX0zL1y05AYmuZ0SqGymghvaQZ93nCu4Y_rU40uZbvZ3PR_qGeTb-Jc9iO_anR5AOSuXqU4%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=5967515733121&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 142
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpLklVdFVw2g8myp1B5WMw&google_cver=1
Request Chain 143
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW7lBGwgmAmK1u-LWDSnIwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpLklVdFVw2g8myp1B5WMw&google_cver=1
Request Chain 144
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJakeL5BnyDrEoGEoDB_a68&google_cver=1
Request Chain 145
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI5OTEzODIzNzUyNDY2NTg2Ng%3D%3D
Request Chain 146
  • https://hal90007.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=3a313e69d6&subid=&uid=5cb252426c0a51f8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXAaUA-VuZZCULOX8xtYPxP6v-Aqm5b2gab2TnKfJD_AuEAEg1MealwFglYKAgLAHyAEJqQIzljctyC6yPqgDAcgDmwSqBN4BT9CR0LJgxMTs6GrdSIUzLNRLhv-GuEGIV2QjKampOov8mttxXyw7vVe2C5T6IavAbsxwkWR2ph7nxZXE5dP_Mykq_D0f6BDCr1OTRJcGbCFfuLLbHHmoW9IM6ezXDFbTOoDgKAX8atynJmq8Irm180al7K5oR91_eH4PEi3lgkAXx0KCVtndMt540J5WZdFe5nUHruz3kEcnRciIdK1ogJFrs01-WyOXUuoIX3rWDiOatwIlaqr6hzUDIVffeiNfWVfa89ETaru-JBYUNYvQo_NPS70GWuq9_R8_Z4yGwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WL3b7O_194IDgAoBmAsByAsBgAwBogwQKg4KDOS0sQLutbECtbixAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNo1mRdXugpOPTt7ijsWk5xc078XSXSYdbdmDuGYir-_9siyqlnL4VWNhahiguHsdKJJmO-MXMyokpJCxpXt7Njt0GKpU-jPUWIhgB%26sig%3DAOD64_3ypx6k4yCigD8eIcS9XdDdh5IvZA%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-DaHybOQMQ3vwG9tFozg5-Bbu9ZcWN8-HuXCRnY2-4iObSYMWxSkG0KZUz28E3sDD3747HORVtF4WRYVQeLmnC_GLcZ1dppg7g6KgvBvNJiYKMXUqFpe8mPqTvGAObVzlAimCT9R4rRtgkLDFiM3EdCFGGUCiP7K-VCrdLh45hfanbAZlI%26cry%3D1%26dbm_d%3DAKAmf-A1Bd8i_HwZvECAVHkEQAUz3DULEzs-jSRASeC_BhlJ9diAuYBr_gXyoxPjM9YMsbKQmvkKbDt2eZLr-GqgIBXMYeud6oLguqgz1D1W8cQ0ydL6NPDEF0WSeUZJTGGMfgHkv_rbUBpNgqXz6c5MbWXPgn41RUi2-NEXz56FS8ZNTebUNFGvSOCN5Ez7LOWy-Lp1CopvfE7EcLm98xzGBjA5XrvkZYdqlRPebAmD4NCR75KADcaGU1gwQW4IA4vPJwAzeuTI225QyscxFU31zqr34sFpfqr2mCHebAG8XckT7xwRHlV0cRxXO-McLLjOYGBTcdvOX763VLGoVfmYgKGw4dPJA1SmS8r2js76yD_W71UQXt6V6GOSu6EPWVRX1nuDw-dj-mEs3VkqcvqXkm8A69yZkZB0VWwlBuBotB88q34-plA1mdFv4KlxsTwiZzLN9mFrBVpqkIl1K7nrUca1kWiCtIq3qtFmQJeJY1c0FMJd74BmPgNECrweN14EcJ1rW7yGbsWbNGp_oQXVLw1WKN0jL2JCmuPufXUlIiAg9gV_PH0%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=9949805174950&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90007.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=3a313e69d6&subid=&uid=5cb252426c0a51f8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXAaUA-VuZZCULOX8xtYPxP6v-Aqm5b2gab2TnKfJD_AuEAEg1MealwFglYKAgLAHyAEJqQIzljctyC6yPqgDAcgDmwSqBN4BT9CR0LJgxMTs6GrdSIUzLNRLhv-GuEGIV2QjKampOov8mttxXyw7vVe2C5T6IavAbsxwkWR2ph7nxZXE5dP_Mykq_D0f6BDCr1OTRJcGbCFfuLLbHHmoW9IM6ezXDFbTOoDgKAX8atynJmq8Irm180al7K5oR91_eH4PEi3lgkAXx0KCVtndMt540J5WZdFe5nUHruz3kEcnRciIdK1ogJFrs01-WyOXUuoIX3rWDiOatwIlaqr6hzUDIVffeiNfWVfa89ETaru-JBYUNYvQo_NPS70GWuq9_R8_Z4yGwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WL3b7O_194IDgAoBmAsByAsBgAwBogwQKg4KDOS0sQLutbECtbixAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNo1mRdXugpOPTt7ijsWk5xc078XSXSYdbdmDuGYir-_9siyqlnL4VWNhahiguHsdKJJmO-MXMyokpJCxpXt7Njt0GKpU-jPUWIhgB%26sig%3DAOD64_3ypx6k4yCigD8eIcS9XdDdh5IvZA%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-DaHybOQMQ3vwG9tFozg5-Bbu9ZcWN8-HuXCRnY2-4iObSYMWxSkG0KZUz28E3sDD3747HORVtF4WRYVQeLmnC_GLcZ1dppg7g6KgvBvNJiYKMXUqFpe8mPqTvGAObVzlAimCT9R4rRtgkLDFiM3EdCFGGUCiP7K-VCrdLh45hfanbAZlI%26cry%3D1%26dbm_d%3DAKAmf-A1Bd8i_HwZvECAVHkEQAUz3DULEzs-jSRASeC_BhlJ9diAuYBr_gXyoxPjM9YMsbKQmvkKbDt2eZLr-GqgIBXMYeud6oLguqgz1D1W8cQ0ydL6NPDEF0WSeUZJTGGMfgHkv_rbUBpNgqXz6c5MbWXPgn41RUi2-NEXz56FS8ZNTebUNFGvSOCN5Ez7LOWy-Lp1CopvfE7EcLm98xzGBjA5XrvkZYdqlRPebAmD4NCR75KADcaGU1gwQW4IA4vPJwAzeuTI225QyscxFU31zqr34sFpfqr2mCHebAG8XckT7xwRHlV0cRxXO-McLLjOYGBTcdvOX763VLGoVfmYgKGw4dPJA1SmS8r2js76yD_W71UQXt6V6GOSu6EPWVRX1nuDw-dj-mEs3VkqcvqXkm8A69yZkZB0VWwlBuBotB88q34-plA1mdFv4KlxsTwiZzLN9mFrBVpqkIl1K7nrUca1kWiCtIq3qtFmQJeJY1c0FMJd74BmPgNECrweN14EcJ1rW7yGbsWbNGp_oQXVLw1WKN0jL2JCmuPufXUlIiAg9gV_PH0%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=9949805174950&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 166
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1320501837867.7158 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CMrSs_D194IDFaHHOwIdYT4Fyw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1320501837867.7158
Request Chain 168
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=36847600040911104444994012529007&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=36847600040911104444994012529007&t=htlp&gdpr=1&consent=1&gdpr_consent=
Request Chain 179
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7421131836471.022 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CK_es_D194IDFePMOwIdchgETw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7421131836471.022
Request Chain 193
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEB692UzCI4ZuT6Fqoh5A5pM&google_cver=1
Request Chain 195
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEMouwITdqLyOrtAIpCMUYVo&google_cver=1
Request Chain 236
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEMdnyjz5eCUkrGg3c1D_5zg&google_cver=1
Request Chain 246
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESELJowJuPQVYjvRADzT9qSBs&google_cver=1&google_push=AXcoOmSM5JK7PAvA196ooEBs8umd2C7eevQ7YkqWnEVQ80sWWgClXxQT1dbr5Ujr9wTxf_yG9zZK2A8WggMTJk0oegRgtOXJq6eV6ilm8cJPmT-Bhjp4TwVVRiW7uwTbtj0HKNKHexJk7xA4KOd1ysRaQNhfAqk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjU3MTkyMzQyODU2MzAyNjYyOA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELJowJuPQVYjvRADzT9qSBs&google_cver=1
Request Chain 247
  • https://um.simpli.fi/gp_match?google_gid=CAESEFREKmfEc-1f9QxyS25lWa4&google_cver=1&google_push=AXcoOmSVKxh6PggBywkEGdmlQbA9kC_QbOE0F7i7NSgJY03oIrEQTMPRdSBoPI7UZ4cHZoVNrjYEL5_GRsI7KRxJdZDJHP5Nhu25iPNqKuRHNaIOu1SFvqWENxMDswqQuI0N4U-dkOUuMVLbO8nCdSWkb20aBf0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1BC62361594B4059907D01902A9704C4&google_push=AXcoOmSVKxh6PggBywkEGdmlQbA9kC_QbOE0F7i7NSgJY03oIrEQTMPRdSBoPI7UZ4cHZoVNrjYEL5_GRsI7KRxJdZDJHP5Nhu25iPNqKuRHNaIOu1SFvqWENxMDswqQuI0N4U-dkOUuMVLbO8nCdSWkb20aBf0
Request Chain 249
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHn8eINBaHc8k85nnVDfz7M&google_cver=1&google_push=AXcoOmT_rinBkE0F_pUrKAwTM3vg9eO1iZWrghFkNEECQFAqE2fqz7-62iUUKIT56fwbHykyYKrJeAid4D_cC1Wozzna4kn9jx_3XFeRNZb_m8m1-cYaEXoABWnWGrFzUWtJrwq7bIp4Md3Y7Qmrv5K3Yd_iInI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmT_rinBkE0F_pUrKAwTM3vg9eO1iZWrghFkNEECQFAqE2fqz7-62iUUKIT56fwbHykyYKrJeAid4D_cC1Wozzna4kn9jx_3XFeRNZb_m8m1-cYaEXoABWnWGrFzUWtJrwq7bIp4Md3Y7Qmrv5K3Yd_iInI&google_hm=eS1qcGp3N2doRTJwRVVaaHFDb25uVDE5cjFUeERKcEY3VH5B
Request Chain 252
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEE_Ai0JIXXQh2Z3Clvmx8Os&google_cver=1&google_push=AXcoOmQ1ii2-I2Dlw8Yz65Jqb_bT6bzDHO4c-p8Qa8RgR_RQKE-JEltGJJ1jaeyOC5d6jAQyk3N74po6cjr726OJMRVnxolFlNBMA2Qx8Dyu4yVtgrKQQDMxAneVyrUPVqncH59ff-iGejaA9rDOFlbY7bBbmlqW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQ1ii2-I2Dlw8Yz65Jqb_bT6bzDHO4c-p8Qa8RgR_RQKE-JEltGJJ1jaeyOC5d6jAQyk3N74po6cjr726OJMRVnxolFlNBMA2Qx8Dyu4yVtgrKQQDMxAneVyrUPVqncH59ff-iGejaA9rDOFlbY7bBbmlqW&google_hm=j4vxivQxR2ed-jvn68QG4QQ
Request Chain 254
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 258
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CXXzYBOVuZbuiG92PtOUPo8G_mAPj8ZClVvCOyMDTB67y9__8GhABINTHmpcBYJWCgICwB6AB96vt-gPIAQKpAi3MpCALMLI-qAMByAPJBKoEvAFP0MZqZTJBBUWuYCNAR8TQn84lW9p31sM7V4UFOJ7jCQzUsxokkFpVfWcFi_5fCD0gYywFlsoGQVOoNGbbXyVd6MF0_bImBPREPe_p67HEe6n3cri_8GC58ZFhYy2pmUYCR1W8q3on1SAJj4Fr5GtEqqVgNpD9kiOOHgyxcsM27o1j5dpE25aQuPP2QLHI3v41eT7RtjaeHXEMkUN-zquo9Dt6-sQjp5wx6_SLWCF7MgpSNoe57Xuq_5mynsAE0J3o0fQBiAWxu_BfkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB_HTkgWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBC3kRXSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WPGAmPD194IDmgk4aHR0cHM6Ly93d3cuYWt0aW9uLWtpZy5ldS91bWZyYWdlLWNocmlzdGxpY2hlLXd1cnplbG5fbS-ACgHICwGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7EC2BMM0BUBmBYBgBcBshccChoIABIUcHViLTI5MjA1NTU1NzM1ODQ2OTgYAA&sigh=5PoJ1Ka914s&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaN8INJwosGOf-jwAhlMaWVPCFbJQjPBo6fZe8j4cZqTZUYuwQHRI4FQ9AhwNB3Ooh8W1XBANw4ohgB&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2218414107922724700645%22,%22debug_reporting%22:true,%22destination%22:%22https://aktion-kig.eu%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221062950391%22],%224%22:[%2212-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225013094701407171521%22}&andc=true
Request Chain 280
  • https://fw.adsafeprotected.com/rfw/st/1627455/73523879/4.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-2920555573584698&ias_chanId=1&ias_placementId=20492283353&bidurl=https://geocult.ru/&ias_dealId=&xsId=ABAjH0gT1oJPmccVRksN9eHKNF7Q&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0gT1oJPmccVRksN9eHKNF7Q&adContainerId=brand_safety_BOVuZZ2-N7Phx_APyfCNkAo&cbFunctionName=goog_wrapCb_BOVuZZ2-N7Phx_APyfCNkAo&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fgeocult.ru&adsafe_type=g&adsafe_url=https%3A%2F%2Fgeocult.ru%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2920555573584698%26output%3Dhtml%26h%3D280%26slotname%3D4347476252%26adk%3D504672438%26adf%3D3417920651%26pi%3Dt.ma~as.4347476252%26w%3D336%26lmt%3D1693404896%26format%3D336x280%26url%3Dhttps%253A%252F%252Fgeocult.ru%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701766403292%26bpp%3D1%26bdt%3D200%26idt%3D339%26shv%3Dr20231130%26mjsv%3Dm202311300101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C160x600%26nras%3D1%26correlator%3D8731344217390%26frm%3D20%26pv%3D1%26ga_vid%3D308176690.1701766403%26ga_sid%3D1701766404%26ga_hid%3D1625040066%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D604%26ady%3D294%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C42532604%252C31079759%252C31079864%252C31079866%252C42531705%252C44795921%252C44806141%252C44807763%252C44808149%252C44808285%252C44809072%252C21065725%26oid%3D2%26pvsid%3D382026428823841%26tmod%3D285315023%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257Cm%257CpeE%257Cp%26abl%3DXS%26pfx%3D0%26fu%3D0%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26dtd%3D342&adsafe_type=bed&adsafe_jsinfo=,id:d5340f5b-3c1e-19ce-c42f-4b51ee1c0ac0,c:vUL2Ut,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-594854db75-tbrg9,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:2,mot:0,app:0,maw:0,fm:tXympna+11%7C12%7C13%7C141%7C142%7C143%7C144%7C145%7C146%7C151*.1627455-73523879%7C1511%7C15121%7C1513%7C161%7C162%7C163%7C164%7C165%7C166%7C171%7C172%7C173%7C1811%7C1911%7C1912%7C1913,idMap:151*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:14,oid:c02b573b-934b-11ee-a977-86ca4c6552ed,v:19.8.463,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?xsId=ABAjH0gT1oJPmccVRksN9eHKNF7Q&ias_xappb=&adContainerId=brand_safety_BOVuZZ2-N7Phx_APyfCNkAo&cbFunctionName=goog_wrapCb_BOVuZZ2-N7Phx_APyfCNkAo&true_pb=
Request Chain 294
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESELJowJuPQVYjvRADzT9qSBs&google_cver=1&google_push=AXcoOmRRrfc7yC7IRaEvT2GoaBq1qklPm9RFCD1jSJBFA1l-EO6CF7WT1_ONgqJ6Qxgr3Ib8sKdfqWWPZrIEy6GsVenrxPEA9766-kodCLByQIRS1UDClb7Q7G_m0jdfTPXIUMudCmyBCo2nIzGsDK2EAE-DGUw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjU3MTkyMzQyODU2MzAyNjYyOA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELJowJuPQVYjvRADzT9qSBs&google_cver=1
Request Chain 296
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEFvtDYxGnT_hgU4tcX810vw&google_cver=1&google_push=AXcoOmSh1FAFOYCJbgj0DgpZur_bEaJtjnqSA0V0-GpxCvXpHL0VRyT_k7mftQekMhk1DS7Pkh6ebUNwmTiqRjujhxz7M48MqOpiPMUlTg9Lkgoq0UzD8WKPtxBuHrbeESgyweD5DPZrr_HKu0vBtVIGePQPbdI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFvtDYxGnT_hgU4tcX810vw&google_push=AXcoOmSh1FAFOYCJbgj0DgpZur_bEaJtjnqSA0V0-GpxCvXpHL0VRyT_k7mftQekMhk1DS7Pkh6ebUNwmTiqRjujhxz7M48MqOpiPMUlTg9Lkgoq0UzD8WKPtxBuHrbeESgyweD5DPZrr_HKu0vBtVIGePQPbdI
Request Chain 299
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHn8eINBaHc8k85nnVDfz7M&google_cver=1&google_push=AXcoOmR3GWQ6Ea2RnNE-hy82BzNSxcZ_goclzEi4bNJCzV7xhUqp0TwWxu8QTLYN57nAxek761jsL3ikeAeiLBijI7sfxsy3c12ZGlw9s2CNHJUVexqNEgVTlHcc0M6hfVa8zHloBy0BYLmd_NrhncjCKGCvTaM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR3GWQ6Ea2RnNE-hy82BzNSxcZ_goclzEi4bNJCzV7xhUqp0TwWxu8QTLYN57nAxek761jsL3ikeAeiLBijI7sfxsy3c12ZGlw9s2CNHJUVexqNEgVTlHcc0M6hfVa8zHloBy0BYLmd_NrhncjCKGCvTaM&google_hm=eS1qcGp3N2doRTJwRVVaaHFDb25uVDE5cjFUeERKcEY3VH5B
Request Chain 300
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEE_Ai0JIXXQh2Z3Clvmx8Os&google_cver=1&google_push=AXcoOmTCjUmsdJmtbqr9AywsDAoges7M10jW5t01M05CC5RLVR-aW-V6WhGVYX9c3K1nGpy2MuPLEBWuDrdv-lHRpc-R3q_kNyRNrJUSePkssfrWLlGS564ok8GpKKo_qnhPd8JkqgEY-TwHTpby7UiHaV3VWJZU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmTCjUmsdJmtbqr9AywsDAoges7M10jW5t01M05CC5RLVR-aW-V6WhGVYX9c3K1nGpy2MuPLEBWuDrdv-lHRpc-R3q_kNyRNrJUSePkssfrWLlGS564ok8GpKKo_qnhPd8JkqgEY-TwHTpby7UiHaV3VWJZU&google_hm=j4vxivQxR2ed-jvn68QG4QQ

322 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
geocult.ru/
Redirect Chain
  • http://geocult.ru/
  • https://geocult.ru/
99 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
8d674b28f8c316180a29763d4d735629198158a03a780fb691025830bae98b30

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=86400
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 05 Dec 2023 08:53:23 GMT
expires
Wed, 06 Dec 2023 08:53:23 GMT
last-modified
Wed, 30 Aug 2023 14:14:56 +0000
link
<https://geocult.ru/wp-json/>; rel="https://api.w.org/" <https://geocult.ru/>; rel=shortlink
server
nginx
x-cache-status
BYPASS

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Tue, 05 Dec 2023 08:53:22 GMT
Location
https://geocult.ru/
Server
nginx
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		152 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2920555573584698
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9efe4a15e261098bea1026224d667013a1580db2fd759f6719713791d2c1b817
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geocult.ru/
Origin
https://geocult.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52164
x-xss-protection
0
server
cafe
etag
4004728064215586308
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 05 Dec 2023 08:53:23 GMT
stylev2.css
geocult.ru/wp-content/themes/evolve/ 		68 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
04dff075b0c9befeaec0105bc4f7e21a284f402f0f3425896f90963c888d7f1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 08:40:06 GMT
server
nginx
etag
W/"60409ce6-1119a"
content-type
text/css
cache-control
max-age=691200
expires
Wed, 13 Dec 2023 08:53:23 GMT
logo3.gif
geocult.ru/wp-content/uploads/2013/11/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2013/11/logo3.gif
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
f97ff7af18b6fca33d99a223aaddee96afb3ddd73c2368a39acc15ff53b91c2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Wed, 07 Jan 2015 17:02:04 GMT
server
nginx
etag
"54ad668c-22e8"
content-type
image/gif
cache-control
max-age=691200
accept-ranges
bytes
content-length
8936
expires
Wed, 13 Dec 2023 08:53:23 GMT
oven_knopka2f.png
geocult.ru/wp-content/uploads/2014/08/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2014/08/oven_knopka2f.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
528b3762e36893c9075ebbb38655afaa02aecbd106aefc59881bd879ffeba9c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Sat, 27 Feb 2016 09:28:00 GMT
server
nginx
etag
"56d16c20-113f"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
4415
expires
Wed, 13 Dec 2023 08:53:23 GMT
telec_knopka1f.png
geocult.ru/wp-content/uploads/2014/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2014/08/telec_knopka1f.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
f69f24da425eac9ecd7ba5e9a956ee643849921ec5672a9a961e309c60a1feda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Sat, 27 Feb 2016 07:07:42 GMT
server
nginx
etag
"56d14b3e-123a"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
4666
expires
Wed, 13 Dec 2023 08:53:23 GMT
blizneci_knopka1f.png
geocult.ru/wp-content/uploads/2014/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2014/08/blizneci_knopka1f.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
1a4b71acc013b49315ff300c03f7163618bb6f1cc0408d710e11f97b255f9255

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Sat, 27 Feb 2016 07:16:35 GMT
server
nginx
etag
"56d14d53-1216"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
4630
expires
Wed, 13 Dec 2023 08:53:23 GMT
rak_knopka1f.png
geocult.ru/wp-content/uploads/2014/08/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2014/08/rak_knopka1f.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
914dcb400670688bb8de60c955cce8afce0838c2fa2ad297b4bd4b34ec908ed0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Sat, 27 Feb 2016 07:28:05 GMT
server
nginx
etag
"56d15005-1010"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
4112
expires
Wed, 13 Dec 2023 08:53:23 GMT
lev_knopka1f.png
geocult.ru/wp-content/uploads/2014/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2014/08/lev_knopka1f.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
df5f8f98ec7bd0263bb4dabff07ecf507a535c2c39a5e391e03e7ea124baa321

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Sat, 27 Feb 2016 08:46:05 GMT
server
nginx
etag
"56d1624d-12ba"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
4794
expires
Wed, 13 Dec 2023 08:53:23 GMT
deva_knopka1f.png
geocult.ru/wp-content/uploads/2014/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2014/08/deva_knopka1f.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
1162f2ec71eb82147a7e6a6f558b88982bb78ad2fa812c1c52020f5b7bd1bd85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Sat, 27 Feb 2016 08:52:08 GMT
server
nginx
etag
"56d163b8-122e"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
4654
expires
Wed, 13 Dec 2023 08:53:23 GMT
vesi_knopka1f.png
geocult.ru/wp-content/uploads/2014/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2014/08/vesi_knopka1f.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
daf927d970143656739c9b917412ba171dae6e997b8dfe53263effae772d1b69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Sat, 27 Feb 2016 08:57:19 GMT
server
nginx
etag
"56d164ef-125c"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
4700
expires
Wed, 13 Dec 2023 08:53:23 GMT
scorpion_knopka1f.png
geocult.ru/wp-content/uploads/2014/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2014/08/scorpion_knopka1f.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
462c848b90fb9d8f3599f4654813e4382222a6fd506a48158a01bc2eab95b357

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Sat, 27 Feb 2016 09:04:47 GMT
server
nginx
etag
"56d166af-13a6"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
5030
expires
Wed, 13 Dec 2023 08:53:23 GMT
strelec_knopka1f.png
geocult.ru/wp-content/uploads/2014/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2014/08/strelec_knopka1f.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
1479783c7b49a2bbde9ea12d6b9abb4d552311fad5ea3d1194a866c82ddf7d54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Sat, 27 Feb 2016 09:12:25 GMT
server
nginx
etag
"56d16879-1248"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
4680
expires
Wed, 13 Dec 2023 08:53:23 GMT
kozerog_knopka1f.png
geocult.ru/wp-content/uploads/2014/08/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2014/08/kozerog_knopka1f.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
d04da184f20eec8ec53c73f71b04f6eb462b391c982ca722500bb5abfb31cd20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Sat, 27 Feb 2016 09:17:15 GMT
server
nginx
etag
"56d1699b-11fd"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
4605
expires
Wed, 13 Dec 2023 08:53:23 GMT
vodoley_knopka1f.png
geocult.ru/wp-content/uploads/2014/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2014/08/vodoley_knopka1f.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
e74a84c9d52e2ef23512423d7e15031fc8644b0b800b89e82ad9abe3ad8b8912

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Sat, 27 Feb 2016 09:23:08 GMT
server
nginx
etag
"56d16afc-1383"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
4995
expires
Wed, 13 Dec 2023 08:53:23 GMT
ribi_knopka1f.png
geocult.ru/wp-content/uploads/2014/08/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2014/08/ribi_knopka1f.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
01bd238ad9742675260d4d3a5fef5b988ff74439b26a18aa0f98a48a694b07ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Sat, 27 Feb 2016 09:27:59 GMT
server
nginx
etag
"56d16c1f-1173"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
4467
expires
Wed, 13 Dec 2023 08:53:23 GMT
venera_scorpion_geocult-1f1-60x60.jpg
geocult.ru/wp-content/uploads/2015/09/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2015/09/venera_scorpion_geocult-1f1-60x60.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
72c786a14cc7a7c3831a33e49e63e54beddc81f6c50cc00149b29e0844aec2af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Wed, 27 Jan 2016 03:45:09 GMT
server
nginx
etag
"56a83d45-9e6"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
2534
expires
Wed, 13 Dec 2023 08:53:23 GMT
sharer.js
geocult.ru/scripts/social_button/ 		15 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geocult.ru/scripts/social_button/sharer.js
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
1537d4a7693f4840ad5484b03df34b08d0ed049696dd470ef07b55e1668d90a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
content-encoding
gzip
last-modified
Thu, 02 Apr 2020 23:01:12 GMT
server
nginx
etag
W/"5e866eb8-3a1e"
content-type
application/javascript
cache-control
max-age=691200
expires
Wed, 13 Dec 2023 08:53:23 GMT
venera_scorpion_geocult-1f1.jpg
geocult.ru/wp-content/uploads/2015/09/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2015/09/venera_scorpion_geocult-1f1.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
f9b2b62632d02dd438da5c717fcedbe7babf3420940398db1778d5b19d342f5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Thu, 17 Sep 2015 12:21:01 GMT
server
nginx
etag
"55fab02d-a4e"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
2638
expires
Wed, 13 Dec 2023 08:53:23 GMT
grande_trine1f-60-60.jpg
geocult.ru/wp-content/uploads/2020/07/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2020/07/grande_trine1f-60-60.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
e3df018cd61d671d60bd4a1cae119f8fcf1e58e47a62a4ae80c6b8100d868dbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Thu, 17 Dec 2020 08:31:08 GMT
server
nginx
etag
"5fdb174c-431"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
1073
expires
Wed, 13 Dec 2023 08:53:23 GMT
neptun-v1.jpg
geocult.ru/wp-content/uploads/2019/01/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2019/01/neptun-v1.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
815c4d0cf5937e27877ee3d17fb373dabb5b4cfa45a87636ad24f71bf59345db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Fri, 03 May 2019 09:17:47 GMT
server
nginx
etag
"5ccc073b-781"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
1921
expires
Wed, 13 Dec 2023 08:53:23 GMT
venus_v_3_home-60x60.jpg
geocult.ru/wp-content/uploads/2018/07/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2018/07/venus_v_3_home-60x60.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
178d21ba92f7134c1b38490946eadd0bddbf07248aa9e132d1ff30ddf735a62a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Fri, 20 Jul 2018 07:49:59 GMT
server
nginx
etag
"5b519427-c0c"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
3084
expires
Wed, 13 Dec 2023 08:53:23 GMT
moon-neptun-soedinenie-1-60x60.jpg
geocult.ru/wp-content/uploads/2017/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2017/10/moon-neptun-soedinenie-1-60x60.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
17389d2b816cd42930191c00df09c08669c18038ce38085452fc224228bfd2ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Tue, 17 Oct 2017 06:19:10 GMT
server
nginx
etag
"59e5a0de-a74"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
2676
expires
Wed, 13 Dec 2023 08:53:23 GMT
mars_uran_geocult-1f1.jpg
geocult.ru/wp-content/uploads/2015/10/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2015/10/mars_uran_geocult-1f1.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
d9b90d582c960458aef7a61a894bffb8c326910023e6be747b954cc8737986ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Mon, 05 Oct 2015 07:00:33 GMT
server
nginx
etag
"56122011-9b1"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
2481
expires
Wed, 13 Dec 2023 08:53:23 GMT
tranziti_online1f1.jpg
geocult.ru/wp-content/uploads/2016/10/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2016/10/tranziti_online1f1.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
8e483f5b5ac1b2ef3a28ccc7f8f7ab82cd8a56cb1e9c06294bf90b3020ccfe47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Wed, 19 Oct 2016 08:33:07 GMT
server
nginx
etag
"58072fc3-dce"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
3534
expires
Wed, 13 Dec 2023 08:53:23 GMT
moon_blizneci-1f-60x60.jpg
geocult.ru/wp-content/uploads/2019/03/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2019/03/moon_blizneci-1f-60x60.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
c76762b6b5695ab0c2c3688f5f0b4932911daa89e9a905ad866e853dd00020ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Sat, 23 Mar 2019 14:32:00 GMT
server
nginx
etag
"5c964360-713"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
1811
expires
Wed, 13 Dec 2023 08:53:23 GMT
mercury-v-2-dome-60x60.jpg
geocult.ru/wp-content/uploads/2018/06/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2018/06/mercury-v-2-dome-60x60.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
36c7b56d7df17e27614b04230c5fc1793653b20a1fd66fb9311f5df573c0f617

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Tue, 26 Jun 2018 07:10:54 GMT
server
nginx
etag
"5b31e6fe-ab3"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
2739
expires
Wed, 13 Dec 2023 08:53:23 GMT
goroscop_earth-1f1.jpg
geocult.ru/wp-content/uploads/2018/11/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2018/11/goroscop_earth-1f1.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
5e7ef5ef8582671b083278bf8f81e640b0f839f3ed0c336c4a96eb7e8b6c4aca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Thu, 29 Nov 2018 15:25:13 GMT
server
nginx
etag
"5c0004d9-849"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
2121
expires
Wed, 13 Dec 2023 08:53:23 GMT
planets-1280-1-60x60.jpg
geocult.ru/wp-content/uploads/2018/03/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2018/03/planets-1280-1-60x60.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
668252abb09b70642638a85544b62098dad1e03b79f534ee177e6d1ebb08c295

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Sat, 03 Mar 2018 17:16:40 GMT
server
nginx
etag
"5a9ad878-bf6"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
3062
expires
Wed, 13 Dec 2023 08:53:23 GMT
bioritm-icon-geocult-1f.jpg
geocult.ru/wp-content/uploads/2014/09/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2014/09/bioritm-icon-geocult-1f.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
eafb3e8e7ff731d4419a9683e280433e06a513e872f309333c0909890156bcdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Wed, 07 Jan 2015 17:39:32 GMT
server
nginx
etag
"54ad6f54-1884"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
6276
expires
Wed, 13 Dec 2023 08:53:23 GMT
lun1.jpg
geocult.ru/wp-content/uploads/2013/09/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2013/09/lun1.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
57fa232a003b023f9ee9ab9ca6f9d33569fc7cca884bf9b1ba464cc42df6ed79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Wed, 07 Jan 2015 16:55:15 GMT
server
nginx
etag
"54ad64f3-a1b"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
2587
expires
Wed, 13 Dec 2023 08:53:23 GMT
lun4.jpg
geocult.ru/wp-content/uploads/2013/09/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2013/09/lun4.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
ceae381ecbf5ea0d6e5f6977b195b7eae7d9167dd575f1983b07829838e20632

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Wed, 07 Jan 2015 16:55:22 GMT
server
nginx
etag
"54ad64fa-1200"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
4608
expires
Wed, 13 Dec 2023 08:53:23 GMT
lunniy_den_rojdeniya.jpg
geocult.ru/wp-content/uploads/2013/09/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2013/09/lunniy_den_rojdeniya.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
e86c41aba2a70f6e263fbe0c13257e5b4d36b0ba6ae34d86098013f7087441ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Wed, 07 Jan 2015 16:55:35 GMT
server
nginx
etag
"54ad6507-a50"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
2640
expires
Wed, 13 Dec 2023 08:53:23 GMT
lun3.jpg
geocult.ru/wp-content/uploads/2013/09/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2013/09/lun3.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
f2d27ec07598049af75b5252143a57fd29957203c5293b6f2321ac38efb629c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Wed, 07 Jan 2015 16:55:21 GMT
server
nginx
etag
"54ad64f9-1048"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
4168
expires
Wed, 13 Dec 2023 08:53:23 GMT
lun5.jpg
geocult.ru/wp-content/uploads/2013/09/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2013/09/lun5.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
50b78ad8578885f34aa7fa589dcd10075c466504e11467dd8a3ceed303ef4cb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Wed, 07 Jan 2015 16:55:27 GMT
server
nginx
etag
"54ad64ff-ab2"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
2738
expires
Wed, 13 Dec 2023 08:53:23 GMT
voc_moon-60x60.jpg
geocult.ru/wp-content/uploads/2018/12/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2018/12/voc_moon-60x60.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
ec4840b5e373feeae1a57fd926d937285246bd4437db4b08e0b99ccf611f1775

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Fri, 14 Dec 2018 12:53:35 GMT
server
nginx
etag
"5c13a7cf-81a"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
2074
expires
Wed, 13 Dec 2023 08:53:23 GMT
clfrkfgb00001jv0898897s3d_1-60x60.jpg
geocult.ru/wp-content/uploads/2023/04/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2023/04/clfrkfgb00001jv0898897s3d_1-60x60.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
5070152299c3d5a3ed255352b18e10649460f1e436363d4394e0f7d0acdb48de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Mon, 03 Apr 2023 15:17:18 GMT
server
nginx
etag
"642aedfe-771"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
1905
expires
Wed, 13 Dec 2023 08:53:23 GMT
lun7.jpg
geocult.ru/wp-content/uploads/2013/09/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2013/09/lun7.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
d1feb54f2339859c3595bd26343b468bad05a7a11c0a5a9d86084c56e3a885ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Wed, 07 Jan 2015 16:55:34 GMT
server
nginx
etag
"54ad6506-1bdb"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
7131
expires
Wed, 13 Dec 2023 08:53:23 GMT
lun61.jpg
geocult.ru/wp-content/uploads/2013/09/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2013/09/lun61.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
8b05625742e37f242707bde42df16ce7b828cc94f93238332f02624415d6c01f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Wed, 07 Jan 2015 16:55:29 GMT
server
nginx
etag
"54ad6501-c49"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
3145
expires
Wed, 13 Dec 2023 08:53:23 GMT
natalkarta-1f-60x60.jpg
geocult.ru/wp-content/uploads/2016/04/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2016/04/natalkarta-1f-60x60.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
be91c72c97adfae4e70b223c2f23ffd07eaf26d315a53bb66134b11dc40bb661

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Sun, 10 Apr 2016 10:52:42 GMT
server
nginx
etag
"570a307a-a3c"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
2620
expires
Wed, 13 Dec 2023 08:53:23 GMT
sun_lev_geocult-1-60x60.jpg
geocult.ru/wp-content/uploads/2015/09/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2015/09/sun_lev_geocult-1-60x60.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
c9092cfaa24952291b22481bfa4e399483260fc6fb162a6b942fed3ff42d76f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Wed, 27 Jan 2016 03:45:50 GMT
server
nginx
etag
"56a83d6e-9d8"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
2520
expires
Wed, 13 Dec 2023 08:53:23 GMT
fon_sovmestimost_geocult-1-60x60.jpg
geocult.ru/wp-content/uploads/2014/08/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2014/08/fon_sovmestimost_geocult-1-60x60.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
21f14e408c57d0c0c9a833c314df5ff7f7695f054253d9eb2ce123ba0f2ac049

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Wed, 27 Jan 2016 03:43:46 GMT
server
nginx
etag
"56a83cf2-af2"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
2802
expires
Wed, 13 Dec 2023 08:53:23 GMT
sun_6dome_geocult-1f-60x60.jpg
geocult.ru/wp-content/uploads/2015/10/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2015/10/sun_6dome_geocult-1f-60x60.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
aad870057003cbb9958374f555a06fb47dab183a03018ac1d1e88bffd1ded096

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Wed, 27 Jan 2016 03:43:51 GMT
server
nginx
etag
"56a83cf7-9f5"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
2549
expires
Wed, 13 Dec 2023 08:53:23 GMT
natal_wheel_geocult-2f-60x60.jpg
geocult.ru/wp-content/uploads/2016/03/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2016/03/natal_wheel_geocult-2f-60x60.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
e6e4ae30d0e1fe5bfda2cdf9a430e4d2da17e5706b0011bf909b312814bcbd1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Fri, 11 Mar 2016 10:29:39 GMT
server
nginx
etag
"56e29e13-df6"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
3574
expires
Wed, 13 Dec 2023 08:53:23 GMT
lunniy_uzel-2f-60x60.jpg
geocult.ru/wp-content/uploads/2018/04/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2018/04/lunniy_uzel-2f-60x60.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
41e8f29b28c908a3e09da0cdfc54be6adeef57c3ac6dbf393416e84e4d2c420b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Tue, 10 Apr 2018 12:55:02 GMT
server
nginx
etag
"5accb426-8a8"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
2216
expires
Wed, 13 Dec 2023 08:53:23 GMT
avatar1-min.png
geocult.ru/wp-content/themes/evolve/images/ 		500 B
673 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/themes/evolve/images/avatar1-min.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
b87216debe85ffb5d5f3f938c1c2cfed568d6736fd9bd06d64d85711ea5c8802

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Tue, 31 Jul 2018 08:02:32 GMT
server
nginx
etag
"5b601798-1f4"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
500
expires
Wed, 13 Dec 2023 08:53:23 GMT
jquery.js
geocult.ru/wp-includes/js/jquery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geocult.ru/wp-includes/js/jquery/jquery.js?ver=1.10.2
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
content-encoding
gzip
last-modified
Mon, 23 May 2016 09:00:29 GMT
server
nginx
etag
W/"5742c6ad-17ba0"
content-type
application/javascript
cache-control
max-age=691200
expires
Wed, 13 Dec 2023 08:53:23 GMT
element.js
translate.google.com/translate_a/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
131b8021a1854c95cf9afbd0bde61f70a9dcd12ce97789a7efb000005f4f2ffd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
jquery.fancybox.css
geocult.ru/swetest/fancybox21/source/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geocult.ru/swetest/fancybox21/source/jquery.fancybox.css?v=2.1.5
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
content-encoding
gzip
last-modified
Sat, 03 Dec 2016 23:46:32 GMT
server
nginx
etag
W/"58435958-131f"
content-type
text/css
cache-control
max-age=691200
expires
Wed, 13 Dec 2023 08:53:23 GMT
jquery.fancybox.pack.js
geocult.ru/swetest/fancybox21/source/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geocult.ru/swetest/fancybox21/source/jquery.fancybox.pack.js?v=2.1.5
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
content-encoding
gzip
last-modified
Sat, 03 Dec 2016 23:46:34 GMT
server
nginx
etag
W/"5843595a-5a5f"
content-type
application/javascript
cache-control
max-age=691200
expires
Wed, 13 Dec 2023 08:53:23 GMT
new-tab.min.js
geocult.ru/wp-content/plugins/page-links-to/js/ 		911 B
688 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geocult.ru/wp-content/plugins/page-links-to/js/new-tab.min.js?ver=2.10.4
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
2baa2ebe463ced52f500118a25caa59f75536f3a49a36ae911ff5c37e1265669

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
content-encoding
gzip
last-modified
Sun, 10 Jun 2018 09:40:17 GMT
server
nginx
etag
W/"5b1cf201-38f"
content-type
application/javascript
cache-control
max-age=691200
expires
Wed, 13 Dec 2023 08:53:23 GMT
comment-reply.min.js
geocult.ru/wp-includes/js/ 		1 KB
768 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geocult.ru/wp-includes/js/comment-reply.min.js?ver=4.9.8
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
content-encoding
gzip
last-modified
Wed, 18 Nov 2015 19:15:28 GMT
server
nginx
etag
W/"564cce50-436"
content-type
application/javascript
cache-control
max-age=691200
expires
Wed, 13 Dec 2023 08:53:23 GMT
main-bg.jpg
geocult.ru/wp-content/themes/evolve/library/media/images/ 		968 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/themes/evolve/library/media/images/main-bg.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
d0a7940c5739597d973e2bb019d3e3cc8b5e8747e607982ebdbd4890f4288f3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Fri, 19 May 2017 18:30:04 GMT
server
nginx
etag
"591f39ac-3c8"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
968
expires
Wed, 13 Dec 2023 08:53:23 GMT
green-back.jpg
geocult.ru/wp-content/themes/evolve/library/media/images/header-two/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/themes/evolve/library/media/images/header-two/green-back.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
3b3c66d6f6711dcb00f5ca69f10cc2e996c38c6c90facc8da13bbc88827433ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Fri, 19 May 2017 19:18:17 GMT
server
nginx
etag
"591f44f9-fc8"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
4040
expires
Wed, 13 Dec 2023 08:53:23 GMT
trans.png
geocult.ru/wp-content/themes/evolve/library/media/images/dark/ 		97 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/themes/evolve/library/media/images/dark/trans.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
5942cf3294f46a9640870809b055e78887d7b48cc1e31a153d9c3b5dd7ef674b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Fri, 19 May 2017 18:30:27 GMT
server
nginx
etag
"591f39c3-61"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
97
expires
Wed, 13 Dec 2023 08:53:23 GMT
shadow-before.png
geocult.ru/wp-content/themes/evolve/library/media/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/themes/evolve/library/media/images/shadow-before.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
0d43d9f15c54f63334de8305be7fabb614396c5e190a0756a417483ba9c61631

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Fri, 19 May 2017 18:30:09 GMT
server
nginx
etag
"591f39b1-1fb1"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
8113
expires
Wed, 13 Dec 2023 08:53:23 GMT
shadow-after.png
geocult.ru/wp-content/themes/evolve/library/media/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/themes/evolve/library/media/images/shadow-after.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
9da58863c2d4a7e1f3c71a9a498588e7b74c3bf65fb97ddd126f1564fa7f9f02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Fri, 19 May 2017 18:30:09 GMT
server
nginx
etag
"591f39b1-1f66"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
8038
expires
Wed, 13 Dec 2023 08:53:23 GMT
divider.png
geocult.ru/wp-content/themes/evolve/library/media/images/ 		226 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/themes/evolve/library/media/images/divider.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
c4f459274e378b71dae7cd9514f4c3020545081e0de18560311a5aabf98f85b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Fri, 19 May 2017 18:29:53 GMT
server
nginx
etag
"591f39a1-e2"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
226
expires
Wed, 13 Dec 2023 08:53:23 GMT
search.png
geocult.ru/wp-content/themes/evolve/library/media/images/ 		788 B
961 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/themes/evolve/library/media/images/search.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
281bdb69ef6f2abc92abda9b18117ebbf50e9add63b183b2d9bc3fe3afbb3011

