urlscan.io logo urlscan.io
SecurityTrails logo

geocult.ru Open in urlscan Pro
185.182.111.117  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://geocult.ru/
Effective URL: https://geocult.ru/
Submission: On December 04 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 54 IPs in 10 countries across 41 domains to perform 382 HTTP transactions. The main IP is 185.182.111.117, located in Russian Federation and belongs to AS-REG, RU. The main domain is geocult.ru.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on June 24th 2023. Valid for: a year.
This is the only time geocult.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 67 185.182.111.117 197695 (AS-REG)
62 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2 88.212.201.204 39134 (UNITEDNET)
25 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
28 2a00:1450:400... 15169 (GOOGLE)
14 25 142.250.185.194 15169 (GOOGLE)
5 11 2606:4700:440... 13335 (CLOUDFLAR...)
5 8 37.252.171.149 29990 (ASN-APPNEX)
2 4 52.212.68.218 16509 (AMAZON-02)
40 2a00:1450:400... 15169 (GOOGLE)
4 142.250.186.130 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 35.244.159.8 396982 (GOOGLE-CL...)
1 4 2.19.104.4 16625 (AKAMAI-AS)
4 2600:9000:223... 16509 (AMAZON-02)
14 2600:1f18:1ac... 14618 (AMAZON-AES)
5 172.217.16.134 15169 (GOOGLE)
12 138.201.63.157 24940 (HETZNER-AS)
1 4 94.130.102.164 24940 (HETZNER-AS)
1 4 138.201.84.244 24940 (HETZNER-AS)
2 4 2a01:4f8:d0a:... 24940 (HETZNER-AS)
2 49.12.16.151 24940 (HETZNER-AS)
6 91.121.248.44 16276 (OVH)
2 2a0b:4d07:101::1 44239 (PROINITY ...)
1 2 46.228.164.11 56396 (AMOBEE)
1 1 151.101.66.49 54113 (FASTLY)
2 2 35.204.74.118 396982 (GOOGLE-CL...)
1 15.197.193.217 16509 (AMAZON-02)
3 52.57.96.192 16509 (AMAZON-02)
3 3 37.157.6.243 198622 (ADFORM)
1 85.14.248.91 24961 (MYLOC-AS ...)
1 3.75.62.37 16509 (AMAZON-02)
2 35.177.52.174 16509 (AMAZON-02)
3 6 216.58.206.38 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 18.66.147.98 16509 (AMAZON-02)
2 99.86.4.52 16509 (AMAZON-02)
2 5.135.209.104 16276 (OVH)
3 2a00:1450:400... 15169 (GOOGLE)
3 78.46.23.46 24940 (HETZNER-AS)
1 3 23.212.218.19 16625 (AKAMAI-AS)
1 35.186.205.189 15169 (GOOGLE)
4 3.10.29.13 16509 (AMAZON-02)
1 2620:116:800d... 16509 (AMAZON-02)
1 1 35.186.193.173 15169 (GOOGLE)
1 178.250.1.9 44788 (ASN-CRITE...)
382 54
67    185.182.111.117 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: geocult.ru
geocult.ru
62    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.google.com
3    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.googleapis.com
2    2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    88.212.201.204 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru
counter.yadro.ru
25    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
www.googletagservices.com
7    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:400c:c02::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
11    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
28    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
25    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
cm.g.doubleclick.net
11    2606:4700:4400::6812:249b (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
8    37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
4    52.212.68.218 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-68-218.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
40    2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads4.g.doubleclick.net
4    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
4    2.19.104.4 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-104-4.deploy.static.akamaitechnologies.com
sync.teads.tv
4    2600:9000:223f:9e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
14    2600:1f18:1aca:4280:ab5:5950:5df:f61e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
5    172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f134.1e100.net
ad.doubleclick.net
12    138.201.63.157 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.157.63.201.138.clients.your-server.de
hal9000.redintelligence.net
4    94.130.102.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.102.130.94.clients.your-server.de
hal900012.redintelligence.net
4    138.201.84.244 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.84.201.138.clients.your-server.de
hal900026.redintelligence.net
4    2a01:4f8:d0a:2321::2 (Germany)

ASN24940 (HETZNER-AS, DE)
cdn.retailads.net
2    49.12.16.151 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-1.futalis.de
futalis.de
6    91.121.248.44 (France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu
pv.medialead.de
2    2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
adv.office-partner.de
2    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
1    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
1    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
3    52.57.96.192 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-96-192.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    85.14.248.91 (Neukirchen-Vluyn, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
1    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    35.177.52.174 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-52-174.eu-west-2.compute.amazonaws.com
track.webgains.com
6    216.58.206.38 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f6.1e100.net
8019191.fls.doubleclick.net
5994599.fls.doubleclick.net
3    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    18.66.147.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-98.fra60.r.cloudfront.net
analytics.webgains.io
2    99.86.4.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-52.fra6.r.cloudfront.net
cdn.track.production.webgains.team
2    5.135.209.104 (France)

ASN16276 (OVH, FR)
PTR: ip104.ip-5-135-209.eu
rtb-csync.smartadserver.com
3    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    78.46.23.46 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.46.23.46.78.clients.your-server.de
hal900023.redintelligence.net
3    23.212.218.19 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-218-19.deploy.static.akamaitechnologies.com
www.awin1.com
1    35.186.205.189 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 189.205.186.35.bc.googleusercontent.com
www.mietwagen-check.de
4    3.10.29.13 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-10-29-13.eu-west-2.compute.amazonaws.com
api.webgains.io
1    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
Apex Domain
Subdomains		 Transfer
90 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
812 KB
67 geocult.ru
geocult.ru
263 KB
61 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
ad.doubleclick.net — Cisco Umbrella Rank: 139
8019191.fls.doubleclick.net — Cisco Umbrella Rank: 270869
5994599.fls.doubleclick.net — Cisco Umbrella Rank: 98422
249 KB
40 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
654 KB
23 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 37721
hal900012.redintelligence.net — Cisco Umbrella Rank: 257491
hal900026.redintelligence.net — Cisco Umbrella Rank: 200207
hal900023.redintelligence.net — Cisco Umbrella Rank: 203251
210 KB
22 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 900
static.adsafeprotected.com — Cisco Umbrella Rank: 602
dt.adsafeprotected.com — Cisco Umbrella Rank: 567
204 KB
11 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
7 KB
11 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
389 KB
10 gstatic.com
www.gstatic.com
fonts.gstatic.com
99 KB
9 google.com
translate.google.com — Cisco Umbrella Rank: 1298
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 2693
adservice.google.com — Cisco Umbrella Rank: 93
33 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
6 KB
6 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 24395
api.webgains.io — Cisco Umbrella Rank: 59842
37 KB
6 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 47317
2 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
382 KB
4 retailads.net
cdn.retailads.net — Cisco Umbrella Rank: 164531
11 KB
4 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1299
778 B
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
57 KB
4 googleapis.com
translate.googleapis.com — Cisco Umbrella Rank: 947
fonts.googleapis.com — Cisco Umbrella Rank: 29
83 KB
3 awin1.com
www.awin1.com — Cisco Umbrella Rank: 13930
2 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 560
2 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
436 B
2 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 622
326 B
2 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 61264
4 KB
2 webgains.com
track.webgains.com — Cisco Umbrella Rank: 49821
4 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 773
r.turn.com — Cisco Umbrella Rank: 3570
869 B
2 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 128498