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Fri, 19 May 2017 18:30:08 GMT
server
nginx
etag
"591f39b0-314"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
788
expires
Wed, 13 Dec 2023 08:53:23 GMT
list-style.png
geocult.ru/wp-content/themes/evolve/library/media/images/ 		192 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/themes/evolve/library/media/images/list-style.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
83fef62511d4754a257551bd24d92efdeeb31c2886d07de22e9e947942233f6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Fri, 19 May 2017 18:30:01 GMT
server
nginx
etag
"591f39a9-c0"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
192
expires
Wed, 13 Dec 2023 08:53:23 GMT
divider-tile.png
geocult.ru/wp-content/themes/evolve/library/media/images/ 		88 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/themes/evolve/library/media/images/divider-tile.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
992f94f905118b8960ff39ecea7dcec52afbb5b2a484b14cd817844ba03d7eab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Fri, 19 May 2017 18:29:53 GMT
server
nginx
etag
"591f39a1-58"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
88
expires
Wed, 13 Dec 2023 08:53:23 GMT
m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=AAM/d=0/rs=AN8SPfoZVDB5be-TudnAO_y4l2LFY_GHyA/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=AAM/d=0/rs=AN8SPfoZVDB5be-TudnAO_y4l2LFY_GHyA/m=el_main_css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.RetS0UYVF9U.O/am=AAM/d=1/rs=AN8SPfpQYLrJxLA8Evaz5V0wt6dn4DngIw/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:50:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
175
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4144
x-xss-protection
0
last-modified
Sat, 15 Jul 2023 01:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 08:50:28 GMT
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.RetS0UYVF9U.O/d=1/exm=el_conf/ed=1/rs=AN8SPfr7lb_PXZnLNkTgvVwyoxNvsn0INQ/ 		228 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.RetS0UYVF9U.O/d=1/exm=el_conf/ed=1/rs=AN8SPfr7lb_PXZnLNkTgvVwyoxNvsn0INQ/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.RetS0UYVF9U.O/am=AAM/d=1/rs=AN8SPfpQYLrJxLA8Evaz5V0wt6dn4DngIw/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cb3f0ad4f6b1cc587a2e0d16f7c71a298a67fd445dd9ed2ca370cb831ecc02e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 18:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52274
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81976
x-xss-protection
0
last-modified
Sat, 02 Dec 2023 00:18:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Dec 2024 18:22:09 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 05 Dec 2023 08:31:36 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1307
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 05 Dec 2023 10:31:36 GMT
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t44.6;r;s1600*1200*24;uhttps%3A//geocult.ru/;0.9610326889097542
  • https://counter.yadro.ru/hit?q;t44.6;r;s1600*1200*24;uhttps%3A//geocult.ru/;0.9610326889097542
132 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t44.6;r;s1600*1200*24;uhttps%3A//geocult.ru/;0.9610326889097542
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
HTTP/1.1
Server
88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host198.rax.ru
Software
nginx/1.17.9 /
Resource Hash
fa523f248a332cb89ae3ad8cf51d840153e0f96bcc2a4c8db736e02a340dab48
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Dec 2023 08:53:23 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
132
Expires
Sun, 04 Dec 2022 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 05 Dec 2023 08:53:23 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit?q;t44.6;r;s1600*1200*24;uhttps%3A//geocult.ru/;0.9610326889097542
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Sun, 04 Dec 2022 21:00:00 GMT
facebook.png
geocult.ru/scripts/social_button/ 		427 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/scripts/social_button/facebook.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
ec29871f7a6e470e699f7eb7a722c49ceffe8ebb682308c7279053da037d71d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Tue, 10 Sep 2019 22:48:34 GMT
server
nginx
etag
"5d782842-1ab"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
427
expires
Wed, 13 Dec 2023 08:53:23 GMT
twitter.png
geocult.ru/scripts/social_button/ 		654 B
826 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/scripts/social_button/twitter.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
24d3f7c545ffb8d31d407b24b2c130774fae929ec9a92d6fe92f42608c858372

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Tue, 10 Sep 2019 22:48:34 GMT
server
nginx
etag
"5d782842-28e"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
654
expires
Wed, 13 Dec 2023 08:53:23 GMT
mail-ru2.png
geocult.ru/scripts/social_button/ 		900 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/scripts/social_button/mail-ru2.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
a84f5718bcfaa18fbf0bc06b2fb8989141e7ef299b1a4793bd1082b48ce74cc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Tue, 10 Sep 2019 20:04:44 GMT
server
nginx
etag
"5d7801dc-384"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
900
expires
Wed, 13 Dec 2023 08:53:23 GMT
odnoklassniki.png
geocult.ru/scripts/social_button/ 		664 B
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/scripts/social_button/odnoklassniki.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
608c7e96914ee8dea1cc0bbd2eee01f5f6d0b03521cebbc6116a7ba5940043cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Tue, 10 Sep 2019 22:48:32 GMT
server
nginx
etag
"5d782840-298"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
664
expires
Wed, 13 Dec 2023 08:53:23 GMT
vk.png
geocult.ru/scripts/social_button/ 		610 B
782 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/scripts/social_button/vk.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
d3d89aa5cc7dbbdea39f3111b7460d064d7663ea92b04e79df0b39ef2e63b196

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Tue, 10 Sep 2019 22:48:32 GMT
server
nginx
etag
"5d782840-262"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
610
expires
Wed, 13 Dec 2023 08:53:23 GMT
pinterest.png
geocult.ru/scripts/social_button/ 		817 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/scripts/social_button/pinterest.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
d371219cab55549df0dc40dfb5a92d8d4be8b8ed24ab44d4c003fdb8b580cd56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Tue, 10 Sep 2019 22:48:32 GMT
server
nginx
etag
"5d782840-331"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
817
expires
Wed, 13 Dec 2023 08:53:23 GMT
reply.gif
geocult.ru/wp-content/themes/evolve/library/media/images/ 		603 B
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/themes/evolve/library/media/images/reply.gif
Requested by
Host: geocult.ru
URL: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
436d9fdefdf3800e7aa8d543d79138dafd6a5fa95340a6d9df9515a99d6a243f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
last-modified
Fri, 19 May 2017 18:30:06 GMT
server
nginx
etag
"591f39ae-25b"
content-type
image/gif
cache-control
max-age=691200
accept-ranges
bytes
content-length
603
expires
Wed, 13 Dec 2023 08:53:23 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/ 		398 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2920555573584698&plah=geocult.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2920555573584698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4152a4433c1c119de17f0e01b4879527d198b9443d104aabe0325fa27f944312
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137565
x-xss-protection
0
server
cafe
etag
6960138996104028454
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 05 Dec 2023 08:53:23 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/ Frame 37BC 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2920555573584698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geocult.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
33258
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 23:39:05 GMT
etag
12051592065903069241
expires
Mon, 18 Dec 2023 23:39:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		16 B
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1625040066&t=pageview&_s=1&dl=https%3A%2F%2Fgeocult.ru%2F&ul=en-us&de=UTF-8&dt=Geocult.ru%20-%20%D0%90%D1%81%D1%82%D1%80%D0%BE%D0%BB%D0%BE%D0%B3%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BD%D0%B5%D0%B2%D0%BD%D0%B8%D0%BA.%20%D0%9D%D0%B0%D1%82%D0%B0%D0%BB%D1%8C%D0%BD%D0%B0%D1%8F%20%D0%BA%D0%B0%D1%80%D1%82%D0%B0%2C%20%D0%9B%D1%83%D0%BD%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%BB%D0%B5%D0%BD%D0%B4%D0%B0%D1%80%D1%8C%2C%20%D0%90%D1%81%D1%82%D1%80%D0%BE%D0%BB%D0%BE%D0%B3%D0%B8%D1%8F.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1737648945&gjid=1105696909&cid=308176690.1701766403&tid=UA-55395314-1&_gid=335495322.1701766403&_r=1&_slc=1&z=695225699
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
d752f92d971a6a3afd2a903855c7726ba385cf2ec11757e1fd694dbd661c45ef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://geocult.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://geocult.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-55395314-1&cid=308176690.1701766403&jid=1737648945&gjid=1105696909&_gid=335495322.1701766403&_u=IEBAAEAAAAAAACAAI~&z=1950321572
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://geocult.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 05 Dec 2023 08:53:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://geocult.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		230 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DHBZR6TRD0&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f1a75f598974fc39eb7e2b0f4031e3c56c9b11cb1527740eb02cc6d207af11fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83527
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 05 Dec 2023 08:53:23 GMT
truncated
/ Frame D93D 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Type
text/html;charset=UTF-8
24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 		6 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 07:58:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3282
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3340
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 14:24:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 07:58:41 GMT
googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 		910 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:58:31 GMT
x-content-type-options
nosniff
age
42892
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
910
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 03 Dec 2024 20:58:31 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=AAM/d=0/rs=AN8SPfoZVDB5be-TudnAO_y4l2LFY_GHyA/m=el_main_css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=AAM/d=0/rs=AN8SPfoZVDB5be-TudnAO_y4l2LFY_GHyA/m=el_main_css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:15:52 GMT
x-content-type-options
nosniff
age
38251
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1842
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 03 Dec 2024 22:15:52 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-55395314-1&cid=308176690.1701766403&jid=1737648945&_u=IEBAAEAAAAAAACAAI~&z=57389421
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-55395314-1&cid=308176690.1701766403&jid=1737648945&_u=IEBAAEAAAAAAACAAI~&z=57389421
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-DHBZR6TRD0&_ono=1&gtm=45je3bt0v9135369224&_p=1701766403360&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=308176690.1701766403&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fgeocult.ru%2F&dt=Geocult.ru%20-%20%D0%90%D1%81%D1%82%D1%80%D0%BE%D0%BB%D0%BE%D0%B3%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BD%D0%B5%D0%B2%D0%BD%D0%B8%D0%BA.%20%D0%9D%D0%B0%D1%82%D0%B0%D0%BB%D1%8C%D0%BD%D0%B0%D1%8F%20%D0%BA%D0%B0%D1%80%D1%82%D0%B0%2C%20%D0%9B%D1%83%D0%BD%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%BB%D0%B5%D0%BD%D0%B4%D0%B0%D1%80%D1%8C%2C%20%D0%90%D1%81%D1%82%D1%80%D0%BE%D0%BB%D0%BE%D0%B3%D0%B8%D1%8F.&sid=1701766403&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=833
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DHBZR6TRD0&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://geocult.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-DHBZR6TRD0&cid=308176690.1701766403&gtm=45je3bt0v9135369224&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DHBZR6TRD0&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://geocult.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-DHBZR6TRD0&cid=308176690.1701766403&gtm=45je3bt0v9135369224&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=2094501081
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame D7AD 		187 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&adk=1812271804&adf=3025194257&lmt=1693404896&plaf=2%3A2%2C7%3A2&plat=3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403288&bpp=3&bdt=195&idt=311&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8731344217390&frm=20&pv=2&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=331
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2920555573584698&plah=geocult.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
281042f5e06bb44fdb63cf64572afa6696d64073e71aa345e81dd0819f1b6ebd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geocult.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
56159
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 08:53:24 GMT
expires
Tue, 05 Dec 2023 08:53:24 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BED4 		25 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403291&bpp=1&bdt=198&idt=335&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=338
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2920555573584698&plah=geocult.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eef93995cec1e10e714259ebc867042dea7b3fc4b6d39f0b8da7d81e3fc8c335
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geocult.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
11371
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 08:53:24 GMT
expires
Tue, 05 Dec 2023 08:53:24 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 75D9 		26 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=4347476252&adk=504672438&adf=3417920651&pi=t.ma~as.4347476252&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403292&bpp=1&bdt=200&idt=339&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=342
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2920555573584698&plah=geocult.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffd341311bc13b35b4a81b8954c6ec19ba623f1bd53b7c8300d8230ac9439bd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geocult.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
10908
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 08:53:24 GMT
expires
Tue, 05 Dec 2023 08:53:24 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F498 		25 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403292&bpp=1&bdt=200&idt=347&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=348
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2920555573584698&plah=geocult.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e2c1ebe8c0a4d709942a87c86a904ea6b63bf2e267a3bc4bf62cff0642d41e35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geocult.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
11353
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 08:53:24 GMT
expires
Tue, 05 Dec 2023 08:53:24 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame BED4 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AH2VQiMmRLDiMBXNcOqNcUCgTHvCTd6ql-AqATB0ah4cxkZh8KuupoVUxOr8oNbGuchJMAVfNs-PqdNwtSmUslCLB8NFdK7S2NNEMOH23BetJjx08
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403291&bpp=1&bdt=198&idt=335&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=338
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame BED4 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403291&bpp=1&bdt=198&idt=335&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=338
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf940bd2489897434455528323cf66c4e3aecd5eea963f1d99d96acd452d6dd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31498
x-xss-protection
0
server
cafe
etag
4296746511219988724
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 05 Dec 2023 08:53:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame BED4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403291&bpp=1&bdt=198&idt=335&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:00:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
39177
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 22:00:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame BED4 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403291&bpp=1&bdt=198&idt=335&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:01:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
49908
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8549
x-xss-protection
0
server
cafe
etag
755982428571291914
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 19:01:36 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame BED4 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403291&bpp=1&bdt=198&idt=335&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65147
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701694399686299"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 08:53:24 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5A4F 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNWfytLEZIb3Rzm4ORabFoP38cCIlyiSMdsnnO-bMBqbgSQZJjwvBJ_3N_xUiPhqaWSVhpyKtJ4ketscyQ_OCHN7HTbHNGw_FlbHclPOE9sZt_km0lrRjWZ_KKRydlormow5DKzX8KwDLL7qrHjl1RwKW_GaMNUeIW27PAlo0Z1PG0zCkv4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403291&bpp=1&bdt=198&idt=335&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=338
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403291&bpp=1&bdt=198&idt=335&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=338
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 08:53:24 GMT
expires
Tue, 05 Dec 2023 08:53:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame F498 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C-kvnjGw_oZY17o9b3wlo__el7fZFdzoFCWoXtzXK7EexbjwWMcI0vXT_sTH0BPToNrbar6pJRa1_mVuoPNnSwEo139zqXBph3P1qtuuJPxbuwJrI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403292&bpp=1&bdt=200&idt=347&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=348
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame F498 		92 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403292&bpp=1&bdt=200&idt=347&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=348
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1f40994eab15b92af5183f9acf338e0354771054c65024e0aa679b6506f9eb87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32789
x-xss-protection
0
server
cafe
etag
17194431578830737671
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 05 Dec 2023 08:53:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame F498 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403292&bpp=1&bdt=200&idt=347&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=348
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:00:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
39177
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 22:00:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame F498 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403292&bpp=1&bdt=200&idt=347&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=348
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:01:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
49908
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8549
x-xss-protection
0
server
cafe
etag
755982428571291914
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 19:01:36 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F498 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403292&bpp=1&bdt=200&idt=347&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=348
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65147
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701694399686299"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 08:53:24 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame C855 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNUGv7FXZ0aEXCUXpZIBwmvCCZWWUwJSR-uFgzj1LhKOpTWt97-3ZZU77cjoVZ3bF8DLgLdT5-XHD8Pss6jp-aA2OFKZ8tG5gmpHmOym5lhQV4TWWGAwolkLqsgmITL2iP5aK9CWCe0s2j654dR0yb7dU-dHH3fDXS7zm_zvlW1bcxoBTiM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403292&bpp=1&bdt=200&idt=347&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=348
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403292&bpp=1&bdt=200&idt=347&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=348
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 08:53:24 GMT
expires
Tue, 05 Dec 2023 08:53:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 5A4F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOznmaukima9m4fTW_FNUco&google_cver=1
43 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOznmaukima9m4fTW_FNUco&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNWfytLEZIb3Rzm4ORabFoP38cCIlyiSMdsnnO-bMBqbgSQZJjwvBJ_3N_xUiPhqaWSVhpyKtJ4ketscyQ_OCHN7HTbHNGw_FlbHclPOE9sZt_km0lrRjWZ_KKRydlormow5DKzX8KwDLL7qrHjl1RwKW_GaMNUeIW27PAlo0Z1PG0zCkv4
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C1ObtlXepKlcrWArzFVZJkjEqTu77IW3fcc8SEgb0tCf20x7XRh0E%2BBQ%2BWt%2FjuX4mp2ESao7oItJ1KxnlSbZJaauHDVmgTIK3ow9%2FeatyZSvpRHg0G2jsz7ig8q0RJclD0b2GqYBlbdWVw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
830b0efaae6d3623-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOznmaukima9m4fTW_FNUco&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5A4F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW7lBGwgmAmK1u-LWDSnIwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpLklVdFVw2g8myp1B5WMw&google_cver=1
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpLklVdFVw2g8myp1B5WMw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNWfytLEZIb3Rzm4ORabFoP38cCIlyiSMdsnnO-bMBqbgSQZJjwvBJ_3N_xUiPhqaWSVhpyKtJ4ketscyQ_OCHN7HTbHNGw_FlbHclPOE9sZt_km0lrRjWZ_KKRydlormow5DKzX8KwDLL7qrHjl1RwKW_GaMNUeIW27PAlo0Z1PG0zCkv4
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZxxgWyTzzseV6RerDXPR%2FUgkfXNQUDnh5G9fSJyCj4uNyucTR%2B4AO3H3R%2B%2FzAcbkdioagURoDfC92Vhzurw%2FDtQD1mqGeIrVNjn%2Fibv8XGejc7KDXa9AJn1jSVsP1SGsA472U3X%2Bw2XrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
830b0efaeecb3623-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpLklVdFVw2g8myp1B5WMw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 5A4F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENf-jeo3g4SoxlAWiY3mNqk&google_cver=1
43 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESENf-jeo3g4SoxlAWiY3mNqk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNWfytLEZIb3Rzm4ORabFoP38cCIlyiSMdsnnO-bMBqbgSQZJjwvBJ_3N_xUiPhqaWSVhpyKtJ4ketscyQ_OCHN7HTbHNGw_FlbHclPOE9sZt_km0lrRjWZ_KKRydlormow5DKzX8KwDLL7qrHjl1RwKW_GaMNUeIW27PAlo0Z1PG0zCkv4
Protocol
H2
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
an-x-request-uuid
ca0a3b4f-14c0-4eeb-9545-a9efb3c4b863
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
37.58.57.4; 37.58.57.4; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESENf-jeo3g4SoxlAWiY3mNqk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5A4F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI5OTEzODIzNzUyNDY2NTg2Ng%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI5OTEzODIzNzUyNDY2NTg2Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNWfytLEZIb3Rzm4ORabFoP38cCIlyiSMdsnnO-bMBqbgSQZJjwvBJ_3N_xUiPhqaWSVhpyKtJ4ketscyQ_OCHN7HTbHNGw_FlbHclPOE9sZt_km0lrRjWZ_KKRydlormow5DKzX8KwDLL7qrHjl1RwKW_GaMNUeIW27PAlo0Z1PG0zCkv4
Protocol
H2
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
an-x-request-uuid
e2eb282d-95ea-4655-a151-356c72884fae
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI5OTEzODIzNzUyNDY2NTg2Ng%3D%3D
x-proxy-origin
37.58.57.4; 37.58.57.4; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C855
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpLklVdFVw2g8myp1B5WMw&google_cver=1
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpLklVdFVw2g8myp1B5WMw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNUGv7FXZ0aEXCUXpZIBwmvCCZWWUwJSR-uFgzj1LhKOpTWt97-3ZZU77cjoVZ3bF8DLgLdT5-XHD8Pss6jp-aA2OFKZ8tG5gmpHmOym5lhQV4TWWGAwolkLqsgmITL2iP5aK9CWCe0s2j654dR0yb7dU-dHH3fDXS7zm_zvlW1bcxoBTiM
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q73IVU8n%2Brx4tBDtr78EJb6XopeTKOUAgsrj7Mx%2FabiubE6CwY%2BcjRLZfXLmEv%2ByYW7TNRFqwIhtYkccrLrDWzfPC7%2FW1szUf9HKdO2gjl63KUyMrVjeE1ZMMxJiefTFLTbJyYxHuG4M9w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
830b0efaae6b3623-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpLklVdFVw2g8myp1B5WMw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C855
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW7lBGwgmAmK1u-LWDSnIwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpLklVdFVw2g8myp1B5WMw&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpLklVdFVw2g8myp1B5WMw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNUGv7FXZ0aEXCUXpZIBwmvCCZWWUwJSR-uFgzj1LhKOpTWt97-3ZZU77cjoVZ3bF8DLgLdT5-XHD8Pss6jp-aA2OFKZ8tG5gmpHmOym5lhQV4TWWGAwolkLqsgmITL2iP5aK9CWCe0s2j654dR0yb7dU-dHH3fDXS7zm_zvlW1bcxoBTiM
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oixFT%2BDoTrRAwwpaDEHim%2BlZ1EsVov9MH6B4qAC9gXD0YSApiJ9DlNh6SnIT8BdYJ2eoiRAZjXOZGPseA6et3E%2BYWJcC5Ke1Ig33OcP%2FAJa3yp%2FvbTjfEwOAYzF8ac0Dc6AZlqdA4r8Cqg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
830b0efaeec73623-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpLklVdFVw2g8myp1B5WMw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame C855
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJakeL5BnyDrEoGEoDB_a68&google_cver=1
43 B
836 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJakeL5BnyDrEoGEoDB_a68&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNUGv7FXZ0aEXCUXpZIBwmvCCZWWUwJSR-uFgzj1LhKOpTWt97-3ZZU77cjoVZ3bF8DLgLdT5-XHD8Pss6jp-aA2OFKZ8tG5gmpHmOym5lhQV4TWWGAwolkLqsgmITL2iP5aK9CWCe0s2j654dR0yb7dU-dHH3fDXS7zm_zvlW1bcxoBTiM
Protocol
H2
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
an-x-request-uuid
cf39f946-6339-4ba9-b7a4-9a997b62fd44
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
37.58.57.4; 37.58.57.4; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJakeL5BnyDrEoGEoDB_a68&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C855
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI5OTEzODIzNzUyNDY2NTg2Ng%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI5OTEzODIzNzUyNDY2NTg2Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNUGv7FXZ0aEXCUXpZIBwmvCCZWWUwJSR-uFgzj1LhKOpTWt97-3ZZU77cjoVZ3bF8DLgLdT5-XHD8Pss6jp-aA2OFKZ8tG5gmpHmOym5lhQV4TWWGAwolkLqsgmITL2iP5aK9CWCe0s2j654dR0yb7dU-dHH3fDXS7zm_zvlW1bcxoBTiM
Protocol
H2
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
an-x-request-uuid
4bcaaf6b-e240-4111-a5b1-d89cd1cabdca
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI5OTEzODIzNzUyNDY2NTg2Ng%3D%3D
x-proxy-origin
37.58.57.4; 37.58.57.4; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BED4 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6232132534374&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BED4 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6232132534374&version=m202309260101&ct=77&x=1&cor=12895752974091387000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame BED4 		20 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CcD7Xoe4T6LOjRnIZislbl9T7p4lV2fe4o9ZDHw-PMcF90scJtDAl89rpc9CyyidXUgnu1o0tVoJ2YuYj0KFy-QQnv_M7QgzEF3zxbiMjIF_ZLd3F67otPmBZQlKJYwfHs6GZO9GUxuh2734l_5D1v8pagEbASk8XwVgZRChNLpjeDjII&cry=1&dbm_d=AKAmf-BndXJEUKRY0cWdmkigsSHLbYSyQyPeQfwrpp1ii3wGEc9wBFJfpIjrn3CmZUJfEdeiPRtbDOJ8LWKQ42sf9fBR02cv1L3jSx3pj0ON82VRDhhwSsGuZtCsvfO8ExlmHO0ly5YmMKDevptppq2NWE1trTtF6ek80rwhNwTJY6cg7i-za1iE5B10EXH3gz9eE2ZQ2gzpJ5yRF-pxLA-DLRbV2Mgz0e47IvqyNJkKACnGWkAmbMSIpmAoS6I9c_1nEYAKfTxiyJZzL3yiuumBkUh_dYQX_jZmUXaGAou9482YlDBSqeq2IffLV3dhqjlTWNr69JzHflgXR76jrdObNuqelMrEmxnZ1PNIbniE7LUZOk7x7hTW-6kvYA1J3oJowUCeUMLUJF86KsTAW6gDm8ELd_6oOJ1Vz3WQyw13hA42d8FXdudY0GroyrvNrXRvdZpnkoMP29lOmtC3Kii0wqdzmdxHsuX2LuGZY9ddu1LXPxiTrzjEmgnaHLu_UGDnxP7CM0PA35pCiqeTEe7uIEMaQwmttou3k9PooVgmeZSlZXY_dZ5z7euaBiMAFacsc37RlToUR1ccBJIEIQ5SxiQ0nqNljgPvhrQ94b7Jzk0kzsZraKocWrOmCGb1D82_0szt_PqvGZkcrEwFGVnC5TeB8F7x4i9z4nVs90eTIVbdFQpfKl8MacSkN98LhJKxyIiRypd05jW9mpTa4eFQBRuFGCCFgpJu45ig9KX_ijB-19SUTXgiDfK7B--d6vLW7xSUC_93DrfyptN7naXgO_AJDu6XpJhUWL-WyreY5Ut2dE5iCFPFfKIScjFBhGonXdaSbAEexVw60hC-gIXIoxdBRgnG1d8A6LEIzfHSqg3grVBI6vc5SPuhJ5TV_F9PZjODY8QKlzI9UKq_hyZW36PSwhTd6r0AHwTkcDis5K0TwOdzUvqWjz2trTAhJWNbzZHzwbRUMTyG9JYiBVrJbKrsAs_rsDVgVR1C-DjCHpjRwoaqQvFaQByCr2Vd2qRzZIpoU-8tD9uZ_l_CcLY66krVgxtPoyAB-N2YUYFbINdWUQHDgOomP05Z4KThgZOsrxnhTEHT6cmLTc0fFAjGtnU5p5FnJv7-032VXxI6awXDf7Tp9r2145RjMscVeQurIplJ75dmZcKTrsaP3WkR1KiWeQv4MBai8CeYuogsey7GAXcR238r43ZkfcZNNddnvsnjEpbZ25g-18yAzS-N1lHl7zSq5eFcKBv8Capcon2poH3P7Ep5DWGdsZV3oKm4jYFWmTSG2kEkGD6yLP33v6up3d9g38vEoKD0ZJtW2FolZ94cWd-ahC8RmwhZMnzQ4-5KOzv67Q98aHnUHRmhUXNQ1BK3PKcddXCzuwTdv3CXz8wpkK9FJhmakOVKGMZI_n_KSCtf3ABWEPNJruj0VEIMKOcMEepCIRDXcBrVQFuqe_wWTy63f24hXGk988kKv1re6XJPtuas2UvoKZb4gJJiGlFF9GxLVOwHNSRm3kzPyT5yOmkYX6VwmkMQCX3zaE6Tts8c3uGBezRLBniyOR42mZIvCpb5YaiHayF6zIlSmmbKj4IAYfXX_B28WvLU8bFDdok95Z8kZnverFrjM5EV5m_ZZHsgIrF8MH8QeSMMPGb2CiBb9DAWbE5Ji22-dOg20DlJy3r34jV_BS1IKKUe8x_7nYHklJdOpNWgVoeq1CrkrhhQ5E177t1QhZ7D4MS2ksPKpDKyIC9p2rU_cysoXs53aAoeeDF8X90VDwKQXp9dYJv726V8uokXVKkMRzX1ikz9kRqMJZkEb-av1Era8zyN-ni2bK5zpg1_l2vPZtl6tMb88G7KecrLYbAQisd525peFbMne_XNbqA21WhApOT5kEE_YeCRd0DopwJH0CwQsr2h3ylOc8HW7rey85xIM5CkCWGjp-M3qRdWsrJVKGTHtPFClTp1YdAtPWr_mrFwycg5w3PNY4GoB4nGnz_7oKlvA8HMopAww3Ceq6D8Kf2xD2CuB6BGGRwXr5J81j_EUsXUv_fFWBygBsFvYqj_IBF0MksfaKAdRIG3yzpFSKgDM44rqgclLDIiDn2i2CYjkYeQGS6mpkFegxaDSD3pm1ADHCBUMKtcued69BrN-MVM_voKl6VUOpXS5P760Ja1V5beufnCeh4FnxiJUSomuXKPM4hTSdc0GJg1mknAKpdX7C37hkiKvgDUOF-6KcpF9MoIgUAsWBhC-sGXwU9JocCjZT1vLXqrULCP3QYL9h5vq-FNnxuIivQ-_e7y5oIj5GdB69DAsQtvj-1yGghgjteH6tPRz9HW1g48ONMPLyM2YJbLKyKRdVVv8JHvYJQyUIsEl3Omp6eEZM8GkPcwh-H9Qrln0zi0dYyl1LKUD86OWbeZhidXTcfEEYG0dH7y4ZFQF3Vf_ehtywqec3PfhdkkLQgyaL9mnwHP2IbfG-YPMrg1oZDgeKhYt7mcYIWZ2pZQqr_RGR-fOVZpvn449lTKM0Iep6Rcdc3lpKKdBl6vXickPXq5YbqEBROJvcHIWgUoWm7wrhxxzoJKuKHZDZ1_B-YrfMNC1RwsaaMwgsm6k3l-qUObP-kOJgOBdQHGcLvqt4iAdS3Wi36IKKDfsEk03-UX0nb2S1AVOdTALaOj8ypvncDLP3UcDvIWwGlv86nZd7HhrHpj6uAkiUPfEOZvgIbaoi16lZ7qJCD-nKEE2emrqFueIbsLYEEoK-TzOUWI7UUXpmXZt88d1Dxm47zR3MF0NqwdWTKfoOhuDkIqIMo-X_b7-Ra-nDcK4b2mZafJDI2pVQ_qjxRHhpHFqc3TDi2nKBqUkV6TSFlY7WeafsjuDAhlSdAgAANu6hGbG7Q28DMwgeDp7ffTeMqp-77Iw4q-tMg9j6Wz8uAKLO0qpv05_hdvJF2rQc2FgF1NthfWbZVU4xYVpKeDjDVk4hZs7_vEP8V33NYVsxJO039u6Man1F2mDfV9ef6l8GDJDDLX3YyFXdyMpHdiH90ZatNU4HV6x6OBS0XR_qRlQw3bBWdwnGLoe_W5LPJ7j07_qHBADRhmqmfnPdlWO8Yb21G0T1e-V4Cpucb8eAzsQfXBRif70mIgtQUe3WmU5EvwDZedDsSDkke-wbs--1XgQ9yIB0Ki71IZP8K9ovFHkUgfhMsWtpgaWLFRTW0v-Afs53bKKYIqlnFwrbCQ3cVgkyX6XkbPml5HT52cT0ftHBwCRd6VXh5Tsu-HlX8hugy9xsjRz0phh_JyecgY15ZipmjbE71PqqwLoOWbP9Y2SOYR1fson1i7zijJaheWsXx_DkXvm0HRY5-oZXjpxK0wH9XzyTZE3XdsP2sOtcmrGV9VYl7yFHdVRU0xXOTGUJ4eK05YZWb6pO0Hv3weFVYVLcdXdEVbOWRMzn-Y1e6NNDxzDlQx3ajOlLYHyIq7_85I-1bG3UPs8MSi7l--w0BIeMESJ5LXgFkA-2H5iQJQwSniUpIopJXCMakhm84GpqQq1T8kfgZaivGzblQjisBr6cvgIwcfKFknWARKq4fH-5VTz0sdz6EQcGJOvsdibVWAdXSr7ZVRjH8eKPAvYC3daY_sLSa3MAbxjkUuwoRcfpUVM8wFUcFdkVS7pKZSv2hugOLiWtdDyc2G56I4JTncSHv13zJg8CXwrS2A4VsC-FrIiNe38n7q2_BJLSa5ibp4cGw3jSG_9gBcmeWFcw7tCcFWs7ubPkfUtU-RrVyYdoBoIqcT5D6QIHJNASGWM78VPxeV5H44QppwXhjFtXWqzy4CBn9ZFOhQ9bWAKKIdHdGCDKN_UdGUsqoMqJiBZ0zxUa9OUlvlRXi7mDE8jxDsuqDyoKaNFGD_xvV59z-6wuKF-MOKz0-nf4sLDY2XwGZcvvmWwmvWRIhoWcP1zYc6vmXRS00haTfeR04OdgTyu9F1n0HM_y7Gd-09gmbFLSdTcJQ2RmhgKtjcGhXrPIh74KCjvyWIrKFypJ5X_s929QJU2vDozuwnLgO3cnpGJvMR73mcUy5kZqWJ7wIsxh40meWY6nD4EBFNJdePd6C_VnzpVg&cid=CAQSTwDICaaNHF86hX2HGE09gXCpvp5PIVdzkeb0NIfXkQqw_5m9dAa0eWLBMN9iI8iRt7ZlxO9A6HOWQ1YV_X4mOqMEWo6k-wAL_ekJ3kl4Y10YAQ&dc_eid=31079495&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgeocult.ru%2F&ds=l&xdt=1&iif=1&cor=12895752974091387000&adk=250412561&idt=81&cac=0&dtd=29
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69d993cd01056abdccd12530cde1304fb6b878cff78869eba538865fb73802f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403291&bpp=1&bdt=198&idt=335&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=338
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13829
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F498 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6759143072701&version=m202311060101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F498 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6759143072701&version=m202311060101&ct=77&x=1&cor=5450131159634827000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame F498 		20 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dd-eRWv55sTlKdBY98EPZF1VOuRlEsgPCkNIJk6MKQOyWv0RBqeI4TUqzf4xIMZTnmTmw3AhMCRu0klM10_K7PUfkL6uDPj_htqdd_6TzK046e4DxsG6zKkYvgkEJleQgMPcAk14FN9qGDRNbwaapt88hi552TBTRydmomkVgHXrByXOY&cry=1&dbm_d=AKAmf-CIw4cPenJlAXaH2r3juh9ZjIG14Apw1jCxPYYzEMxi5HFRC6h_fodNPlnsfZQ_YAN_fe-gk8hFRxKldvcGxwSrjDBjOvVN6t4cnO9ySaqX_EOvGEt5REvPGV3JxGwhdqz1YyajWfUVNMTqk10Id4cuj3rcFOfjWQo9ltoM_eCvZsSWV1xi1wMUHpFaCn7al-dalYaIbJ6Xb8o0TryZxUNJFHk44jdP1-wzs_XxwEUoEtbOzR_VI-GD32VT23HMpNBmOM3pc7wSj1zImYL2IRW3NSfU6lhUL1rP2It7DEjEweaSIc9KsSjMfqXAUDMaWSYJOoL8Q9yp0fqjE4aGsMOYUaRby3wjZ9b-IUL0ykaSs83-BnwebA-YDrC06Ku6l6srzba9Eu2u-OzeR6x0lQOQtcBTxrmDps_yGRlrhUW-Bz8DqhUJ1kR4F814tHok01Blno2JUwLCVm8HmEWqnSUkSSwJXIqot_vnLQI6xvis-v_slKKUTr1z7A-WMSx0JdHf_6jWqFw9XjY3qS9p8tC4pFKEIp7nQZSzkMORw4cMdu6CnwMh0iBtKjGdhe8zvsk1vbCx0bhRtH4pOjMQDqZXbe9d6k3Uib3Z2UsxPDTNGZEEpumB3dwUgo_8TC-TYMCQnxR8BwiupMp6JYsX2kJJZak1Is57L1akaAijBuvcjXpn1IaLrp7atuhBbrvEevO7jFMp9w6gdIGydlba1fwGe6q6N16O0yEBon0rEH3SB-knxKxmf1i8jWMbOGqF7j2UiU75oHM7sKx-prQenOpl6ayKUMZImYQT4yQlcXZRxbhvl6HXZl62rYPCrbezmdQJPSrZhSqRMrBqKthEIbjxff0KGLtdKY1AuLa2MxwQAIHH9BHSXNavTjK9hTfbz3YyJX81QGlzc6kVc4_z2p-4qthzu7XZqQU0IpSgIVt5trZFQK9ELF9hAa5l399o6ag2F91AT-lXiEIt8XvbUQQciyrZuKDwuYpuCMFnTuPNspam_o5oePmLXV6VO3Mp4Q4DPVTDxNQ4dCX5XVgDFAkC1YTfApZQeV4namS6h7rJ4vAADFthrXWV0LavUh8ck6-8Hc6fNX8mAPpPmge0FY82NK9gKemCiXESVbgMn3itrugEIBjJe9SQ5hByy91K0cX08ujLAzdXJnkR-vn6SC4v3975wB_34pnnaxqV_U3PxoGbS7AeSH-6EdpX8nsNj4q8-8LdSc3oxF6bXAUQtr9wy_Hjox053vpKzTx_vRRGN6dGVgy1aqm2P8EL5XKHBHsu0zaG1rtytn9_nIs2CWVELCMaVa5vofjLUJmEVCZgVR0KQ5RgWVwEg5Z8SXqwk42mb9qwBdrYjddMtrcSn9ERgQ2LWFsH15Wk_WhCZxqVleEIMCkwaUqOXxZZB_irzNIx_bbVkqKzze1Ra1AsaLUTuSwvpdD3S7zLOx3uxxeoeWvske8nhFt2NJvfaHDAfOTVtrctjurUaq2yvxYep9ipo-7o9oBx8vQ4pe6tBBV6pw_5bjo15OL1DDg2XBkIZDlCtAmlvNbHNmfzHrlDgWjgHKb_2Oq-hnKOuDBY8iQhpQhVnGVfC-uaOCqG_0mpzdMLQY3D6PS-lGRJOwAXZh1oBo10MLrtTy1aDivXPBUnUoy97hcKWT8YUIivAj7qTENc4golTMIA8Hp3s3cAnkUzJJdIHO8DkQdFDXbwD9XDir95tM8igvSYZuELicwNrEC88VV4hwmVHbq4wbpoF9J5h2OyQsR7IyXeR9JqXWXACwNHPSsj2l76l31YEVOY_BQvVyiohlZhP1p11g8zR-MbG3zb8ii8rARpCDD0_auGXvLlmqYCgx5w82x0FvixabTwGBHhnHi5TtUqQ_wHEl4G8i1PUjzlWSCAtoSprvmH6oULaIDX84USI9wEbAcP4rT4KwIvhCG9zSH6Wjw0hTLM-ExbRYhIPbLdXeEktDvK6pIi09yBS6sgM-QTrPxkMtLvx8x7SznKo4ZiySXUXzItGaJuz6w4D-DAdKy0KF19XzxPHIjxYB7nnF315PKNTT2yA7zL42M2uXx-_QGEOvMSkNam-Npi16iRLYSI7QdSH-uUo8mpGHRDhTZtiNteWrv4u4orXuUKUtCRsmW9C5DTWPwFe2yV7jU7kL7XBk6srAY5HTbwLFSc9q200RSkB9OrxqmzWMihJV8ELnmt6vBKjqFvD0OSaqdbabqW-oQE42lSSWXrztp_hQIEKxMxSdjSRHPghmeEbew2Xim2931B4UaxVlbzYalXSA-BHX7E4aIoJNjG6VG44RJfpDT9Z_lQvC2d-qF107ti3a6mjOeazO85nPm71uZRO2JgtEOyTBnI3oHOR8VI9DR3csX9piHmfjnBMC7Dpe3zlhC8rSqb6_BBATnkjTeOr5jveijs3bP3-CoyMYVwNyVd-NXS2IhBesO0MU6kIlruSVfVYSFvb3SKeX0kvkWDqwbVns8xdZhffARjJCwgJjd7ieq2Q0zY2Lbcih5kepXfVIWV6WjbDZD10p_rjfwUclaB7lnr2jnfd9nfvmsXjRWR66w6zfSQZ9Yto7uyHZJI1sywVUISWlM13vt4cSG2J4PsqV3BmnCdd6KlMyTSt3Xe_90ZbhVP-NRuMLqs6H5axqJOnLBBMBRoTDOSltb0QJWMsqOZyABxPWN_r0eeE1cIWIYFAorh_e-04C7P0zT83p7dZ-71JQBueDCIBdvFmPzcEzNr76o_gkLTgdVoO3ZHhMViSgVks4LHHnfAfWGTs6ZeSZVa8UhQ6acuHBEpCPhBTmb0pfdmoEmvGbohfYV8EEKDNhu0zQYlCz9r57Fq32C7jbypD5ItIitP-eL2kEai9s_DZvieRLPF_OpwKbPUKPmTxoFKwPtfImV7fCoe33ciBbFBBC4nV-jA0dPjNnzRvV2BQWQuliZcLw8zycbLYVUYUVXhzC1vWi9UlBpwkrk9SqaFQ-tW0MTQDbp5XTVa4xLpkrH01vb76e1mF8uNAGYef1NOq7vJReHsOP0oEWiGGx-MMgcFb8FGClVKbfaFBltp5Avi0TS0GPOi2WQbCJgjZumoJDozZ37DVCZAOlKJw-mI-Uzi2DaPHJEZ6kFIt3b-_kY7dzlDB_3qQOVQB_Z_HV0GrpH9f3v1h6sEF-AkykRy3lm2wB_XftT5Jq5HL8xARxkBWKjSSw0l2N33p380-y9iARBVzorxVPr0PhI5kFRxAlai_LDOvqctnbjbBJDc7hK7RcvfyGGDpnBWQ7Ei8A6VBp2gdAmNdkbBY7yHx5uBxWszBx4CFnMc0D-x26GvPLxUkMkGSpflx_uZ7rKtjZzjFZZAevRM5wWhdCKFwwtBig2PDKxUhESerBKzaYL-gLV0_EtVCl2RhhthVdEAxX7PkfBnYKlHD-rT811p_7PWWGZOrVfl8pmkmNgGMWbvBWLjomSoqy3Wz42A51Nft0Ly4xmEFlQFSywaLuWSBYDw4UDrVdCYZQupZy3YDYJehN5JCeew68OWkHEXTneBv39BuWgnRNoAtY_okaSDB7N3ih3TU0gTGr80kkynVvnbyoqGghlCKP_OGK3qMsXIu7S0Dpjx7MHkXALuTd9zwjXsdNgKBG_j5OmIXV8SHfPkmVmkTxHqsMBqbXtSMNYw9FZmBUQDx_zw8WM_EgohNWl8Br_9-Qrr1Qx0lVgUmfyvYSrkFXZFRzl9XL30kd5IhgiaVjhFCosmZZyHDBZwkKs37WvUIaAxuQ5l3KHDilMhKcUuZR-egiLgmFe-WtxzVGWACm939s0r2C_jBBqSJTgND-0alsiwaddBdxhN0geSqwuLhFG_Hb7djWpAG3_vbj3Y5tKWu2oiikQ-MZlxK69kQx73QFHQFEYcVJDwuV_08m2QDdyr3Ay0IBcLFBK6gd5XFXyS7NfdtUBZwP19N8XzxTrXVUz_Ub0QMju9cL3aRl8JvNqhCXx_5-qw70ROkmtPbJUhzDs3qOtROJiHFB2rdku8IEaKbT64UtpqMujGyNd0PpdaYA8XCv3EXvWeQ4srjXBo&cid=CAQSTgDICaaNo1mRdXugpOPTt7ijsWk5xc078XSXSYdbdmDuGYir-_9siyqlnL4VWNhahiguHsdKJJmO-MXMyokpJCxpXt7Njt0GKpU-jPUWIhgB&dc_eid=31079496&dv3_ver=m202311060101&rfl=https%3A%2F%2Fgeocult.ru%2F&ds=l&xdt=1&iif=1&cor=5450131159634827000&adk=2228999114&idt=158&cac=0&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b3849b22078f260721044127668c4e71ce08631a88671c08150b4cccf0d2e4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403292&bpp=1&bdt=200&idt=347&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=348
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13920
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2920555573584698&plah=geocult.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f56c992220809803659fac17b031df76868dc17731007bd737347e63a3b09fc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55944
x-xss-protection
0
server
cafe
etag
11986719648617664176
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Dec 2023 08:53:24 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 8959 		109 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1252&idt=-M&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=10
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2920555573584698&plah=geocult.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef5557d1c83d5e10f4aa2ce5a77f8ec1aa100eb9588a00038bafc52d8c07a3cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geocult.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
41680
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 08:53:24 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2A70 		29 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1253&idt=0&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=12
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2920555573584698&plah=geocult.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c14cd03d445fd28ab9a6ab1dc666d783d6aa4af40fc4ee991e48c47165a2b28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geocult.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
12872
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 08:53:24 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame BED4 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CcD7Xoe4T6LOjRnIZislbl9T7p4lV2fe4o9ZDHw-PMcF90scJtDAl89rpc9CyyidXUgnu1o0tVoJ2YuYj0KFy-QQnv_M7QgzEF3zxbiMjIF_ZLd3F67otPmBZQlKJYwfHs6GZO9GUxuh2734l_5D1v8pagEbASk8XwVgZRChNLpjeDjII&cry=1&dbm_d=AKAmf-BndXJEUKRY0cWdmkigsSHLbYSyQyPeQfwrpp1ii3wGEc9wBFJfpIjrn3CmZUJfEdeiPRtbDOJ8LWKQ42sf9fBR02cv1L3jSx3pj0ON82VRDhhwSsGuZtCsvfO8ExlmHO0ly5YmMKDevptppq2NWE1trTtF6ek80rwhNwTJY6cg7i-za1iE5B10EXH3gz9eE2ZQ2gzpJ5yRF-pxLA-DLRbV2Mgz0e47IvqyNJkKACnGWkAmbMSIpmAoS6I9c_1nEYAKfTxiyJZzL3yiuumBkUh_dYQX_jZmUXaGAou9482YlDBSqeq2IffLV3dhqjlTWNr69JzHflgXR76jrdObNuqelMrEmxnZ1PNIbniE7LUZOk7x7hTW-6kvYA1J3oJowUCeUMLUJF86KsTAW6gDm8ELd_6oOJ1Vz3WQyw13hA42d8FXdudY0GroyrvNrXRvdZpnkoMP29lOmtC3Kii0wqdzmdxHsuX2LuGZY9ddu1LXPxiTrzjEmgnaHLu_UGDnxP7CM0PA35pCiqeTEe7uIEMaQwmttou3k9PooVgmeZSlZXY_dZ5z7euaBiMAFacsc37RlToUR1ccBJIEIQ5SxiQ0nqNljgPvhrQ94b7Jzk0kzsZraKocWrOmCGb1D82_0szt_PqvGZkcrEwFGVnC5TeB8F7x4i9z4nVs90eTIVbdFQpfKl8MacSkN98LhJKxyIiRypd05jW9mpTa4eFQBRuFGCCFgpJu45ig9KX_ijB-19SUTXgiDfK7B--d6vLW7xSUC_93DrfyptN7naXgO_AJDu6XpJhUWL-WyreY5Ut2dE5iCFPFfKIScjFBhGonXdaSbAEexVw60hC-gIXIoxdBRgnG1d8A6LEIzfHSqg3grVBI6vc5SPuhJ5TV_F9PZjODY8QKlzI9UKq_hyZW36PSwhTd6r0AHwTkcDis5K0TwOdzUvqWjz2trTAhJWNbzZHzwbRUMTyG9JYiBVrJbKrsAs_rsDVgVR1C-DjCHpjRwoaqQvFaQByCr2Vd2qRzZIpoU-8tD9uZ_l_CcLY66krVgxtPoyAB-N2YUYFbINdWUQHDgOomP05Z4KThgZOsrxnhTEHT6cmLTc0fFAjGtnU5p5FnJv7-032VXxI6awXDf7Tp9r2145RjMscVeQurIplJ75dmZcKTrsaP3WkR1KiWeQv4MBai8CeYuogsey7GAXcR238r43ZkfcZNNddnvsnjEpbZ25g-18yAzS-N1lHl7zSq5eFcKBv8Capcon2poH3P7Ep5DWGdsZV3oKm4jYFWmTSG2kEkGD6yLP33v6up3d9g38vEoKD0ZJtW2FolZ94cWd-ahC8RmwhZMnzQ4-5KOzv67Q98aHnUHRmhUXNQ1BK3PKcddXCzuwTdv3CXz8wpkK9FJhmakOVKGMZI_n_KSCtf3ABWEPNJruj0VEIMKOcMEepCIRDXcBrVQFuqe_wWTy63f24hXGk988kKv1re6XJPtuas2UvoKZb4gJJiGlFF9GxLVOwHNSRm3kzPyT5yOmkYX6VwmkMQCX3zaE6Tts8c3uGBezRLBniyOR42mZIvCpb5YaiHayF6zIlSmmbKj4IAYfXX_B28WvLU8bFDdok95Z8kZnverFrjM5EV5m_ZZHsgIrF8MH8QeSMMPGb2CiBb9DAWbE5Ji22-dOg20DlJy3r34jV_BS1IKKUe8x_7nYHklJdOpNWgVoeq1CrkrhhQ5E177t1QhZ7D4MS2ksPKpDKyIC9p2rU_cysoXs53aAoeeDF8X90VDwKQXp9dYJv726V8uokXVKkMRzX1ikz9kRqMJZkEb-av1Era8zyN-ni2bK5zpg1_l2vPZtl6tMb88G7KecrLYbAQisd525peFbMne_XNbqA21WhApOT5kEE_YeCRd0DopwJH0CwQsr2h3ylOc8HW7rey85xIM5CkCWGjp-M3qRdWsrJVKGTHtPFClTp1YdAtPWr_mrFwycg5w3PNY4GoB4nGnz_7oKlvA8HMopAww3Ceq6D8Kf2xD2CuB6BGGRwXr5J81j_EUsXUv_fFWBygBsFvYqj_IBF0MksfaKAdRIG3yzpFSKgDM44rqgclLDIiDn2i2CYjkYeQGS6mpkFegxaDSD3pm1ADHCBUMKtcued69BrN-MVM_voKl6VUOpXS5P760Ja1V5beufnCeh4FnxiJUSomuXKPM4hTSdc0GJg1mknAKpdX7C37hkiKvgDUOF-6KcpF9MoIgUAsWBhC-sGXwU9JocCjZT1vLXqrULCP3QYL9h5vq-FNnxuIivQ-_e7y5oIj5GdB69DAsQtvj-1yGghgjteH6tPRz9HW1g48ONMPLyM2YJbLKyKRdVVv8JHvYJQyUIsEl3Omp6eEZM8GkPcwh-H9Qrln0zi0dYyl1LKUD86OWbeZhidXTcfEEYG0dH7y4ZFQF3Vf_ehtywqec3PfhdkkLQgyaL9mnwHP2IbfG-YPMrg1oZDgeKhYt7mcYIWZ2pZQqr_RGR-fOVZpvn449lTKM0Iep6Rcdc3lpKKdBl6vXickPXq5YbqEBROJvcHIWgUoWm7wrhxxzoJKuKHZDZ1_B-YrfMNC1RwsaaMwgsm6k3l-qUObP-kOJgOBdQHGcLvqt4iAdS3Wi36IKKDfsEk03-UX0nb2S1AVOdTALaOj8ypvncDLP3UcDvIWwGlv86nZd7HhrHpj6uAkiUPfEOZvgIbaoi16lZ7qJCD-nKEE2emrqFueIbsLYEEoK-TzOUWI7UUXpmXZt88d1Dxm47zR3MF0NqwdWTKfoOhuDkIqIMo-X_b7-Ra-nDcK4b2mZafJDI2pVQ_qjxRHhpHFqc3TDi2nKBqUkV6TSFlY7WeafsjuDAhlSdAgAANu6hGbG7Q28DMwgeDp7ffTeMqp-77Iw4q-tMg9j6Wz8uAKLO0qpv05_hdvJF2rQc2FgF1NthfWbZVU4xYVpKeDjDVk4hZs7_vEP8V33NYVsxJO039u6Man1F2mDfV9ef6l8GDJDDLX3YyFXdyMpHdiH90ZatNU4HV6x6OBS0XR_qRlQw3bBWdwnGLoe_W5LPJ7j07_qHBADRhmqmfnPdlWO8Yb21G0T1e-V4Cpucb8eAzsQfXBRif70mIgtQUe3WmU5EvwDZedDsSDkke-wbs--1XgQ9yIB0Ki71IZP8K9ovFHkUgfhMsWtpgaWLFRTW0v-Afs53bKKYIqlnFwrbCQ3cVgkyX6XkbPml5HT52cT0ftHBwCRd6VXh5Tsu-HlX8hugy9xsjRz0phh_JyecgY15ZipmjbE71PqqwLoOWbP9Y2SOYR1fson1i7zijJaheWsXx_DkXvm0HRY5-oZXjpxK0wH9XzyTZE3XdsP2sOtcmrGV9VYl7yFHdVRU0xXOTGUJ4eK05YZWb6pO0Hv3weFVYVLcdXdEVbOWRMzn-Y1e6NNDxzDlQx3ajOlLYHyIq7_85I-1bG3UPs8MSi7l--w0BIeMESJ5LXgFkA-2H5iQJQwSniUpIopJXCMakhm84GpqQq1T8kfgZaivGzblQjisBr6cvgIwcfKFknWARKq4fH-5VTz0sdz6EQcGJOvsdibVWAdXSr7ZVRjH8eKPAvYC3daY_sLSa3MAbxjkUuwoRcfpUVM8wFUcFdkVS7pKZSv2hugOLiWtdDyc2G56I4JTncSHv13zJg8CXwrS2A4VsC-FrIiNe38n7q2_BJLSa5ibp4cGw3jSG_9gBcmeWFcw7tCcFWs7ubPkfUtU-RrVyYdoBoIqcT5D6QIHJNASGWM78VPxeV5H44QppwXhjFtXWqzy4CBn9ZFOhQ9bWAKKIdHdGCDKN_UdGUsqoMqJiBZ0zxUa9OUlvlRXi7mDE8jxDsuqDyoKaNFGD_xvV59z-6wuKF-MOKz0-nf4sLDY2XwGZcvvmWwmvWRIhoWcP1zYc6vmXRS00haTfeR04OdgTyu9F1n0HM_y7Gd-09gmbFLSdTcJQ2RmhgKtjcGhXrPIh74KCjvyWIrKFypJ5X_s929QJU2vDozuwnLgO3cnpGJvMR73mcUy5kZqWJ7wIsxh40meWY6nD4EBFNJdePd6C_VnzpVg&cid=CAQSTwDICaaNHF86hX2HGE09gXCpvp5PIVdzkeb0NIfXkQqw_5m9dAa0eWLBMN9iI8iRt7ZlxO9A6HOWQ1YV_X4mOqMEWo6k-wAL_ekJ3kl4Y10YAQ&dc_eid=31079495&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgeocult.ru%2F&ds=l&xdt=1&iif=1&cor=12895752974091387000&adk=250412561&idt=81&cac=0&dtd=29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
312496
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 18:05:08 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTc2NjQwNDIzMTYxMAogIHNlcnZlcl9pcDogMTI2MDY5MzEyCiAgcHJvY2Vzc19pZDogMjI2NTUxMDIxNQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame BED4 		0
949 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTc2NjQwNDIzMTYxMAogIHNlcnZlcl9pcDogMTI2MDY5MzEyCiAgcHJvY2Vzc19pZDogMjI2NTUxMDIxNQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiA5NzU5MDQ5MTg1NzkzMzc2NDgyCmRlYnVnX2tleTogMjc4MjU5ODExNzc5MTY2NTQ3OQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTItMDUiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMTg2ODk0MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMzMjE3NTQzNwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogODc4MjQzNjk2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE2NjYwMTQyMDYzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDE2MjE2Nzg3CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3JlZGludGVsbGlnZW5jZS5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9hZC1zcnYubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8va2xpY2std2VsdC5kZSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403291&bpp=1&bdt=198&idt=335&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x67c171d8ba4de45f0000000000000000","13":"0xb668e6866b4772090000000000000000","14":"0xd33526cf05b9123c0000000000000000","15":"0x7e2690c92362edfc0000000000000000"},"debug_key":"2782598117791665479","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"9759049185793376482"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
33lgkyejwpt3
hal9000.redintelligence.net/zone/ Frame BED4 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/33lgkyejwpt3?subid=&gdpr=&gdpr_consent=&rnd=1701766403724336&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfoufA-VuZfCaLLOptOUPrrus0Amm5b2gaZ2cnKfJD_AuEAEg1MealwFglYKAgLAHyAEJqQItzKQgCzCyPqgDAcgDmwSqBN4BT9BwQfF9DL_2kxjOU1C2wJ7GRpHnmmOuawCGopIlVvqR6aExWTqG8r94ZItq_EpN3pWqhW1VjsMNpTsNkzTeIrKGobzEpxJF3bRebclhBgeh9gNtT1OCc7QympbuhCq3WWK-kzLMsfwvqgmfyyMINWOXrjUZXs79A7y1r7s4zga341uSrW-8VqdpKyMbZGLMVID9yPzgqzI4KZiTqSkMc2R3GJ5pXF7vuLF1qFNeYuEYkPFbh-3U_x1XDiHnDsOhFFzxP16PAfHB9Cb6JSjD-NYNpOWybH5qXU90iqlgwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLDy6-_194IDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAru7sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNHF86hX2HGE09gXCpvp5PIVdzkeb0NIfXkQqw_5m9dAa0eWLBMN9iI8iRt7ZlxO9A6HOWQ1YV_X4mOqMEWo6k-wAL_ekJ3kl4Y10YAQ%26sig%3DAOD64_1axh9X3It710RN4QiVoXZAS8rOLg%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-C0wm2_mn2FDxxYfh2Hl2xPPBKOMrmYM9iY34F1Qcx7YivITHfQU_2XaYgvdkqiCQbmousCha60B6Hc14IQKTCIQ9NXjAOCQ0O3HOUST3wnq0EiD4lLZlZS-0jSjb_ruDSOMIxewV2jeE5s-NUrYNKIGgKPRuMCA47cPs5Y8RBJ_IWa2w0%26cry%3D1%26dbm_d%3DAKAmf-DvhNlxJhFv_lEzT4wXw8dPrMc9LZ5RGIi76wKuXsX_rJo2JYGilxRpz_pImeMLnQBdDfeHUVU3BzO2ZGFej5DV24TwJ6AmA-xWURhYwnNgAlWyjJF3HUTf98jhXZGKEKYq5uqVqedX3jVi01HCokSbhWFfRILKd8fr-hSLAb0jrz9kB-OZrJhaUcunebCWdcmxQK3D59vEwNozwQT-ZUHmv87C3Sb2LmZyi48j2VXzxcqAnpmnaL2qseDaUWtpORUxe-8hInHO0zsp4XnTwURq1riH-eaKiTa5j1wJOPPuTxtu5qDJ86X3O4t9j1wZCwruPQ5hR7lUSDMxcQetaJ713swugb95JHGZNCUuyiLBAtGuxzGGY01Rb73jLo0TISilU7ht28Fdy_r5kT5znaoJeX-BeKpgwAFwBz9aBQJyUAqwuLC72Eh_6MIXcjMiBDCgzaffYVfqs8tIXK78ocQXyaIN-74eM3EZmiWUaHxMOX0zL1y05AYmuZ0SqGymghvaQZ93nCu4Y_rU40uZbvZ3PR_qGeTb-Jc9iO_anR5AOSuXqU4%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403291&bpp=1&bdt=198&idt=335&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=338
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
4d75d5593f37f843609d062535c32912dce832ac9e8f86e9bbb88cc52ff12b27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 08:53:24 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4160
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/ Frame 54FA 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2920555573584698&plah=geocult.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geocult.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
22852
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 02:32:32 GMT
etag
12051592065903069241
expires
Tue, 19 Dec 2023 02:32:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 79E0 		624 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY0oro4gEwAQ&v=APEucNV43S2kbvK3AoU5zrPTMQSg0b-YSdPWgVZlxicq4diHS-brAYXEVxTU7kZKUz0eSeZ-F3hGEk2oVyNBMthDyC49LzL31-cak_LSE236xPS_kvuIaQA_iO23YqCBuy3p9RrQnVI9emy78eXBpZLrirA6fMOdoJ0XuU_hz7Cr29eBOyFe160
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 08:53:24 GMT
expires
Tue, 05 Dec 2023 08:53:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame BC14 		172 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 11:48:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75895
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 11:48:29 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/ Frame BC14 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:43:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
43817
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 20:43:07 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/ Frame BC14 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/abg_lite_fy2021.js
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a7b1c8d19c1d74836d2aaaaaf1fb2bde2a42708f6d4bb4c9168d7609503fbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:32:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
48065
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9313
x-xss-protection
0
server
cafe
etag
8709779397046830652
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 19:32:19 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame BC14 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
312496
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 18:05:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame BC14 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/window_focus_fy2021.js
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:00:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
39177
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 22:00:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame BC14 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:51:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8549
x-xss-protection
0
server
cafe
etag
755982428571291914
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 08:51:05 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame BC14 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65147
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701694399686299"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 08:53:24 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BC14 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ANpqU5YhdyEEnvPJ_sDPtcyuKVmgkwOHtj9wX28V5bO1XoGz_HfhWo8FjBkIQUJ9aK0HdSYvhwnB6rioAERbJAEZLnssWTp5i8LjTEUyaN2oa_lNg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame EF55 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
126288
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 21:48:36 GMT
expires
Mon, 02 Dec 2024 21:48:36 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2920555573584698&plah=geocult.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://geocult.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame F498 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dd-eRWv55sTlKdBY98EPZF1VOuRlEsgPCkNIJk6MKQOyWv0RBqeI4TUqzf4xIMZTnmTmw3AhMCRu0klM10_K7PUfkL6uDPj_htqdd_6TzK046e4DxsG6zKkYvgkEJleQgMPcAk14FN9qGDRNbwaapt88hi552TBTRydmomkVgHXrByXOY&cry=1&dbm_d=AKAmf-CIw4cPenJlAXaH2r3juh9ZjIG14Apw1jCxPYYzEMxi5HFRC6h_fodNPlnsfZQ_YAN_fe-gk8hFRxKldvcGxwSrjDBjOvVN6t4cnO9ySaqX_EOvGEt5REvPGV3JxGwhdqz1YyajWfUVNMTqk10Id4cuj3rcFOfjWQo9ltoM_eCvZsSWV1xi1wMUHpFaCn7al-dalYaIbJ6Xb8o0TryZxUNJFHk44jdP1-wzs_XxwEUoEtbOzR_VI-GD32VT23HMpNBmOM3pc7wSj1zImYL2IRW3NSfU6lhUL1rP2It7DEjEweaSIc9KsSjMfqXAUDMaWSYJOoL8Q9yp0fqjE4aGsMOYUaRby3wjZ9b-IUL0ykaSs83-BnwebA-YDrC06Ku6l6srzba9Eu2u-OzeR6x0lQOQtcBTxrmDps_yGRlrhUW-Bz8DqhUJ1kR4F814tHok01Blno2JUwLCVm8HmEWqnSUkSSwJXIqot_vnLQI6xvis-v_slKKUTr1z7A-WMSx0JdHf_6jWqFw9XjY3qS9p8tC4pFKEIp7nQZSzkMORw4cMdu6CnwMh0iBtKjGdhe8zvsk1vbCx0bhRtH4pOjMQDqZXbe9d6k3Uib3Z2UsxPDTNGZEEpumB3dwUgo_8TC-TYMCQnxR8BwiupMp6JYsX2kJJZak1Is57L1akaAijBuvcjXpn1IaLrp7atuhBbrvEevO7jFMp9w6gdIGydlba1fwGe6q6N16O0yEBon0rEH3SB-knxKxmf1i8jWMbOGqF7j2UiU75oHM7sKx-prQenOpl6ayKUMZImYQT4yQlcXZRxbhvl6HXZl62rYPCrbezmdQJPSrZhSqRMrBqKthEIbjxff0KGLtdKY1AuLa2MxwQAIHH9BHSXNavTjK9hTfbz3YyJX81QGlzc6kVc4_z2p-4qthzu7XZqQU0IpSgIVt5trZFQK9ELF9hAa5l399o6ag2F91AT-lXiEIt8XvbUQQciyrZuKDwuYpuCMFnTuPNspam_o5oePmLXV6VO3Mp4Q4DPVTDxNQ4dCX5XVgDFAkC1YTfApZQeV4namS6h7rJ4vAADFthrXWV0LavUh8ck6-8Hc6fNX8mAPpPmge0FY82NK9gKemCiXESVbgMn3itrugEIBjJe9SQ5hByy91K0cX08ujLAzdXJnkR-vn6SC4v3975wB_34pnnaxqV_U3PxoGbS7AeSH-6EdpX8nsNj4q8-8LdSc3oxF6bXAUQtr9wy_Hjox053vpKzTx_vRRGN6dGVgy1aqm2P8EL5XKHBHsu0zaG1rtytn9_nIs2CWVELCMaVa5vofjLUJmEVCZgVR0KQ5RgWVwEg5Z8SXqwk42mb9qwBdrYjddMtrcSn9ERgQ2LWFsH15Wk_WhCZxqVleEIMCkwaUqOXxZZB_irzNIx_bbVkqKzze1Ra1AsaLUTuSwvpdD3S7zLOx3uxxeoeWvske8nhFt2NJvfaHDAfOTVtrctjurUaq2yvxYep9ipo-7o9oBx8vQ4pe6tBBV6pw_5bjo15OL1DDg2XBkIZDlCtAmlvNbHNmfzHrlDgWjgHKb_2Oq-hnKOuDBY8iQhpQhVnGVfC-uaOCqG_0mpzdMLQY3D6PS-lGRJOwAXZh1oBo10MLrtTy1aDivXPBUnUoy97hcKWT8YUIivAj7qTENc4golTMIA8Hp3s3cAnkUzJJdIHO8DkQdFDXbwD9XDir95tM8igvSYZuELicwNrEC88VV4hwmVHbq4wbpoF9J5h2OyQsR7IyXeR9JqXWXACwNHPSsj2l76l31YEVOY_BQvVyiohlZhP1p11g8zR-MbG3zb8ii8rARpCDD0_auGXvLlmqYCgx5w82x0FvixabTwGBHhnHi5TtUqQ_wHEl4G8i1PUjzlWSCAtoSprvmH6oULaIDX84USI9wEbAcP4rT4KwIvhCG9zSH6Wjw0hTLM-ExbRYhIPbLdXeEktDvK6pIi09yBS6sgM-QTrPxkMtLvx8x7SznKo4ZiySXUXzItGaJuz6w4D-DAdKy0KF19XzxPHIjxYB7nnF315PKNTT2yA7zL42M2uXx-_QGEOvMSkNam-Npi16iRLYSI7QdSH-uUo8mpGHRDhTZtiNteWrv4u4orXuUKUtCRsmW9C5DTWPwFe2yV7jU7kL7XBk6srAY5HTbwLFSc9q200RSkB9OrxqmzWMihJV8ELnmt6vBKjqFvD0OSaqdbabqW-oQE42lSSWXrztp_hQIEKxMxSdjSRHPghmeEbew2Xim2931B4UaxVlbzYalXSA-BHX7E4aIoJNjG6VG44RJfpDT9Z_lQvC2d-qF107ti3a6mjOeazO85nPm71uZRO2JgtEOyTBnI3oHOR8VI9DR3csX9piHmfjnBMC7Dpe3zlhC8rSqb6_BBATnkjTeOr5jveijs3bP3-CoyMYVwNyVd-NXS2IhBesO0MU6kIlruSVfVYSFvb3SKeX0kvkWDqwbVns8xdZhffARjJCwgJjd7ieq2Q0zY2Lbcih5kepXfVIWV6WjbDZD10p_rjfwUclaB7lnr2jnfd9nfvmsXjRWR66w6zfSQZ9Yto7uyHZJI1sywVUISWlM13vt4cSG2J4PsqV3BmnCdd6KlMyTSt3Xe_90ZbhVP-NRuMLqs6H5axqJOnLBBMBRoTDOSltb0QJWMsqOZyABxPWN_r0eeE1cIWIYFAorh_e-04C7P0zT83p7dZ-71JQBueDCIBdvFmPzcEzNr76o_gkLTgdVoO3ZHhMViSgVks4LHHnfAfWGTs6ZeSZVa8UhQ6acuHBEpCPhBTmb0pfdmoEmvGbohfYV8EEKDNhu0zQYlCz9r57Fq32C7jbypD5ItIitP-eL2kEai9s_DZvieRLPF_OpwKbPUKPmTxoFKwPtfImV7fCoe33ciBbFBBC4nV-jA0dPjNnzRvV2BQWQuliZcLw8zycbLYVUYUVXhzC1vWi9UlBpwkrk9SqaFQ-tW0MTQDbp5XTVa4xLpkrH01vb76e1mF8uNAGYef1NOq7vJReHsOP0oEWiGGx-MMgcFb8FGClVKbfaFBltp5Avi0TS0GPOi2WQbCJgjZumoJDozZ37DVCZAOlKJw-mI-Uzi2DaPHJEZ6kFIt3b-_kY7dzlDB_3qQOVQB_Z_HV0GrpH9f3v1h6sEF-AkykRy3lm2wB_XftT5Jq5HL8xARxkBWKjSSw0l2N33p380-y9iARBVzorxVPr0PhI5kFRxAlai_LDOvqctnbjbBJDc7hK7RcvfyGGDpnBWQ7Ei8A6VBp2gdAmNdkbBY7yHx5uBxWszBx4CFnMc0D-x26GvPLxUkMkGSpflx_uZ7rKtjZzjFZZAevRM5wWhdCKFwwtBig2PDKxUhESerBKzaYL-gLV0_EtVCl2RhhthVdEAxX7PkfBnYKlHD-rT811p_7PWWGZOrVfl8pmkmNgGMWbvBWLjomSoqy3Wz42A51Nft0Ly4xmEFlQFSywaLuWSBYDw4UDrVdCYZQupZy3YDYJehN5JCeew68OWkHEXTneBv39BuWgnRNoAtY_okaSDB7N3ih3TU0gTGr80kkynVvnbyoqGghlCKP_OGK3qMsXIu7S0Dpjx7MHkXALuTd9zwjXsdNgKBG_j5OmIXV8SHfPkmVmkTxHqsMBqbXtSMNYw9FZmBUQDx_zw8WM_EgohNWl8Br_9-Qrr1Qx0lVgUmfyvYSrkFXZFRzl9XL30kd5IhgiaVjhFCosmZZyHDBZwkKs37WvUIaAxuQ5l3KHDilMhKcUuZR-egiLgmFe-WtxzVGWACm939s0r2C_jBBqSJTgND-0alsiwaddBdxhN0geSqwuLhFG_Hb7djWpAG3_vbj3Y5tKWu2oiikQ-MZlxK69kQx73QFHQFEYcVJDwuV_08m2QDdyr3Ay0IBcLFBK6gd5XFXyS7NfdtUBZwP19N8XzxTrXVUz_Ub0QMju9cL3aRl8JvNqhCXx_5-qw70ROkmtPbJUhzDs3qOtROJiHFB2rdku8IEaKbT64UtpqMujGyNd0PpdaYA8XCv3EXvWeQ4srjXBo&cid=CAQSTgDICaaNo1mRdXugpOPTt7ijsWk5xc078XSXSYdbdmDuGYir-_9siyqlnL4VWNhahiguHsdKJJmO-MXMyokpJCxpXt7Njt0GKpU-jPUWIhgB&dc_eid=31079496&dv3_ver=m202311060101&rfl=https%3A%2F%2Fgeocult.ru%2F&ds=l&xdt=1&iif=1&cor=5450131159634827000&adk=2228999114&idt=158&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
312496
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 18:05:08 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTc2NjQwNDI5MzcwMQogIHNlcnZlcl9pcDogMTQ2NTI4OTEwCiAgcHJvY2Vzc19pZDogMzM1NTcyNTI5OQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame F498 		0
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTc2NjQwNDI5MzcwMQogIHNlcnZlcl9pcDogMTQ2NTI4OTEwCiAgcHJvY2Vzc19pZDogMzM1NTcyNTI5OQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiA3ODM3Nzg2OTgyNjk0ODQ5NjE2CmRlYnVnX2tleTogMTE5NTk2NDI0MjMyNTc0ODMzMTQKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTEyLTA1IgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIyNTk3NDEKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjY2MDE0MjA2MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNjIxMjMyMAogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vYWQtc3J2Lm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2tsaWNrLXdlbHQuZGUiCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403292&bpp=1&bdt=200&idt=347&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=348
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x67c171d8ba4de45f0000000000000000","13":"0xb668e6866b4772090000000000000000","14":"0xd33526cf05b9123c0000000000000000","15":"0xff96e38e0e3df10a0000000000000000"},"debug_key":"11959642423257483314","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"7837786982694849616"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
request.php
hal90009.redintelligence.net/ Frame BED4
Redirect Chain
  • https://hal90009.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=55ec811907&subid=&uid=7d9ff7c1ff1a7f81&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90009.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=55ec811907&subid=&uid=7d9ff7c1ff1a7f81&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90009.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=55ec811907&subid=&uid=7d9ff7c1ff1a7f81&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfoufA-VuZfCaLLOptOUPrrus0Amm5b2gaZ2cnKfJD_AuEAEg1MealwFglYKAgLAHyAEJqQItzKQgCzCyPqgDAcgDmwSqBN4BT9BwQfF9DL_2kxjOU1C2wJ7GRpHnmmOuawCGopIlVvqR6aExWTqG8r94ZItq_EpN3pWqhW1VjsMNpTsNkzTeIrKGobzEpxJF3bRebclhBgeh9gNtT1OCc7QympbuhCq3WWK-kzLMsfwvqgmfyyMINWOXrjUZXs79A7y1r7s4zga341uSrW-8VqdpKyMbZGLMVID9yPzgqzI4KZiTqSkMc2R3GJ5pXF7vuLF1qFNeYuEYkPFbh-3U_x1XDiHnDsOhFFzxP16PAfHB9Cb6JSjD-NYNpOWybH5qXU90iqlgwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLDy6-_194IDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAru7sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNHF86hX2HGE09gXCpvp5PIVdzkeb0NIfXkQqw_5m9dAa0eWLBMN9iI8iRt7ZlxO9A6HOWQ1YV_X4mOqMEWo6k-wAL_ekJ3kl4Y10YAQ%26sig%3DAOD64_1axh9X3It710RN4QiVoXZAS8rOLg%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-C0wm2_mn2FDxxYfh2Hl2xPPBKOMrmYM9iY34F1Qcx7YivITHfQU_2XaYgvdkqiCQbmousCha60B6Hc14IQKTCIQ9NXjAOCQ0O3HOUST3wnq0EiD4lLZlZS-0jSjb_ruDSOMIxewV2jeE5s-NUrYNKIGgKPRuMCA47cPs5Y8RBJ_IWa2w0%26cry%3D1%26dbm_d%3DAKAmf-DvhNlxJhFv_lEzT4wXw8dPrMc9LZ5RGIi76wKuXsX_rJo2JYGilxRpz_pImeMLnQBdDfeHUVU3BzO2ZGFej5DV24TwJ6AmA-xWURhYwnNgAlWyjJF3HUTf98jhXZGKEKYq5uqVqedX3jVi01HCokSbhWFfRILKd8fr-hSLAb0jrz9kB-OZrJhaUcunebCWdcmxQK3D59vEwNozwQT-ZUHmv87C3Sb2LmZyi48j2VXzxcqAnpmnaL2qseDaUWtpORUxe-8hInHO0zsp4XnTwURq1riH-eaKiTa5j1wJOPPuTxtu5qDJ86X3O4t9j1wZCwruPQ5hR7lUSDMxcQetaJ713swugb95JHGZNCUuyiLBAtGuxzGGY01Rb73jLo0TISilU7ht28Fdy_r5kT5znaoJeX-BeKpgwAFwBz9aBQJyUAqwuLC72Eh_6MIXcjMiBDCgzaffYVfqs8tIXK78ocQXyaIN-74eM3EZmiWUaHxMOX0zL1y05AYmuZ0SqGymghvaQZ93nCu4Y_rU40uZbvZ3PR_qGeTb-Jc9iO_anR5AOSuXqU4%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=5967515733121&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403291&bpp=1&bdt=198&idt=335&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=338
Protocol
HTTP/1.1
Server
138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
a9c108c83809da258404b3a9708875c76531c1ec8a2aa11da27bf727444a7f86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Dec 2023 08:53:24 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
96583300048368004444556012529009
Connection
close
Content-Length
1360
Expires
Tue, 05 Dec 2023 08:53:24 +0100