2 KB
2 futalis.de
futalis.de — Cisco Umbrella Rank: 305788
801 B
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 491
409 B
2 google.de
www.google.de — Cisco Umbrella Rank: 6765
515 B
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 12199
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 550
363 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 4999
610 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 749
463 B
1 mietwagen-check.de
www.mietwagen-check.de
302 B
1 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
125 B
1 exactag.com
m.exactag.com — Cisco Umbrella Rank: 11353
1 KB
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
149 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
544 B
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
382 41
Domain Requested by
67 geocult.ru 1 redirects geocult.ru
62 pagead2.googlesyndication.com geocult.ru
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
40 s0.2mdn.net geocult.ru
s0.2mdn.net
28 tpc.googlesyndication.com googleads.g.doubleclick.net
geocult.ru
tpc.googlesyndication.com
s0.2mdn.net
pagead2.googlesyndication.com
25 cm.g.doubleclick.net 14 redirects googleads.g.doubleclick.net
19 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
geocult.ru
14 dt.adsafeprotected.com googleads.g.doubleclick.net
geocult.ru
12 hal9000.redintelligence.net googleads.g.doubleclick.net
hal900012.redintelligence.net
hal900026.redintelligence.net
hal900023.redintelligence.net
11 dsum-sec.casalemedia.com 5 redirects googleads.g.doubleclick.net
11 www.googletagmanager.com www.google-analytics.com
adv.office-partner.de
www.googletagmanager.com
8 ib.adnxs.com 5 redirects googleads.g.doubleclick.net
7 fonts.gstatic.com geocult.ru
fonts.googleapis.com
6 pv.medialead.de hal900012.redintelligence.net
hal900026.redintelligence.net
6 www.googletagservices.com googleads.g.doubleclick.net
geocult.ru
5 ad.doubleclick.net googleads.g.doubleclick.net
geocult.ru
4 api.webgains.io analytics.webgains.io
4 8019191.fls.doubleclick.net 2 redirects googleads.g.doubleclick.net
geocult.ru
4 cdn.retailads.net 2 redirects futalis.de
4 hal900026.redintelligence.net 1 redirects googleads.g.doubleclick.net
hal900026.redintelligence.net
4 hal900012.redintelligence.net 1 redirects googleads.g.doubleclick.net
hal900012.redintelligence.net
4 static.adsafeprotected.com googleads.g.doubleclick.net
4 sync.teads.tv 1 redirects googleads.g.doubleclick.net
4 cdnjs.cloudflare.com s0.2mdn.net
4 googleads4.g.doubleclick.net geocult.ru
4 fw.adsafeprotected.com 2 redirects geocult.ru
4 www.google.com geocult.ru
googleads.g.doubleclick.net
tpc.googlesyndication.com
3 www.awin1.com 1 redirects googleads.g.doubleclick.net
3 hal900023.redintelligence.net hal9000.redintelligence.net
hal900023.redintelligence.net
3 adservice.google.com 8019191.fls.doubleclick.net
5994599.fls.doubleclick.net
3 fonts.googleapis.com hal900012.redintelligence.net
hal900026.redintelligence.net
hal900023.redintelligence.net
3 c1.adform.net 3 redirects
3 x.bidswitch.net googleads.g.doubleclick.net
3 www.gstatic.com geocult.ru
www.gstatic.com
2 rtb-csync.smartadserver.com googleads.g.doubleclick.net
2 cdn.track.production.webgains.team googleads.g.doubleclick.net
2 analytics.webgains.io track.webgains.com
2 5994599.fls.doubleclick.net 1 redirects googleads.g.doubleclick.net
2 track.webgains.com googleads.g.doubleclick.net
2 um.simpli.fi 2 redirects
2 adv.office-partner.de hal900012.redintelligence.net
hal900026.redintelligence.net
2 futalis.de hal900012.redintelligence.net
hal900026.redintelligence.net
2 us-u.openx.net googleads.g.doubleclick.net
2 www.google.de geocult.ru
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 counter.yadro.ru 1 redirects geocult.ru
2 www.google-analytics.com geocult.ru
www.google-analytics.com
1 dis.criteo.com googleads.g.doubleclick.net
1 ipac.ctnsnet.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 www.mietwagen-check.de hal900023.redintelligence.net
1 ups.analytics.yahoo.com googleads.g.doubleclick.net
1 m.exactag.com googleads.g.doubleclick.net
1 match.adsrvr.org googleads.g.doubleclick.net
1 sync-tm.everesttech.net 1 redirects
1 r.turn.com geocult.ru
1 ad.turn.com 1 redirects
1 region1.analytics.google.com www.googletagmanager.com
1 translate.googleapis.com
1 translate.google.com geocult.ru
0 sync.search.spotxchange.com Failed googleads.g.doubleclick.net
382 60

This site contains links to these domains. Also see Links.