Redirect headers

Pragma
no-cache
Date
Tue, 05 Dec 2023 08:53:24 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=55ec811907&subid=&uid=7d9ff7c1ff1a7f81&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfoufA-VuZfCaLLOptOUPrrus0Amm5b2gaZ2cnKfJD_AuEAEg1MealwFglYKAgLAHyAEJqQItzKQgCzCyPqgDAcgDmwSqBN4BT9BwQfF9DL_2kxjOU1C2wJ7GRpHnmmOuawCGopIlVvqR6aExWTqG8r94ZItq_EpN3pWqhW1VjsMNpTsNkzTeIrKGobzEpxJF3bRebclhBgeh9gNtT1OCc7QympbuhCq3WWK-kzLMsfwvqgmfyyMINWOXrjUZXs79A7y1r7s4zga341uSrW-8VqdpKyMbZGLMVID9yPzgqzI4KZiTqSkMc2R3GJ5pXF7vuLF1qFNeYuEYkPFbh-3U_x1XDiHnDsOhFFzxP16PAfHB9Cb6JSjD-NYNpOWybH5qXU90iqlgwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLDy6-_194IDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAru7sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNHF86hX2HGE09gXCpvp5PIVdzkeb0NIfXkQqw_5m9dAa0eWLBMN9iI8iRt7ZlxO9A6HOWQ1YV_X4mOqMEWo6k-wAL_ekJ3kl4Y10YAQ%26sig%3DAOD64_1axh9X3It710RN4QiVoXZAS8rOLg%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-C0wm2_mn2FDxxYfh2Hl2xPPBKOMrmYM9iY34F1Qcx7YivITHfQU_2XaYgvdkqiCQbmousCha60B6Hc14IQKTCIQ9NXjAOCQ0O3HOUST3wnq0EiD4lLZlZS-0jSjb_ruDSOMIxewV2jeE5s-NUrYNKIGgKPRuMCA47cPs5Y8RBJ_IWa2w0%26cry%3D1%26dbm_d%3DAKAmf-DvhNlxJhFv_lEzT4wXw8dPrMc9LZ5RGIi76wKuXsX_rJo2JYGilxRpz_pImeMLnQBdDfeHUVU3BzO2ZGFej5DV24TwJ6AmA-xWURhYwnNgAlWyjJF3HUTf98jhXZGKEKYq5uqVqedX3jVi01HCokSbhWFfRILKd8fr-hSLAb0jrz9kB-OZrJhaUcunebCWdcmxQK3D59vEwNozwQT-ZUHmv87C3Sb2LmZyi48j2VXzxcqAnpmnaL2qseDaUWtpORUxe-8hInHO0zsp4XnTwURq1riH-eaKiTa5j1wJOPPuTxtu5qDJ86X3O4t9j1wZCwruPQ5hR7lUSDMxcQetaJ713swugb95JHGZNCUuyiLBAtGuxzGGY01Rb73jLo0TISilU7ht28Fdy_r5kT5znaoJeX-BeKpgwAFwBz9aBQJyUAqwuLC72Eh_6MIXcjMiBDCgzaffYVfqs8tIXK78ocQXyaIN-74eM3EZmiWUaHxMOX0zL1y05AYmuZ0SqGymghvaQZ93nCu4Y_rU40uZbvZ3PR_qGeTb-Jc9iO_anR5AOSuXqU4%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=5967515733121&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Tue, 05 Dec 2023 08:53:24 +0100
wmoiqux43uzw
hal9000.redintelligence.net/zone/ Frame F498 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=&gdpr_consent=&rnd=1701766403723472&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXAaUA-VuZZCULOX8xtYPxP6v-Aqm5b2gab2TnKfJD_AuEAEg1MealwFglYKAgLAHyAEJqQIzljctyC6yPqgDAcgDmwSqBN4BT9CR0LJgxMTs6GrdSIUzLNRLhv-GuEGIV2QjKampOov8mttxXyw7vVe2C5T6IavAbsxwkWR2ph7nxZXE5dP_Mykq_D0f6BDCr1OTRJcGbCFfuLLbHHmoW9IM6ezXDFbTOoDgKAX8atynJmq8Irm180al7K5oR91_eH4PEi3lgkAXx0KCVtndMt540J5WZdFe5nUHruz3kEcnRciIdK1ogJFrs01-WyOXUuoIX3rWDiOatwIlaqr6hzUDIVffeiNfWVfa89ETaru-JBYUNYvQo_NPS70GWuq9_R8_Z4yGwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WL3b7O_194IDgAoBmAsByAsBgAwBogwQKg4KDOS0sQLutbECtbixAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNo1mRdXugpOPTt7ijsWk5xc078XSXSYdbdmDuGYir-_9siyqlnL4VWNhahiguHsdKJJmO-MXMyokpJCxpXt7Njt0GKpU-jPUWIhgB%26sig%3DAOD64_3ypx6k4yCigD8eIcS9XdDdh5IvZA%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-DaHybOQMQ3vwG9tFozg5-Bbu9ZcWN8-HuXCRnY2-4iObSYMWxSkG0KZUz28E3sDD3747HORVtF4WRYVQeLmnC_GLcZ1dppg7g6KgvBvNJiYKMXUqFpe8mPqTvGAObVzlAimCT9R4rRtgkLDFiM3EdCFGGUCiP7K-VCrdLh45hfanbAZlI%26cry%3D1%26dbm_d%3DAKAmf-A1Bd8i_HwZvECAVHkEQAUz3DULEzs-jSRASeC_BhlJ9diAuYBr_gXyoxPjM9YMsbKQmvkKbDt2eZLr-GqgIBXMYeud6oLguqgz1D1W8cQ0ydL6NPDEF0WSeUZJTGGMfgHkv_rbUBpNgqXz6c5MbWXPgn41RUi2-NEXz56FS8ZNTebUNFGvSOCN5Ez7LOWy-Lp1CopvfE7EcLm98xzGBjA5XrvkZYdqlRPebAmD4NCR75KADcaGU1gwQW4IA4vPJwAzeuTI225QyscxFU31zqr34sFpfqr2mCHebAG8XckT7xwRHlV0cRxXO-McLLjOYGBTcdvOX763VLGoVfmYgKGw4dPJA1SmS8r2js76yD_W71UQXt6V6GOSu6EPWVRX1nuDw-dj-mEs3VkqcvqXkm8A69yZkZB0VWwlBuBotB88q34-plA1mdFv4KlxsTwiZzLN9mFrBVpqkIl1K7nrUca1kWiCtIq3qtFmQJeJY1c0FMJd74BmPgNECrweN14EcJ1rW7yGbsWbNGp_oQXVLw1WKN0jL2JCmuPufXUlIiAg9gV_PH0%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403292&bpp=1&bdt=200&idt=347&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=348
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
4e4ecb7e0fe182c8b8625b76a1b862bd64280c9d99be97e218cbb2575c879168

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 08:53:24 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4151
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame C97B 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
126288
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 21:48:36 GMT
expires
Mon, 02 Dec 2024 21:48:36 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame BC14 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a675848fc6424230cb3ed04c778fde9a8ca56f8cc34ee4d9d007f0705874566