Domain
translate.google.com
Subject Issuer Validity Valid
geocult.ru
AlphaSSL CA - SHA256 - G4		 2023-06-24 -
2024-07-25		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M02		 2023-05-09 -
2024-06-07		 a year crt.sh
redintelligence.net
R3		 2023-10-10 -
2024-01-08		 3 months crt.sh
*.futalis.de
R3		 2023-10-13 -
2024-01-11		 3 months crt.sh
pv.medialead.de
R3		 2023-12-04 -
2024-03-03		 3 months crt.sh
adv.office-partner.de
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
cdn.retailads.net
Encryption Everywhere DV TLS CA - G2		 2023-05-18 -
2024-05-17		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.exactag.com
Sectigo ECC Domain Validation Secure Server CA		 2023-08-22 -
2024-09-15		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-05-15 -
2024-06-13		 a year crt.sh
*.webgains.io
Amazon RSA 2048 M01		 2023-07-24 -
2024-08-22		 a year crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M03		 2023-08-30 -
2024-09-27		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
www.mietwagen-check.de
Sectigo RSA Domain Validation Secure Server CA		 2023-03-13 -
2024-04-05		 a year crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh

This page contains 49 frames:

Primary Page: https://geocult.ru/
Frame ID: 85E084517D117A680C5D0C03C55D4087
Requests: 88 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/zrt_lookup_fy2021.html
Frame ID: 06E9DBCC6A6127C034AD1CAF039E9771
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 602096122049731E60C01B8769EBF8BB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&adk=1812271804&adf=3025194257&lmt=1693404896&plaf=2%3A2%2C7%3A2&plat=3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133202&bpp=4&bdt=210&idt=196&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7395833608473&frm=20&pv=2&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=211
Frame ID: F13CB9A21CD04211E98DD19C2A1BDA61
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133206&bpp=1&bdt=214&idt=209&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=214
Frame ID: A647468C0ADF267228BFB3F793BA9578
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=4347476252&adk=504672438&adf=3417920651&pi=t.ma~as.4347476252&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133207&bpp=1&bdt=216&idt=215&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=217
Frame ID: 759A0C64B2D09FDFD5BE7839D57C13F8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133207&bpp=1&bdt=216&idt=218&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=232
Frame ID: 62A0A129CD66C2B84333120B711DFFAF
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNWoWhVHG6r92GmmvgM0pr0CLadloY1zRGV-95Fcu29Z5j7SLxD7ssCHxqluZSn_ZJsVJqYGxxcRiyduqE2O1OjqzLt_Sms3ssAnDm9AOk3ZI9PGVdlpnujmKtcCXEOcvYrsuOrIWAQV_-opW4spuu4sId63fAeOTBQL55NpXHAp8QdWg-U
Frame ID: 8EE74E59C6CAA0D0716153C4C9259912
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGPKT3_QBMAE&v=APEucNUJChs5VLoSja0xw7iWSkFmm4MrR2WLKDbeloV_jrYIlKDBlootyIo0ZooYtPJBPhbsswpdDvtQWyByalY7VBabXIepRTFWGjzpnUDlEazW2ay-mCb5pRcf5i-vXuyv-ihrqj75gmBEo1AavCEbAvqbQSbMAp0E-39lw6zEz2i7n0R2TMU
Frame ID: 6F21AA458E862B970DCF37E8FA9DBFA1
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 86BB8925096CB60C2FC237EB720C727D
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNXFlG_jl0VQOedjw9BrPh9eLxIBrun22Xu9DLI8HnMBiybCUFovE-woZMfarbfhX3Nh0LUchbYgtNEbxfgvAn40058WjXV4P8IMVY0ZD0Q0PSbfj9wbfugyNXSw7yx8IkSpsFp46iaC2DiZMSMk74vZJdS7yo4JZvT8W2yr5KUokupE0HQ
Frame ID: A584349B7A89A92CD2B297A4A646ADFC
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=-M&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=2
Frame ID: A46737B5A1E7845C131123C45E038B7E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=0&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
Frame ID: 6D60512278FFEECDCA2DFDB74FF4B4E3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: FCE433F5AF1C020302C7015607E26C15
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNiL3_QBMAE&v=APEucNVyiak3KHKrmej9EByA4tvBz_F3BWoakrgjbJBhl2QlZhR9dLKw054yKwfpefYX0OjEWz18eIt3u31Us01aajJVE_7jiVSffjHDWsy_hdEwEPedlYMhllfVxvxIAcfBpmHR4OpUy3cbcrgqITwZcr-cjW5uM_4FDkdfTABlFJSmn-RGQbU
Frame ID: 3C9E681D3347BA1DAECBB6EF35591E57
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 45D9A307593EE57665B0396F1DC3F7D9
Requests: 27 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 06721220948829FDAA2393D14DDBDAD4
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Frame ID: 19F6CC318DC209E2FB070AAF7856483A
Requests: 16 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 6686200267A999E8D0AA3562073F2932
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: A0190D32881CAD34CA24161B3FE474DF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 4A1BAEF30538625EA4F6EC7D7B3349DC
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: CE99DF2E5AC7993B678BCB7809C844FD
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Frame ID: 76A3877665E4EBB21D85FC89D543367F
Requests: 15 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 1EF3463CF42D94E31356B63FE1968EA1
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3363925632
Frame ID: B30C61CA914A2E543246B39E92B9FBE8
Requests: 2 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=21166900213489904444556012528012&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 62DA566EA1734CFA03AEF5F8DB53EAF2
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 54CD9EF579271BE47B030DDDE8FFFA60
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=61588200208120404444994012528026&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 67E33BF1C1A6E6EBC84641C8CFBD0A1F
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3363925631
Frame ID: E264A72D5C9029E20AE3415D70F0BA91
Requests: 2 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: A5000EAAC1E95928567048124C8EEBDA
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYl4fo4gEwAQ&v=APEucNV9qRnN1ljFoq3gpfQIgm0J4-f1UQqD4Oy4RWH5WjrgUZEtZNaPNlAeuZe2rP1whpYyaTQWjSFXzd_gMWTW3eOOA50zqSlnJFk9A9oXTtQmdKx59RZ7ml8bUMoGhGTn_pKMidANuK81IHVyVj9in5VUHETtH31Wr9gxxjvIq-NcnW9-5R4
Frame ID: 1F026F6216ECC3C58F40CC4B52641285
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Frame ID: 25907FFDC692747A2BEDF17CDE80454D
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4052687F457BA1A85425FC20F3F262DA
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 8358AE2DF74BF034D835894040D5E36D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=kUyM5SjDtI&t=1&renderingType=2&ev=01_250
Frame ID: 8B53A968951CDF4810113B5BADA816D8
Requests: 12 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CNCw6NfU9oIDFbPjOwId3sUNGQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6281933688888.712
Frame ID: CC6BA1A3F5C59B8FB61F51F78A88BB54
Requests: 2 HTTP requests in this frame

Frame: https://hal900012.redintelligence.net/request_content.php?s=21166900213489904444556012528012&a=921c75bd
Frame ID: 850E9A6E048B865CEB733ABFFC9BA897
Requests: 8 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPPr6NfU9oIDFZbIOwIdza4N0g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=799133291389.3201
Frame ID: C364B6FA6A719C2A4F451F7266052E4E
Requests: 2 HTTP requests in this frame