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame EF55 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:33:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
29972
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 00:33:52 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 9E08 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
126288
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 21:48:36 GMT
expires
Mon, 02 Dec 2024 21:48:36 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame C97B 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:33:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
29972
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 00:33:52 GMT
rum
dsum-sec.casalemedia.com/ Frame 79E0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpLklVdFVw2g8myp1B5WMw&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpLklVdFVw2g8myp1B5WMw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY0oro4gEwAQ&v=APEucNV43S2kbvK3AoU5zrPTMQSg0b-YSdPWgVZlxicq4diHS-brAYXEVxTU7kZKUz0eSeZ-F3hGEk2oVyNBMthDyC49LzL31-cak_LSE236xPS_kvuIaQA_iO23YqCBuy3p9RrQnVI9emy78eXBpZLrirA6fMOdoJ0XuU_hz7Cr29eBOyFe160
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w0v%2BVlLBgkDTQ5Q48uGcwhPSFCcoy5X8wVS88yixcFitbXCAUoL8oKtmrLnDRvrva1GC3KF%2FJjBb1OMYtF2qI%2FmSJmZSVZliAagvuWZFWgJgYQPXw2L6bJ0o%2B1iOfLJk8oLezNgPvMhFrw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
830b0efc78b43623-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpLklVdFVw2g8myp1B5WMw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 79E0
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW7lBGwgmAmK1u-LWDSnIwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpLklVdFVw2g8myp1B5WMw&google_cver=1
43 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpLklVdFVw2g8myp1B5WMw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY0oro4gEwAQ&v=APEucNV43S2kbvK3AoU5zrPTMQSg0b-YSdPWgVZlxicq4diHS-brAYXEVxTU7kZKUz0eSeZ-F3hGEk2oVyNBMthDyC49LzL31-cak_LSE236xPS_kvuIaQA_iO23YqCBuy3p9RrQnVI9emy78eXBpZLrirA6fMOdoJ0XuU_hz7Cr29eBOyFe160
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gxCz%2BcCoF8m9r%2FAbRxGSdz4VllsjFb2khFVIw%2FREB3FL%2FgSDI%2BCFvfsAd6BKNGOP2UGW9Ofuv3DwmDPVkTRQWzaCm%2Buv0ZGl1kXCUbOYUx1BfwdyIzWx7fhS%2BcL%2F80N46qn3c9axtDUJwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
830b0efcb9193623-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpLklVdFVw2g8myp1B5WMw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 79E0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJakeL5BnyDrEoGEoDB_a68&google_cver=1
43 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJakeL5BnyDrEoGEoDB_a68&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY0oro4gEwAQ&v=APEucNV43S2kbvK3AoU5zrPTMQSg0b-YSdPWgVZlxicq4diHS-brAYXEVxTU7kZKUz0eSeZ-F3hGEk2oVyNBMthDyC49LzL31-cak_LSE236xPS_kvuIaQA_iO23YqCBuy3p9RrQnVI9emy78eXBpZLrirA6fMOdoJ0XuU_hz7Cr29eBOyFe160
Protocol
H2
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
an-x-request-uuid
7a40fe62-f509-459b-aeb2-ec5dca0c8f55
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
37.58.57.4; 37.58.57.4; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJakeL5BnyDrEoGEoDB_a68&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 79E0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI5OTEzODIzNzUyNDY2NTg2Ng%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI5OTEzODIzNzUyNDY2NTg2Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY0oro4gEwAQ&v=APEucNV43S2kbvK3AoU5zrPTMQSg0b-YSdPWgVZlxicq4diHS-brAYXEVxTU7kZKUz0eSeZ-F3hGEk2oVyNBMthDyC49LzL31-cak_LSE236xPS_kvuIaQA_iO23YqCBuy3p9RrQnVI9emy78eXBpZLrirA6fMOdoJ0XuU_hz7Cr29eBOyFe160
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
an-x-request-uuid
fa7f5dd6-ebf3-410a-a318-5421bd2cc07f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI5OTEzODIzNzUyNDY2NTg2Ng%3D%3D
x-proxy-origin
37.58.57.4; 37.58.57.4; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
request.php
hal90007.redintelligence.net/ Frame F498
Redirect Chain
  • https://hal90007.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=3a313e69d6&subid=&uid=5cb252426c0a51f8&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90007.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=3a313e69d6&subid=&uid=5cb252426c0a51f8&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90007.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=3a313e69d6&subid=&uid=5cb252426c0a51f8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXAaUA-VuZZCULOX8xtYPxP6v-Aqm5b2gab2TnKfJD_AuEAEg1MealwFglYKAgLAHyAEJqQIzljctyC6yPqgDAcgDmwSqBN4BT9CR0LJgxMTs6GrdSIUzLNRLhv-GuEGIV2QjKampOov8mttxXyw7vVe2C5T6IavAbsxwkWR2ph7nxZXE5dP_Mykq_D0f6BDCr1OTRJcGbCFfuLLbHHmoW9IM6ezXDFbTOoDgKAX8atynJmq8Irm180al7K5oR91_eH4PEi3lgkAXx0KCVtndMt540J5WZdFe5nUHruz3kEcnRciIdK1ogJFrs01-WyOXUuoIX3rWDiOatwIlaqr6hzUDIVffeiNfWVfa89ETaru-JBYUNYvQo_NPS70GWuq9_R8_Z4yGwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WL3b7O_194IDgAoBmAsByAsBgAwBogwQKg4KDOS0sQLutbECtbixAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNo1mRdXugpOPTt7ijsWk5xc078XSXSYdbdmDuGYir-_9siyqlnL4VWNhahiguHsdKJJmO-MXMyokpJCxpXt7Njt0GKpU-jPUWIhgB%26sig%3DAOD64_3ypx6k4yCigD8eIcS9XdDdh5IvZA%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-DaHybOQMQ3vwG9tFozg5-Bbu9ZcWN8-HuXCRnY2-4iObSYMWxSkG0KZUz28E3sDD3747HORVtF4WRYVQeLmnC_GLcZ1dppg7g6KgvBvNJiYKMXUqFpe8mPqTvGAObVzlAimCT9R4rRtgkLDFiM3EdCFGGUCiP7K-VCrdLh45hfanbAZlI%26cry%3D1%26dbm_d%3DAKAmf-A1Bd8i_HwZvECAVHkEQAUz3DULEzs-jSRASeC_BhlJ9diAuYBr_gXyoxPjM9YMsbKQmvkKbDt2eZLr-GqgIBXMYeud6oLguqgz1D1W8cQ0ydL6NPDEF0WSeUZJTGGMfgHkv_rbUBpNgqXz6c5MbWXPgn41RUi2-NEXz56FS8ZNTebUNFGvSOCN5Ez7LOWy-Lp1CopvfE7EcLm98xzGBjA5XrvkZYdqlRPebAmD4NCR75KADcaGU1gwQW4IA4vPJwAzeuTI225QyscxFU31zqr34sFpfqr2mCHebAG8XckT7xwRHlV0cRxXO-McLLjOYGBTcdvOX763VLGoVfmYgKGw4dPJA1SmS8r2js76yD_W71UQXt6V6GOSu6EPWVRX1nuDw-dj-mEs3VkqcvqXkm8A69yZkZB0VWwlBuBotB88q34-plA1mdFv4KlxsTwiZzLN9mFrBVpqkIl1K7nrUca1kWiCtIq3qtFmQJeJY1c0FMJd74BmPgNECrweN14EcJ1rW7yGbsWbNGp_oQXVLw1WKN0jL2JCmuPufXUlIiAg9gV_PH0%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=9949805174950&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403292&bpp=1&bdt=200&idt=347&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=348
Protocol
HTTP/1.1
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
fb12df34477c96b6ced8358bf28aa77166a0aa782ea784115c57936a1adbc735

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Dec 2023 08:53:24 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
36847600040911104444994012529007
Connection
close
Content-Length
1327
Expires
Tue, 05 Dec 2023 08:53:24 +0100

Redirect headers

Pragma
no-cache
Date
Tue, 05 Dec 2023 08:53:24 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=3a313e69d6&subid=&uid=5cb252426c0a51f8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXAaUA-VuZZCULOX8xtYPxP6v-Aqm5b2gab2TnKfJD_AuEAEg1MealwFglYKAgLAHyAEJqQIzljctyC6yPqgDAcgDmwSqBN4BT9CR0LJgxMTs6GrdSIUzLNRLhv-GuEGIV2QjKampOov8mttxXyw7vVe2C5T6IavAbsxwkWR2ph7nxZXE5dP_Mykq_D0f6BDCr1OTRJcGbCFfuLLbHHmoW9IM6ezXDFbTOoDgKAX8atynJmq8Irm180al7K5oR91_eH4PEi3lgkAXx0KCVtndMt540J5WZdFe5nUHruz3kEcnRciIdK1ogJFrs01-WyOXUuoIX3rWDiOatwIlaqr6hzUDIVffeiNfWVfa89ETaru-JBYUNYvQo_NPS70GWuq9_R8_Z4yGwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WL3b7O_194IDgAoBmAsByAsBgAwBogwQKg4KDOS0sQLutbECtbixAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNo1mRdXugpOPTt7ijsWk5xc078XSXSYdbdmDuGYir-_9siyqlnL4VWNhahiguHsdKJJmO-MXMyokpJCxpXt7Njt0GKpU-jPUWIhgB%26sig%3DAOD64_3ypx6k4yCigD8eIcS9XdDdh5IvZA%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-DaHybOQMQ3vwG9tFozg5-Bbu9ZcWN8-HuXCRnY2-4iObSYMWxSkG0KZUz28E3sDD3747HORVtF4WRYVQeLmnC_GLcZ1dppg7g6KgvBvNJiYKMXUqFpe8mPqTvGAObVzlAimCT9R4rRtgkLDFiM3EdCFGGUCiP7K-VCrdLh45hfanbAZlI%26cry%3D1%26dbm_d%3DAKAmf-A1Bd8i_HwZvECAVHkEQAUz3DULEzs-jSRASeC_BhlJ9diAuYBr_gXyoxPjM9YMsbKQmvkKbDt2eZLr-GqgIBXMYeud6oLguqgz1D1W8cQ0ydL6NPDEF0WSeUZJTGGMfgHkv_rbUBpNgqXz6c5MbWXPgn41RUi2-NEXz56FS8ZNTebUNFGvSOCN5Ez7LOWy-Lp1CopvfE7EcLm98xzGBjA5XrvkZYdqlRPebAmD4NCR75KADcaGU1gwQW4IA4vPJwAzeuTI225QyscxFU31zqr34sFpfqr2mCHebAG8XckT7xwRHlV0cRxXO-McLLjOYGBTcdvOX763VLGoVfmYgKGw4dPJA1SmS8r2js76yD_W71UQXt6V6GOSu6EPWVRX1nuDw-dj-mEs3VkqcvqXkm8A69yZkZB0VWwlBuBotB88q34-plA1mdFv4KlxsTwiZzLN9mFrBVpqkIl1K7nrUca1kWiCtIq3qtFmQJeJY1c0FMJd74BmPgNECrweN14EcJ1rW7yGbsWbNGp_oQXVLw1WKN0jL2JCmuPufXUlIiAg9gV_PH0%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=9949805174950&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Tue, 05 Dec 2023 08:53:24 +0100
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 9E08 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:33:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
29972
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 00:33:52 GMT
index.html
s0.2mdn.net/sadbundle/15415463092317913147/ Frame 9D6A 		1 KB
767 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=J4FK7qRkCH&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51c012cf2461bf8b29f345373366183c7fd121579b6178e942be0b61d8c7da14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
739
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 08:53:24 GMT
expires
Wed, 04 Dec 2024 08:53:24 GMT
last-modified
Thu, 27 Apr 2023 13:50:29 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame BC14 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsu5tPDtvqtjPppV4lF2CeHiWHZCr_J8Rr4oMwWwmv7eC2YNnSZAhmmXUx1Uoo5qAaFzh6GcT3qGMIWUiiK4zkLQ7V8nBiarWAlDhdNIg9tW0m_gPUZhgxmbSfT_vZ8ddyRGycES0GNzZiBH5E1mBn5EVMN9B7P-iZNKQHdP6R3eKJWAYMVSsnZ9122cQ6BwFQW_oppp8kq0L0KrRwdxD3fMv9ey4FtLncYm1GtzR5fcQBQ09LiYCw8D95reD_5TbF-9YqJSZ4df-MpI_biBx1x4geTwXt98iDXkC65AwbZ5ghGDpl0H4g-kXKl5f_-cZfd-VE0YHdnDNAGKutY9xUWjxdaxc8TVrsVMkJIjcnXgAPEE3CCBJYFbyvSN_8_4KNnNLIFeajaVO3AmQLrWZ4wilHCfqCxOtvZuwQZjctCVgNEdNams26pFl_NXLxZw0r_RdjKfKufnC8o4sPaJA_Yrcl2xUYo7bFhZJrGYBPoDJXy_C4Dps39oxaVd8vcOB8ZwLveA62f_0WrYbKPeXW-B_VsOyiHRG4KxTwVxSBzLLwt18gFl2mloDW1o2PzViirOO6HVXIv6LAltqZjyEd77T98VWpqM3_DZ-cmBHiabY8wCeB92YOt33KSWwc7LJAwg3kQCJHQNKPZMH5KiNGc_kfkPZfzD3T4CRy0UpQC7FmjrSuH9B7q1BaukLKs5klwFyFO8d3QoipaAwYCvyCkxvPoR4BDqxBKX7lgR3JhgPk7_9l7pzDaRwrbvfDlDkz_CF39rnUpB8xAuy8f5tQ75eZlSWiSoxR3zxWjI6FaTC50kyC8l7YMmjPScWekZHxx3LHOU1OrvL2_DrfUlRSmajIdpLbxZC7O-NDJKwqmZZanf4gFDCsoT7FDopI7rZG_0W548BEwncol4BaTrYZLRfmP1sSo9Dlm08bGy5swswwo114p96dSdheYLSTozu0R5kRX8p3CX9MJdumfSGZVIbjh3d-jmCuyZwGaaVKvHFDz1Xm-mp1uk4mLlnHDHJmb1dLfYTJ3qrGJLq2j9d5VXd7b1QozmPJWFsMZxvOehCoK4APHjkwo5cKI7epcx7SwyEivMHuwCnprWgZ0FW3l55sk5VBA-Gneg_mMhDbK2uh-E3RUnDkjJ7VPahp2waT3nRRpkVjja-CRTGCqekussaqW_82A1iPfHoDgb_0TGTMZjha73qK9D346YJp2ScWNXYWIzbYgRN3__QjDgSO2NpsKxA2Sc0duxGOgzB-dZGl6_SeErFPBL9vjIUtwAI6lhwFNWryyI1VR4lWNNBxMf_HKhHx-SOn8_qBdqMyx4F-RBBaABX8Z0Ja1VF5W6Num9OPwUs2eZp7pneZRdRRKc4i5l&sai=AMfl-YQTfXA73pxnwiNKMGp3h4ubusuhgiMb5Zywufqz0k0GbcxMun8gTtTOXVZ_Ypu8eVsj8JYuMocUb8LzN_anKxHF5E9qq4hH610UBJjhR29B90JWUNlxQkp-EbOBZM_XTcgGF9feZed-7wQm9qMgQB3NtX59jDH6fFY1a-zxBwIoeZoQWo5Q61S_1I515DwroJ7qRux9gIy6qqMqCXdvaJftqBdadDY7a8FImgqZhqbXN1l0pdZqbvgXnvVn9t2D4tNNJl1Y4GbR72KKuli544_3ZV6l-Q_b4pSOknHyUJ1lBym1f7ZCBgf0-94RKZfHQxqBYac08jOwaUOei_ixM4Yt1-BqiRSr18uvJx_rIT9DIwzhwcWUc6nYqB-f9ogeWIbbvtSi4ZvR96BEXRsW-QjW3XsJ0k4hXRY-gLnCbUNVzKrsbwVqVormGqZaNQNl995nwym27j-OFfOCpzf4ck2W5EIfj5lW4hqMy5cO4XWu8RouRpY7Dc7Gu4GkoXK6qBXZgCQpjD1ufA&sig=Cg0ArKJSzHvNwNlk1M72EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sdWZ0aGFuc2EuY29tLGh0dHBzOi8vZXhhY3RhZy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=120&cbvp=1&cstd=115&cisv=r20231130.34287&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 05 Dec 2023 08:53:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ai.aspx
m.exactag.com/ Frame BC14 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26915561&extCr=180481255&extPm=361577796&gdpr_consent=&gdpr=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
85.14.248.71 Neukirchen-Vluyn, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Tue, 05 Dec 2023 08:53:23 GMT
X-Content-Type-Options
nosniff
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
Content-Length
43
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Di, 05 Dez 2023 08:53:24 GMT
X-ET-Code
0
Accept-CH
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1119
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
tweenmax_2.0.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 9D6A 		113 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=J4FK7qRkCH&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=J4FK7qRkCH&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38915
x-xss-protection
0
last-modified
Tue, 19 Jun 2018 18:02:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 08:53:24 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 9D6A 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=J4FK7qRkCH&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=J4FK7qRkCH&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 04:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16851
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Dec 2023 04:12:33 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EF55 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BWO1-BOVuZbqRDsDUjuwPx-KjuAgAAAAAOAHgBAI&bg=!3N-l35DNAAY3kmNgF5I7ADQBe5WfOEqEl9EKiteMqEfgXg0RmBAAEs53-n6TsGpE1TigZ8hgXfSLB8_zK6I61osHj1_SAgAAAIhSAAAAAmgBBwoAqrc6DLejjQD0onmJXkaC0oMSihO4LIv9PHjh7rtaQnSe9GO33qE7RlZHM4IpIdfGQVROWjei-YnsuHmDAF7sNze2lDLT7GoHiYGQNSklDPsmPBWvtJDcudVO9mlwaVFSBcsdvS-rPc4vWgmr6YudnfOLFwoHSUUfhBXSHmNF7HLKe5DJrjLsUbaKWRtKdcr89wF_Wm_lBed7oZa_D5oPBmM9YoCkIPje1S0GmQLlj_JYU6ZhTBI4_yRkB50F9Ioz2eWXqaMzgHENXfitkj890d3mqbVEEMpD6ozh8tQ6Oa-9gZmaHDZ1443J87EQ7muw5rGM-owIQmlGBEDRRjaJHrRRAZS7Vva1J_ADkggoNrseCuT9b7fLCfLKolI1H34U26Kt5RhtHiIZ3M2EV8QnYeP2obBzygcDVMP8ToI9kGnJ1AT9V3ISScn5I6WFH_R5BssdhK10GFcfSVTVLzdczCZxUTZJh-0mDFTkra9sVCxGQ7M-8MCTLEN2qPb0sg9L_YNhueP8_K6l4JhMdIWK5E-pG0IcuLYnzXTH_7vYgFMyNSQGhH9DC3wEwOJ-SZhkZqlY1Eof7I8EktHYqL40E9w7ncnAwNVewDc1Ta7T8MfT_TpWwiafbYZsrGd5qeVl2Kii-lX3DNDWSKf0c1AGnIIHMYhK_ZDE6RxdUWaymDZnVCZyaQLr_N9BqDT0duWaofKnPj1Fdw6u9Pcim9938Q8zSLce0Gh3dFuxuMatq7WvM3l144HrrviZxvQI9spQ9PKSzocCnHe6NB-xfa3vk1lqZfZ6YaSHCYSiRaQyD0ydo9I_7pp86xUdRb6YZRPy9YpWr0JwLf0Q8c3V1dCO1_pF-wU0mTa_o3kqPCCVoWZwPKO7igROfGw-jevXm0iU_Dkp91Sjzrb7SsM7hbygTkjDF1eA2Vyp6iRegjXQgRrgeD6QwGnAuZIF9J3h_EwfamCShw4FCE12W0O1Z5jVRD3zDj2HMeIZ_hHqWMBXajC-_S-YS8nCjyCDCabzKHkduxNJwhJKhI5eLsedTUbU6prYKtVMpaSqjknieZ-l6iBZdyF8BZ-9uDNVb6pQhKj3fp_1TgbR9I6EsSBKvn7df1BkgdR5RzYBleEZf0ZExc-LvHDuG2UAllPJiyzVyTqqc3BX1qU-I3hVC9YM-uo9Ia0QfZ9N9ptVgPjB9G6TYowJR1refYjkKLdyYjRUdHhn-ZAA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403291&bpp=1&bdt=198&idt=335&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=338
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C97B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BDnUBA-VuZdSjK8utxtYPqryayAcAAAAAOAHgBAI&bg=!OTqlOnXNAAY3kmNgF5I7ADQBe5WfOJN8EiUdW6zWYOjgoHZ_Lsz8m6EBhWJ2ftixPY8PghG_MjAMgbEfKOVIezPI6CjdAgAAAHlSAAAAAmgBB5kDB0kh3T_IsIj-6Z2239FPKu6oQoCmQoyZN3B3-4M35or_pyKq56Yf3P5HT2apYVRuC9xhG5nGsMKBtSf4-51O2JsrJ92PoXMcKgsGb-8kNzc3tPsnsie8QElpcViH2kIcxbb_vr9WX4868BAH3tjH_Yi5kdvf78CL1fjcXYavAKG9dZ_aiWlmLFJ7O8Qd2lQI68GFfmuQbQGTvysjn8u9_nx97V9B9pO2Ux_sINYxFJnvwoSsjJ-iUg2JWVewcrtSBSdsHztXLVGtL4EvGgDxK3GGJGXlFfCxaKkhR0-T7ergWfgFwWlV9WnrIWW-CBaEUTZLciMP96BT-Clj5ePzafeLoFcwzYLUK2pGfdeV0ZnuBs-B6skBHDYOfOsPlOu0Qjffbm7m66pa7Dp_8kcKDuoZ-OPvhhe-J1mL63kbAA-aCNn3UDNIHSBEKpwHeukWWIdVXlo_bUvtlhuBUnBIqDuTepar2iwMoODhSRcQIX2v0Glya1H-o4GDVD93nvx0XkitXNgodrQoAKqcRKmJoIgjpf-dPLdwJJaDL9J9Zt2DTkM_VUeq3rDKpKvJAZaDCf8n7O_jx2eQ7wRALh2c7SwVDg2X8Nt427vw-HUP_OWWcHSH29S1N4QAXNZtEq5_NNVLJMov6TcvmO4GFg9ups4qCmBXoAbNIZri0eWN9d0Uyiuzs28BCZGUBjp4jfnqNsrNiS0sLHG_m_ZwuVoOlWYiyg25wdDZA_vw2V7o0tYUEmoLP9IiiuT5gPY3aYFFMfGc7nslB78LYqScOorj2n1JcnDW8B90LgPkxmNVFWc1veOJGKA4TNeOnhufvu41sx-W_E_4Mw9qDKZ43efJ16XBM6qFLxy6bkdQISJS3Eua8iPAxhfFDyiO-opAg3Ung4yCOBygNA6XIYz4gHlmQ97jBx_NFtNsOmDzSGYnnN6p1h3fYbC19tGnC1d_2uQmpYzK58Zzq52Sd4pFnHshLfUMgLkfG9pavO1DdrKI1HQ-jisA90ec5OinsNuPZJK6ZSHPm6pWde8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
adv.office-partner.de/ Frame 372F 		930 B
922 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=55ec811907&subid=&uid=7d9ff7c1ff1a7f81&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfoufA-VuZfCaLLOptOUPrrus0Amm5b2gaZ2cnKfJD_AuEAEg1MealwFglYKAgLAHyAEJqQItzKQgCzCyPqgDAcgDmwSqBN4BT9BwQfF9DL_2kxjOU1C2wJ7GRpHnmmOuawCGopIlVvqR6aExWTqG8r94ZItq_EpN3pWqhW1VjsMNpTsNkzTeIrKGobzEpxJF3bRebclhBgeh9gNtT1OCc7QympbuhCq3WWK-kzLMsfwvqgmfyyMINWOXrjUZXs79A7y1r7s4zga341uSrW-8VqdpKyMbZGLMVID9yPzgqzI4KZiTqSkMc2R3GJ5pXF7vuLF1qFNeYuEYkPFbh-3U_x1XDiHnDsOhFFzxP16PAfHB9Cb6JSjD-NYNpOWybH5qXU90iqlgwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLDy6-_194IDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAru7sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNHF86hX2HGE09gXCpvp5PIVdzkeb0NIfXkQqw_5m9dAa0eWLBMN9iI8iRt7ZlxO9A6HOWQ1YV_X4mOqMEWo6k-wAL_ekJ3kl4Y10YAQ%26sig%3DAOD64_1axh9X3It710RN4QiVoXZAS8rOLg%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-C0wm2_mn2FDxxYfh2Hl2xPPBKOMrmYM9iY34F1Qcx7YivITHfQU_2XaYgvdkqiCQbmousCha60B6Hc14IQKTCIQ9NXjAOCQ0O3HOUST3wnq0EiD4lLZlZS-0jSjb_ruDSOMIxewV2jeE5s-NUrYNKIGgKPRuMCA47cPs5Y8RBJ_IWa2w0%26cry%3D1%26dbm_d%3DAKAmf-DvhNlxJhFv_lEzT4wXw8dPrMc9LZ5RGIi76wKuXsX_rJo2JYGilxRpz_pImeMLnQBdDfeHUVU3BzO2ZGFej5DV24TwJ6AmA-xWURhYwnNgAlWyjJF3HUTf98jhXZGKEKYq5uqVqedX3jVi01HCokSbhWFfRILKd8fr-hSLAb0jrz9kB-OZrJhaUcunebCWdcmxQK3D59vEwNozwQT-ZUHmv87C3Sb2LmZyi48j2VXzxcqAnpmnaL2qseDaUWtpORUxe-8hInHO0zsp4XnTwURq1riH-eaKiTa5j1wJOPPuTxtu5qDJ86X3O4t9j1wZCwruPQ5hR7lUSDMxcQetaJ713swugb95JHGZNCUuyiLBAtGuxzGGY01Rb73jLo0TISilU7ht28Fdy_r5kT5znaoJeX-BeKpgwAFwBz9aBQJyUAqwuLC72Eh_6MIXcjMiBDCgzaffYVfqs8tIXK78ocQXyaIN-74eM3EZmiWUaHxMOX0zL1y05AYmuZ0SqGymghvaQZ93nCu4Y_rU40uZbvZ3PR_qGeTb-Jc9iO_anR5AOSuXqU4%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=5967515733121&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Tue, 05 Dec 2023 08:53:24 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Tue, 12 Dec 2023 08:53:24 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/epv/ Frame 0940 		0
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=96583300048368004444556012529009&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=55ec811907&subid=&uid=7d9ff7c1ff1a7f81&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfoufA-VuZfCaLLOptOUPrrus0Amm5b2gaZ2cnKfJD_AuEAEg1MealwFglYKAgLAHyAEJqQItzKQgCzCyPqgDAcgDmwSqBN4BT9BwQfF9DL_2kxjOU1C2wJ7GRpHnmmOuawCGopIlVvqR6aExWTqG8r94ZItq_EpN3pWqhW1VjsMNpTsNkzTeIrKGobzEpxJF3bRebclhBgeh9gNtT1OCc7QympbuhCq3WWK-kzLMsfwvqgmfyyMINWOXrjUZXs79A7y1r7s4zga341uSrW-8VqdpKyMbZGLMVID9yPzgqzI4KZiTqSkMc2R3GJ5pXF7vuLF1qFNeYuEYkPFbh-3U_x1XDiHnDsOhFFzxP16PAfHB9Cb6JSjD-NYNpOWybH5qXU90iqlgwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLDy6-_194IDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAru7sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNHF86hX2HGE09gXCpvp5PIVdzkeb0NIfXkQqw_5m9dAa0eWLBMN9iI8iRt7ZlxO9A6HOWQ1YV_X4mOqMEWo6k-wAL_ekJ3kl4Y10YAQ%26sig%3DAOD64_1axh9X3It710RN4QiVoXZAS8rOLg%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-C0wm2_mn2FDxxYfh2Hl2xPPBKOMrmYM9iY34F1Qcx7YivITHfQU_2XaYgvdkqiCQbmousCha60B6Hc14IQKTCIQ9NXjAOCQ0O3HOUST3wnq0EiD4lLZlZS-0jSjb_ruDSOMIxewV2jeE5s-NUrYNKIGgKPRuMCA47cPs5Y8RBJ_IWa2w0%26cry%3D1%26dbm_d%3DAKAmf-DvhNlxJhFv_lEzT4wXw8dPrMc9LZ5RGIi76wKuXsX_rJo2JYGilxRpz_pImeMLnQBdDfeHUVU3BzO2ZGFej5DV24TwJ6AmA-xWURhYwnNgAlWyjJF3HUTf98jhXZGKEKYq5uqVqedX3jVi01HCokSbhWFfRILKd8fr-hSLAb0jrz9kB-OZrJhaUcunebCWdcmxQK3D59vEwNozwQT-ZUHmv87C3Sb2LmZyi48j2VXzxcqAnpmnaL2qseDaUWtpORUxe-8hInHO0zsp4XnTwURq1riH-eaKiTa5j1wJOPPuTxtu5qDJ86X3O4t9j1wZCwruPQ5hR7lUSDMxcQetaJ713swugb95JHGZNCUuyiLBAtGuxzGGY01Rb73jLo0TISilU7ht28Fdy_r5kT5znaoJeX-BeKpgwAFwBz9aBQJyUAqwuLC72Eh_6MIXcjMiBDCgzaffYVfqs8tIXK78ocQXyaIN-74eM3EZmiWUaHxMOX0zL1y05AYmuZ0SqGymghvaQZ93nCu4Y_rU40uZbvZ3PR_qGeTb-Jc9iO_anR5AOSuXqU4%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=5967515733121&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length
0
content-type
application/javascript; charset=utf-8
date
Tue, 05 Dec 2023 08:53:24 GMT
host
pv.medialead.de
proxy-host
pv.medialead.de
server
nginx
vary
Origin
link.html
track.webgains.com/ Frame BED4 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=96583300048368004444556012529009&nw=1
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.170.182.156 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-170-182-156.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
73e0cbe9c127bdd98e8943eae9dedec327676c9df0e4ed621f1b9f67e03d61e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:24 GMT
last-modified
Tue, 05 Dec 2023 08:53:24 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 05 Dec 2023 08:54:24 GMT
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/epv/ Frame BED4 		0
326 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=96583300048368004444556012529009&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=55ec811907&subid=&uid=7d9ff7c1ff1a7f81&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfoufA-VuZfCaLLOptOUPrrus0Amm5b2gaZ2cnKfJD_AuEAEg1MealwFglYKAgLAHyAEJqQItzKQgCzCyPqgDAcgDmwSqBN4BT9BwQfF9DL_2kxjOU1C2wJ7GRpHnmmOuawCGopIlVvqR6aExWTqG8r94ZItq_EpN3pWqhW1VjsMNpTsNkzTeIrKGobzEpxJF3bRebclhBgeh9gNtT1OCc7QympbuhCq3WWK-kzLMsfwvqgmfyyMINWOXrjUZXs79A7y1r7s4zga341uSrW-8VqdpKyMbZGLMVID9yPzgqzI4KZiTqSkMc2R3GJ5pXF7vuLF1qFNeYuEYkPFbh-3U_x1XDiHnDsOhFFzxP16PAfHB9Cb6JSjD-NYNpOWybH5qXU90iqlgwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLDy6-_194IDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAru7sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNHF86hX2HGE09gXCpvp5PIVdzkeb0NIfXkQqw_5m9dAa0eWLBMN9iI8iRt7ZlxO9A6HOWQ1YV_X4mOqMEWo6k-wAL_ekJ3kl4Y10YAQ%26sig%3DAOD64_1axh9X3It710RN4QiVoXZAS8rOLg%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-C0wm2_mn2FDxxYfh2Hl2xPPBKOMrmYM9iY34F1Qcx7YivITHfQU_2XaYgvdkqiCQbmousCha60B6Hc14IQKTCIQ9NXjAOCQ0O3HOUST3wnq0EiD4lLZlZS-0jSjb_ruDSOMIxewV2jeE5s-NUrYNKIGgKPRuMCA47cPs5Y8RBJ_IWa2w0%26cry%3D1%26dbm_d%3DAKAmf-DvhNlxJhFv_lEzT4wXw8dPrMc9LZ5RGIi76wKuXsX_rJo2JYGilxRpz_pImeMLnQBdDfeHUVU3BzO2ZGFej5DV24TwJ6AmA-xWURhYwnNgAlWyjJF3HUTf98jhXZGKEKYq5uqVqedX3jVi01HCokSbhWFfRILKd8fr-hSLAb0jrz9kB-OZrJhaUcunebCWdcmxQK3D59vEwNozwQT-ZUHmv87C3Sb2LmZyi48j2VXzxcqAnpmnaL2qseDaUWtpORUxe-8hInHO0zsp4XnTwURq1riH-eaKiTa5j1wJOPPuTxtu5qDJ86X3O4t9j1wZCwruPQ5hR7lUSDMxcQetaJ713swugb95JHGZNCUuyiLBAtGuxzGGY01Rb73jLo0TISilU7ht28Fdy_r5kT5znaoJeX-BeKpgwAFwBz9aBQJyUAqwuLC72Eh_6MIXcjMiBDCgzaffYVfqs8tIXK78ocQXyaIN-74eM3EZmiWUaHxMOX0zL1y05AYmuZ0SqGymghvaQZ93nCu4Y_rU40uZbvZ3PR_qGeTb-Jc9iO_anR5AOSuXqU4%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=5967515733121&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:24 GMT
attribution-reporting-register-source
{"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx
host
pv.medialead.de
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
0
proxy-host
pv.medialead.de
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame BED4 		43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=96583300048368004444556012529009&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=55ec811907&subid=&uid=7d9ff7c1ff1a7f81&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfoufA-VuZfCaLLOptOUPrrus0Amm5b2gaZ2cnKfJD_AuEAEg1MealwFglYKAgLAHyAEJqQItzKQgCzCyPqgDAcgDmwSqBN4BT9BwQfF9DL_2kxjOU1C2wJ7GRpHnmmOuawCGopIlVvqR6aExWTqG8r94ZItq_EpN3pWqhW1VjsMNpTsNkzTeIrKGobzEpxJF3bRebclhBgeh9gNtT1OCc7QympbuhCq3WWK-kzLMsfwvqgmfyyMINWOXrjUZXs79A7y1r7s4zga341uSrW-8VqdpKyMbZGLMVID9yPzgqzI4KZiTqSkMc2R3GJ5pXF7vuLF1qFNeYuEYkPFbh-3U_x1XDiHnDsOhFFzxP16PAfHB9Cb6JSjD-NYNpOWybH5qXU90iqlgwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLDy6-_194IDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAru7sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNHF86hX2HGE09gXCpvp5PIVdzkeb0NIfXkQqw_5m9dAa0eWLBMN9iI8iRt7ZlxO9A6HOWQ1YV_X4mOqMEWo6k-wAL_ekJ3kl4Y10YAQ%26sig%3DAOD64_1axh9X3It710RN4QiVoXZAS8rOLg%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-C0wm2_mn2FDxxYfh2Hl2xPPBKOMrmYM9iY34F1Qcx7YivITHfQU_2XaYgvdkqiCQbmousCha60B6Hc14IQKTCIQ9NXjAOCQ0O3HOUST3wnq0EiD4lLZlZS-0jSjb_ruDSOMIxewV2jeE5s-NUrYNKIGgKPRuMCA47cPs5Y8RBJ_IWa2w0%26cry%3D1%26dbm_d%3DAKAmf-DvhNlxJhFv_lEzT4wXw8dPrMc9LZ5RGIi76wKuXsX_rJo2JYGilxRpz_pImeMLnQBdDfeHUVU3BzO2ZGFej5DV24TwJ6AmA-xWURhYwnNgAlWyjJF3HUTf98jhXZGKEKYq5uqVqedX3jVi01HCokSbhWFfRILKd8fr-hSLAb0jrz9kB-OZrJhaUcunebCWdcmxQK3D59vEwNozwQT-ZUHmv87C3Sb2LmZyi48j2VXzxcqAnpmnaL2qseDaUWtpORUxe-8hInHO0zsp4XnTwURq1riH-eaKiTa5j1wJOPPuTxtu5qDJ86X3O4t9j1wZCwruPQ5hR7lUSDMxcQetaJ713swugb95JHGZNCUuyiLBAtGuxzGGY01Rb73jLo0TISilU7ht28Fdy_r5kT5znaoJeX-BeKpgwAFwBz9aBQJyUAqwuLC72Eh_6MIXcjMiBDCgzaffYVfqs8tIXK78ocQXyaIN-74eM3EZmiWUaHxMOX0zL1y05AYmuZ0SqGymghvaQZ93nCu4Y_rU40uZbvZ3PR_qGeTb-Jc9iO_anR5AOSuXqU4%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=5967515733121&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:24 GMT
attribution-reporting-register-source
{"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx
host
pv.medialead.de
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
43
proxy-host
pv.medialead.de
cshow.php
www.awin1.com/ Frame BED4 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=96583300048368004444556012529009&pv=1
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=55ec811907&subid=&uid=7d9ff7c1ff1a7f81&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfoufA-VuZfCaLLOptOUPrrus0Amm5b2gaZ2cnKfJD_AuEAEg1MealwFglYKAgLAHyAEJqQItzKQgCzCyPqgDAcgDmwSqBN4BT9BwQfF9DL_2kxjOU1C2wJ7GRpHnmmOuawCGopIlVvqR6aExWTqG8r94ZItq_EpN3pWqhW1VjsMNpTsNkzTeIrKGobzEpxJF3bRebclhBgeh9gNtT1OCc7QympbuhCq3WWK-kzLMsfwvqgmfyyMINWOXrjUZXs79A7y1r7s4zga341uSrW-8VqdpKyMbZGLMVID9yPzgqzI4KZiTqSkMc2R3GJ5pXF7vuLF1qFNeYuEYkPFbh-3U_x1XDiHnDsOhFFzxP16PAfHB9Cb6JSjD-NYNpOWybH5qXU90iqlgwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLDy6-_194IDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAru7sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNHF86hX2HGE09gXCpvp5PIVdzkeb0NIfXkQqw_5m9dAa0eWLBMN9iI8iRt7ZlxO9A6HOWQ1YV_X4mOqMEWo6k-wAL_ekJ3kl4Y10YAQ%26sig%3DAOD64_1axh9X3It710RN4QiVoXZAS8rOLg%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-C0wm2_mn2FDxxYfh2Hl2xPPBKOMrmYM9iY34F1Qcx7YivITHfQU_2XaYgvdkqiCQbmousCha60B6Hc14IQKTCIQ9NXjAOCQ0O3HOUST3wnq0EiD4lLZlZS-0jSjb_ruDSOMIxewV2jeE5s-NUrYNKIGgKPRuMCA47cPs5Y8RBJ_IWa2w0%26cry%3D1%26dbm_d%3DAKAmf-DvhNlxJhFv_lEzT4wXw8dPrMc9LZ5RGIi76wKuXsX_rJo2JYGilxRpz_pImeMLnQBdDfeHUVU3BzO2ZGFej5DV24TwJ6AmA-xWURhYwnNgAlWyjJF3HUTf98jhXZGKEKYq5uqVqedX3jVi01HCokSbhWFfRILKd8fr-hSLAb0jrz9kB-OZrJhaUcunebCWdcmxQK3D59vEwNozwQT-ZUHmv87C3Sb2LmZyi48j2VXzxcqAnpmnaL2qseDaUWtpORUxe-8hInHO0zsp4XnTwURq1riH-eaKiTa5j1wJOPPuTxtu5qDJ86X3O4t9j1wZCwruPQ5hR7lUSDMxcQetaJ713swugb95JHGZNCUuyiLBAtGuxzGGY01Rb73jLo0TISilU7ht28Fdy_r5kT5znaoJeX-BeKpgwAFwBz9aBQJyUAqwuLC72Eh_6MIXcjMiBDCgzaffYVfqs8tIXK78ocQXyaIN-74eM3EZmiWUaHxMOX0zL1y05AYmuZ0SqGymghvaQZ93nCu4Y_rU40uZbvZ3PR_qGeTb-Jc9iO_anR5AOSuXqU4%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=5967515733121&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-205-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Dec 2023 08:53:24 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
view
ad.doubleclick.net/pcs/ Frame BC14 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsu5tPDtvqtjPppV4lF2CeHiWHZCr_J8Rr4oMwWwmv7eC2YNnSZAhmmXUx1Uoo5qAaFzh6GcT3qGMIWUiiK4zkLQ7V8nBiarWAlDhdNIg9tW0m_gPUZhgxmbSfT_vZ8ddyRGycES0GNzZiBH5E1mBn5EVMN9B7P-iZNKQHdP6R3eKJWAYMVSsnZ9122cQ6BwFQW_oppp8kq0L0KrRwdxD3fMv9ey4FtLncYm1GtzR5fcQBQ09LiYCw8D95reD_5TbF-9YqJSZ4df-MpI_biBx1x4geTwXt98iDXkC65AwbZ5ghGDpl0H4g-kXKl5f_-cZfd-VE0YHdnDNAGKutY9xUWjxdaxc8TVrsVMkJIjcnXgAPEE3CCBJYFbyvSN_8_4KNnNLIFeajaVO3AmQLrWZ4wilHCfqCxOtvZuwQZjctCVgNEdNams26pFl_NXLxZw0r_RdjKfKufnC8o4sPaJA_Yrcl2xUYo7bFhZJrGYBPoDJXy_C4Dps39oxaVd8vcOB8ZwLveA62f_0WrYbKPeXW-B_VsOyiHRG4KxTwVxSBzLLwt18gFl2mloDW1o2PzViirOO6HVXIv6LAltqZjyEd77T98VWpqM3_DZ-cmBHiabY8wCeB92YOt33KSWwc7LJAwg3kQCJHQNKPZMH5KiNGc_kfkPZfzD3T4CRy0UpQC7FmjrSuH9B7q1BaukLKs5klwFyFO8d3QoipaAwYCvyCkxvPoR4BDqxBKX7lgR3JhgPk7_9l7pzDaRwrbvfDlDkz_CF39rnUpB8xAuy8f5tQ75eZlSWiSoxR3zxWjI6FaTC50kyC8l7YMmjPScWekZHxx3LHOU1OrvL2_DrfUlRSmajIdpLbxZC7O-NDJKwqmZZanf4gFDCsoT7FDopI7rZG_0W548BEwncol4BaTrYZLRfmP1sSo9Dlm08bGy5swswwo114p96dSdheYLSTozu0R5kRX8p3CX9MJdumfSGZVIbjh3d-jmCuyZwGaaVKvHFDz1Xm-mp1uk4mLlnHDHJmb1dLfYTJ3qrGJLq2j9d5VXd7b1QozmPJWFsMZxvOehCoK4APHjkwo5cKI7epcx7SwyEivMHuwCnprWgZ0FW3l55sk5VBA-Gneg_mMhDbK2uh-E3RUnDkjJ7VPahp2waT3nRRpkVjja-CRTGCqekussaqW_82A1iPfHoDgb_0TGTMZjha73qK9D346YJp2ScWNXYWIzbYgRN3__QjDgSO2NpsKxA2Sc0duxGOgzB-dZGl6_SeErFPBL9vjIUtwAI6lhwFNWryyI1VR4lWNNBxMf_HKhHx-SOn8_qBdqMyx4F-RBBaABX8Z0Ja1VF5W6Num9OPwUs2eZp7pneZRdRRKc4i5l&sai=AMfl-YQTfXA73pxnwiNKMGp3h4ubusuhgiMb5Zywufqz0k0GbcxMun8gTtTOXVZ_Ypu8eVsj8JYuMocUb8LzN_anKxHF5E9qq4hH610UBJjhR29B90JWUNlxQkp-EbOBZM_XTcgGF9feZed-7wQm9qMgQB3NtX59jDH6fFY1a-zxBwIoeZoQWo5Q61S_1I515DwroJ7qRux9gIy6qqMqCXdvaJftqBdadDY7a8FImgqZhqbXN1l0pdZqbvgXnvVn9t2D4tNNJl1Y4GbR72KKuli544_3ZV6l-Q_b4pSOknHyUJ1lBym1f7ZCBgf0-94RKZfHQxqBYac08jOwaUOei_ixM4Yt1-BqiRSr18uvJx_rIT9DIwzhwcWUc6nYqB-f9ogeWIbbvtSi4ZvR96BEXRsW-QjW3XsJ0k4hXRY-gLnCbUNVzKrsbwVqVormGqZaNQNl995nwym27j-OFfOCpzf4ck2W5EIfj5lW4hqMy5cO4XWu8RouRpY7Dc7Gu4GkoXK6qBXZgCQpjD1ufA&sig=Cg0ArKJSzHvNwNlk1M72EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sdWZ0aGFuc2EuY29tLGh0dHBzOi8vZXhhY3RhZy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=243&vt=11&dtpt=123&dett=3&cstd=115&cisv=r20231130.34287&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E08 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B2b_fBOVuZcX2EY617_UP85uRwAwAAAAAOAHgBAI&bg=!hoWlhcrNAAY3kmNgF5I7ADQBe5WfOHcHQreGiV1BUX2Ii52-hWgLN_06lupuYMCztnhANYcPNR56ibEXQHR22TzZQk2-AgAAAFtSAAAAAmgBBwoAhJHFuQ3FVa3gppI5wrolRkODOqcXg2sL_abEYaQeTtaQeZ0dXljxTHDhYzBdwdKRsmeCMhstauTZxOE1x4rsLiacddQREWmXcVTrGBJwgtvdTQJLczbo5ibgPoylMLsHOqYITKEbOcoGUwpIXjsSM-C0ArhfJJR7ZYyD_vcuw88uQa-AA5kC6A1om7wLAbe_kQII60-5G5oo2nBzOiZA2akD5gMo2jIruq6O7IRGfORD1muYKoRTt_pluAV_bV80MXLlWYO_RlxSmooRO-PjfrjO0N6k7hMYSqV9yOCpGsUIzSSIDz2y9FLxbWyCn732Ak6ANrmsQbgxumavOxlIboLVal2zINwTGoSdIEut2yGbW-XpnNd6tP6vklefLRErvNRpGRKFOs30iSuga2smWkLBwcjn1-Ob8RHbSUgjI6RaVGFMHDGrR2qBKwIiLJBmIU9sbWPcnhP4lpqH9ix3sh9lufOaWP_kifXHA0eBlsuMWRkZ5jJagw8M17IMx55BiRd2c9kJr_Zmx8ZhjUd5JR3aoOH8CYg7_ozGBoN6gBaFqjY9zxmRuAXXD0Evx58MMI4cL5BedcyyihJkLjDh8mVGBqITEOlNQ_oOcl0dVDqTDiNR8w8TE5nyJsqf3RrTEAqG8w7CqsKhsgDisydPkN4TpaVhPTB5jLSBK-zOqjHePhwP66qqKEWa3c2iRKJeY893_nVfTo5qRQMUmMRgMeuhPhQmO0nN0OaZigc8fOZ_HFoi2GGX74MU3v3MyN2MHVlpfpUJg4PtulkiIoDVg-Vbupkb0yrtuYQGZhafs5HKLm9hbRS77WQXyYiuRrsWq_-4Lq8utm1hqg6UVViFAYw-QXQEs-L-HuMjBqpGYwYf-vrGPr4w-IDwPlmKcNwK4Eb4bkWnMwsqpeZYfFrP4oPEyUmeZSWahT-u3H_qwq7B9S1UxUUxRTXV3A9Rzu3pRZleF9dWbPttShIyQjodhSQJJdqQ0NW-l7PlllxvlAnhW_hmXRSvNRd8zRKwK_AjCL76-TiYjS_LFN9D_30z-_jz3Yv9Cnd8NQ111imFnXHRa4UG0zWgmG4YK7vf-KdQibK3MBrX9XpTQ80tMxpSGAIcXN5uI4djyWKU10DxlXyWlXlSlNq6PLi53y1V9QQ7jx_22EFNExtHELOtkG9kQQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403292&bpp=1&bdt=200&idt=347&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=348
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
adv.office-partner.de/ Frame C007 		930 B
923 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=3a313e69d6&subid=&uid=5cb252426c0a51f8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXAaUA-VuZZCULOX8xtYPxP6v-Aqm5b2gab2TnKfJD_AuEAEg1MealwFglYKAgLAHyAEJqQIzljctyC6yPqgDAcgDmwSqBN4BT9CR0LJgxMTs6GrdSIUzLNRLhv-GuEGIV2QjKampOov8mttxXyw7vVe2C5T6IavAbsxwkWR2ph7nxZXE5dP_Mykq_D0f6BDCr1OTRJcGbCFfuLLbHHmoW9IM6ezXDFbTOoDgKAX8atynJmq8Irm180al7K5oR91_eH4PEi3lgkAXx0KCVtndMt540J5WZdFe5nUHruz3kEcnRciIdK1ogJFrs01-WyOXUuoIX3rWDiOatwIlaqr6hzUDIVffeiNfWVfa89ETaru-JBYUNYvQo_NPS70GWuq9_R8_Z4yGwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WL3b7O_194IDgAoBmAsByAsBgAwBogwQKg4KDOS0sQLutbECtbixAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNo1mRdXugpOPTt7ijsWk5xc078XSXSYdbdmDuGYir-_9siyqlnL4VWNhahiguHsdKJJmO-MXMyokpJCxpXt7Njt0GKpU-jPUWIhgB%26sig%3DAOD64_3ypx6k4yCigD8eIcS9XdDdh5IvZA%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-DaHybOQMQ3vwG9tFozg5-Bbu9ZcWN8-HuXCRnY2-4iObSYMWxSkG0KZUz28E3sDD3747HORVtF4WRYVQeLmnC_GLcZ1dppg7g6KgvBvNJiYKMXUqFpe8mPqTvGAObVzlAimCT9R4rRtgkLDFiM3EdCFGGUCiP7K-VCrdLh45hfanbAZlI%26cry%3D1%26dbm_d%3DAKAmf-A1Bd8i_HwZvECAVHkEQAUz3DULEzs-jSRASeC_BhlJ9diAuYBr_gXyoxPjM9YMsbKQmvkKbDt2eZLr-GqgIBXMYeud6oLguqgz1D1W8cQ0ydL6NPDEF0WSeUZJTGGMfgHkv_rbUBpNgqXz6c5MbWXPgn41RUi2-NEXz56FS8ZNTebUNFGvSOCN5Ez7LOWy-Lp1CopvfE7EcLm98xzGBjA5XrvkZYdqlRPebAmD4NCR75KADcaGU1gwQW4IA4vPJwAzeuTI225QyscxFU31zqr34sFpfqr2mCHebAG8XckT7xwRHlV0cRxXO-McLLjOYGBTcdvOX763VLGoVfmYgKGw4dPJA1SmS8r2js76yD_W71UQXt6V6GOSu6EPWVRX1nuDw-dj-mEs3VkqcvqXkm8A69yZkZB0VWwlBuBotB88q34-plA1mdFv4KlxsTwiZzLN9mFrBVpqkIl1K7nrUca1kWiCtIq3qtFmQJeJY1c0FMJd74BmPgNECrweN14EcJ1rW7yGbsWbNGp_oQXVLw1WKN0jL2JCmuPufXUlIiAg9gV_PH0%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=9949805174950&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Tue, 05 Dec 2023 08:53:24 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Tue, 12 Dec 2023 08:53:24 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/epv/ Frame 861D 		0
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=36847600040911104444994012529007&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=3a313e69d6&subid=&uid=5cb252426c0a51f8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXAaUA-VuZZCULOX8xtYPxP6v-Aqm5b2gab2TnKfJD_AuEAEg1MealwFglYKAgLAHyAEJqQIzljctyC6yPqgDAcgDmwSqBN4BT9CR0LJgxMTs6GrdSIUzLNRLhv-GuEGIV2QjKampOov8mttxXyw7vVe2C5T6IavAbsxwkWR2ph7nxZXE5dP_Mykq_D0f6BDCr1OTRJcGbCFfuLLbHHmoW9IM6ezXDFbTOoDgKAX8atynJmq8Irm180al7K5oR91_eH4PEi3lgkAXx0KCVtndMt540J5WZdFe5nUHruz3kEcnRciIdK1ogJFrs01-WyOXUuoIX3rWDiOatwIlaqr6hzUDIVffeiNfWVfa89ETaru-JBYUNYvQo_NPS70GWuq9_R8_Z4yGwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WL3b7O_194IDgAoBmAsByAsBgAwBogwQKg4KDOS0sQLutbECtbixAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNo1mRdXugpOPTt7ijsWk5xc078XSXSYdbdmDuGYir-_9siyqlnL4VWNhahiguHsdKJJmO-MXMyokpJCxpXt7Njt0GKpU-jPUWIhgB%26sig%3DAOD64_3ypx6k4yCigD8eIcS9XdDdh5IvZA%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-DaHybOQMQ3vwG9tFozg5-Bbu9ZcWN8-HuXCRnY2-4iObSYMWxSkG0KZUz28E3sDD3747HORVtF4WRYVQeLmnC_GLcZ1dppg7g6KgvBvNJiYKMXUqFpe8mPqTvGAObVzlAimCT9R4rRtgkLDFiM3EdCFGGUCiP7K-VCrdLh45hfanbAZlI%26cry%3D1%26dbm_d%3DAKAmf-A1Bd8i_HwZvECAVHkEQAUz3DULEzs-jSRASeC_BhlJ9diAuYBr_gXyoxPjM9YMsbKQmvkKbDt2eZLr-GqgIBXMYeud6oLguqgz1D1W8cQ0ydL6NPDEF0WSeUZJTGGMfgHkv_rbUBpNgqXz6c5MbWXPgn41RUi2-NEXz56FS8ZNTebUNFGvSOCN5Ez7LOWy-Lp1CopvfE7EcLm98xzGBjA5XrvkZYdqlRPebAmD4NCR75KADcaGU1gwQW4IA4vPJwAzeuTI225QyscxFU31zqr34sFpfqr2mCHebAG8XckT7xwRHlV0cRxXO-McLLjOYGBTcdvOX763VLGoVfmYgKGw4dPJA1SmS8r2js76yD_W71UQXt6V6GOSu6EPWVRX1nuDw-dj-mEs3VkqcvqXkm8A69yZkZB0VWwlBuBotB88q34-plA1mdFv4KlxsTwiZzLN9mFrBVpqkIl1K7nrUca1kWiCtIq3qtFmQJeJY1c0FMJd74BmPgNECrweN14EcJ1rW7yGbsWbNGp_oQXVLw1WKN0jL2JCmuPufXUlIiAg9gV_PH0%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=9949805174950&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length
0
content-type
application/javascript; charset=utf-8
date
Tue, 05 Dec 2023 08:53:24 GMT
host
pv.medialead.de
proxy-host
pv.medialead.de
server
nginx
vary
Origin
link.html
track.webgains.com/ Frame F498 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=36847600040911104444994012529007&nw=1
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.170.182.156 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-170-182-156.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
19407360e9ed56e2d49377575d788d6aee9915b1818540efd79848177cbd4a25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:24 GMT
last-modified
Tue, 05 Dec 2023 08:53:24 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 05 Dec 2023 08:54:24 GMT
activityi;dc_pre=CMrSs_D194IDFaHHOwIdYT4Fyw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1320501837867.7158
5994599.fls.doubleclick.net/ Frame 2484
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1320501837867.7158?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CMrSs_D194IDFaHHOwIdYT4Fyw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1320501837867.7158?
392 B
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CMrSs_D194IDFaHHOwIdYT4Fyw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1320501837867.7158?
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f6.1e100.net
Software
cafe /
Resource Hash
ad5a5fa4215d33b83560899fe406f1c6458100bfbce6a2dfc2ad35a41f2b6d80
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
218
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 08:53:24 GMT
expires
Tue, 05 Dec 2023 08:53:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 08:53:24 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CMrSs_D194IDFaHHOwIdYT4Fyw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1320501837867.7158?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal90007.redintelligence.net/ Frame 6B76 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90007.redintelligence.net/request_content.php?s=36847600040911104444994012529007&a=9f0734ff
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=3a313e69d6&subid=&uid=5cb252426c0a51f8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXAaUA-VuZZCULOX8xtYPxP6v-Aqm5b2gab2TnKfJD_AuEAEg1MealwFglYKAgLAHyAEJqQIzljctyC6yPqgDAcgDmwSqBN4BT9CR0LJgxMTs6GrdSIUzLNRLhv-GuEGIV2QjKampOov8mttxXyw7vVe2C5T6IavAbsxwkWR2ph7nxZXE5dP_Mykq_D0f6BDCr1OTRJcGbCFfuLLbHHmoW9IM6ezXDFbTOoDgKAX8atynJmq8Irm180al7K5oR91_eH4PEi3lgkAXx0KCVtndMt540J5WZdFe5nUHruz3kEcnRciIdK1ogJFrs01-WyOXUuoIX3rWDiOatwIlaqr6hzUDIVffeiNfWVfa89ETaru-JBYUNYvQo_NPS70GWuq9_R8_Z4yGwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WL3b7O_194IDgAoBmAsByAsBgAwBogwQKg4KDOS0sQLutbECtbixAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNo1mRdXugpOPTt7ijsWk5xc078XSXSYdbdmDuGYir-_9siyqlnL4VWNhahiguHsdKJJmO-MXMyokpJCxpXt7Njt0GKpU-jPUWIhgB%26sig%3DAOD64_3ypx6k4yCigD8eIcS9XdDdh5IvZA%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-DaHybOQMQ3vwG9tFozg5-Bbu9ZcWN8-HuXCRnY2-4iObSYMWxSkG0KZUz28E3sDD3747HORVtF4WRYVQeLmnC_GLcZ1dppg7g6KgvBvNJiYKMXUqFpe8mPqTvGAObVzlAimCT9R4rRtgkLDFiM3EdCFGGUCiP7K-VCrdLh45hfanbAZlI%26cry%3D1%26dbm_d%3DAKAmf-A1Bd8i_HwZvECAVHkEQAUz3DULEzs-jSRASeC_BhlJ9diAuYBr_gXyoxPjM9YMsbKQmvkKbDt2eZLr-GqgIBXMYeud6oLguqgz1D1W8cQ0ydL6NPDEF0WSeUZJTGGMfgHkv_rbUBpNgqXz6c5MbWXPgn41RUi2-NEXz56FS8ZNTebUNFGvSOCN5Ez7LOWy-Lp1CopvfE7EcLm98xzGBjA5XrvkZYdqlRPebAmD4NCR75KADcaGU1gwQW4IA4vPJwAzeuTI225QyscxFU31zqr34sFpfqr2mCHebAG8XckT7xwRHlV0cRxXO-McLLjOYGBTcdvOX763VLGoVfmYgKGw4dPJA1SmS8r2js76yD_W71UQXt6V6GOSu6EPWVRX1nuDw-dj-mEs3VkqcvqXkm8A69yZkZB0VWwlBuBotB88q34-plA1mdFv4KlxsTwiZzLN9mFrBVpqkIl1K7nrUca1kWiCtIq3qtFmQJeJY1c0FMJd74BmPgNECrweN14EcJ1rW7yGbsWbNGp_oQXVLw1WKN0jL2JCmuPufXUlIiAg9gV_PH0%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=9949805174950&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
84ee712aa22c562550f65898a076b35e125558787f63a5eb73ac24e7d9ba8261