Frame: https://hal900026.redintelligence.net/request_content.php?s=61588200208120404444994012528026&a=645f7c07
Frame ID: 0581C7C286BD1D2171397078B5299E37
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNUUYhGz3K3hu_Xe-3DTxv2VMciUn3L8qykO5D3bPxS7MbYqc8e9sr0HKY7k5WTGjKQT2wqrO9S_mIHOJ-OrtMkKPWUBRFr26Uuf716EsYD_6jy703A7OnyE5OmaLHPgrhwnhf6MrPJ6QyL3bbU9i2hvgcV6vzmkgzJGkVnOVRuKwqCEmrA
Frame ID: 6A517CB17E960AC5358C284CF2700ACB
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 938C17CD610E2A72D6B9EEC65628B416
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: 87BE3673809904493431C412AF62F0C1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: C675CF5A2CB2D4AA6522033253B1CDEB
Requests: 3 HTTP requests in this frame

Frame: https://www.mietwagen-check.de/ret/aw.html
Frame ID: 15A26158FDA55710E6D30A0B76660A6F
Requests: 1 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CPj0l9jU9oIDFfvMOwIdvlkJeA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7356166673688.367
Frame ID: 64EE18F837ED29579B7ECD6AB66BAA54
Requests: 2 HTTP requests in this frame

Frame: https://hal900023.redintelligence.net/request_content.php?s=41466100212170504444556012528023&a=6db6d2a3
Frame ID: 9F7B95AAEA5E9858248FAC6B1DC5C8A7
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 914A0A74F764D4D137A268CD530FA18D
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F6A95F140371E2499F0F3009C40D913A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 598311AAB9B189390190735A7C32DD85
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Geocult.ru - Астрологический дневник. Натальная карта, Лунный календарь, Астрология.

Page URL History Show full URLs

  1. http://geocult.ru/ HTTP 301
    https://geocult.ru/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- All in One SEO Pack ([\d.]+)
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