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2111
Content-Type
text/html; charset=utf-8
Date
Tue, 05 Dec 2023 08:53:24 GMT
Expires
Tue, 05 Dec 2023 08:53:24 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame F498
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=36847600040911104444994012529007&t=htlp&gdpr=1&consent=1&gdpr_consent=
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=36847600040911104444994012529007&t=htlp&gdpr=1&consent=1&gdpr_consent=
43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=36847600040911104444994012529007&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403292&bpp=1&bdt=200&idt=347&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=348
Protocol
H2
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:24 GMT
attribution-reporting-register-source
{"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx
host
pv.medialead.de
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
43
proxy-host
pv.medialead.de

Redirect headers

location
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=36847600040911104444994012529007&t=htlp&gdpr=1&consent=1&gdpr_consent=
date
Tue, 05 Dec 2023 08:53:24 GMT
server
nginx
content-length
138
content-type
text/html
cshow.php
www.awin1.com/ Frame F498 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=36847600040911104444994012529007&pv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403292&bpp=1&bdt=200&idt=347&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=348
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-205-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Dec 2023 08:53:24 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
truncated
/ Frame F498 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65e31a8eff137a3bef947769a3de610af393a4091df5874a5918b5074350d08c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame F1C4 		640 B
265 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGP6N3_QBMAE&v=APEucNVxXyfYqIMP1lnG3-i-wjQsIcJ4A_jtZ59YcEFVr0uk701VjaKNLOAnVqE_JdKz7Ut1akTdrL7FG0ZsLMXJJhQX7VWe_bi5vjgR9GN9aEK2Y_rkUr2l8BSsjctI19DITmi_mcGTavHTJM5jAcFHR0FXX-FLzT5XzjKpPbUZRmdCrfFeydo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=4347476252&adk=504672438&adf=3417920651&pi=t.ma~as.4347476252&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403292&bpp=1&bdt=200&idt=339&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=342
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=4347476252&adk=504672438&adf=3417920651&pi=t.ma~as.4347476252&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403292&bpp=1&bdt=200&idt=339&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=342
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 08:53:24 GMT
expires
Tue, 05 Dec 2023 08:53:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame C771 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=4347476252&adk=504672438&adf=3417920651&pi=t.ma~as.4347476252&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403292&bpp=1&bdt=200&idt=339&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=342
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 05 Dec 2023 08:53:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame C771 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=4347476252&adk=504672438&adf=3417920651&pi=t.ma~as.4347476252&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403292&bpp=1&bdt=200&idt=339&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=342
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:00:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
39177
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 22:00:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame C771 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=4347476252&adk=504672438&adf=3417920651&pi=t.ma~as.4347476252&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403292&bpp=1&bdt=200&idt=339&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=342
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:51:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8549
x-xss-protection
0
server
cafe
etag
755982428571291914
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 08:51:05 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C771 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=4347476252&adk=504672438&adf=3417920651&pi=t.ma~as.4347476252&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403292&bpp=1&bdt=200&idt=339&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=342
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65147
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701694399686299"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 08:53:24 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C771 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cf8bMAcqDcIWOWAooWHe5o2QoL34urR-5_50iJYWwyR_7J4pwNkcxNkzvhOFjyVtwP9Qrd-9XFTr5wWDKAh7ZdAUagjhoFKRCYMwxD_n4c8iT1icM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=4347476252&adk=504672438&adf=3417920651&pi=t.ma~as.4347476252&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403292&bpp=1&bdt=200&idt=339&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=342
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.js
s0.2mdn.net/creatives/assets/4703545/ Frame 9D6A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=J4FK7qRkCH&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=J4FK7qRkCH&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:51:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
102
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1100
x-xss-protection
0
last-modified
Fri, 05 May 2023 10:07:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 09:06:42 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9D6A 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6ef7c03bb9fa2faf5ddb623078decce8ec80f28fdf8bb348f5bb01634e0d484
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5963
x-xss-protection
0
activityi;dc_pre=CK_es_D194IDFePMOwIdchgETw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7421131836471.022
5994599.fls.doubleclick.net/ Frame A9FE
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7421131836471.022?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CK_es_D194IDFePMOwIdchgETw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7421131836471.022?
391 B
286 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CK_es_D194IDFePMOwIdchgETw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7421131836471.022?
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403291&bpp=1&bdt=198&idt=335&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f6.1e100.net
Software
cafe /
Resource Hash
16e9faae5c54c37aa733bb0df8989a1617576da0239a51aefd451e229d9f8784
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
217
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 08:53:24 GMT
expires
Tue, 05 Dec 2023 08:53:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 08:53:24 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CK_es_D194IDFePMOwIdchgETw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7421131836471.022?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal90009.redintelligence.net/ Frame 5CDC 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90009.redintelligence.net/request_content.php?s=96583300048368004444556012529009&a=429de8bd
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403291&bpp=1&bdt=198&idt=335&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=338
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
5deff97591ba6239eb143fa47d3ad22f0e04f16f7ff39090d8b710db68924989

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2038
Content-Type
text/html; charset=utf-8
Date
Tue, 05 Dec 2023 08:53:24 GMT
Expires
Tue, 05 Dec 2023 08:53:24 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
truncated
/ Frame BED4 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
64e837d05fce89f92d05b6074ef0d257b37b0cfcb3211e1853a10e149e41ebb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 6B76 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=36847600040911104444994012529007&a=9f0734ff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90007.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 05 Dec 2023 08:53:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 07:52:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Dec 2023 08:53:24 GMT
/
hal9000.redintelligence.net/scale/ Frame 6B76 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=36847600040911104444994012529007&a=9f0734ff
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
a1c52a37bc7c3c9e035c1817a0c78665ff491a9854bbb4b665ee774450e9b672

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90007.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 08:53:24 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16513
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 6B76 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=36847600040911104444994012529007&a=9f0734ff
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
41d5c049a8bfb1cbe82bf1d536244753f48c2e0240005f2ad753b70bf606a4c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90007.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 08:53:24 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16982
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 6B76 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=36847600040911104444994012529007&a=9f0734ff
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
ee60dc9f4a5a261552c9432f27ce50a66664dacc6bcd21d6651141c579e77d03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90007.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 08:53:24 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
10940
Vary
Accept-Encoding
Content-Type
image/png
gtm.js
www.googletagmanager.com/ Frame C007 		175 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a52e8ca9507299459bbcd4eab3662692194062bc229709101973442010815d12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64116
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 05 Dec 2023 08:53:24 GMT
gtm.js
www.googletagmanager.com/ Frame 372F 		175 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9b328d831b112c1505a892a225cc9a0fb223620a8eee293e92bd4850e302bb94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64119
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 05 Dec 2023 08:53:24 GMT
728x90_de-de_performance.js
s0.2mdn.net/creatives/assets/4703545/ Frame 9D6A 		80 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e22e6a4c1770831466a702ad01381d6e8ad3facca6587e0f70bd4fe77679b00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=J4FK7qRkCH&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:48:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
324
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19260
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 13:32:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 09:03:00 GMT
css
fonts.googleapis.com/ Frame 5CDC 		5 KB
755 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=96583300048368004444556012529009&a=429de8bd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 05 Dec 2023 08:53:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 07:54:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Dec 2023 08:53:24 GMT
/
hal9000.redintelligence.net/scale/ Frame 5CDC 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=96583300048368004444556012529009&a=429de8bd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
3271b11460d9dfccfb1c4c9b819592b1f15492ff7876305668a6ca01e8f52e71

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 08:53:24 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
25830
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 5CDC 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=96583300048368004444556012529009&a=429de8bd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
4d678f9af176e0292e8352df4b3602be14f67de82def44b6f2e0491e7435c4e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 08:53:24 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
27706
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 5CDC 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=96583300048368004444556012529009&a=429de8bd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
9599861e9654c8fe1514fc4279f7b785e53cbcf4ee76acef18e237aadd432aba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 08:53:24 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16833
Vary
Accept-Encoding
Content-Type
image/png
sd
us-u.openx.net/w/1.0/ Frame F1C4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEB692UzCI4ZuT6Fqoh5A5pM&google_cver=1
43 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEB692UzCI4ZuT6Fqoh5A5pM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGP6N3_QBMAE&v=APEucNVxXyfYqIMP1lnG3-i-wjQsIcJ4A_jtZ59YcEFVr0uk701VjaKNLOAnVqE_JdKz7Ut1akTdrL7FG0ZsLMXJJhQX7VWe_bi5vjgR9GN9aEK2Y_rkUr2l8BSsjctI19DITmi_mcGTavHTJM5jAcFHR0FXX-FLzT5XzjKpPbUZRmdCrfFeydo
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEB692UzCI4ZuT6Fqoh5A5pM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame F1C4 		43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGP6N3_QBMAE&v=APEucNVxXyfYqIMP1lnG3-i-wjQsIcJ4A_jtZ59YcEFVr0uk701VjaKNLOAnVqE_JdKz7Ut1akTdrL7FG0ZsLMXJJhQX7VWe_bi5vjgR9GN9aEK2Y_rkUr2l8BSsjctI19DITmi_mcGTavHTJM5jAcFHR0FXX-FLzT5XzjKpPbUZRmdCrfFeydo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame F1C4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEMouwITdqLyOrtAIpCMUYVo&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEMouwITdqLyOrtAIpCMUYVo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGP6N3_QBMAE&v=APEucNVxXyfYqIMP1lnG3-i-wjQsIcJ4A_jtZ59YcEFVr0uk701VjaKNLOAnVqE_JdKz7Ut1akTdrL7FG0ZsLMXJJhQX7VWe_bi5vjgR9GN9aEK2Y_rkUr2l8BSsjctI19DITmi_mcGTavHTJM5jAcFHR0FXX-FLzT5XzjKpPbUZRmdCrfFeydo
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires
Tue, 05 Dec 2023 08:53:24 GMT
pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEMouwITdqLyOrtAIpCMUYVo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame F1C4 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGP6N3_QBMAE&v=APEucNVxXyfYqIMP1lnG3-i-wjQsIcJ4A_jtZ59YcEFVr0uk701VjaKNLOAnVqE_JdKz7Ut1akTdrL7FG0ZsLMXJJhQX7VWe_bi5vjgR9GN9aEK2Y_rkUr2l8BSsjctI19DITmi_mcGTavHTJM5jAcFHR0FXX-FLzT5XzjKpPbUZRmdCrfFeydo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires
Tue, 05 Dec 2023 08:53:24 GMT
pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
pvClk.min.js
analytics.webgains.io/ Frame F498 		53 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=36847600040911104444994012529007&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-70.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 12:36:09 GMT
content-encoding
gzip
via
1.1 374989d04bb9f7efef831637d8f4b234.cloudfront.net (CloudFront)
last-modified
Thu, 23 Nov 2023 16:26:10 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P2
age
73036
x-amz-server-side-encryption
AES256
etag
W/"1180a1bfee0aad979766ecd6180b923e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
YF6mB23HIsyXfSbzuXvIE4BGxFLKDmXtA0YED1kx5XVnt21RS05E-w==
1x1.gif
cdn.track.production.webgains.team/7121/ Frame F498 		85 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1701766704&Signature=F2U3lMPxZhpCY-87jBbmkr7hfdxzlyrkgglOEvk30pLRyPa8EZh4bpqmmdYldrRxyYKsTZqVBZ9m1PxcHnBUaPL8dN-irWaXIMUP~r-9FQWFH4VLCByuC7S-ptf7I-zuesed6b~1izQHbUtCTiwRFSqznKDiJ5mXsCjqKQ03BL5pbc01IBS4PRs-NmPHqT-eLdjvxPgTKNtA2wKHQ6gdbkamnRSDM1VfLX9T0vJ2s0ToXOYMGQWNGE2xSW4-ep-BBUfHVv4fmv9INBW3jNaHL73wOMw6rZROYnUR4MO-liTsLv-qttO-1sPnvR51xmGVsvJxY-2OdRdUNFISP2SvZQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403292&bpp=1&bdt=200&idt=347&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=348
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-65.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
null
date
Mon, 04 Dec 2023 14:20:46 GMT
via
1.1 e854bbca657208a759bb2d8d135f9d78.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P4
age
66758
etag
"70af33d70b6810475aae19743c8c435b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
85
x-amz-cf-id
oRDpqbfiegbiDsUBjKLadQOyN7PHVSC6YFf78dpVFD6QXsC8QWwLGA==
pvClk.min.js
analytics.webgains.io/ Frame BED4 		53 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=96583300048368004444556012529009&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-70.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 12:36:09 GMT
content-encoding
gzip
via
1.1 374989d04bb9f7efef831637d8f4b234.cloudfront.net (CloudFront)
last-modified
Thu, 23 Nov 2023 16:26:10 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P2
age
73036
x-amz-server-side-encryption
AES256
etag
W/"1180a1bfee0aad979766ecd6180b923e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
1a4ECftl9amG-2bkdMZMTSRwN17OTfDT1yQVK8MDpICLORC2QWgp-w==
1x1.png
cdn.track.production.webgains.team/7121/ Frame BED4 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1701766704&Signature=QoTS5g2bcv1trjAoGmcjkZKS5nyCsG0U-KmlzT7RbtW9QatvqROMXMQt6jEziVyxDzswaxohK-pg~I8GbfGOAYuM-0yDOz~EGEL5kAkS~CKWBnLy9XXta2MO2aidZMKeVIPUmu7s42DzUY2s7qjQnlCG~DCTqld8Kivmryvmf3~a7w8zYsxnYXCUve65WJTckGPqExrU~CqGmht8~ySe-azOBV3WHWVObPcVQmDQm59Xn7nJYXQxL2jolqmKUFq29unx3gQkOqaF~1-6NlVbj5shPcqj9ZJKC1llIU7OsM3biiW4ZQQYuHc4dCbPKn2-ApydYYvirc6CiNN3BxsSlg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403291&bpp=1&bdt=198&idt=335&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-65.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 02:43:34 GMT
x-amz-version-id
null
via
1.1 e854bbca657208a759bb2d8d135f9d78.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P4
age
22191
etag
"4e57de0506fbdb487ffcd53b450caee1"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2808
x-amz-cf-id
bvO_gGapqkNtUfzxCuu2G6EIyt3Elcao8S5NuBZTsEtT-R6oSvpRhg==
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9D6A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 05 Dec 2023 08:53:27 GMT
js
www.googletagmanager.com/gtag/ Frame C007 		274 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
471a358e7d25ae685d5161a0ede8c02718479e6b31b7fd91d8e2b324c579b6fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93078
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 05 Dec 2023 08:53:24 GMT
star_alliance.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 9D6A 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=J4FK7qRkCH&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:52:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2334
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 11:06:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 09:07:39 GMT
lh_logotype_single.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 9D6A 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=J4FK7qRkCH&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:40:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
775
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2151
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 08:55:29 GMT
lh_crane.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 9D6A 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=J4FK7qRkCH&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:41:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
685
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1311
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 08:56:59 GMT
NH_D_AP_Pavilion_728x90.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame 9D6A 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4703548/NH_D_AP_Pavilion_728x90.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82851291e24304ad72ba40c9e041610a7dbf8f7b2eff1255bfb49a6ec18133a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=J4FK7qRkCH&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:43:38 GMT
x-content-type-options
nosniff
age
586
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59292
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 17:03:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 08:58:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C771 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7169415829019&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C771 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7169415829019&version=m202309260101&ct=76&x=1&cor=6760921527256195000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame C771 		110 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DK09jNzP3pBz0QAex-lUgI9UEA-3FET-kJWEsxRRGJSSTsIAFVWd4DlG9P67dcltGPIybp7PovDt4mo5_K-J01HGdTQ0gG_bm_Ur7XoKJHYKRBIKZlBV6-6g42PAkvqabmvFXky2CiAff0kTkydv66vYvdzmQB8dEZCQdR0cMsU_RfoOc&dbm_d=AKAmf-AKoh78JMO5X5-ljHI_Pk1ypX9ioPT4M0HXFY9Bl68ZtgGa8q1u1HV1JV_TH5V5d_56KDs01r4FN8DmxbmlJEtsPd2ujLUTH578gZeXZ2xGImh6cUZh8oM2lxmWzFtSfMwQmEHJY0YdWwThGA2nqcMzf3t2r2xr6W59qsO214Cl67VZImN7wGNVcu1j7T-8L3HJDmz4qtEN8OXMMWO2Db3tGb9B2v7NSiQ5LxzheeGKDpGM-ZUQ6P2lrP0IQYdjGwg-Z1oyNvL03Z-V7v-qeOCr625FwsL_0ujm3HUE5S4hLuAdwChCKguOK-2iR7zy4OF0S0IfaZdGeZxlNA4j66Ms3Z4H5tqvaXw5Ax-ItnpaBH1LZjP3nX3TI01-mUyOp1rorHcvTxZVt4MnnlR_AZHJBtbqQ2UeNaPgpyLyfmxo5tTentdLicJvVfFeclXLuSWbLDIw38Cg3oaPSj6Ri7zHwZotgt6GL81-zRbT16u0heLGJfi2lkTk8R_eprLUZQXanQ6GWjbZzx0iSYmx1wf90kQjvG6W8Cs7eR42r09lmkUBWsvo1ltlli5F5lm6L0YXIRXhocII6ZMBovotQ2K-k_CoQPyCC_NDgxxAab4Arh7EhGQSuQChRqr6IG8mbKjzUpEFRvBaORMtoa0ghUNWuoV5ZtiDrv5cgvC-g12DBzRRriH04FzfGC-ew6bfH4y3EesQnKfsk9pbj5dcKPCyjlf7QpYJtjwmhthasJgViy1WnaxtpkVByYY3tcdGfB1VR8I4ZUiUbOu5JFLAeT9B-SISa8WSiGwRfq8TyaEJXqPL8ZIk4_PgxFzbwVcFVwx4faC5IBW6D7NWJljFfEybO41h57tjPjfQJgRapIF3X_zFsoNFXidtiRgOUqW3xolv__G4QuVBt3d7yZcOpHfJnkMU8XvkthHLIoeWufKLxx9lAfTWsglApoJ_xRhh8Qu9sVxEn4aCOzNop9HYqNuZvOzd3h61Ten9zeST_Hv6DKJCf5E_FOSA8ChCaXGffZbU0Z7ZKZRrT0DfnEMbJTQjQMjmgaAlCGw58o5L1SFQ-0eLrXY0lRJvyUXqXLSnGhcc8v3BtRnNrEc9PDNOQpM7MoWgIBW69R7tec1ZmfS7Xz4qVmL79pFSlF8ATDFpuHsTVlNXiY5XR52GOMCADHCSxvT_4ilGi1t7sIqbgs62elxxJWtCd60ue6f3Ni_W5jRZrrBSdYJdSX3ZGoFr7BRN0gXXLnKpMxouVL_CBaO3YcfZQxY237_r80mC539XGL8k4iilCEuqFrBYVSFBA5SwXT5EI0tvls8CY-_bmWiFjvtqI6CUTuuxq0JZnGhPuOaZe6xKc89yHlGBTeKe-X2ztXzoqV9yOzHZ5qqW2V1Y7crJ2SiO8W8rQDgzjhWLKTle8EvhbsnSoEo5pq_rCcKU_0SoBwGV-thvs8XIWHDtDuVrpkKfToqF1Do7G_tltmPz6dyW8pmpNYjZprAtahI7GKkY--m2ACERy_BCbCpdMSWFFn1XLIVdB0xFveCjx6WEXryFZkFYoZde6eahDlw6CoC8xddxiNlWCq4ftsE7EzSzblhlO6SqQTn3u-6U-k9U76XHPQJdnl9Y1KKCLnUTTd0VAt7RFIJBfES3tocKrhucb6zab3oUqsa3b6_VSqapK4wayoFMl3PaOHwFRJC-VpjjPKAfwdfpCbUkW9vIHKOEGE290z1P3hgtBgHuVRmzg-mMzsHevgrg-Vy5tP6d0vXs462yywIUOcCGQ0MfH657CbL40Arw5uMXurhwmB7s38ljGHIuTzKS9ZZlPLbVQQjgG7W8kKBA4bGtHSgsa2Y6rjIFN_y17jELYWVHejv2-yOse1JC17_2Q9R4Iwhhj5wS6X2fmjFzu_hMSMSPRuD1DBDyJNITHsIwSqvyT6Aqm7IkBPvw3GO9TuZTCc_xyQusQe_eDKfVVYL3Mf-cEpHfi30bbW3UI-Zbdq5TwCYqA9wDEITHpstoCcCQlrl4C0rpse0WDu2kamZEtdR7yto37-jwQboTbJzkVUH9RF9YrnHfDZjrMD_muYHvT7StqXpLyC34h2M13nLUzByYCvW7clsQriG18NndvCoNEqfAe8m8exZQkMBf2JlFNrvJs69gaBasbYGjUwQu0sCbh6f2ef8Lc-l4sYY-etQdwY8aYcEljOtRbPzgr547RCRnIOI59fe4YhzSKzh740l2nEf8th2LhDJ3WPcQA5rC0v_lo2-Luu46jTIZYm-u7ctGRtm5tJJlap_LiUkHdQn32cXTEt4OaSaFlPlhjikIJIpqmiqV-aMiYV3ULhSzO-ibMlRihYTUZrRVvIO6A_Y9WubEeVHfCsZtXPn2odcTcSjdyaun_ddF5AZlgKXwWqLwE4ZoTQ2BA2izvCe8iEUuKMuHSwe62jhLS6ZfOwf3vi5r9uBYPRPqwfS90XgxeCqwp-rFE4Fhmj3AIf-5dRk5bRzT3Hnu1ffxW1jrc1Aezh77AbQQh_7GGwEvbomEOxYrs0Od2vUGXNvqGXuKmx92tqOJGfcpB8Yi0UUGEoqh8-aLs_ytF6_d-8Gwq2I7tiiURlaP78gPRgdHHmYs4fBOl9rSHFri7zyidQP0Oc4OloAn_ajz2kqr9aMx8ebDTr9qIGaD4C2K1X041GxDRiho0AShajclDg9jTkfDRAWr-xUvN-d-d9IhSePOqSxoeGEVfZ1JYEfC-midNMbE9NjYlvj-lPjcmGXDOlGwA_MDLWnkhZBJeDTt63zk3PtH19rdQZUtYc--Ntz5TqSIrZpIf_WD4-h5Ys-jp7G4cQdDwnTKvt4y3dNDCUxITMA6734uDZq__Cbe5o9oO-pXNNr1kZqG7co9MwpC6SoVX2EGpoWsQ2uUpMTmK1Q2vPiIMfEjLHr66WC1RZ5JWhqFFM8k0YpC7ChEO4-7ewSl18g5KW2JUc354iERPxfT8aXkN9Ai-0dXnqZW_gT6_Dkq0pjlztAFM4wod_B1w0xYhJN5ysVfKcQMKwTtV24hrVxbRkNWEJp_qfwDM0wO8z9T-IA9GCunnoF0QaEgd2w02xvka1s-LmMPTt24xmK-fkTjGb88kMYN8jsRsu7cwsvOpcdNWllZfBDro4feXQMZD6H3qERWihz2kRR_U8Mon46Nq8lUwl7sma1ZaZwNe768bLX-DbKzh4ulH8wrSySsx0Yr8If9rRBG6zRKPPxb-cqrMImqphLz6wtvdzqNr1sLXCnNt0kRcuQzhEjVO-2-pcqGnUP8-FEFsSjfdQGot0kZ2gzT_8gSyG8Mwy0aDcNfwNALwbwL54gX2cCzfzNX6wA9hSaPSi0kMh9Xe7RwCxI9HmOzUG7km17GUGshkmZPguObmYl_Eiu8wek2kfV9dLeKc6uByd-yLTkhPmYWTryrlY-R7OUZBuMQUf1SgjLd9nxX5gdnVE4aD8ARJ0dn2o8KHO0r-fD4Z6KdV9jtxq57gY-XgZgXrBboqQWk8a6npRNGypSlo3Q7JxW4zh4IW87fV7ZJoTfY7RUDlEzWwmaH0HwSFv-amsJZ0lR4RvzyNe1oQbMYC6Ct5wxFW52Y5ZsAlv5QIUkR9JJBlyx_0ySw0craT3xif6T_Zi__8Kc2ybDXqh4aj9eUR27cLm3v_j-Uyh7M3H9oC001VdWtC9SI00OiCJh4W_AkUZQ8IgACGV7og9yfYeF197fG0hyYKGbZhEKPuAXN9fsk5Y8kAX3z-UG6Vh2tijM-6cMOBq5TwzZpuS378PW26iMG1U1U2pCRrrc4cEoUo2VFLpdBzFLhdR0NVH0irNVK0qoP9Dx-LS3YK5mWVqBRN7Vs9En2OxOV98CMskUDhGtb7cFZDnNSRePSceJ_mImou45_96j-VAugPJt6YqUPQov17PXEJCazUAzV0YD0sTIUkoWDeWHNL5umamkwUWfd2zr8RpuswkNHU5y_5hkKMFreQuxgRy-Ob1Ovw2Zp&cid=CAQSTgDICaaNTJNlkAUutW19NarzJNOKJdmFgjiMTYPwE75NgdlRQ9v3xOT1P0qCmo1oG4MWZ5WctLypqQKP0PTJwhxAcqL4mvk5SE8YZdrCHxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgeocult.ru%2F&ds=l&xdt=1&iif=1&cor=6760921527256195000&adk=1761367584&idt=76&cac=0&dtd=17
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
176fe1d31f02da4ed371825af61b52029d2bb696b580e74bc1b0c7a016227c24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=4347476252&adk=504672438&adf=3417920651&pi=t.ma~as.4347476252&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403292&bpp=1&bdt=200&idt=339&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=342
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42188
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame 9D6A 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=J4FK7qRkCH&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:43:55 GMT
x-content-type-options
nosniff
age
569
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51548
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 11:46:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 08:58:55 GMT
13190571059041383400
tpc.googlesyndication.com/simgad/ Frame 8959 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13190571059041383400?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnuuJXnnT94Qa_nq0AdC8NtFGzwaQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1252&idt=-M&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a00800835154d7b59f7e30db1a3575b0066dd81b1617fdef9a1a34284c81013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 05:24:45 GMT
x-content-type-options
nosniff
age
12519
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86609
x-xss-protection
0
last-modified
Sat, 11 Aug 2018 14:43:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 04 Dec 2024 05:24:45 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/ Frame 8959 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1252&idt=-M&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a7b1c8d19c1d74836d2aaaaaf1fb2bde2a42708f6d4bb4c9168d7609503fbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:02:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
39083
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9313
x-xss-protection
0
server
cafe
etag
8709779397046830652
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 22:02:01 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 8959 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1252&idt=-M&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:00:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
39177
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 22:00:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 8959 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1252&idt=-M&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:51:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8549
x-xss-protection
0
server
cafe
etag
755982428571291914
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 08:51:05 GMT
l
www.google.com/ads/measurement/ Frame 8959 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQhaIR3JJkn4fHzaVuqTZqBv4DDdWU03FrJukyRhWslnv761N3A8StC81bzNFX5OrWdGCIbm5o6cdg6u7nqLu2UN5PFnQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1252&idt=-M&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 8959 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1252&idt=-M&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65147
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701694399686299"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 08:53:24 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 8959 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1252&idt=-M&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f0661b34bdd99c850e7c1c3fb40188743848c2353682e600dc0fa009ced29f9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:21:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
45092
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14794
x-xss-protection
0
server
cafe
etag
15882346334465922746
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 20:21:52 GMT
viewability
hal90007.redintelligence.net/ Frame 6B76 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90007.redintelligence.net/viewability?s=36847600040911104444994012529007&a=d56d6464&vb=m
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=36847600040911104444994012529007&a=9f0734ff
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90007.redintelligence.net/request_content.php?s=36847600040911104444994012529007&a=9f0734ff
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 08:53:24 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
viewability
hal90009.redintelligence.net/ Frame 5CDC 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90009.redintelligence.net/viewability?s=96583300048368004444556012529009&a=36d926e2&vb=m
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=96583300048368004444556012529009&a=429de8bd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/request_content.php?s=96583300048368004444556012529009&a=429de8bd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Tue, 05 Dec 2023 08:53:24 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0627 		466 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWB9LgEEPPdwM0EGKXp5PoBMAE&v=APEucNU3i8gpnDmB9pbC06fDXBwNEPbPL0Qs8SCzZsBupizGGLGueL6G0-mTj8QfNbwpkpDTWXKp-TNlTeOwVbteGZq2fYZq33K8yoZyWkzk6PTU9m7nwdZjpynZxMW57IkhQ6WR46E__WX9_MPWiyGYhJAxekQX98XG0VNO0f0XMMqp-b6wBks
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1253&idt=0&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1253&idt=0&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=12
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 08:53:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame A8FB 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1253&idt=0&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 05 Dec 2023 08:53:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame A8FB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1253&idt=0&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:00:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
39177
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 22:00:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame A8FB 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1253&idt=0&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:51:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8549
x-xss-protection
0
server
cafe
etag
755982428571291914
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 08:51:05 GMT
l
www.google.com/ads/measurement/ Frame A8FB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRskljzvzkfgrOk7PG40QLTAOu1m7z8OjOyC-JQgYVOOg2w_ihGDnf2L2g3SH67zX6pRASr4v_ac1Wz6DbMfhaOc8tyLA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1253&idt=0&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame A8FB 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1253&idt=0&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65147
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701694399686299"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 08:53:24 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A8FB 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D7C3eErJ0UBjTpAVDa6gvFT0fDbx-lsiopNjs4u8wQyOl-xxwbRRL28oQXcTg2KovabgWub8ENMdMigGq_X4wcvt7-rkq8ytz0GYvB5fp1OmwrNxs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1253&idt=0&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame FAE3 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1252&idt=-M&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1252&idt=-M&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=10
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2944
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 08:04:20 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame FC13 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1252&idt=-M&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
59714
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 16:18:10 GMT
etag
48472445140208031
expires
Tue, 05 Dec 2023 16:18:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ Frame 372F 		274 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6f880f901353179e9f589ff59a59e0e4db493b841cc41fdbf01fe0dfb027e572
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93139
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 05 Dec 2023 08:53:24 GMT
dc_pre=CMrSs_D194IDFaHHOwIdYT4Fyw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1320501837867.7158
adservice.google.com/ddm/fls/z/ Frame 2484 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CMrSs_D194IDFaHHOwIdYT4Fyw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1320501837867.7158
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMrSs_D194IDFaHHOwIdYT4Fyw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1320501837867.7158?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CK_es_D194IDFePMOwIdchgETw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7421131836471.022
adservice.google.com/ddm/fls/z/ Frame A9FE 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CK_es_D194IDFePMOwIdchgETw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7421131836471.022
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CK_es_D194IDFePMOwIdchgETw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7421131836471.022?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 6B76 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90007.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 14:41:12 GMT
x-content-type-options
nosniff
age
65532
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Dec 2024 14:41:12 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 6B76 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90007.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 15:10:56 GMT
x-content-type-options
nosniff
age
63748
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Dec 2024 15:10:56 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 5CDC 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90009.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 14:41:12 GMT
x-content-type-options
nosniff
age
65532
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Dec 2024 14:41:12 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 5CDC 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90009.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 15:10:56 GMT
x-content-type-options
nosniff
age
63748
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Dec 2024 15:10:56 GMT
partner
sync.search.spotxchange.com/ Frame 0627
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEMdnyjz5eCUkrGg3c1D_5zg&google_cver=1
0
0
partner
sync.search.spotxchange.com/ Frame 0627 		0
0
sync
ups.analytics.yahoo.com/ups/58269/ Frame 0627 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWB9LgEEPPdwM0EGKXp5PoBMAE&v=APEucNU3i8gpnDmB9pbC06fDXBwNEPbPL0Qs8SCzZsBupizGGLGueL6G0-mTj8QfNbwpkpDTWXKp-TNlTeOwVbteGZq2fYZq33K8yoZyWkzk6PTU9m7nwdZjpynZxMW57IkhQ6WR46E__WX9_MPWiyGYhJAxekQX98XG0VNO0f0XMMqp-b6wBks
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:25 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
truncated
/ Frame 8959 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2cc58310f0b259e6a2c717bf7cf7fabe7f4bd201119e1d8459ec36c35e4a9ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
skeleton.js
fw.adsafeprotected.com/rjss/st/1627455/73523879/ Frame C771 		255 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1627455/73523879/skeleton.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-2920555573584698&ias_chanId=1&ias_placementId=20492283353&bidurl=https://geocult.ru/&ias_dealId=&xsId=ABAjH0gT1oJPmccVRksN9eHKNF7Q&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0gT1oJPmccVRksN9eHKNF7Q
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.129.52.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-129-52-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
642fc615b2ac4436ef8cc0c9ea9a9add160737e96cca1608118e6ba8acf1539d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:25 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame C771 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46919
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 19:51:26 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/ Frame C771 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DK09jNzP3pBz0QAex-lUgI9UEA-3FET-kJWEsxRRGJSSTsIAFVWd4DlG9P67dcltGPIybp7PovDt4mo5_K-J01HGdTQ0gG_bm_Ur7XoKJHYKRBIKZlBV6-6g42PAkvqabmvFXky2CiAff0kTkydv66vYvdzmQB8dEZCQdR0cMsU_RfoOc&dbm_d=AKAmf-AKoh78JMO5X5-ljHI_Pk1ypX9ioPT4M0HXFY9Bl68ZtgGa8q1u1HV1JV_TH5V5d_56KDs01r4FN8DmxbmlJEtsPd2ujLUTH578gZeXZ2xGImh6cUZh8oM2lxmWzFtSfMwQmEHJY0YdWwThGA2nqcMzf3t2r2xr6W59qsO214Cl67VZImN7wGNVcu1j7T-8L3HJDmz4qtEN8OXMMWO2Db3tGb9B2v7NSiQ5LxzheeGKDpGM-ZUQ6P2lrP0IQYdjGwg-Z1oyNvL03Z-V7v-qeOCr625FwsL_0ujm3HUE5S4hLuAdwChCKguOK-2iR7zy4OF0S0IfaZdGeZxlNA4j66Ms3Z4H5tqvaXw5Ax-ItnpaBH1LZjP3nX3TI01-mUyOp1rorHcvTxZVt4MnnlR_AZHJBtbqQ2UeNaPgpyLyfmxo5tTentdLicJvVfFeclXLuSWbLDIw38Cg3oaPSj6Ri7zHwZotgt6GL81-zRbT16u0heLGJfi2lkTk8R_eprLUZQXanQ6GWjbZzx0iSYmx1wf90kQjvG6W8Cs7eR42r09lmkUBWsvo1ltlli5F5lm6L0YXIRXhocII6ZMBovotQ2K-k_CoQPyCC_NDgxxAab4Arh7EhGQSuQChRqr6IG8mbKjzUpEFRvBaORMtoa0ghUNWuoV5ZtiDrv5cgvC-g12DBzRRriH04FzfGC-ew6bfH4y3EesQnKfsk9pbj5dcKPCyjlf7QpYJtjwmhthasJgViy1WnaxtpkVByYY3tcdGfB1VR8I4ZUiUbOu5JFLAeT9B-SISa8WSiGwRfq8TyaEJXqPL8ZIk4_PgxFzbwVcFVwx4faC5IBW6D7NWJljFfEybO41h57tjPjfQJgRapIF3X_zFsoNFXidtiRgOUqW3xolv__G4QuVBt3d7yZcOpHfJnkMU8XvkthHLIoeWufKLxx9lAfTWsglApoJ_xRhh8Qu9sVxEn4aCOzNop9HYqNuZvOzd3h61Ten9zeST_Hv6DKJCf5E_FOSA8ChCaXGffZbU0Z7ZKZRrT0DfnEMbJTQjQMjmgaAlCGw58o5L1SFQ-0eLrXY0lRJvyUXqXLSnGhcc8v3BtRnNrEc9PDNOQpM7MoWgIBW69R7tec1ZmfS7Xz4qVmL79pFSlF8ATDFpuHsTVlNXiY5XR52GOMCADHCSxvT_4ilGi1t7sIqbgs62elxxJWtCd60ue6f3Ni_W5jRZrrBSdYJdSX3ZGoFr7BRN0gXXLnKpMxouVL_CBaO3YcfZQxY237_r80mC539XGL8k4iilCEuqFrBYVSFBA5SwXT5EI0tvls8CY-_bmWiFjvtqI6CUTuuxq0JZnGhPuOaZe6xKc89yHlGBTeKe-X2ztXzoqV9yOzHZ5qqW2V1Y7crJ2SiO8W8rQDgzjhWLKTle8EvhbsnSoEo5pq_rCcKU_0SoBwGV-thvs8XIWHDtDuVrpkKfToqF1Do7G_tltmPz6dyW8pmpNYjZprAtahI7GKkY--m2ACERy_BCbCpdMSWFFn1XLIVdB0xFveCjx6WEXryFZkFYoZde6eahDlw6CoC8xddxiNlWCq4ftsE7EzSzblhlO6SqQTn3u-6U-k9U76XHPQJdnl9Y1KKCLnUTTd0VAt7RFIJBfES3tocKrhucb6zab3oUqsa3b6_VSqapK4wayoFMl3PaOHwFRJC-VpjjPKAfwdfpCbUkW9vIHKOEGE290z1P3hgtBgHuVRmzg-mMzsHevgrg-Vy5tP6d0vXs462yywIUOcCGQ0MfH657CbL40Arw5uMXurhwmB7s38ljGHIuTzKS9ZZlPLbVQQjgG7W8kKBA4bGtHSgsa2Y6rjIFN_y17jELYWVHejv2-yOse1JC17_2Q9R4Iwhhj5wS6X2fmjFzu_hMSMSPRuD1DBDyJNITHsIwSqvyT6Aqm7IkBPvw3GO9TuZTCc_xyQusQe_eDKfVVYL3Mf-cEpHfi30bbW3UI-Zbdq5TwCYqA9wDEITHpstoCcCQlrl4C0rpse0WDu2kamZEtdR7yto37-jwQboTbJzkVUH9RF9YrnHfDZjrMD_muYHvT7StqXpLyC34h2M13nLUzByYCvW7clsQriG18NndvCoNEqfAe8m8exZQkMBf2JlFNrvJs69gaBasbYGjUwQu0sCbh6f2ef8Lc-l4sYY-etQdwY8aYcEljOtRbPzgr547RCRnIOI59fe4YhzSKzh740l2nEf8th2LhDJ3WPcQA5rC0v_lo2-Luu46jTIZYm-u7ctGRtm5tJJlap_LiUkHdQn32cXTEt4OaSaFlPlhjikIJIpqmiqV-aMiYV3ULhSzO-ibMlRihYTUZrRVvIO6A_Y9WubEeVHfCsZtXPn2odcTcSjdyaun_ddF5AZlgKXwWqLwE4ZoTQ2BA2izvCe8iEUuKMuHSwe62jhLS6ZfOwf3vi5r9uBYPRPqwfS90XgxeCqwp-rFE4Fhmj3AIf-5dRk5bRzT3Hnu1ffxW1jrc1Aezh77AbQQh_7GGwEvbomEOxYrs0Od2vUGXNvqGXuKmx92tqOJGfcpB8Yi0UUGEoqh8-aLs_ytF6_d-8Gwq2I7tiiURlaP78gPRgdHHmYs4fBOl9rSHFri7zyidQP0Oc4OloAn_ajz2kqr9aMx8ebDTr9qIGaD4C2K1X041GxDRiho0AShajclDg9jTkfDRAWr-xUvN-d-d9IhSePOqSxoeGEVfZ1JYEfC-midNMbE9NjYlvj-lPjcmGXDOlGwA_MDLWnkhZBJeDTt63zk3PtH19rdQZUtYc--Ntz5TqSIrZpIf_WD4-h5Ys-jp7G4cQdDwnTKvt4y3dNDCUxITMA6734uDZq__Cbe5o9oO-pXNNr1kZqG7co9MwpC6SoVX2EGpoWsQ2uUpMTmK1Q2vPiIMfEjLHr66WC1RZ5JWhqFFM8k0YpC7ChEO4-7ewSl18g5KW2JUc354iERPxfT8aXkN9Ai-0dXnqZW_gT6_Dkq0pjlztAFM4wod_B1w0xYhJN5ysVfKcQMKwTtV24hrVxbRkNWEJp_qfwDM0wO8z9T-IA9GCunnoF0QaEgd2w02xvka1s-LmMPTt24xmK-fkTjGb88kMYN8jsRsu7cwsvOpcdNWllZfBDro4feXQMZD6H3qERWihz2kRR_U8Mon46Nq8lUwl7sma1ZaZwNe768bLX-DbKzh4ulH8wrSySsx0Yr8If9rRBG6zRKPPxb-cqrMImqphLz6wtvdzqNr1sLXCnNt0kRcuQzhEjVO-2-pcqGnUP8-FEFsSjfdQGot0kZ2gzT_8gSyG8Mwy0aDcNfwNALwbwL54gX2cCzfzNX6wA9hSaPSi0kMh9Xe7RwCxI9HmOzUG7km17GUGshkmZPguObmYl_Eiu8wek2kfV9dLeKc6uByd-yLTkhPmYWTryrlY-R7OUZBuMQUf1SgjLd9nxX5gdnVE4aD8ARJ0dn2o8KHO0r-fD4Z6KdV9jtxq57gY-XgZgXrBboqQWk8a6npRNGypSlo3Q7JxW4zh4IW87fV7ZJoTfY7RUDlEzWwmaH0HwSFv-amsJZ0lR4RvzyNe1oQbMYC6Ct5wxFW52Y5ZsAlv5QIUkR9JJBlyx_0ySw0craT3xif6T_Zi__8Kc2ybDXqh4aj9eUR27cLm3v_j-Uyh7M3H9oC001VdWtC9SI00OiCJh4W_AkUZQ8IgACGV7og9yfYeF197fG0hyYKGbZhEKPuAXN9fsk5Y8kAX3z-UG6Vh2tijM-6cMOBq5TwzZpuS378PW26iMG1U1U2pCRrrc4cEoUo2VFLpdBzFLhdR0NVH0irNVK0qoP9Dx-LS3YK5mWVqBRN7Vs9En2OxOV98CMskUDhGtb7cFZDnNSRePSceJ_mImou45_96j-VAugPJt6YqUPQov17PXEJCazUAzV0YD0sTIUkoWDeWHNL5umamkwUWfd2zr8RpuswkNHU5y_5hkKMFreQuxgRy-Ob1Ovw2Zp&cid=CAQSTgDICaaNTJNlkAUutW19NarzJNOKJdmFgjiMTYPwE75NgdlRQ9v3xOT1P0qCmo1oG4MWZ5WctLypqQKP0PTJwhxAcqL4mvk5SE8YZdrCHxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgeocult.ru%2F&ds=l&xdt=1&iif=1&cor=6760921527256195000&adk=1761367584&idt=76&cac=0&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:05:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
49693
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 19:05:12 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/ Frame C771 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DK09jNzP3pBz0QAex-lUgI9UEA-3FET-kJWEsxRRGJSSTsIAFVWd4DlG9P67dcltGPIybp7PovDt4mo5_K-J01HGdTQ0gG_bm_Ur7XoKJHYKRBIKZlBV6-6g42PAkvqabmvFXky2CiAff0kTkydv66vYvdzmQB8dEZCQdR0cMsU_RfoOc&dbm_d=AKAmf-AKoh78JMO5X5-ljHI_Pk1ypX9ioPT4M0HXFY9Bl68ZtgGa8q1u1HV1JV_TH5V5d_56KDs01r4FN8DmxbmlJEtsPd2ujLUTH578gZeXZ2xGImh6cUZh8oM2lxmWzFtSfMwQmEHJY0YdWwThGA2nqcMzf3t2r2xr6W59qsO214Cl67VZImN7wGNVcu1j7T-8L3HJDmz4qtEN8OXMMWO2Db3tGb9B2v7NSiQ5LxzheeGKDpGM-ZUQ6P2lrP0IQYdjGwg-Z1oyNvL03Z-V7v-qeOCr625FwsL_0ujm3HUE5S4hLuAdwChCKguOK-2iR7zy4OF0S0IfaZdGeZxlNA4j66Ms3Z4H5tqvaXw5Ax-ItnpaBH1LZjP3nX3TI01-mUyOp1rorHcvTxZVt4MnnlR_AZHJBtbqQ2UeNaPgpyLyfmxo5tTentdLicJvVfFeclXLuSWbLDIw38Cg3oaPSj6Ri7zHwZotgt6GL81-zRbT16u0heLGJfi2lkTk8R_eprLUZQXanQ6GWjbZzx0iSYmx1wf90kQjvG6W8Cs7eR42r09lmkUBWsvo1ltlli5F5lm6L0YXIRXhocII6ZMBovotQ2K-k_CoQPyCC_NDgxxAab4Arh7EhGQSuQChRqr6IG8mbKjzUpEFRvBaORMtoa0ghUNWuoV5ZtiDrv5cgvC-g12DBzRRriH04FzfGC-ew6bfH4y3EesQnKfsk9pbj5dcKPCyjlf7QpYJtjwmhthasJgViy1WnaxtpkVByYY3tcdGfB1VR8I4ZUiUbOu5JFLAeT9B-SISa8WSiGwRfq8TyaEJXqPL8ZIk4_PgxFzbwVcFVwx4faC5IBW6D7NWJljFfEybO41h57tjPjfQJgRapIF3X_zFsoNFXidtiRgOUqW3xolv__G4QuVBt3d7yZcOpHfJnkMU8XvkthHLIoeWufKLxx9lAfTWsglApoJ_xRhh8Qu9sVxEn4aCOzNop9HYqNuZvOzd3h61Ten9zeST_Hv6DKJCf5E_FOSA8ChCaXGffZbU0Z7ZKZRrT0DfnEMbJTQjQMjmgaAlCGw58o5L1SFQ-0eLrXY0lRJvyUXqXLSnGhcc8v3BtRnNrEc9PDNOQpM7MoWgIBW69R7tec1ZmfS7Xz4qVmL79pFSlF8ATDFpuHsTVlNXiY5XR52GOMCADHCSxvT_4ilGi1t7sIqbgs62elxxJWtCd60ue6f3Ni_W5jRZrrBSdYJdSX3ZGoFr7BRN0gXXLnKpMxouVL_CBaO3YcfZQxY237_r80mC539XGL8k4iilCEuqFrBYVSFBA5SwXT5EI0tvls8CY-_bmWiFjvtqI6CUTuuxq0JZnGhPuOaZe6xKc89yHlGBTeKe-X2ztXzoqV9yOzHZ5qqW2V1Y7crJ2SiO8W8rQDgzjhWLKTle8EvhbsnSoEo5pq_rCcKU_0SoBwGV-thvs8XIWHDtDuVrpkKfToqF1Do7G_tltmPz6dyW8pmpNYjZprAtahI7GKkY--m2ACERy_BCbCpdMSWFFn1XLIVdB0xFveCjx6WEXryFZkFYoZde6eahDlw6CoC8xddxiNlWCq4ftsE7EzSzblhlO6SqQTn3u-6U-k9U76XHPQJdnl9Y1KKCLnUTTd0VAt7RFIJBfES3tocKrhucb6zab3oUqsa3b6_VSqapK4wayoFMl3PaOHwFRJC-VpjjPKAfwdfpCbUkW9vIHKOEGE290z1P3hgtBgHuVRmzg-mMzsHevgrg-Vy5tP6d0vXs462yywIUOcCGQ0MfH657CbL40Arw5uMXurhwmB7s38ljGHIuTzKS9ZZlPLbVQQjgG7W8kKBA4bGtHSgsa2Y6rjIFN_y17jELYWVHejv2-yOse1JC17_2Q9R4Iwhhj5wS6X2fmjFzu_hMSMSPRuD1DBDyJNITHsIwSqvyT6Aqm7IkBPvw3GO9TuZTCc_xyQusQe_eDKfVVYL3Mf-cEpHfi30bbW3UI-Zbdq5TwCYqA9wDEITHpstoCcCQlrl4C0rpse0WDu2kamZEtdR7yto37-jwQboTbJzkVUH9RF9YrnHfDZjrMD_muYHvT7StqXpLyC34h2M13nLUzByYCvW7clsQriG18NndvCoNEqfAe8m8exZQkMBf2JlFNrvJs69gaBasbYGjUwQu0sCbh6f2ef8Lc-l4sYY-etQdwY8aYcEljOtRbPzgr547RCRnIOI59fe4YhzSKzh740l2nEf8th2LhDJ3WPcQA5rC0v_lo2-Luu46jTIZYm-u7ctGRtm5tJJlap_LiUkHdQn32cXTEt4OaSaFlPlhjikIJIpqmiqV-aMiYV3ULhSzO-ibMlRihYTUZrRVvIO6A_Y9WubEeVHfCsZtXPn2odcTcSjdyaun_ddF5AZlgKXwWqLwE4ZoTQ2BA2izvCe8iEUuKMuHSwe62jhLS6ZfOwf3vi5r9uBYPRPqwfS90XgxeCqwp-rFE4Fhmj3AIf-5dRk5bRzT3Hnu1ffxW1jrc1Aezh77AbQQh_7GGwEvbomEOxYrs0Od2vUGXNvqGXuKmx92tqOJGfcpB8Yi0UUGEoqh8-aLs_ytF6_d-8Gwq2I7tiiURlaP78gPRgdHHmYs4fBOl9rSHFri7zyidQP0Oc4OloAn_ajz2kqr9aMx8ebDTr9qIGaD4C2K1X041GxDRiho0AShajclDg9jTkfDRAWr-xUvN-d-d9IhSePOqSxoeGEVfZ1JYEfC-midNMbE9NjYlvj-lPjcmGXDOlGwA_MDLWnkhZBJeDTt63zk3PtH19rdQZUtYc--Ntz5TqSIrZpIf_WD4-h5Ys-jp7G4cQdDwnTKvt4y3dNDCUxITMA6734uDZq__Cbe5o9oO-pXNNr1kZqG7co9MwpC6SoVX2EGpoWsQ2uUpMTmK1Q2vPiIMfEjLHr66WC1RZ5JWhqFFM8k0YpC7ChEO4-7ewSl18g5KW2JUc354iERPxfT8aXkN9Ai-0dXnqZW_gT6_Dkq0pjlztAFM4wod_B1w0xYhJN5ysVfKcQMKwTtV24hrVxbRkNWEJp_qfwDM0wO8z9T-IA9GCunnoF0QaEgd2w02xvka1s-LmMPTt24xmK-fkTjGb88kMYN8jsRsu7cwsvOpcdNWllZfBDro4feXQMZD6H3qERWihz2kRR_U8Mon46Nq8lUwl7sma1ZaZwNe768bLX-DbKzh4ulH8wrSySsx0Yr8If9rRBG6zRKPPxb-cqrMImqphLz6wtvdzqNr1sLXCnNt0kRcuQzhEjVO-2-pcqGnUP8-FEFsSjfdQGot0kZ2gzT_8gSyG8Mwy0aDcNfwNALwbwL54gX2cCzfzNX6wA9hSaPSi0kMh9Xe7RwCxI9HmOzUG7km17GUGshkmZPguObmYl_Eiu8wek2kfV9dLeKc6uByd-yLTkhPmYWTryrlY-R7OUZBuMQUf1SgjLd9nxX5gdnVE4aD8ARJ0dn2o8KHO0r-fD4Z6KdV9jtxq57gY-XgZgXrBboqQWk8a6npRNGypSlo3Q7JxW4zh4IW87fV7ZJoTfY7RUDlEzWwmaH0HwSFv-amsJZ0lR4RvzyNe1oQbMYC6Ct5wxFW52Y5ZsAlv5QIUkR9JJBlyx_0ySw0craT3xif6T_Zi__8Kc2ybDXqh4aj9eUR27cLm3v_j-Uyh7M3H9oC001VdWtC9SI00OiCJh4W_AkUZQ8IgACGV7og9yfYeF197fG0hyYKGbZhEKPuAXN9fsk5Y8kAX3z-UG6Vh2tijM-6cMOBq5TwzZpuS378PW26iMG1U1U2pCRrrc4cEoUo2VFLpdBzFLhdR0NVH0irNVK0qoP9Dx-LS3YK5mWVqBRN7Vs9En2OxOV98CMskUDhGtb7cFZDnNSRePSceJ_mImou45_96j-VAugPJt6YqUPQov17PXEJCazUAzV0YD0sTIUkoWDeWHNL5umamkwUWfd2zr8RpuswkNHU5y_5hkKMFreQuxgRy-Ob1Ovw2Zp&cid=CAQSTgDICaaNTJNlkAUutW19NarzJNOKJdmFgjiMTYPwE75NgdlRQ9v3xOT1P0qCmo1oG4MWZ5WctLypqQKP0PTJwhxAcqL4mvk5SE8YZdrCHxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgeocult.ru%2F&ds=l&xdt=1&iif=1&cor=6760921527256195000&adk=1761367584&idt=76&cac=0&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f84f4f65c00630a8dd0f354e652293a2cf51e95722f447fb2ea869bbbe664446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 12:07:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
74745
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11937
x-xss-protection
0
server
cafe
etag
9249472389583843189
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 12:07:40 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame C771 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
312497
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 18:05:08 GMT
truncated
/ Frame C771 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2fa71256e681e5a3ffe42dfbd6e14e8bd9dfdf39838a066ae68f2a04fc354968

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame FC13
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESELJowJuPQVYjvRADzT9qSBs&google_cver=1&google_push=AXcoOmSM5JK7PAvA196ooEBs8umd2C7eevQ7YkqWnEVQ80sWWgClXxQT1dbr5Ujr9wTxf_yG9zZK2A8WggMTJk0oegRgtOXJq6eV6...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjU3MTkyMzQyODU2MzAyNjYyOA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELJowJuPQVYjvRADzT9qSBs&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELJowJuPQVYjvRADzT9qSBs&google_cver=1
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 05 Dec 2023 08:53:25 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELJowJuPQVYjvRADzT9qSBs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FC13
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEFREKmfEc-1f9QxyS25lWa4&google_cver=1&google_push=AXcoOmSVKxh6PggBywkEGdmlQbA9kC_QbOE0F7i7NSgJY03oIrEQTMPRdSBoPI7UZ4cHZoVNrjYEL5_GRsI7KRxJdZDJHP5Nhu25iP...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1BC62361594B4059907D01902A9704C4&google_push=AXcoOmSVKxh6PggBywkEGdmlQbA9kC_QbOE0F7i7NSgJY03oIrEQTMPRdSBoPI7UZ4cHZoVNrjYEL5_GRsI7KRx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1BC62361594B4059907D01902A9704C4&google_push=AXcoOmSVKxh6PggBywkEGdmlQbA9kC_QbOE0F7i7NSgJY03oIrEQTMPRdSBoPI7UZ4cHZoVNrjYEL5_GRsI7KRxJdZDJHP5Nhu25iPNqKuRHNaIOu1SFvqWENxMDswqQuI0N4U-dkOUuMVLbO8nCdSWkb20aBf0
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 05 Dec 2023 08:53:25 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1BC62361594B4059907D01902A9704C4&google_push=AXcoOmSVKxh6PggBywkEGdmlQbA9kC_QbOE0F7i7NSgJY03oIrEQTMPRdSBoPI7UZ4cHZoVNrjYEL5_GRsI7KRxJdZDJHP5Nhu25iPNqKuRHNaIOu1SFvqWENxMDswqQuI0N4U-dkOUuMVLbO8nCdSWkb20aBf0
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 04 Dec 2023 08:53:25 GMT
google
match.adsrvr.org/track/cmf/ Frame FC13 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFyEjFtHojZ84B9zH_9Iu4s&google_cver=1&google_push=AXcoOmS4cc0PF6w62rxUd6sL01Asc5f7FJK_Z0t55Jni8D6LW99pmwtOrpMDnwZX1zAqiBDbfUQQuK1a33aU_Ey8yZORTsoMeyCzfzeNxX_akM9YXun4o6JpU_NKpwPPT7UnbZV9wRgUotYfqZsnXwXBD-h-n08
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1252&idt=-M&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:25 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame FC13
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHn8eINBaHc8k85nnVDfz7M&google_cver=1&google_push=AXcoOmT_rinBkE0F_pUrKAwTM3vg9eO1iZWrghFkNEECQFAqE2fqz7-62iUUKIT56fwbHykyYKrJeAid4D_cC1Wozzna4kn...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmT_rinBkE0F_pUrKAwTM3vg9eO1iZWrghFkNEECQFAqE2fqz7-62iUUKIT56fwbHykyYKrJeAid4D_cC1Wozzna4kn9jx_3XFeRNZb_m8m1-cYaEXoABWnWGrFzUWtJr...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmT_rinBkE0F_pUrKAwTM3vg9eO1iZWrghFkNEECQFAqE2fqz7-62iUUKIT56fwbHykyYKrJeAid4D_cC1Wozzna4kn9jx_3XFeRNZb_m8m1-cYaEXoABWnWGrFzUWtJrwq7bIp4Md3Y7Qmrv5K3Yd_iInI&google_hm=eS1qcGp3N2doRTJwRVVaaHFDb25uVDE5cjFUeERKcEY3VH5B
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 05 Dec 2023 08:53:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmT_rinBkE0F_pUrKAwTM3vg9eO1iZWrghFkNEECQFAqE2fqz7-62iUUKIT56fwbHykyYKrJeAid4D_cC1Wozzna4kn9jx_3XFeRNZb_m8m1-cYaEXoABWnWGrFzUWtJrwq7bIp4Md3Y7Qmrv5K3Yd_iInI&google_hm=eS1qcGp3N2doRTJwRVVaaHFDb25uVDE5cjFUeERKcEY3VH5B
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame FC13 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQdElaTv4u3WDQrIpe7DWEwo4_2y8s15vTA7INh1_CPgE5eFETaTPBZ2PjLlzWyHH59tRnmWDoGPCxl7AbNWv5qY5SuhaQ0HQw5FxBIsi1_49L1lY9AOdpUK7ETjJ3PnTUlXenL30YtYD5X0rMl9U80WXk&google_gid=CAESEOJkB_FqkekRi0mcZVRXico&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1252&idt=-M&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
188854
expires
Tue, 05 Dec 2023 00:00:00 GMT
trk
ag.innovid.com/ Frame FC13 		43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESELsuc53CNsGQG17dxaEr7sI&google_cver=1&google_push=AXcoOmRsWM62ZVmRXK0Ka94I5I7z1eEyi5FkdwJqoD2ZRHKZhl5FpNUzBFYxUOSCAZ0jr2sCjIxq6VgT-AJeAd2QSbPX5RBSPePBLdRcWXMFWv-Vqbs7JxWlTKfBeCej_Z2crNe_x54swapiGC59Fm0SnFB_urE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1252&idt=-M&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8101:1f18:2983:dac6:b09 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 05 Dec 2023 08:53:25 GMT
cache-control
no-cache
content-length
43
request-time
1
expires
-1
pixel
cm.g.doubleclick.net/ Frame FC13
Redirect Chain
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEE_Ai0JIXXQh2Z3Clvmx8Os&google_cver=1&google_push=AXcoOmQ1ii2-I2Dlw8Yz65Jqb_bT6bzDHO4c-p8Qa8RgR_RQKE-JEltGJJ1jaeyOC5...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQ1ii2-I2Dlw8Yz65Jqb_bT6bzDHO4c-p8Qa8RgR_RQKE-JEltGJJ1jaeyOC5d6jAQyk3N74po6cjr726OJMRVnxolFlNBMA2Qx8Dyu4yVtgr...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQ1ii2-I2Dlw8Yz65Jqb_bT6bzDHO4c-p8Qa8RgR_RQKE-JEltGJJ1jaeyOC5d6jAQyk3N74po6cjr726OJMRVnxolFlNBMA2Qx8Dyu4yVtgrKQQDMxAneVyrUPVqncH59ff-iGejaA9rDOFlbY7bBbmlqW&google_hm=j4vxivQxR2ed-jvn68QG4QQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1252&idt=-M&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=10
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQ1ii2-I2Dlw8Yz65Jqb_bT6bzDHO4c-p8Qa8RgR_RQKE-JEltGJJ1jaeyOC5d6jAQyk3N74po6cjr726OJMRVnxolFlNBMA2Qx8Dyu4yVtgrKQQDMxAneVyrUPVqncH59ff-iGejaA9rDOFlbY7bBbmlqW&google_hm=j4vxivQxR2ed-jvn68QG4QQ
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame FC13 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KFEsm21KRE3udFjzPsByC5GGs4shjT4j1ELdKWJxOX81uPpwr7KrL7vVSameWKvHpSjVCY7A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1252&idt=-M&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:25 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame FAE3
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1252&idt=-M&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 08:53:25 GMT
expires
Tue, 05 Dec 2023 08:53:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 08:53:25 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame A8FB 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=10905600317&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A8FB 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=10905600317&version=m202309260101&ct=119&x=1&cor=13486007983855550000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame A8FB 		89 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CMOG6cG5kVMw4mJKWO6jbleqZOi9VF5SoTDldpnyjCFfiWWVO9piT2a9e7bIEi2OFf8_nYjNHLdmcMwWyu3_bso0cPLdI6PEZA1oR0fW7uix2YRHrQzXqOwPExq3je-WDzCbRaTgTgBHnTTFkF_Iqw7RN8vgAhNHhKYuQHI_maFJxUzHvfsKGEJ63PzNAvIMh146e6&cry=1&dbm_d=AKAmf-DcDbqvtD_yAlPfQ9gc607nzhUgwC4jC8IFE7YjRqXArjbLuEQjl2q-2LkXsNedDJkUc_z_ydomjHz7WN3bfVkEXGE3oqLO9vqocE8vLqAV-jFULsNTTewi1bQqplHh2zrMvLKRG7fe7qkh7rHMbOj98kWhlAdfUFwL8Q7epWGyOqVKflYdyGYLx233lJZoPKIBGSi6J1HpzKK9UJmsJx7D0xWsyZiHDEvSpqwludqB4sVj-Ix6vc924ysJyFGVZahyWK_GTrPMWL7B7hwYvu1pxPYiMKZn4IhG5fyQorFG02Cvn7gulNtpziHbZAUasonONIdbJbfTDFN-ExUHqDtd7lQln-s1FvhbkP6mAYM6dCCR344tUTqEBrLxtJjQ1QnL9Fu1UPFDumXj-XCRmfaWItANMLd7M-i_WMgJQ0RN_dyQSGYZUjFZWOMaD29QaarLc9qWkX5uHznjOIRtv9sWsBe7VqHp7VBRg60KlBBaruNWdZNORVLjfxIO1OonMCbXgxlA-MyXew_wOGNOniWX6gUTXKeUjQRPCxhOkYLogQbRjR5gf8VVeDj6GSRvUtq-CNQGfqCfCZpub4FPv9OZLsho75iwkGEcymYBNUjHRx2OJrlLT5NGDuklS4IvwfVuDYlVrxOxuY9cbMqTytmwF7op_wT-3iKZ1PPqqvpk2_oArOJkCmZjuTqXCiP1xI_K6dZ8m_rfp0cCtOHeyOD8VNiTgVhf2Kz4ODKvZ6FuRqZsu1gKllk2KyJd2hAq-7poE0DFJZxi81yd26D75FBSaljjtWufEOil89AdZQ16tSgWzTZYgmd75t4qRIQgB_SKVIaQao1nlVMZ0mD6COdl45hN4HKJR9pMwfejwoLm8CN4bTMxjZtRB0gmmj6EM25aftgtGnCOtiGPPRjwA5na5nH3P6BjDd-pQx7pljKM1LPZIAZ3raMSXElFDQrMdg8OLBq_0e7ykS51gV8TjfU734J-heDuhXcVKXjXKCAuTHx4N46VBRysSEKHiTlKxP_Sz5QaW7-kkYKvYoKML0qvBOkhCEsGC34bpXXoPptqFzBEq2RCN_08kVadJeEPdaveZXYijIp0h8kMizbiK5IsDyjAuDaaspFa1TwedprRM8FDoTJlcmGDjKbR8oiFM2d9Qn7TGGdftpAFNI8_Qi2uoi_SRFFDr6cbw-CUuX6WZBJdkdLLFnUQSNnilSS-YUlLOOHn8wKGQ1Hz4s2P1YEuJJt7LpegHrs4KasIi-xg1KcurZvgD-hVSNm7egxb4qDEHptyK8sDKz1Jbf0GOmA6KjbXM2gyunPY1Ft3gKQNijZFJT0RRgAuxUu711JtiDmUyPAq4BrIBH5GGCgg_sMEb3L3t2gsr7Ewe0mNxeZZREaJD2pnJBbIEHll0r45s_MK5SDneJaheQNr1vk7dT_ceM0fX2UCJbgHCW88d4OinT1n9AUQ5yBHdD7udfNaIoSRhpwW50oYdqk5q23hVb3B5kqUiDt-LAGlbneQVZ6jHKBB5FdnvtmLmTUSsDOzSuYLOrsPG9d6hnI8v-bLSTvwF0S1uJ3psnTIitqx_fek3PmlpYCzh2gfausxJSutSpAg1Mg9wBgv_jTk6lq896QNiVdbJXrZycZGR2Wdgy-ricxc5pCDuxJgWzGiZ31-2g6w8gMa0Lh-WNC4fP5oQkvQ_qYqJMrPtZg_dNjkUmjQom3dmcsl0UY6R1AmX6WItSpza0qg6OKigFDa-6H1M2fut0xEt9UWy6W3bTfInOThUH-jnpnO1s5BFI8byaB6u9awtESaW0an0joaPzMUl18Ml2mKHi758-ZTekD_S0aZCUnEvugNMJi92RL1PApPEUuVflsprd5tvUyu6LDl4ReT_H_IGNGCltzTgjcTNldE7fx3EjCPyA_RTJwGKsklhZsxfrdPghzJGjjmeH7HiBIW10NqYEgVa72PUxA7jC9ifi9QVOfY4RXW0PNsGq82Tn-vhdO7nHxTgXu-VZhCjx61Atd5F0kEA92WM7Xvww31nunBtCvQ5twmyz2WJuoIkk-JL6HuVSx2mHieby1hWDxP3ddS6y6D3ht3oWskivlawby1Dcqe4h7o8TuAXArTZLNgVmCpt4B5_20WQlM5tO4DSifEjcNCVWWLaeVCHg2b817eINzgskEP3U1scbgLJZ1g0VQ5orZrjlo2IIDQ5BzN5gW84V4Fve5EUxGfN8Q6kGHMM22WFX3kqnoezNZFOIuRhzehPzhvMy-1wkSWWmXszlnIpcoUIwTzy3HtchFF28kLgznAun_YC9wYNifANnIxRf1tpbdP7ndaZPLCGwusEO4hcT7DdNPAbgk0wD3t-wkmIwy28kL6atYSEn-Qf7HqckiIfbZ-oe0UfnFkecv5J0wd-kmk5nVj03-TE83DdkO2IMPQVJt4j7RxaEgqO3JSaU0yOr0ZD1UhYYpgMFA2YOdjYpzOFWhl2lVsDPywkM3xai59ujRV-rD1wS32H_nlw6mEYBbLqzytz8oBpsvYPz6-688f65gSKZ-XNjut8Xse4DGD1jM8-IF4U5uUSp0x6ZGYeU5LX-aJydVhA3adnmBwL3sHAwzatvdZHjlaMfCOfsVpsQzHVwLydAJ_sWA4NKIaBKSJQhE4yvcC7PsyTJm7oXHAVWQeT4XIzPdrVUVgYlZJWTuWVaiTx6phvj__HqRS-ucdwTh95PXWgiYO4yP_WR5f1yfaLc2OI5RwY7d_eKL0hCjSog1n3a1ZQWNA-vRsYDLoX7sEHGiUWdqzDgC2bis_suSiXHnGzQ8FGUijF4-9VpsA86ux53VlQIEDFeh_5ZxBRPUdflYafMacUwglKPmYOqOZ8fIyOmm8k6iGUKjmy1OSR0BhRD-3nHRT5hnkjuNhDUkayJFIWZfLTy91FBz1f7GIY4FsyRunCJIkeeC7FqD5X8L8g6-hHUdjAtXU7TbHk5sjjacl6B5gxpL08RCvr3lr5sbgjvyuQL5XlpF4iAnIyjhr90Z8QaizqKejKHldOTro_cjwdwdFVObJEfVcPsRNYtzOeT04DT9MYo3pfyRrZtRUljZEbvpKYYOT4ss3Guwc_jd6nRRMecZvKa7iWAByiIREJZJEMPH4m8Q0wRYh03qtJnaUhtUjmdBxXQJ6irhduqXiLksKaJQMhcFVYYTx9WMfQKtiugja27d16Dxbf_M3VCl0efNGZ_bJDsWqYxoFAzJJIiMUNIB6mMTJiVSDeJe6-nzH-s_3lxYqwyZ0kVUwAcCjPQKcsDIGIrrn1TyJhtHFvedxl2W8zJOuRk_CD5_bdScWQvjLCHbulHyrB07wsCHY_FtT4SjoZYWOVWlpKyFM0Ho7zcdJvVa64l5ZZCNrTeT1qv6BenDzk6ysIE03bdvqlc6wTe_Uh7_7f5GtL0jIpAJ7NCfODGE14X0E72PNjLBk1422lKlEUKt6dUbC7bwn-azb0kUNvoqhLNWiSxf01L_GbjCa0G8DPd7hs0eNLueddrByoI4G2DBkO0WWzEYQS1-aR7V0fQsRBdb_UX1Ng81XI8VLuC5WnTB8iuxJ_XX0E0A2RzQOIitWQVA94wW4DWBNhhxoTtntzin8WjwQOMbuCA4ZNVeNGwkmx-6EGFOkbNFo97rEfzKJOAta4F0-xixPUfzR62H3VdvKqVUoU348dCU9lzeCfAaRl0LAQLvxaEVQeF1ELtZFsW66_3XnIwf1RZ-fQWZJrCj2lE4Wi1AUAWzp4p553jizIqxhSHgdfYX8ISRF4qpMqTfq1fNs0Snx6GGTIDcnpkrx3Y3NJu6raJ3u_Pe72q8fnYf1JdMCm3frOXq0tob90xXS9-nA47QVoqYt&cid=CAQSOwDICaaNRYrLZiYy_rz2VQ8M3ioO2iYWOY8j6-FCHJ5hSnXZjyWjhSeZNIaig7PrxEru3Or05a3Ga-m5GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgeocult.ru%2F&ds=l&xdt=1&iif=1&cor=13486007983855550000&adk=1877897942&idt=104&cac=0&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3cc9ff1199352176e596e64f382160be2373c31dca95674ea56413c006ee4172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1253&idt=0&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38274
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 8959
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CXXzYBOVuZbuiG92PtOUPo8G_mAPj8ZClVvCOyMDTB67y9__8GhABINTHmpcBYJWCgICwB6AB96vt-gPIAQKpAi3MpCALMLI-qAMByAPJBKoEvAFP0MZqZTJBBUWuYCNAR8TQn84lW9p31sM...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2218414107922724700645%22,%22debug_reporting%22:true,%22destination%22:%22https://aktion-kig.eu%22,%22event_report_window%22...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2218414107922724700645%22,%22debug_reporting%22:true,%22destination%22:%22https://aktion-kig.eu%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221062950391%22],%224%22:[%2212-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225013094701407171521%22}&andc=true
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:25 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"18414107922724700645","debug_reporting":true,"destination":"https://aktion-kig.eu","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1062950391"],"4":["12-05"],"6":["true"]},"priority":"500","source_event_id":"5013094701407171521"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 05 Dec 2023 08:53:25 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 05 Dec 2023 08:53:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"18414107922724700645","debug_reporting":true,"destination":"https://aktion-kig.eu","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1062950391"],"4":["12-05"],"6":["true"]},"priority":"500","source_event_id":"5013094701407171521"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 3C93 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
126289
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 21:48:36 GMT
expires
Mon, 02 Dec 2024 21:48:36 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/12786977581332354964/ Frame 97CA 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36d2279d6bdfd42765a2b279a36a44b84a1d2d849d0872004fe8c6e3fee1b774
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
43986
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1918
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 20:40:19 GMT
expires
Tue, 03 Dec 2024 20:40:19 GMT
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame C771 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstWEMoqITVykXRorwCC6KdxZfndKPKsg0y2Uii9RQnuPPkX1tGypISzO5gd-jSOfYWY2OcpSX-NWo4cXM6xYE5F1g_b3k2pYtSzhGMt66UjVKdjLVPPibcWdclnAJQG-URveze7gjJfDS2C3CG1u29fbq9Vx13VN-WEGiAI-hBsFE0waY0Y-PSYBgfhayA2nL12C8PSfwM2Nhy09dXS4I4TFxx_bHkyoZ_riLYzurNB3gUumbYXm0IOCPo64EjGlqIm6dCSJJToUvAJwblndOb3fSrzVVo8o7c5bmS5JD6xVv1dMv7qqx-2ODNjdf9dRXclZtHLQCCustlBBJVHnMiDnMEGA2cffdl8MmX_ns23-jlkr0PdXxuHzlgx4DxATawESirIHfdDMNQxwq0ZhaaHcRZrxjs_irOw3EOM5H1vcKTX3srrN5O8YAXT76RNy7wOslJwprZJ_YbAXyY65XLunq4c8YbVeR-9grTMJVvj0qEVgbgoBu3UWC31w2lx3Y4caJzYPCRGDe4u8t839jgWojSUzP4CJLyYA5SB2RjY4RU724yuvj_cmKwCu0nP_tUfJ51VT8NccX-G8n_3jkbtIHl0ll-3uemiUFHUHd-bs1HvBU7a8qPWVOoLVMYeER00WRJQrTvsubi5ZdQ9smWOEEDUdPEwWelXa-FuR4uGZ0VbQ7v9CBkCxsxguFZXxe9wdfhx7pGzj0AO9XNaf6HY1BKxrT7g2apZVYutany6P999JFgNCnd9Y0zal1AhpE-XJ45yWxw1vleDD0JOjoW4dxp6vElajsFwGn8aDCC3c_5umHw1J9QO69_0MVG4rFzZq_MBQPjCdvTNWK-jG1mh_kOPR7EEgmRJX4f7COqOCSnQQWQvE7n1qqlC7S3H9Nfs_BF7NCTI7pwnpxG9BmjQA_d9NVyvLdCTTd5uWGG4_IlWsb5RUT4DP0E4H2ikH3a755mBHYbTQ7TxOIjeMF8BQH5df7wcnX4pFAHvPmC9St_0Av1Sv4TNjrY9qCJzwJnbmdGPV-nYnWSiYg8yStsfFxguHIt-5VlK56uB5pY46m5qWvJvZhyT9jgv8BV9HY9WRrGox5sfo-irofZay7ENP7fVquTHIaFRYX78Q2nZgsiJRpeWCvurP9eVKJz0NG2bsa4sN9h9HoOq7rGdYWERy1VzKXD3-w3dlABuEaTYRUNTwE8J07YqAdNR2iAPpY7XfvYdqbVGaTcM1ccSRaC-tCNxSVvjc6A7nOOe3Gojziq36OfoCm_AOx25Rw&sai=AMfl-YRoXB1Y_OfRAsu5b_9Xp7u1OB-mLtMOHjxpPTlLIQ-sK9UUQ1yil_jQInDZjEMLSZBRUC5-XgLy8xJrPKnbKys-1Sg_dCwMcBR_A_hk-7rNb2F0crSV7YP5XCLfWGLkAk-c458vetdpcUXV6CVoTAIJVVp-tFjfJ6hwWmDi8yoEiMN4EZ9QxN8-lGqUhHKF__t3Q6URUCJmvshCzHpvEWJQFBlIGazNkQtr2gF0zaGvay96ZgIxuQY_v4INAMC2En7YCxWGEHCOp667P4Qw3573d36gR97iQ_thgg&sig=Cg0ArKJSzBSKQ3iOUtevEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=109&cbvp=1&cstd=107&cisv=r20231130.65741&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 05 Dec 2023 08:53:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
pagead2.googlesyndication.com/bg/ Frame D38C 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1252&idt=-M&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 13:53:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
68400
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19719
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Dec 2024 13:53:25 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 3C93 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:33:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
29973
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 00:33:52 GMT
style.css
s0.2mdn.net/sadbundle/12786977581332354964/css/ Frame 97CA 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
507a74eb21e9a16396d226f31f5e25345a8208db821d9fc5798284c38bec5e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:06:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31637
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2009
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Dec 2024 00:06:08 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 97CA 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2186320
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25267
last-modified
Tue, 01 Aug 2023 16:38:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64c93515-62b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6K01ytHQBs%2F5%2BRwtCzJ9nbiWsV77zAFzrM7BwFW46lsZjsJZmIiUagr92wi2S4txSybBGxK3QTMRpDt4pdsdz5IaJQrOLy5qGPRFZqEnQo1aF6%2FZwFHcjlR9sViMRd%2FqDIOnibxlzAFVXD5k0sybScdq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
830b0f002d271903-FRA
expires
Sun, 24 Nov 2024 08:53:25 GMT
CustomEase.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 97CA 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/CustomEase.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1992120
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3299
last-modified
Tue, 01 Aug 2023 16:38:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64c93515-ce3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JYcWYGnGmVYSinTJg2TXafHZWGv7ObetuTqUeuupmizzxMqEAC2p6toZqVq15vLhnc%2BCndgkmysoVUFT1sDGzg21jUVpi0BPadmrRV%2FDmi5SGA9wIjn8%2Fn1N7PL7IsMiKpGKbgp0AhKDTPjFQM4gBI7T"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
830b0f002d231903-FRA
expires
Sun, 24 Nov 2024 08:53:25 GMT
dyson.svg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 97CA 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/dyson.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 05:34:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11945
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1076
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Dec 2024 05:34:20 GMT
rtbIcon.svg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 97CA 		2 KB
807 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/rtbIcon.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:16:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38222
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
771
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 03 Dec 2024 22:16:23 GMT
dyson-v15s-submarine-stack.svg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 97CA 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/dyson-v15s-submarine-stack.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bb76b6ed760de97f8a40e71c79ce9704e965bb287761bd81fb2fb021b8609c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 12:02:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75083
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2891
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 03 Dec 2024 12:02:02 GMT
1-min.jpg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 97CA 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/1-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bb76af1be9c401ef3da16e31401b74f7cb0627154925d8c9fa308fba2e1413c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 21:37:26 GMT
x-content-type-options
nosniff
age
40559
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26291
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 03 Dec 2024 21:37:26 GMT
2-min.jpg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 97CA 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/2-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
372360f6d3fa2133dfbf08ba93b3b55985785cb74106d75839618b7d273dd3c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:38:21 GMT
x-content-type-options
nosniff
age
36904
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25258
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 03 Dec 2024 22:38:21 GMT
3-min.jpg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 97CA 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/3-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca4c3ad9639830e6f8f8e29775549fc24fcab33b4eeec7ae77da27c5c9e6bc80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 13:35:55 GMT
x-content-type-options
nosniff
age
69450
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20858
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 03 Dec 2024 13:35:55 GMT
gradient.png
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 97CA 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/gradient.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b67702d4e78a4b6d5981a50298b0989dea48fc7d95b5e593dfafbe96cdbb309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:06:08 GMT
x-content-type-options
nosniff
age
31637
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4218
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Dec 2024 00:06:08 GMT
4-min.jpg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 97CA 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/4-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19dc5f765d51f715497f0eadd0dede8eaa5ee17447a22db60538f60ca7c0a01d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:38:22 GMT
x-content-type-options
nosniff
age
36903
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32615
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 03 Dec 2024 22:38:22 GMT
overlay.png
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 97CA 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/overlay.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a72990ce8413aceedbfbf2f1d7ca2231c726b29a4ab1ddbca32b45ad685b4e26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:22:09 GMT
x-content-type-options
nosniff
age
55876
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14477
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 03 Dec 2024 17:22:09 GMT
arrow.svg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 97CA 		192 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/arrow.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd99a285d81a12f549b741db9604416a669e2ee8accf00cd40c0b0344e9ba63f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:06:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31637
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
161
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Dec 2024 00:06:08 GMT
script.js
s0.2mdn.net/sadbundle/12786977581332354964/script/ Frame 97CA 		4 KB
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/script/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a55f386367cbcc30390435806075251b8ef4afb086409bc8e301558223398245
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:38:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
209697
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
982
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 01 Dec 2024 22:38:28 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2218414107922724700645%22,%22debug_reporting%22:true,%22destination%22:%22https://aktion-kig.eu%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221062950391%22],%224%22:[%2212-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225013094701407171521%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 05 Dec 2023 08:53:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dysonfutura-book.woff
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 97CA 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/dysonfutura-book.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/css/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:06:08 GMT
x-content-type-options
nosniff
age
31637
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7928
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Dec 2024 00:06:08 GMT
4.js
static.adsafeprotected.com/ Frame C771
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1627455/73523879/4.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-2920555573584698&ias_chanId=1&ias_placementId=20492283353&bidurl=https://geocult.ru/&ias_...
  • https://static.adsafeprotected.com/4.js?xsId=ABAjH0gT1oJPmccVRksN9eHKNF7Q&ias_xappb=&adContainerId=brand_safety_BOVuZZ2-N7Phx_APyfCNkAo&cbFunctionName=goog_wrapCb_BOVuZZ2-N7Phx_APyfCNkAo&true_pb=
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?xsId=ABAjH0gT1oJPmccVRksN9eHKNF7Q&ias_xappb=&adContainerId=brand_safety_BOVuZZ2-N7Phx_APyfCNkAo&cbFunctionName=goog_wrapCb_BOVuZZ2-N7Phx_APyfCNkAo&true_pb=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=4347476252&adk=504672438&adf=3417920651&pi=t.ma~as.4347476252&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403292&bpp=1&bdt=200&idt=339&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=342
Protocol
H2
Server
2600:9000:223f:4e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:54:05 GMT
x-amz-version-id
4Cmv1jyFRAmZ7XChlLsmb9GJS5ztjryA
content-encoding
gzip
via
1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
46761
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Mon, 04 Dec 2023 19:54:03 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
YUmIq8Bbdweh-IbH7SF_9HZX3FW3mo0ateqS60POnjMS_r4JAZcjpQ==

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:25 GMT
server
nginx
x-server-name
app13.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?xsId=ABAjH0gT1oJPmccVRksN9eHKNF7Q&ias_xappb=&adContainerId=brand_safety_BOVuZZ2-N7Phx_APyfCNkAo&cbFunctionName=goog_wrapCb_BOVuZZ2-N7Phx_APyfCNkAo&true_pb=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame B4F2 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=4347476252&adk=504672438&adf=3417920651&pi=t.ma~as.4347476252&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403292&bpp=1&bdt=200&idt=339&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=342
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:4e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
6511455
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
mE__zZYhHjS3_VHazZlJk3YB0CyZoNvzgvtiAXih2hY-wnjFmmDWTA==
dt
dt.adsafeprotected.com/ Frame C771 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=d5340f5b-3c1e-19ce-c42f-4b51ee1c0ac0&tv=%7Bc:vUL2US,pingTime:-3,time:38,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:13%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:38,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B33~0%5D,as:%5B33~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXympna+11%7C12%7C13%7C141%7C142%7C143%7C144%7C145%7C146%7C151*.1627455-73523879%7C1511%7C15121%7C1513%7C161%7C162%7C163%7C164%7C165%7C166%7C171%7C172%7C173%7C1811%7C1911%7C1912%7C1913,idMap:151*,rmeas:1,rend:0,renddet:na,siq:14%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=4347476252&adk=504672438&adf=3417920651&pi=t.ma~as.4347476252&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403292&bpp=1&bdt=200&idt=339&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=342
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:681e:bcdb:1ca2:a385 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:25 GMT
server
nginx
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame C771 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=d5340f5b-3c1e-19ce-c42f-4b51ee1c0ac0&tv=%7Bc:vUL2UT,pingTime:-6,time:39,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:39,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B34~0%5D,as:%5B34~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXympna+11%7C12%7C13%7C141%7C142%7C143%7C144%7C145%7C146%7C151*.1627455-73523879%7C1511%7C15121%7C1513%7C161%7C162%7C163%7C164%7C165%7C166%7C171%7C172%7C173%7C1811%7C1911%7C1912%7C1913,idMap:151*,rmeas:1,rend:0,renddet:na,siq:14%7D&tpiLookup=ao:geocult.ru*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=4347476252&adk=504672438&adf=3417920651&pi=t.ma~as.4347476252&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403292&bpp=1&bdt=200&idt=339&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=342
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:681e:bcdb:1ca2:a385 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:25 GMT
server
nginx
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame C771 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=d5340f5b-3c1e-19ce-c42f-4b51ee1c0ac0&tv=%7Bc:vUL2V1,pingTime:-2,time:47,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:432,beZ:433,mfA:435,cmA:436,inA:436,inZ:439,prA:439,prZ:443,si:446,poA:447,poZ:462,cmZ:462,mfZ:462,loA:471,loZ:473,ltA:479,ltZ:479%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:13%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:47,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B42~0%5D,as:%5B42~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXympna+11%7C12%7C13%7C141%7C142%7C143%7C144%7C145%7C146%7C151*.1627455-73523879%7C1511%7C15121%7C1513%7C161%7C162%7C163%7C164%7C165%7C166%7C171%7C172%7C173%7C1811%7C1911%7C1912%7C1913,idMap:151*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:14,sinceFw:32,readyFired:true%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=4347476252&adk=504672438&adf=3417920651&pi=t.ma~as.4347476252&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403292&bpp=1&bdt=200&idt=339&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=342
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:681e:bcdb:1ca2:a385 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:25 GMT
server
nginx
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
view
googleads4.g.doubleclick.net/pcs/ Frame C771 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstWEMoqITVykXRorwCC6KdxZfndKPKsg0y2Uii9RQnuPPkX1tGypISzO5gd-jSOfYWY2OcpSX-NWo4cXM6xYE5F1g_b3k2pYtSzhGMt66UjVKdjLVPPibcWdclnAJQG-URveze7gjJfDS2C3CG1u29fbq9Vx13VN-WEGiAI-hBsFE0waY0Y-PSYBgfhayA2nL12C8PSfwM2Nhy09dXS4I4TFxx_bHkyoZ_riLYzurNB3gUumbYXm0IOCPo64EjGlqIm6dCSJJToUvAJwblndOb3fSrzVVo8o7c5bmS5JD6xVv1dMv7qqx-2ODNjdf9dRXclZtHLQCCustlBBJVHnMiDnMEGA2cffdl8MmX_ns23-jlkr0PdXxuHzlgx4DxATawESirIHfdDMNQxwq0ZhaaHcRZrxjs_irOw3EOM5H1vcKTX3srrN5O8YAXT76RNy7wOslJwprZJ_YbAXyY65XLunq4c8YbVeR-9grTMJVvj0qEVgbgoBu3UWC31w2lx3Y4caJzYPCRGDe4u8t839jgWojSUzP4CJLyYA5SB2RjY4RU724yuvj_cmKwCu0nP_tUfJ51VT8NccX-G8n_3jkbtIHl0ll-3uemiUFHUHd-bs1HvBU7a8qPWVOoLVMYeER00WRJQrTvsubi5ZdQ9smWOEEDUdPEwWelXa-FuR4uGZ0VbQ7v9CBkCxsxguFZXxe9wdfhx7pGzj0AO9XNaf6HY1BKxrT7g2apZVYutany6P999JFgNCnd9Y0zal1AhpE-XJ45yWxw1vleDD0JOjoW4dxp6vElajsFwGn8aDCC3c_5umHw1J9QO69_0MVG4rFzZq_MBQPjCdvTNWK-jG1mh_kOPR7EEgmRJX4f7COqOCSnQQWQvE7n1qqlC7S3H9Nfs_BF7NCTI7pwnpxG9BmjQA_d9NVyvLdCTTd5uWGG4_IlWsb5RUT4DP0E4H2ikH3a755mBHYbTQ7TxOIjeMF8BQH5df7wcnX4pFAHvPmC9St_0Av1Sv4TNjrY9qCJzwJnbmdGPV-nYnWSiYg8yStsfFxguHIt-5VlK56uB5pY46m5qWvJvZhyT9jgv8BV9HY9WRrGox5sfo-irofZay7ENP7fVquTHIaFRYX78Q2nZgsiJRpeWCvurP9eVKJz0NG2bsa4sN9h9HoOq7rGdYWERy1VzKXD3-w3dlABuEaTYRUNTwE8J07YqAdNR2iAPpY7XfvYdqbVGaTcM1ccSRaC-tCNxSVvjc6A7nOOe3Gojziq36OfoCm_AOx25Rw&sai=AMfl-YRoXB1Y_OfRAsu5b_9Xp7u1OB-mLtMOHjxpPTlLIQ-sK9UUQ1yil_jQInDZjEMLSZBRUC5-XgLy8xJrPKnbKys-1Sg_dCwMcBR_A_hk-7rNb2F0crSV7YP5XCLfWGLkAk-c458vetdpcUXV6CVoTAIJVVp-tFjfJ6hwWmDi8yoEiMN4EZ9QxN8-lGqUhHKF__t3Q6URUCJmvshCzHpvEWJQFBlIGazNkQtr2gF0zaGvay96ZgIxuQY_v4INAMC2En7YCxWGEHCOp667P4Qw3573d36gR97iQ_thgg&sig=Cg0ArKJSzBSKQ3iOUtevEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=254&vt=11&dtpt=145&dett=3&cstd=107&cisv=r20231130.65741&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame A8FB 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46919
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 19:51:26 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/ Frame A8FB 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CMOG6cG5kVMw4mJKWO6jbleqZOi9VF5SoTDldpnyjCFfiWWVO9piT2a9e7bIEi2OFf8_nYjNHLdmcMwWyu3_bso0cPLdI6PEZA1oR0fW7uix2YRHrQzXqOwPExq3je-WDzCbRaTgTgBHnTTFkF_Iqw7RN8vgAhNHhKYuQHI_maFJxUzHvfsKGEJ63PzNAvIMh146e6&cry=1&dbm_d=AKAmf-DcDbqvtD_yAlPfQ9gc607nzhUgwC4jC8IFE7YjRqXArjbLuEQjl2q-2LkXsNedDJkUc_z_ydomjHz7WN3bfVkEXGE3oqLO9vqocE8vLqAV-jFULsNTTewi1bQqplHh2zrMvLKRG7fe7qkh7rHMbOj98kWhlAdfUFwL8Q7epWGyOqVKflYdyGYLx233lJZoPKIBGSi6J1HpzKK9UJmsJx7D0xWsyZiHDEvSpqwludqB4sVj-Ix6vc924ysJyFGVZahyWK_GTrPMWL7B7hwYvu1pxPYiMKZn4IhG5fyQorFG02Cvn7gulNtpziHbZAUasonONIdbJbfTDFN-ExUHqDtd7lQln-s1FvhbkP6mAYM6dCCR344tUTqEBrLxtJjQ1QnL9Fu1UPFDumXj-XCRmfaWItANMLd7M-i_WMgJQ0RN_dyQSGYZUjFZWOMaD29QaarLc9qWkX5uHznjOIRtv9sWsBe7VqHp7VBRg60KlBBaruNWdZNORVLjfxIO1OonMCbXgxlA-MyXew_wOGNOniWX6gUTXKeUjQRPCxhOkYLogQbRjR5gf8VVeDj6GSRvUtq-CNQGfqCfCZpub4FPv9OZLsho75iwkGEcymYBNUjHRx2OJrlLT5NGDuklS4IvwfVuDYlVrxOxuY9cbMqTytmwF7op_wT-3iKZ1PPqqvpk2_oArOJkCmZjuTqXCiP1xI_K6dZ8m_rfp0cCtOHeyOD8VNiTgVhf2Kz4ODKvZ6FuRqZsu1gKllk2KyJd2hAq-7poE0DFJZxi81yd26D75FBSaljjtWufEOil89AdZQ16tSgWzTZYgmd75t4qRIQgB_SKVIaQao1nlVMZ0mD6COdl45hN4HKJR9pMwfejwoLm8CN4bTMxjZtRB0gmmj6EM25aftgtGnCOtiGPPRjwA5na5nH3P6BjDd-pQx7pljKM1LPZIAZ3raMSXElFDQrMdg8OLBq_0e7ykS51gV8TjfU734J-heDuhXcVKXjXKCAuTHx4N46VBRysSEKHiTlKxP_Sz5QaW7-kkYKvYoKML0qvBOkhCEsGC34bpXXoPptqFzBEq2RCN_08kVadJeEPdaveZXYijIp0h8kMizbiK5IsDyjAuDaaspFa1TwedprRM8FDoTJlcmGDjKbR8oiFM2d9Qn7TGGdftpAFNI8_Qi2uoi_SRFFDr6cbw-CUuX6WZBJdkdLLFnUQSNnilSS-YUlLOOHn8wKGQ1Hz4s2P1YEuJJt7LpegHrs4KasIi-xg1KcurZvgD-hVSNm7egxb4qDEHptyK8sDKz1Jbf0GOmA6KjbXM2gyunPY1Ft3gKQNijZFJT0RRgAuxUu711JtiDmUyPAq4BrIBH5GGCgg_sMEb3L3t2gsr7Ewe0mNxeZZREaJD2pnJBbIEHll0r45s_MK5SDneJaheQNr1vk7dT_ceM0fX2UCJbgHCW88d4OinT1n9AUQ5yBHdD7udfNaIoSRhpwW50oYdqk5q23hVb3B5kqUiDt-LAGlbneQVZ6jHKBB5FdnvtmLmTUSsDOzSuYLOrsPG9d6hnI8v-bLSTvwF0S1uJ3psnTIitqx_fek3PmlpYCzh2gfausxJSutSpAg1Mg9wBgv_jTk6lq896QNiVdbJXrZycZGR2Wdgy-ricxc5pCDuxJgWzGiZ31-2g6w8gMa0Lh-WNC4fP5oQkvQ_qYqJMrPtZg_dNjkUmjQom3dmcsl0UY6R1AmX6WItSpza0qg6OKigFDa-6H1M2fut0xEt9UWy6W3bTfInOThUH-jnpnO1s5BFI8byaB6u9awtESaW0an0joaPzMUl18Ml2mKHi758-ZTekD_S0aZCUnEvugNMJi92RL1PApPEUuVflsprd5tvUyu6LDl4ReT_H_IGNGCltzTgjcTNldE7fx3EjCPyA_RTJwGKsklhZsxfrdPghzJGjjmeH7HiBIW10NqYEgVa72PUxA7jC9ifi9QVOfY4RXW0PNsGq82Tn-vhdO7nHxTgXu-VZhCjx61Atd5F0kEA92WM7Xvww31nunBtCvQ5twmyz2WJuoIkk-JL6HuVSx2mHieby1hWDxP3ddS6y6D3ht3oWskivlawby1Dcqe4h7o8TuAXArTZLNgVmCpt4B5_20WQlM5tO4DSifEjcNCVWWLaeVCHg2b817eINzgskEP3U1scbgLJZ1g0VQ5orZrjlo2IIDQ5BzN5gW84V4Fve5EUxGfN8Q6kGHMM22WFX3kqnoezNZFOIuRhzehPzhvMy-1wkSWWmXszlnIpcoUIwTzy3HtchFF28kLgznAun_YC9wYNifANnIxRf1tpbdP7ndaZPLCGwusEO4hcT7DdNPAbgk0wD3t-wkmIwy28kL6atYSEn-Qf7HqckiIfbZ-oe0UfnFkecv5J0wd-kmk5nVj03-TE83DdkO2IMPQVJt4j7RxaEgqO3JSaU0yOr0ZD1UhYYpgMFA2YOdjYpzOFWhl2lVsDPywkM3xai59ujRV-rD1wS32H_nlw6mEYBbLqzytz8oBpsvYPz6-688f65gSKZ-XNjut8Xse4DGD1jM8-IF4U5uUSp0x6ZGYeU5LX-aJydVhA3adnmBwL3sHAwzatvdZHjlaMfCOfsVpsQzHVwLydAJ_sWA4NKIaBKSJQhE4yvcC7PsyTJm7oXHAVWQeT4XIzPdrVUVgYlZJWTuWVaiTx6phvj__HqRS-ucdwTh95PXWgiYO4yP_WR5f1yfaLc2OI5RwY7d_eKL0hCjSog1n3a1ZQWNA-vRsYDLoX7sEHGiUWdqzDgC2bis_suSiXHnGzQ8FGUijF4-9VpsA86ux53VlQIEDFeh_5ZxBRPUdflYafMacUwglKPmYOqOZ8fIyOmm8k6iGUKjmy1OSR0BhRD-3nHRT5hnkjuNhDUkayJFIWZfLTy91FBz1f7GIY4FsyRunCJIkeeC7FqD5X8L8g6-hHUdjAtXU7TbHk5sjjacl6B5gxpL08RCvr3lr5sbgjvyuQL5XlpF4iAnIyjhr90Z8QaizqKejKHldOTro_cjwdwdFVObJEfVcPsRNYtzOeT04DT9MYo3pfyRrZtRUljZEbvpKYYOT4ss3Guwc_jd6nRRMecZvKa7iWAByiIREJZJEMPH4m8Q0wRYh03qtJnaUhtUjmdBxXQJ6irhduqXiLksKaJQMhcFVYYTx9WMfQKtiugja27d16Dxbf_M3VCl0efNGZ_bJDsWqYxoFAzJJIiMUNIB6mMTJiVSDeJe6-nzH-s_3lxYqwyZ0kVUwAcCjPQKcsDIGIrrn1TyJhtHFvedxl2W8zJOuRk_CD5_bdScWQvjLCHbulHyrB07wsCHY_FtT4SjoZYWOVWlpKyFM0Ho7zcdJvVa64l5ZZCNrTeT1qv6BenDzk6ysIE03bdvqlc6wTe_Uh7_7f5GtL0jIpAJ7NCfODGE14X0E72PNjLBk1422lKlEUKt6dUbC7bwn-azb0kUNvoqhLNWiSxf01L_GbjCa0G8DPd7hs0eNLueddrByoI4G2DBkO0WWzEYQS1-aR7V0fQsRBdb_UX1Ng81XI8VLuC5WnTB8iuxJ_XX0E0A2RzQOIitWQVA94wW4DWBNhhxoTtntzin8WjwQOMbuCA4ZNVeNGwkmx-6EGFOkbNFo97rEfzKJOAta4F0-xixPUfzR62H3VdvKqVUoU348dCU9lzeCfAaRl0LAQLvxaEVQeF1ELtZFsW66_3XnIwf1RZ-fQWZJrCj2lE4Wi1AUAWzp4p553jizIqxhSHgdfYX8ISRF4qpMqTfq1fNs0Snx6GGTIDcnpkrx3Y3NJu6raJ3u_Pe72q8fnYf1JdMCm3frOXq0tob90xXS9-nA47QVoqYt&cid=CAQSOwDICaaNRYrLZiYy_rz2VQ8M3ioO2iYWOY8j6-FCHJ5hSnXZjyWjhSeZNIaig7PrxEru3Or05a3Ga-m5GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgeocult.ru%2F&ds=l&xdt=1&iif=1&cor=13486007983855550000&adk=1877897942&idt=104&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:05:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
49693
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 19:05:12 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/ Frame A8FB 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CMOG6cG5kVMw4mJKWO6jbleqZOi9VF5SoTDldpnyjCFfiWWVO9piT2a9e7bIEi2OFf8_nYjNHLdmcMwWyu3_bso0cPLdI6PEZA1oR0fW7uix2YRHrQzXqOwPExq3je-WDzCbRaTgTgBHnTTFkF_Iqw7RN8vgAhNHhKYuQHI_maFJxUzHvfsKGEJ63PzNAvIMh146e6&cry=1&dbm_d=AKAmf-DcDbqvtD_yAlPfQ9gc607nzhUgwC4jC8IFE7YjRqXArjbLuEQjl2q-2LkXsNedDJkUc_z_ydomjHz7WN3bfVkEXGE3oqLO9vqocE8vLqAV-jFULsNTTewi1bQqplHh2zrMvLKRG7fe7qkh7rHMbOj98kWhlAdfUFwL8Q7epWGyOqVKflYdyGYLx233lJZoPKIBGSi6J1HpzKK9UJmsJx7D0xWsyZiHDEvSpqwludqB4sVj-Ix6vc924ysJyFGVZahyWK_GTrPMWL7B7hwYvu1pxPYiMKZn4IhG5fyQorFG02Cvn7gulNtpziHbZAUasonONIdbJbfTDFN-ExUHqDtd7lQln-s1FvhbkP6mAYM6dCCR344tUTqEBrLxtJjQ1QnL9Fu1UPFDumXj-XCRmfaWItANMLd7M-i_WMgJQ0RN_dyQSGYZUjFZWOMaD29QaarLc9qWkX5uHznjOIRtv9sWsBe7VqHp7VBRg60KlBBaruNWdZNORVLjfxIO1OonMCbXgxlA-MyXew_wOGNOniWX6gUTXKeUjQRPCxhOkYLogQbRjR5gf8VVeDj6GSRvUtq-CNQGfqCfCZpub4FPv9OZLsho75iwkGEcymYBNUjHRx2OJrlLT5NGDuklS4IvwfVuDYlVrxOxuY9cbMqTytmwF7op_wT-3iKZ1PPqqvpk2_oArOJkCmZjuTqXCiP1xI_K6dZ8m_rfp0cCtOHeyOD8VNiTgVhf2Kz4ODKvZ6FuRqZsu1gKllk2KyJd2hAq-7poE0DFJZxi81yd26D75FBSaljjtWufEOil89AdZQ16tSgWzTZYgmd75t4qRIQgB_SKVIaQao1nlVMZ0mD6COdl45hN4HKJR9pMwfejwoLm8CN4bTMxjZtRB0gmmj6EM25aftgtGnCOtiGPPRjwA5na5nH3P6BjDd-pQx7pljKM1LPZIAZ3raMSXElFDQrMdg8OLBq_0e7ykS51gV8TjfU734J-heDuhXcVKXjXKCAuTHx4N46VBRysSEKHiTlKxP_Sz5QaW7-kkYKvYoKML0qvBOkhCEsGC34bpXXoPptqFzBEq2RCN_08kVadJeEPdaveZXYijIp0h8kMizbiK5IsDyjAuDaaspFa1TwedprRM8FDoTJlcmGDjKbR8oiFM2d9Qn7TGGdftpAFNI8_Qi2uoi_SRFFDr6cbw-CUuX6WZBJdkdLLFnUQSNnilSS-YUlLOOHn8wKGQ1Hz4s2P1YEuJJt7LpegHrs4KasIi-xg1KcurZvgD-hVSNm7egxb4qDEHptyK8sDKz1Jbf0GOmA6KjbXM2gyunPY1Ft3gKQNijZFJT0RRgAuxUu711JtiDmUyPAq4BrIBH5GGCgg_sMEb3L3t2gsr7Ewe0mNxeZZREaJD2pnJBbIEHll0r45s_MK5SDneJaheQNr1vk7dT_ceM0fX2UCJbgHCW88d4OinT1n9AUQ5yBHdD7udfNaIoSRhpwW50oYdqk5q23hVb3B5kqUiDt-LAGlbneQVZ6jHKBB5FdnvtmLmTUSsDOzSuYLOrsPG9d6hnI8v-bLSTvwF0S1uJ3psnTIitqx_fek3PmlpYCzh2gfausxJSutSpAg1Mg9wBgv_jTk6lq896QNiVdbJXrZycZGR2Wdgy-ricxc5pCDuxJgWzGiZ31-2g6w8gMa0Lh-WNC4fP5oQkvQ_qYqJMrPtZg_dNjkUmjQom3dmcsl0UY6R1AmX6WItSpza0qg6OKigFDa-6H1M2fut0xEt9UWy6W3bTfInOThUH-jnpnO1s5BFI8byaB6u9awtESaW0an0joaPzMUl18Ml2mKHi758-ZTekD_S0aZCUnEvugNMJi92RL1PApPEUuVflsprd5tvUyu6LDl4ReT_H_IGNGCltzTgjcTNldE7fx3EjCPyA_RTJwGKsklhZsxfrdPghzJGjjmeH7HiBIW10NqYEgVa72PUxA7jC9ifi9QVOfY4RXW0PNsGq82Tn-vhdO7nHxTgXu-VZhCjx61Atd5F0kEA92WM7Xvww31nunBtCvQ5twmyz2WJuoIkk-JL6HuVSx2mHieby1hWDxP3ddS6y6D3ht3oWskivlawby1Dcqe4h7o8TuAXArTZLNgVmCpt4B5_20WQlM5tO4DSifEjcNCVWWLaeVCHg2b817eINzgskEP3U1scbgLJZ1g0VQ5orZrjlo2IIDQ5BzN5gW84V4Fve5EUxGfN8Q6kGHMM22WFX3kqnoezNZFOIuRhzehPzhvMy-1wkSWWmXszlnIpcoUIwTzy3HtchFF28kLgznAun_YC9wYNifANnIxRf1tpbdP7ndaZPLCGwusEO4hcT7DdNPAbgk0wD3t-wkmIwy28kL6atYSEn-Qf7HqckiIfbZ-oe0UfnFkecv5J0wd-kmk5nVj03-TE83DdkO2IMPQVJt4j7RxaEgqO3JSaU0yOr0ZD1UhYYpgMFA2YOdjYpzOFWhl2lVsDPywkM3xai59ujRV-rD1wS32H_nlw6mEYBbLqzytz8oBpsvYPz6-688f65gSKZ-XNjut8Xse4DGD1jM8-IF4U5uUSp0x6ZGYeU5LX-aJydVhA3adnmBwL3sHAwzatvdZHjlaMfCOfsVpsQzHVwLydAJ_sWA4NKIaBKSJQhE4yvcC7PsyTJm7oXHAVWQeT4XIzPdrVUVgYlZJWTuWVaiTx6phvj__HqRS-ucdwTh95PXWgiYO4yP_WR5f1yfaLc2OI5RwY7d_eKL0hCjSog1n3a1ZQWNA-vRsYDLoX7sEHGiUWdqzDgC2bis_suSiXHnGzQ8FGUijF4-9VpsA86ux53VlQIEDFeh_5ZxBRPUdflYafMacUwglKPmYOqOZ8fIyOmm8k6iGUKjmy1OSR0BhRD-3nHRT5hnkjuNhDUkayJFIWZfLTy91FBz1f7GIY4FsyRunCJIkeeC7FqD5X8L8g6-hHUdjAtXU7TbHk5sjjacl6B5gxpL08RCvr3lr5sbgjvyuQL5XlpF4iAnIyjhr90Z8QaizqKejKHldOTro_cjwdwdFVObJEfVcPsRNYtzOeT04DT9MYo3pfyRrZtRUljZEbvpKYYOT4ss3Guwc_jd6nRRMecZvKa7iWAByiIREJZJEMPH4m8Q0wRYh03qtJnaUhtUjmdBxXQJ6irhduqXiLksKaJQMhcFVYYTx9WMfQKtiugja27d16Dxbf_M3VCl0efNGZ_bJDsWqYxoFAzJJIiMUNIB6mMTJiVSDeJe6-nzH-s_3lxYqwyZ0kVUwAcCjPQKcsDIGIrrn1TyJhtHFvedxl2W8zJOuRk_CD5_bdScWQvjLCHbulHyrB07wsCHY_FtT4SjoZYWOVWlpKyFM0Ho7zcdJvVa64l5ZZCNrTeT1qv6BenDzk6ysIE03bdvqlc6wTe_Uh7_7f5GtL0jIpAJ7NCfODGE14X0E72PNjLBk1422lKlEUKt6dUbC7bwn-azb0kUNvoqhLNWiSxf01L_GbjCa0G8DPd7hs0eNLueddrByoI4G2DBkO0WWzEYQS1-aR7V0fQsRBdb_UX1Ng81XI8VLuC5WnTB8iuxJ_XX0E0A2RzQOIitWQVA94wW4DWBNhhxoTtntzin8WjwQOMbuCA4ZNVeNGwkmx-6EGFOkbNFo97rEfzKJOAta4F0-xixPUfzR62H3VdvKqVUoU348dCU9lzeCfAaRl0LAQLvxaEVQeF1ELtZFsW66_3XnIwf1RZ-fQWZJrCj2lE4Wi1AUAWzp4p553jizIqxhSHgdfYX8ISRF4qpMqTfq1fNs0Snx6GGTIDcnpkrx3Y3NJu6raJ3u_Pe72q8fnYf1JdMCm3frOXq0tob90xXS9-nA47QVoqYt&cid=CAQSOwDICaaNRYrLZiYy_rz2VQ8M3ioO2iYWOY8j6-FCHJ5hSnXZjyWjhSeZNIaig7PrxEru3Or05a3Ga-m5GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgeocult.ru%2F&ds=l&xdt=1&iif=1&cor=13486007983855550000&adk=1877897942&idt=104&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f84f4f65c00630a8dd0f354e652293a2cf51e95722f447fb2ea869bbbe664446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 12:07:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
74745
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11937
x-xss-protection
0
server
cafe
etag
9249472389583843189
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 12:07:40 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame A8FB 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
312497
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 18:05:08 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 98C8 		1 KB
647 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1253&idt=0&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
59715
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 16:18:10 GMT
etag
48472445140208031
expires
Tue, 05 Dec 2023 16:18:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame A8FB 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b73a33eabd8ab199370a5f95ae00933c2eeec872034038851beaccc06bd92f11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C93 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BK_sIBOVuZZ2-N7Phx_APyfCNkAoAAAAAOAHgBAI&bg=!7-yl7KPNAAY3kmNgF5I7ADQBe5WfOM8QIJVdpszmwxAjE00408B9EOePTDDBWMyHwa7BQygQ4ZpPAlwwEP7rfGMzbDkCAgAAAGJSAAAAAWgBB5kDDBT6pQu1eSqAJDdbj2qqF1c6U-eU0bNHzv9a4f5CPvutDKMGuSRAnCPE_LE1EyrABRoOkUt4MIFA44Z5gUJwHoQBAwyZfFG-c6JyYsqvCPHQ2XByaSqRESe2HCNs0De1j3by8QI1OGyg-G__sTCU8fsiRpGM3ElPNi1uJTBvRi3D2Y4XYI_9Wn0ZmaMzTKay9BjqDo2MNW3uS81i9b8OiXfonCSb3UyqYGM00BE87igFJ9Q8dnIS5DlZlY6Ove48ZcoOfQMkScRkbSKvww8-ZD4vcxbyC4y8kOePXC_gYBXzEWiBH6bPeHmkO_Nva20P3OjyDPo9fePpyKCV8nHvBeaViWmpvfwoe0uaSqOm9bDQrFLQR0_8I30MrkCQFoSwImSOSUkCdKJdiy7sfxZpEfAeAmQuCWpTxeW39iBJT3dALb9JVqrm3A0jwN3WSQTPryCoYPyT3ZH1DxVo9j5vALPQaOv377grkS8gW78mQhgxlG-m3xEQRtv_k5HiwLmGerkHJn7KxBDMH3R5bdXm8gb3bn9tzmyKbIlZ6N9Hy0sUyRbLLpD2EO-I5kkCjiQGQrN4JKVZG-KrhBA_7ybSgXs4XyOaHOrNupeqLASavx6xu2bgPHwckdciMtAN3NmcOOgRS-Y6uR95onjmUHpGG6za8Xn8CeHWhF3dviKQPbYN5M6mGulQds_qLY5eSDeswgFsuMmInEPi9-DHnqTV-jzW45AkNesWoB9ltWA6EbV3LBQZTzs9Da61LgV4-Yz0v5pgzbjxTzQN1Lt1Va5rIhlTLqVxYnKQxdAbvbtEh81jrgiww2jWSS_CGiS9QSHSkzqmn_lLJU_VEwiXrdLSbcFBtSs4Y7Gm-q_kfnb4Hy4jn4osvD10rlrPhMCDUD07INcspa8xC3drCmPd2UGFy70JxTSs6SeyQg_El-HbLKrvITW5vyyKfmExuElCmZxGtgfdUJ3nYGfIrWNz17O8FPLwiRpZvi80Kj_UzopqTc4NKr6d-D4dxDtiLDl6_2aDTXcTBugoUlcbg6WfGA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=4347476252&adk=504672438&adf=3417920651&pi=t.ma~as.4347476252&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403292&bpp=1&bdt=200&idt=339&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=342
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame C771 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=d5340f5b-3c1e-19ce-c42f-4b51ee1c0ac0&tv=%7Bc:vUL2W9,time:117,type:e,im:%7Bpci:%7Btdr:45%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:117,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B112~0%5D,as:%5B112~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXympna+11%7C12%7C13%7C141%7C142%7C143%7C144%7C145%7C146%7C151*.1627455-73523879%7C1511%7C15121%7C1513%7C161%7C162%7C163%7C164%7C165%7C166%7C171%7C172%7C173%7C1811%7C1911%7C1912%7C1913,idMap:151*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:14%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=4347476252&adk=504672438&adf=3417920651&pi=t.ma~as.4347476252&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766403292&bpp=1&bdt=200&idt=339&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=342
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:681e:bcdb:1ca2:a385 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:25 GMT
server
nginx
x-server-name
dt21.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 98C8
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESELJowJuPQVYjvRADzT9qSBs&google_cver=1&google_push=AXcoOmRRrfc7yC7IRaEvT2GoaBq1qklPm9RFCD1jSJBFA1l-EO6CF7WT1_ONgqJ6Qxgr3Ib8sKdfqWWPZrIEy6GsVenrxPEA9766-...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjU3MTkyMzQyODU2MzAyNjYyOA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELJowJuPQVYjvRADzT9qSBs&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELJowJuPQVYjvRADzT9qSBs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1253&idt=0&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=12
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 05 Dec 2023 08:53:25 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELJowJuPQVYjvRADzT9qSBs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 98C8 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJfpOT-4odPrj5Y3jLudojo&google_cver=1&google_push=AXcoOmS_s-WJJan_R9KIbVC75lUhbaooxvuuPQjxMh6cn9j1rz56tKEw3ws5f11_seSG2ZbWeOUZtMPP9PVzbSgRLnghUDsxpEGR3gjI9IobJ0P8MDz6c4RVoImsVMMefOi9OBRX1twN9WnDbwr8EuOP3RGaB1E
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1253&idt=0&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:25 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 98C8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFvtDYxGnT_hgU4tcX810vw&google_push=AXcoOmSh1FAFOYCJbgj0DgpZur_bEaJtjnqSA0V0-GpxCvXpHL0VRyT_k7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFvtDYxGnT_hgU4tcX810vw&google_push=AXcoOmSh1FAFOYCJbgj0DgpZur_bEaJtjnqSA0V0-GpxCvXpHL0VRyT_k7mftQekMhk1DS7Pkh6ebUNwmTiqRjujhxz7M48MqOpiPMUlTg9Lkgoq0UzD8WKPtxBuHrbeESgyweD5DPZrr_HKu0vBtVIGePQPbdI
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-etou8220076-FRA
pragma
no-cache
date
Tue, 05 Dec 2023 08:53:25 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1701766405.357161,VS0,VE89
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFvtDYxGnT_hgU4tcX810vw&google_push=AXcoOmSh1FAFOYCJbgj0DgpZur_bEaJtjnqSA0V0-GpxCvXpHL0VRyT_k7mftQekMhk1DS7Pkh6ebUNwmTiqRjujhxz7M48MqOpiPMUlTg9Lkgoq0UzD8WKPtxBuHrbeESgyweD5DPZrr_HKu0vBtVIGePQPbdI
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
google
match.adsrvr.org/track/cmf/ Frame 98C8 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFyEjFtHojZ84B9zH_9Iu4s&google_cver=1&google_push=AXcoOmRnTPXF3TSaJBeD9gxJhS6-9zvK6kn5_ZEERm1sNVnYVpV0DU2KjlbLyGW5NMdFKFnVPllAhksqz2mAHfySl8UhnbDBAnHL1QKSU8cEKN-kgzWCzkx_vvZjd8jYbu8Y271lcS7hM-WwBqOnn-nLj7mcDD8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1253&idt=0&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:25 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
x.bidswitch.net/ Frame 98C8 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKlutGrJeQ6v2r0bZVbz7S8&google_cver=1&google_push=AXcoOmRJ7EpFktvPb6O2kXuhxMW5wci4G8ZHTC_VewYoG3l9OTzPTZtwRR5CcL1UJ8mx04rHhJ31SQJwoH_VLxCXjiqRjoCMIyaHnfjVR55GDMuwKrdT4UdH-ASYLnUKw9mi3smS_Vj4qMqNyu3Csh5IoT3jBA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1253&idt=0&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.231.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-231-56.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 98C8
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHn8eINBaHc8k85nnVDfz7M&google_cver=1&google_push=AXcoOmR3GWQ6Ea2RnNE-hy82BzNSxcZ_goclzEi4bNJCzV7xhUqp0TwWxu8QTLYN57nAxek761jsL3ikeAeiLBijI7sfxsy...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR3GWQ6Ea2RnNE-hy82BzNSxcZ_goclzEi4bNJCzV7xhUqp0TwWxu8QTLYN57nAxek761jsL3ikeAeiLBijI7sfxsy3c12ZGlw9s2CNHJUVexqNEgVTlHcc0M6hfVa8z...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR3GWQ6Ea2RnNE-hy82BzNSxcZ_goclzEi4bNJCzV7xhUqp0TwWxu8QTLYN57nAxek761jsL3ikeAeiLBijI7sfxsy3c12ZGlw9s2CNHJUVexqNEgVTlHcc0M6hfVa8zHloBy0BYLmd_NrhncjCKGCvTaM&google_hm=eS1qcGp3N2doRTJwRVVaaHFDb25uVDE5cjFUeERKcEY3VH5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1253&idt=0&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=12
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 05 Dec 2023 08:53:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR3GWQ6Ea2RnNE-hy82BzNSxcZ_goclzEi4bNJCzV7xhUqp0TwWxu8QTLYN57nAxek761jsL3ikeAeiLBijI7sfxsy3c12ZGlw9s2CNHJUVexqNEgVTlHcc0M6hfVa8zHloBy0BYLmd_NrhncjCKGCvTaM&google_hm=eS1qcGp3N2doRTJwRVVaaHFDb25uVDE5cjFUeERKcEY3VH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 98C8
Redirect Chain
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEE_Ai0JIXXQh2Z3Clvmx8Os&google_cver=1&google_push=AXcoOmTCjUmsdJmtbqr9AywsDAoges7M10jW5t01M05CC5RLVR-aW-V6WhGVYX9c3K...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmTCjUmsdJmtbqr9AywsDAoges7M10jW5t01M05CC5RLVR-aW-V6WhGVYX9c3K1nGpy2MuPLEBWuDrdv-lHRpc-R3q_kNyRNrJUSePkssfrWLl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmTCjUmsdJmtbqr9AywsDAoges7M10jW5t01M05CC5RLVR-aW-V6WhGVYX9c3K1nGpy2MuPLEBWuDrdv-lHRpc-R3q_kNyRNrJUSePkssfrWLlGS564ok8GpKKo_qnhPd8JkqgEY-TwHTpby7UiHaV3VWJZU&google_hm=j4vxivQxR2ed-jvn68QG4QQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1253&idt=0&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=12
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:24 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmTCjUmsdJmtbqr9AywsDAoges7M10jW5t01M05CC5RLVR-aW-V6WhGVYX9c3K1nGpy2MuPLEBWuDrdv-lHRpc-R3q_kNyRNrJUSePkssfrWLlGS564ok8GpKKo_qnhPd8JkqgEY-TwHTpby7UiHaV3VWJZU&google_hm=j4vxivQxR2ed-jvn68QG4QQ
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 98C8 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I9oyvNtyG8qKIh60SJlkLvd1OkyV_Vei0A-45R_GDF9BPeBmG5n_rtRyXRKRpR_vGbxCMm-A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1253&idt=0&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:25 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
index.html
s0.2mdn.net/sadbundle/449926147639558759/women-160x600_de/ Frame 2DB5 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/449926147639558759/women-160x600_de/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc120407f385fdac1ac9b0525bb915f008309f39544a723b871266b0727b5014
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
264141
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2792
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 07:31:04 GMT
expires
Sun, 01 Dec 2024 07:31:04 GMT
last-modified
Tue, 17 Oct 2023 13:28:51 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame A8FB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstvnE7ROoIFpC2O0LF3_fIrBtvPhh30kFb5Di68Sj-z0DN4qSzLrMP-MKHhJJNq32m30pffs9vWH7JI95AvjfDMe8Ki_-6_fL1xzhJw-Uk6-_CFHTzKO6Ao5bt6a0qWIgD3yVsnqKMs27dvGbLeeKh5q-Jw2cFKGPZ2MHmpSFGxP7zh_S2_nBOd4Q5ZHfL9ukkB4__KkkgO-oYrPGiWRmCyHZGUpKDBZRg9O5W2fxIw0Dt6KnK-3048_2TTpzJC6r7HcC4xdedMcTVncktYZcoPLW2HgS-sff_JaGCtwmx88mpiUQ-j2-d559G5o2mJFKXdrcbGsnHK3pyxysCobNWQzaJc61-_GEFWZeIqeprs1K64tFhpBHVPyesKO9rJpgzSa5E5MoDEnt8JMyJzEPjLIHhC9KhMt8txIc-xjePioYhr1vUL-pLK5rJPP2U78Ad_E4EeEV67abtu8RplK-okZlXHqsqgKTxEmIvplDqNXqkf3yehjcfk8uu6vlIL7jmKWvA351cFLiGiMSgf9jOfLllcAyCFfgfUWVLy2xR_desYdlp5sOBR0GVhar_I2s5bq3MnRreyyuYquu7EgOvuerIZm_rgMKDInS_ukg6u7NmLujIlkfsHrR_W_jYe3fBvUiW3M7xrQE0rD8aIEOsDJGfcRDW-Rl7IElov8rA4E992BwHzX4F42DQG_jSXOGxI_JHQRZiMe0xEObF_yQPH1trFURRe8TY7h5NTI6K89KN8TJ4qmTcm0V1nELcd6RbxVytis3cIJUBP-GML-f6k1ubd6NWvWhZIfYaq38GttEeYxPcbjZdkLshuwOSgX1FAt_Icm1IVyYH0Ffg6CPyYXQxUyJ3l7IRKu7p-6lmHjpvTWalpeN01kMGGpa27wCh7vGK6Uo0Mmwiid3-Blgw6TZkhJN6NCp6XqcpYDWCNxJDIs4nHR0avclaGjCMU7KWbP2HDJ_cz5p9sVPzv_CBDCGeUXSTe57gMd4s2WQ_nJSQSxC6mzhIl0amh1bMyjXALCGVeq6CEb1-K-rd5-hDg4DSP-JaoUrKY3FSXTcjlQxtlNEICjvw4y46m5XQdo-Zjrl6KYEQQKUssVNy2pkTqDl99kas1QE5uREM8RuNxKOEGGLUCY6d3T6swjRTwM1-ASpsP0pqzh04PCxeO_Ok8-gV-w075IJIVrjxVriRctK7_2QVvr0Jg2Gw2L5OBOCIlFaYTojQ99pGkKo3g3bgKikHxYBF3IUTLIf00o4bECy67MYhS7GlgKNe0LjAJwSYCAm2cLyc&sai=AMfl-YRWdeT38RwZD5RfGEQL8JiA_o_gI-S-5pl21zLUyAtF_POY9Ec9nkz3_sWzmlipICwmF77U51M80McIoPEZivPiO9KYtLUE2nTyoY541_Tmluk6_iwvQKqMoJAkAvTSJ8awOMF-G_nGXuGdW4WVAUR2kUAleMPkuuWw2fpiZ46BRKOotC9SjrslISXgV3Zu8V8QHabSqmAPnij28RhKs730n0NB2fmOCKhDENYeiZHGngdjYBtzWNHOtV0P-sQxcfIy&sig=Cg0ArKJSzDzqnpP-0b25EAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=37&cbvp=1&cstd=36&cisv=r20231130.93307&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 05 Dec 2023 08:53:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 5665 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
126289
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 21:48:36 GMT
expires
Mon, 02 Dec 2024 21:48:36 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 2DB5 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/449926147639558759/women-160x600_de/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/449926147639558759/women-160x600_de/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 08:53:25 GMT
gsap_3.11.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 2DB5 		69 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.11.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/449926147639558759/women-160x600_de/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/449926147639558759/women-160x600_de/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27635
x-xss-protection
0
last-modified
Fri, 12 May 2023 16:03:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 08:53:25 GMT
index.js
s0.2mdn.net/sadbundle/449926147639558759/women-160x600_de/ Frame 2DB5 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/449926147639558759/women-160x600_de/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/449926147639558759/women-160x600_de/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81545cee8bac6db00d90fa3cde7840f893593de115204bd3737864f78c4df2d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/449926147639558759/women-160x600_de/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 10:57:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
510982
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6143
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 13:28:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 28 Nov 2024 10:57:03 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 5665 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:33:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
29973
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 00:33:52 GMT
print.jpg
s0.2mdn.net/sadbundle/449926147639558759/women-160x600_de/images/ Frame 2DB5 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/449926147639558759/women-160x600_de/images/print.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&daaos=1701753578449&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701766404345&bpp=1&bdt=1253&idt=0&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=8731344217390&frm=20&pv=1&ga_vid=308176690.1701766403&ga_sid=1701766404&ga_hid=1625040066&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079759%2C31079864%2C31079866%2C42531705%2C44795921%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072%2C21065725&oid=2&pvsid=382026428823841&tmod=285315023&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b69db07ab1d6949428c29a1bc81213fbfa663b0d112719565e1b909ee210b5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/449926147639558759/women-160x600_de/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 23:05:12 GMT
x-content-type-options
nosniff
age
294493
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63312
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 13:28:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 30 Nov 2024 23:05:12 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A8FB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstvnE7ROoIFpC2O0LF3_fIrBtvPhh30kFb5Di68Sj-z0DN4qSzLrMP-MKHhJJNq32m30pffs9vWH7JI95AvjfDMe8Ki_-6_fL1xzhJw-Uk6-_CFHTzKO6Ao5bt6a0qWIgD3yVsnqKMs27dvGbLeeKh5q-Jw2cFKGPZ2MHmpSFGxP7zh_S2_nBOd4Q5ZHfL9ukkB4__KkkgO-oYrPGiWRmCyHZGUpKDBZRg9O5W2fxIw0Dt6KnK-3048_2TTpzJC6r7HcC4xdedMcTVncktYZcoPLW2HgS-sff_JaGCtwmx88mpiUQ-j2-d559G5o2mJFKXdrcbGsnHK3pyxysCobNWQzaJc61-_GEFWZeIqeprs1K64tFhpBHVPyesKO9rJpgzSa5E5MoDEnt8JMyJzEPjLIHhC9KhMt8txIc-xjePioYhr1vUL-pLK5rJPP2U78Ad_E4EeEV67abtu8RplK-okZlXHqsqgKTxEmIvplDqNXqkf3yehjcfk8uu6vlIL7jmKWvA351cFLiGiMSgf9jOfLllcAyCFfgfUWVLy2xR_desYdlp5sOBR0GVhar_I2s5bq3MnRreyyuYquu7EgOvuerIZm_rgMKDInS_ukg6u7NmLujIlkfsHrR_W_jYe3fBvUiW3M7xrQE0rD8aIEOsDJGfcRDW-Rl7IElov8rA4E992BwHzX4F42DQG_jSXOGxI_JHQRZiMe0xEObF_yQPH1trFURRe8TY7h5NTI6K89KN8TJ4qmTcm0V1nELcd6RbxVytis3cIJUBP-GML-f6k1ubd6NWvWhZIfYaq38GttEeYxPcbjZdkLshuwOSgX1FAt_Icm1IVyYH0Ffg6CPyYXQxUyJ3l7IRKu7p-6lmHjpvTWalpeN01kMGGpa27wCh7vGK6Uo0Mmwiid3-Blgw6TZkhJN6NCp6XqcpYDWCNxJDIs4nHR0avclaGjCMU7KWbP2HDJ_cz5p9sVPzv_CBDCGeUXSTe57gMd4s2WQ_nJSQSxC6mzhIl0amh1bMyjXALCGVeq6CEb1-K-rd5-hDg4DSP-JaoUrKY3FSXTcjlQxtlNEICjvw4y46m5XQdo-Zjrl6KYEQQKUssVNy2pkTqDl99kas1QE5uREM8RuNxKOEGGLUCY6d3T6swjRTwM1-ASpsP0pqzh04PCxeO_Ok8-gV-w075IJIVrjxVriRctK7_2QVvr0Jg2Gw2L5OBOCIlFaYTojQ99pGkKo3g3bgKikHxYBF3IUTLIf00o4bECy67MYhS7GlgKNe0LjAJwSYCAm2cLyc&sai=AMfl-YRWdeT38RwZD5RfGEQL8JiA_o_gI-S-5pl21zLUyAtF_POY9Ec9nkz3_sWzmlipICwmF77U51M80McIoPEZivPiO9KYtLUE2nTyoY541_Tmluk6_iwvQKqMoJAkAvTSJ8awOMF-G_nGXuGdW4WVAUR2kUAleMPkuuWw2fpiZ46BRKOotC9SjrslISXgV3Zu8V8QHabSqmAPnij28RhKs730n0NB2fmOCKhDENYeiZHGngdjYBtzWNHOtV0P-sQxcfIy&sig=Cg0ArKJSzDzqnpP-0b25EAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=117&vt=11&dtpt=80&dett=3&cstd=36&cisv=r20231130.93307&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5665 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B5cH9BeVuZe-1Bsvox_APo-WowAgAAAAAOAHgBAI&bg=!8POl87zNAAY3kmNgF5I7ADQBe5WfOJbmnRH5Xje6NZp-WzpbUQRGEmXXcoC7eJ7Jh9n72ORJq026UxCWEBLpHeIWZMGZAgAAADxSAAAAAmgBB5kC9RSReCq2Y3nIWmXnGouGozzQQOAX0YAL1HgJnsLPMvoEM0TN4QpPzQAzIXrjQntiHhzRa2RHYwRx2bhWcIlWpZMq9EKcGpiyY231ZVGOwYj2P-fq1cQzJjs7xwELB-E_RwkGyltGZLxpmGoDcDeHvTX9KdK2sTejREnNcTmi8AKRVurrfsnStrqZav9RoxGm3weD-VbBG7LRreT8FlRTwJNywafTlUkQZTVG9pgwtQgyBQX38tf-Kyws8Ds4kN4_tljjAMxr81U3aUKCAhlVBzCrcIjv1tfFbtYRgl7N-y3J6bRyw3vJeANuUQ0UKmb6Jnmg6tdm1KCFgdFYdPZJD-52nL6Q-Kx_g4I__3hMfCGQLX1Ymax6eZ_YV8_rfPR80d57rZcmkmB1TZjRAq7HQwdu1GJgHkGfwCtOlIxWV53wMRWzTmcWkAvpA949zkleg7b4ZeuA3HmK1CqgPz78T1tUg167KkjXPB6JxRycZsqml8MRfXIAf6r5yIzdAKh6PReMRd1PZceGcEm7ORgm0wShThuQpXHpCk0-CSMymQYqgO60zKXgOjFMeeD6QU_qWonAIQluFbkxe_jjjqyxj1AXKbdm4Z3vhu3IqlBgBxJa6JIFnqKMU22cS-ZW8qs_F2-QYw4Ww1gatzCcP8c4DPmbf5snl8j-q4Oxij04_6Ku7annzoh8iK6LFES753lKUI4s4xLu6cwa8uF8uQAA7eWS0BXcDcHRUD4gRlifkgOSqa0OtUXpt3VnoqEH0Z2KBE7L_Ws90UZQRPPZhe-Zf2NWvoWfE2pEv6Suj_vtPAxtNva5dwy4PE1Ti2TfRpqwQ5D-fea1MtlqW9SMiiBpX3QuJMz_6LHcE9FDtQDbkZzPR21EZhPvIxD88h2oxlb6AQMxNdEXFfYtajIdLtRzSJEBRDrPMM24VeDNlA-vDymYpE3ERI4j81IcJ8FuRZ3Wfacsb32wQS6ji9gOFkEiE7bIQBuHcVQCFE0sKNWR8uaG0Lf6deM
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231130&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2920555573584698&plah=geocult.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b75ebccd7aa34f06a2daf2d55634ab2d0e8a78b3e0067eb3bc53341da48cccba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12434
x-xss-protection
0
tracking-event
api.webgains.io/ Frame BED4 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.176.121.206 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-176-121-206.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 05 Dec 2023 08:53:25 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.176.121.206 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-176-121-206.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 05 Dec 2023 08:53:25 GMT
server
nginx
tracking-event
api.webgains.io/ Frame F498 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.176.121.206 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-176-121-206.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 05 Dec 2023 08:53:25 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.176.121.206 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-176-121-206.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 05 Dec 2023 08:53:25 GMT
server
nginx
dt
dt.adsafeprotected.com/ Frame C771 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=d5340f5b-3c1e-19ce-c42f-4b51ee1c0ac0&tv=%7Bc:vUL31t,pingTime:-10,time:447,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE5OSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1701766405647%7C%7C114fe32b72c3e0eaa4053867d1ee2600%7C%7C9d9fcb00733e98b40e93b73c4ea99695%7C%7C4f00d8abb42c2affdf6ddd58dbd1561d%7C%7C5e0a9e8ecdea24d30eae2d5dd0d51042%7C%7C689dc977e0aaa4eb202508bc05c7e8d7%7C%7C835ef782ecc05378298c7a383ae3a60d%7C%7C25d10faebd0ae2e852c5b6ed3fbb4087%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:681e:bcdb:1ca2:a385 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:25 GMT
server
nginx
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar2.js
tpc.googlesyndication.com/sodar/ 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame BC14 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuyNMYeFyhV36LfPkUDSmnhmVchBaVtoeSmDe1FSuKs7DJwtS94IcIXGmgE55h3hDW6Cht-WLcZJUprdVr1XZIYKyAdBmy3wwi_CihA_nAQKl7Trlptz53weMM554FEHcmnJr6B57Gmrb_X&sai=AMfl-YSYZa5mUDnkJ5IpBQE19NxVmLwe5AKkGLq0pi_DV8I9iySenPV-FDm-BOH8v9blcvvwPFP7LZq_77GazPGl9g80Rg4KCHmdBY_0ahHQO75pyCYWNFFLJVOXS5lLzI82CxylTKZmkfEAJWJ61ZqDGvUlowsS6HQyBXGA&sig=Cg0ArKJSzNJyM6pgHHYeEAE&cid=CAQSTwDICaaNlZAP688vdtw6bG9A7m4eGo1R8kh74209c3plb7HBuszS8AxkdjhWLjPJndkn4dUs7RzCtX-smjsdTxoH-6NEWZosWQ16959dTLMYAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=305,792,1000,1093,1108&tos=305,487,208,93,15&v=20231204&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701766404437&rpt=195&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C771 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJZ_a-Kqzq5LutWdcOa0yQa5Jf66XN3Doy2CWvutCuGWjk4bnjmMmZgy9ZsXg7QjecoO_0A1ZqtdvrVU9h5lJR6048PUOY0bytr4rRsjOquYu5f13O6OoV4lmA46wQeQkX7bn6EXP8VEJ5&sai=AMfl-YTrDqXliIbqphw-KKqDIpIf5q1RZR_SUcRRaVvzBtaXDK3oL5Wco0_AUGHPZ4LIR4G8DbSlvUjjWoP6QeU6oKUUysSbilrkJBhvY0DAnZFXiE5hk2ED0sMqiX_NLecdtDNmzfmVFyu84z0noUj4PWdcUcKOlrDPGQ0&sig=Cg0ArKJSzNvhdnxNThtBEAE&cid=CAQSTgDICaaNTJNlkAUutW19NarzJNOKJdmFgjiMTYPwE75NgdlRQ9v3xOT1P0qCmo1oG4MWZ5WctLypqQKP0PTJwhxAcqL4mvk5SE8YZdrCHxgB&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231204&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=504672438&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701766404768&rpt=246&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F498 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6759143072701&version=m202311060101&ct=77&x=1&cor=5450131159634827000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BED4 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6232132534374&version=m202309260101&ct=77&x=1&cor=12895752974091387000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A8FB 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=10905600317&version=m202309260101&ct=119&x=1&cor=13486007983855550000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C771 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7169415829019&version=m202309260101&ct=76&x=1&cor=6760921527256195000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame C771 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=d5340f5b-3c1e-19ce-c42f-4b51ee1c0ac0&tv=%7Bc:vUL3rp,pingTime:1,time:2055,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:13%7D,%7Bpiv:100,vs:i,r:,t:1055%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1000,o:1055,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1050~0,0~100%5D,as:%5B1050~300.250%5D%7D%7D,%7Bsl:i,t:1055,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:104,fm:tXympna+11%7C12%7C13%7C141%7C142%7C143%7C144%7C145%7C146%7C151*.1627455-73523879%7C1511%7C15121%7C1513%7C161%7C162%7C163%7C164%7C165%7C166%7C171%7C172%7C173%7C1811%7C1911%7C1912%7C1913,idMap:151*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:14,sis:118%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:681e:bcdb:1ca2:a385 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:27 GMT
server
nginx
x-server-name
dt17.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame C771 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=d5340f5b-3c1e-19ce-c42f-4b51ee1c0ac0&tv=%7Bc:vUL3rq,pingTime:1,time:2056,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:13%7D,%7Bpiv:100,vs:i,r:,t:1055%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1055,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1050~0,0~100%5D,as:%5B1050~300.250%5D%7D%7D,%7Bsl:i,t:1055,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:104,fm:tXympna+11%7C12%7C13%7C141%7C142%7C143%7C144%7C145%7C146%7C151*.1627455-73523879%7C1511%7C15121%7C1513%7C161%7C162%7C163%7C164%7C165%7C166%7C171%7C172%7C173%7C1811%7C1911%7C1912%7C1913,idMap:151*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:14,sis:118%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:681e:bcdb:1ca2:a385 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 08:53:27 GMT
server
nginx
x-server-name
dt20.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 16F6 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEMdnyjz5eCUkrGg3c1D_5zg&google_cver=1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| documentPictureInPicture object| adsbygoogle function| Sharer undefined| $ function| jQuery function| _DumpException object| default_tr object| _F_toggles string| MSG_TRANSLATE string| MSG_CANCEL string| MSG_CLOSE function| MSGFUNC_PAGE_TRANSLATED_TO function| MSGFUNC_TRANSLATED_TO string| MSG_GENERAL_ERROR string| MSG_LEARN_MORE function| MSGFUNC_POWERED_BY string| MSG_TRANSLATE_PRODUCT_NAME string| MSG_TRANSLATION_IN_PROGRESS function| MSGFUNC_TRANSLATE_PAGE_TO function| MSGFUNC_VIEW_PAGE_IN string| MSG_RESTORE string| MSG_SSL_INFO_LOCAL_FILE string| MSG_SSL_INFO_SECURE_PAGE string| MSG_SSL_INFO_INTRANET_PAGE string| MSG_SELECT_LANGUAGE function| MSGFUNC_TURN_OFF_TRANSLATION function| MSGFUNC_TURN_OFF_FOR string| MSG_ALWAYS_HIDE_AUTO_POPUP_BANNER string| MSG_ORIGINAL_TEXT string| MSG_FILL_SUGGESTION string| MSG_SUBMIT_SUGGESTION string| MSG_SHOW_TRANSLATE_ALL string| MSG_SHOW_RESTORE_ALL string| MSG_SHOW_CANCEL_ALL string| MSG_TRANSLATE_TO_MY_LANGUAGE function| MSGFUNC_TRANSLATE_EVERYTHING_TO string| MSG_SHOW_ORIGINAL_LANGUAGES string| MSG_OPTIONS string| MSG_TURN_OFF_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_SUGGESTION string| MSG_ALT_ACTIVITY_HELPER_TEXT string| MSG_USE_ALTERNATIVES string| MSG_DRAG_TIP string| MSG_CLICK_FOR_ALT string| MSG_DRAG_INSTUCTIONS string| MSG_SUGGESTION_SUBMITTED string| MSG_MANAGE_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_AND_CONTRIBUTE_ACTIVITY_HELPER_TEXT string| MSG_ORIGINAL_TEXT_NO_COLON string| MSG_LANGUAGE_UNSUPPORTED string| MSG_LANGUAGE_TRANSLATE_WIDGET string| MSG_RATE_THIS_TRANSLATION string| MSG_FEEDBACK_USAGE_FOR_IMPROVEMENT string| MSG_FEEDBACK_SATISFIED_LABEL string| MSG_FEEDBACK_DISSATISFIED_LABEL string| MSG_TRANSLATION_NO_COLON function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google function| googleTranslateElementInit function| $jgeo string| GoogleAnalyticsObject function| ga object| addComment object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data boolean| google_plmetrics object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| gaplugins object| gaGlobal object| gaData object| dataLayer object| closure_lm_725357 object| google_tag_manager object| googletag function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| GoogleGcLKhOms

32 Cookies

Domain/Path Name / Value
.geocult.ru/ Name: _ga
Value: GA1.2.308176690.1701766403
.geocult.ru/ Name: _gid
Value: GA1.2.335495322.1701766403
.geocult.ru/ Name: _gat
Value: 1
.yadro.ru/ Name: FTID
Value: 1bRkK30HlLOh1bRkK30015lg
.geocult.ru/ Name: _ga_DHBZR6TRD0
Value: GS1.2.1701766403.1.0.1701766403.60.0.0
.yadro.ru/ Name: VID
Value: 0VFKID06b08h1bRkK3001VEU
.doubleclick.net/ Name: IDE
Value: AHWqTUn2cHacIPdO6Uq0_b-AfWODHO7gu3Gtdoego7522r0kuX9k4QWNRZjh0gqJ
.adnxs.com/ Name: uuid2
Value: 3299138237524665866
.casalemedia.com/ Name: CMID
Value: ZW7lBGwgmAmK1u-LWDSnIwAA
.casalemedia.com/ Name: CMPS
Value: 5246
.casalemedia.com/ Name: CMPRO
Value: 5246
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2H`coslsZ!@wnfH8K6pQK`!5=E<*L5?%K33l!v.j4'XPZ<ySSm+7-219h2)9H6Knrf_.i%nugO%v4VB%nn7P*$k5s
.doubleclick.net/ Name: APC
Value: AfxxVi56H6IYpzmqEowhaHIt3cTtM9r9q3Sm1Tfz-pPZOjBUfTW8MQ
.geocult.ru/ Name: __gads
Value: ID=9cf79d4e93698969:T=1701766403:RT=1701766403:S=ALNI_MYXBbK5SlYaV8T4P7UNnqajQMYBJw
.geocult.ru/ Name: __gpi
Value: UID=00000d0b059c4ead:T=1701766403:RT=1701766403:S=ALNI_MauVr6gnHZKw1xhpZVpFTkYmTfAoQ
.doubleclick.net/ Name: ar_debug
Value: 1
m.exactag.com/ Name: exactag_new_gk
Value: 4a396f67c69e44a8bf5e869437a6da73%7C03.02.2024%2008%3A53%3A24
m.exactag.com/ Name: exactag_new_uk
Value: 096d208cbe4844518b9bfca1c908896c%7c
m.exactag.com/ Name: session_session
Value: 7609704cfa9946e48ed56590
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 3e654c387fc9ded7
.awin1.com/ Name: AWSESS
Value: 357526:3266505
.awin1.com/ Name: awpv11601
Value: 113440|1701766404|c002bfe0-934b-11ee-8822-2230790559d7
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1701766404939,"clickCookie":false}}
.ctnsnet.com/ Name: gid_CAESEE_Ai0JIXXQh2Z3Clvmx8Os
Value: 1
.doubleclick.net/ Name: DSID
Value: NO_DATA
.turn.com/ Name: uid
Value: 2571923428563026628
.yahoo.com/ Name: A3
Value: d=AQABBAXlbmUCEByMa3WAj1jiVuQR4Ee-E5MFEgEBAQE2cGV4ZQAAAAAA_eMAAA&S=AQAAAs8GXYd0xQSrkHTmnolc_ho
.innovid.com/ Name: uuid
Value: fc89311b-cf36-46fb-9d13-50e4163ea9e1-20231205 03:53:25
.ctnsnet.com/ Name: cid
Value: 8f8bf18af43147679dfa3be7ebc406e1
.simpli.fi/ Name: suid
Value: 1BC62361594B4059907D01902A9704C4
.googleadservices.com/ Name: ar_debug
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZW7lBQAElstJ4gAM

2 Console Messages

Source Level URL
Text
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEMdnyjz5eCUkrGg3c1D_5zg&google_cver=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
ad.doubleclick.net
ad.turn.com
adservice.google.com
adv.office-partner.de
ag.innovid.com
analytics.webgains.io
api.webgains.io
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm.g.doubleclick.net
counter.yadro.ru
dclk-match.dotomi.com
dis.criteo.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
geocult.ru
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal90007.redintelligence.net
hal90009.redintelligence.net
ib.adnxs.com
ius.ctnsnet.com
m.exactag.com
match.adsrvr.org
medialead.de
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
pv.medialead.de
r.turn.com
region1.analytics.google.com
s0.2mdn.net
static.adsafeprotected.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
sync.teads.tv
tpc.googlesyndication.com
track.webgains.com
translate.google.com
translate.googleapis.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.awin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
pagead2.googlesyndication.com
sync.search.spotxchange.com
tpc.googlesyndication.com
108.129.52.148
108.157.4.70
138.201.63.149
138.201.63.157
142.250.181.230
142.250.186.130
15.197.193.217
151.101.2.49
172.217.18.98
172.64.151.101
178.250.1.9
18.154.63.65
18.170.182.156
185.182.111.117
2.16.97.41
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
216.58.206.38
216.58.212.130
23.56.205.163
2600:1f18:1aca:4282:681e:bcdb:1ca2:a385
2600:9000:223f:4e00:8:48e:53c0:93a1
2606:4700::6811:180e
2a00:1450:4001:803::2003
2a00:1450:4001:808::2006
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9b
2a02:fa8:8806:12::1370
2a05:d018:d29:3602:8b08:3c9:f238:ee96
2a05:d01c:1d8:8101:1f18:2983:dac6:b09
2a0b:4d07:101::1
3.67.231.56
3.71.149.231
35.176.121.206
35.186.193.173
35.194.66.159
35.244.159.8
37.252.171.53
85.14.248.71
88.212.201.198
91.121.248.44
94.130.102.164
94.23.99.218
01bd238ad9742675260d4d3a5fef5b988ff74439b26a18aa0f98a48a694b07ed
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
04dff075b0c9befeaec0105bc4f7e21a284f402f0f3425896f90963c888d7f1d
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d43d9f15c54f63334de8305be7fabb614396c5e190a0756a417483ba9c61631
0e22e6a4c1770831466a702ad01381d6e8ad3facca6587e0f70bd4fe77679b00
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1162f2ec71eb82147a7e6a6f558b88982bb78ad2fa812c1c52020f5b7bd1bd85
131b8021a1854c95cf9afbd0bde61f70a9dcd12ce97789a7efb000005f4f2ffd
1479783c7b49a2bbde9ea12d6b9abb4d552311fad5ea3d1194a866c82ddf7d54
1537d4a7693f4840ad5484b03df34b08d0ed049696dd470ef07b55e1668d90a5
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16e9faae5c54c37aa733bb0df8989a1617576da0239a51aefd451e229d9f8784
17389d2b816cd42930191c00df09c08669c18038ce38085452fc224228bfd2ab
176fe1d31f02da4ed371825af61b52029d2bb696b580e74bc1b0c7a016227c24
178d21ba92f7134c1b38490946eadd0bddbf07248aa9e132d1ff30ddf735a62a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19407360e9ed56e2d49377575d788d6aee9915b1818540efd79848177cbd4a25
19dc5f765d51f715497f0eadd0dede8eaa5ee17447a22db60538f60ca7c0a01d
1a4b71acc013b49315ff300c03f7163618bb6f1cc0408d710e11f97b255f9255
1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30
1cb3f0ad4f6b1cc587a2e0d16f7c71a298a67fd445dd9ed2ca370cb831ecc02e
1f40994eab15b92af5183f9acf338e0354771054c65024e0aa679b6506f9eb87
21f14e408c57d0c0c9a833c314df5ff7f7695f054253d9eb2ce123ba0f2ac049
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e
24d3f7c545ffb8d31d407b24b2c130774fae929ec9a92d6fe92f42608c858372
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
281042f5e06bb44fdb63cf64572afa6696d64073e71aa345e81dd0819f1b6ebd
281bdb69ef6f2abc92abda9b18117ebbf50e9add63b183b2d9bc3fe3afbb3011
2b3849b22078f260721044127668c4e71ce08631a88671c08150b4cccf0d2e4d
2b67702d4e78a4b6d5981a50298b0989dea48fc7d95b5e593dfafbe96cdbb309
2baa2ebe463ced52f500118a25caa59f75536f3a49a36ae911ff5c37e1265669
2cc58310f0b259e6a2c717bf7cf7fabe7f4bd201119e1d8459ec36c35e4a9ef2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2fa71256e681e5a3ffe42dfbd6e14e8bd9dfdf39838a066ae68f2a04fc354968
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d
3271b11460d9dfccfb1c4c9b819592b1f15492ff7876305668a6ca01e8f52e71
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
36c7b56d7df17e27614b04230c5fc1793653b20a1fd66fb9311f5df573c0f617
36d2279d6bdfd42765a2b279a36a44b84a1d2d849d0872004fe8c6e3fee1b774
372360f6d3fa2133dfbf08ba93b3b55985785cb74106d75839618b7d273dd3c6
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3a00800835154d7b59f7e30db1a3575b0066dd81b1617fdef9a1a34284c81013
3b3c66d6f6711dcb00f5ca69f10cc2e996c38c6c90facc8da13bbc88827433ca
3cc9ff1199352176e596e64f382160be2373c31dca95674ea56413c006ee4172
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
4152a4433c1c119de17f0e01b4879527d198b9443d104aabe0325fa27f944312
41d5c049a8bfb1cbe82bf1d536244753f48c2e0240005f2ad753b70bf606a4c2
41e8f29b28c908a3e09da0cdfc54be6adeef57c3ac6dbf393416e84e4d2c420b
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
436d9fdefdf3800e7aa8d543d79138dafd6a5fa95340a6d9df9515a99d6a243f
462c848b90fb9d8f3599f4654813e4382222a6fd506a48158a01bc2eab95b357
471a358e7d25ae685d5161a0ede8c02718479e6b31b7fd91d8e2b324c579b6fd
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a675848fc6424230cb3ed04c778fde9a8ca56f8cc34ee4d9d007f0705874566
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b69db07ab1d6949428c29a1bc81213fbfa663b0d112719565e1b909ee210b5d
4d678f9af176e0292e8352df4b3602be14f67de82def44b6f2e0491e7435c4e2
4d75d5593f37f843609d062535c32912dce832ac9e8f86e9bbb88cc52ff12b27
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e4ecb7e0fe182c8b8625b76a1b862bd64280c9d99be97e218cbb2575c879168
5070152299c3d5a3ed255352b18e10649460f1e436363d4394e0f7d0acdb48de
507a74eb21e9a16396d226f31f5e25345a8208db821d9fc5798284c38bec5e1b
50a7b1c8d19c1d74836d2aaaaaf1fb2bde2a42708f6d4bb4c9168d7609503fbc
50b78ad8578885f34aa7fa589dcd10075c466504e11467dd8a3ceed303ef4cb8
51c012cf2461bf8b29f345373366183c7fd121579b6178e942be0b61d8c7da14
528b3762e36893c9075ebbb38655afaa02aecbd106aefc59881bd879ffeba9c8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1
57fa232a003b023f9ee9ab9ca6f9d33569fc7cca884bf9b1ba464cc42df6ed79
5942cf3294f46a9640870809b055e78887d7b48cc1e31a153d9c3b5dd7ef674b
5c14cd03d445fd28ab9a6ab1dc666d783d6aa4af40fc4ee991e48c47165a2b28
5deff97591ba6239eb143fa47d3ad22f0e04f16f7ff39090d8b710db68924989
5e7ef5ef8582671b083278bf8f81e640b0f839f3ed0c336c4a96eb7e8b6c4aca
608c7e96914ee8dea1cc0bbd2eee01f5f6d0b03521cebbc6116a7ba5940043cb
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
642fc615b2ac4436ef8cc0c9ea9a9add160737e96cca1608118e6ba8acf1539d
64e837d05fce89f92d05b6074ef0d257b37b0cfcb3211e1853a10e149e41ebb3
65e31a8eff137a3bef947769a3de610af393a4091df5874a5918b5074350d08c
668252abb09b70642638a85544b62098dad1e03b79f534ee177e6d1ebb08c295
69d993cd01056abdccd12530cde1304fb6b878cff78869eba538865fb73802f9
6f880f901353179e9f589ff59a59e0e4db493b841cc41fdbf01fe0dfb027e572
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
72c786a14cc7a7c3831a33e49e63e54beddc81f6c50cc00149b29e0844aec2af
73e0cbe9c127bdd98e8943eae9dedec327676c9df0e4ed621f1b9f67e03d61e2
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
81545cee8bac6db00d90fa3cde7840f893593de115204bd3737864f78c4df2d4
815c4d0cf5937e27877ee3d17fb373dabb5b4cfa45a87636ad24f71bf59345db
82851291e24304ad72ba40c9e041610a7dbf8f7b2eff1255bfb49a6ec18133a8
83fef62511d4754a257551bd24d92efdeeb31c2886d07de22e9e947942233f6f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84ee712aa22c562550f65898a076b35e125558787f63a5eb73ac24e7d9ba8261
8b05625742e37f242707bde42df16ce7b828cc94f93238332f02624415d6c01f
8bb76af1be9c401ef3da16e31401b74f7cb0627154925d8c9fa308fba2e1413c
8bb76b6ed760de97f8a40e71c79ce9704e965bb287761bd81fb2fb021b8609c5
8d674b28f8c316180a29763d4d735629198158a03a780fb691025830bae98b30
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e483f5b5ac1b2ef3a28ccc7f8f7ab82cd8a56cb1e9c06294bf90b3020ccfe47
914dcb400670688bb8de60c955cce8afce0838c2fa2ad297b4bd4b34ec908ed0
9599861e9654c8fe1514fc4279f7b785e53cbcf4ee76acef18e237aadd432aba
968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd
992f94f905118b8960ff39ecea7dcec52afbb5b2a484b14cd817844ba03d7eab
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b328d831b112c1505a892a225cc9a0fb223620a8eee293e92bd4850e302bb94
9da58863c2d4a7e1f3c71a9a498588e7b74c3bf65fb97ddd126f1564fa7f9f02
9efe4a15e261098bea1026224d667013a1580db2fd759f6719713791d2c1b817
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1c52a37bc7c3c9e035c1817a0c78665ff491a9854bbb4b665ee774450e9b672
a52e8ca9507299459bbcd4eab3662692194062bc229709101973442010815d12
a55f386367cbcc30390435806075251b8ef4afb086409bc8e301558223398245
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a6ef7c03bb9fa2faf5ddb623078decce8ec80f28fdf8bb348f5bb01634e0d484
a72990ce8413aceedbfbf2f1d7ca2231c726b29a4ab1ddbca32b45ad685b4e26
a84f5718bcfaa18fbf0bc06b2fb8989141e7ef299b1a4793bd1082b48ce74cc2
a9c108c83809da258404b3a9708875c76531c1ec8a2aa11da27bf727444a7f86
aad870057003cbb9958374f555a06fb47dab183a03018ac1d1e88bffd1ded096
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
ad5a5fa4215d33b83560899fe406f1c6458100bfbce6a2dfc2ad35a41f2b6d80
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b73a33eabd8ab199370a5f95ae00933c2eeec872034038851beaccc06bd92f11
b75ebccd7aa34f06a2daf2d55634ab2d0e8a78b3e0067eb3bc53341da48cccba
b87216debe85ffb5d5f3f938c1c2cfed568d6736fd9bd06d64d85711ea5c8802
bc120407f385fdac1ac9b0525bb915f008309f39544a723b871266b0727b5014
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
be91c72c97adfae4e70b223c2f23ffd07eaf26d315a53bb66134b11dc40bb661
c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682
c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c4f459274e378b71dae7cd9514f4c3020545081e0de18560311a5aabf98f85b9
c76762b6b5695ab0c2c3688f5f0b4932911daa89e9a905ad866e853dd00020ae
c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf
c9092cfaa24952291b22481bfa4e399483260fc6fb162a6b942fed3ff42d76f0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca4c3ad9639830e6f8f8e29775549fc24fcab33b4eeec7ae77da27c5c9e6bc80
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1
ceae381ecbf5ea0d6e5f6977b195b7eae7d9167dd575f1983b07829838e20632
cf940bd2489897434455528323cf66c4e3aecd5eea963f1d99d96acd452d6dd4
d04da184f20eec8ec53c73f71b04f6eb462b391c982ca722500bb5abfb31cd20
d0a7940c5739597d973e2bb019d3e3cc8b5e8747e607982ebdbd4890f4288f3c
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1feb54f2339859c3595bd26343b468bad05a7a11c0a5a9d86084c56e3a885ed
d371219cab55549df0dc40dfb5a92d8d4be8b8ed24ab44d4c003fdb8b580cd56
d3d89aa5cc7dbbdea39f3111b7460d064d7663ea92b04e79df0b39ef2e63b196
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
d752f92d971a6a3afd2a903855c7726ba385cf2ec11757e1fd694dbd661c45ef
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
d9b90d582c960458aef7a61a894bffb8c326910023e6be747b954cc8737986ff
daf927d970143656739c9b917412ba171dae6e997b8dfe53263effae772d1b69
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df5f8f98ec7bd0263bb4dabff07ecf507a535c2c39a5e391e03e7ea124baa321
e2c1ebe8c0a4d709942a87c86a904ea6b63bf2e267a3bc4bf62cff0642d41e35
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3df018cd61d671d60bd4a1cae119f8fcf1e58e47a62a4ae80c6b8100d868dbc
e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9
e6e4ae30d0e1fe5bfda2cdf9a430e4d2da17e5706b0011bf909b312814bcbd1e
e74a84c9d52e2ef23512423d7e15031fc8644b0b800b89e82ad9abe3ad8b8912
e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b
e86c41aba2a70f6e263fbe0c13257e5b4d36b0ba6ae34d86098013f7087441ba
eafb3e8e7ff731d4419a9683e280433e06a513e872f309333c0909890156bcdf
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec29871f7a6e470e699f7eb7a722c49ceffe8ebb682308c7279053da037d71d5
ec4840b5e373feeae1a57fd926d937285246bd4437db4b08e0b99ccf611f1775
ee60dc9f4a5a261552c9432f27ce50a66664dacc6bcd21d6651141c579e77d03
eef93995cec1e10e714259ebc867042dea7b3fc4b6d39f0b8da7d81e3fc8c335
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5557d1c83d5e10f4aa2ce5a77f8ec1aa100eb9588a00038bafc52d8c07a3cb
f0661b34bdd99c850e7c1c3fb40188743848c2353682e600dc0fa009ced29f9d
f1a75f598974fc39eb7e2b0f4031e3c56c9b11cb1527740eb02cc6d207af11fe
f2d27ec07598049af75b5252143a57fd29957203c5293b6f2321ac38efb629c5
f56c992220809803659fac17b031df76868dc17731007bd737347e63a3b09fc9
f69f24da425eac9ecd7ba5e9a956ee643849921ec5672a9a961e309c60a1feda
f84f4f65c00630a8dd0f354e652293a2cf51e95722f447fb2ea869bbbe664446
f97ff7af18b6fca33d99a223aaddee96afb3ddd73c2368a39acc15ff53b91c2b
f9b2b62632d02dd438da5c717fcedbe7babf3420940398db1778d5b19d342f5b
fa523f248a332cb89ae3ad8cf51d840153e0f96bcc2a4c8db736e02a340dab48
fb12df34477c96b6ced8358bf28aa77166a0aa782ea784115c57936a1adbc735
fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
fd99a285d81a12f549b741db9604416a669e2ee8accf00cd40c0b0344e9ba63f
ffd341311bc13b35b4a81b8954c6ec19ba623f1bd53b7c8300d8230ac9439bd4