382
Requests

92 %
HTTPS

41 %
IPv6

41
Domains

60
Subdomains

54
IPs

10
Countries

3523 kB
Transfer

8569 kB
Size

37
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://geocult.ru/ HTTP 301
    https://geocult.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70
  • https://counter.yadro.ru/hit?t44.6;r;s1600*1200*24;uhttps%3A//geocult.ru/;0.579565615986257 HTTP 302
  • https://counter.yadro.ru/hit?q;t44.6;r;s1600*1200*24;uhttps%3A//geocult.ru/;0.579565615986257
Request Chain 103
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK62U8H3ukS_vLpHi5xRQFY&google_cver=1
Request Chain 104
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW47-ujhnj3yp09FnQIP2gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB8UKel8GFwOFrYz1jMqKVU&google_cver=1
Request Chain 105
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMZDwJ_ltyejVJzoxz3W_fM&google_cver=1
Request Chain 106
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUwOTA5MjQwNzIxMTc2NDYxNg%3D%3D
Request Chain 107
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB8UKel8GFwOFrYz1jMqKVU&google_cver=1
Request Chain 108
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW47-ujhnj3yp09FnQIP2gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB8UKel8GFwOFrYz1jMqKVU&google_cver=1
Request Chain 109
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGRSvsNPEcg3Idc-SSvInsQ&google_cver=1
Request Chain 110
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3Nzg2NTUyNTIzMjAxNDM1
Request Chain 124
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB8UKel8GFwOFrYz1jMqKVU&google_cver=1
Request Chain 125
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW47-ujhnj3yp09FnQIP2gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB8UKel8GFwOFrYz1jMqKVU&google_cver=1
Request Chain 126
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGRSvsNPEcg3Idc-SSvInsQ&google_cver=1
Request Chain 127
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUwOTA5MjQwNzIxMTc2NDYxNg%3D%3D
Request Chain 166
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGeElCy62aarBhBI6BBkJ28&google_cver=1
Request Chain 168
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESED5NovTiov3P7U5U-jJjZEA&google_cver=1
Request Chain 173
  • https://fw.adsafeprotected.com/rfw/st/1627455/73523864/4.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-2920555573584698&ias_chanId=1&ias_placementId=20492286635&bidurl=https://geocult.ru/&ias_dealId=&xsId=ABAjH0jbqBe9a-P06F5gXyyZVX_X&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jbqBe9a-P06F5gXyyZVX_X&adContainerId=brand_safety__jtuZe71CtSEjuwP8oO9yAs&cbFunctionName=goog_wrapCb__jtuZe71CtSEjuwP8oO9yAs&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fgeocult.ru&adsafe_type=g&adsafe_url=https%3A%2F%2Fgeocult.ru%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2920555573584698%26output%3Dhtml%26h%3D280%26slotname%3D4347476252%26adk%3D504672438%26adf%3D3417920651%26pi%3Dt.ma~as.4347476252%26w%3D336%26lmt%3D1693404896%26format%3D336x280%26url%3Dhttps%253A%252F%252Fgeocult.ru%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701723133207%26bpp%3D1%26bdt%3D216%26idt%3D215%26shv%3Dr20231130%26mjsv%3Dm202311280101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C160x600%26nras%3D1%26correlator%3D7395833608473%26frm%3D20%26pv%3D1%26ga_vid%3D1155716277.1701723133%26ga_sid%3D1701723133%26ga_hid%3D1762117947%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D604%26ady%3D294%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C31079437%252C31079864%252C44807764%252C44808148%252C44808284%252C44809072%252C21065725%26oid%3D2%26pvsid%3D1489682680608387%26tmod%3D522749410%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257Cm%257CpeE%257Cp%26abl%3DXS%26pfx%3D0%26fu%3D0%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26dtd%3D217&adsafe_type=bed&adsafe_jsinfo=,id:b305f1dc-a70a-eb8f-e8a8-c94db8c1fc08,c:vRPucF,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-experiment-primary-5f94896f66-2bmlj,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tXvqQFl+11%7C12%7C13%7C141%7C151*.1627455-73523864%7C1511%7C1512%7C1513%7C161%7C17%7C18%7C1911,idMap:151*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:15,oid:00c97fc8-92e7-11ee-a1e4-62aa8eac5b94,v:19.8.461,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?xsId=ABAjH0jbqBe9a-P06F5gXyyZVX_X&ias_xappb=&adContainerId=brand_safety__jtuZe71CtSEjuwP8oO9yAs&cbFunctionName=goog_wrapCb__jtuZe71CtSEjuwP8oO9yAs&true_pb=
Request Chain 186
  • https://hal900012.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=3636decf01&subid=&uid=51726f56f2c3ce0d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPOW4_TtuZZHQI8_U29gPs_Ov8A2m5b2gaZ2cnKfJD_AuEAEg1MealwFglYqdgqwHyAEJqQJT6a7EdyWyPqgDAcgDmwSqBN4BT9AX9BMSbl6ldaR9K5PLmBw1XFFWa1XqNHWUTRDrcxfXgRXBOwBobx0uEuxrFBcGF_eBsld22SDG3HT9zx6u5_tnpg3aUX2ErUpQtMM64DF8R62XJf0SRSrBgg_bE8ZJZT5hbs8hu1p2xZK_mLv3fCXIEfCORE46I_SmFuCUwEWObYG1pN-gZwfkb7qa_m9aEKOdCNf6FMNHXVweIafu44EKNuayW2x4iNdGliQCWzi1o0PBmQDqS_sySu475dTiYGn7U-Z9W3mRIqCBmdmIQ_ar6botNzj1Kwurk3wTwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WOO6_9bU9oIDgAoBmAsByAsBgAwBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNgHUT-M_IpQZ4aKOpFn4XSC0vL51RM2IgFN5Yrm0x-rd1EnwumDqt9enuy5GQ4E4gUQ4dstU_R-cmlhUxLlA8RBpvjbm9Ijm5xRgB%26sig%3DAOD64_3Kf2G41ZyCDQPU8fQz_IBWDRJAnA%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-D3zcEUOMz0rZKW_BXysPKE2Gm-t5hv8y61sWw7IRwWm1yy2CQYaapJ7sRu3LIa3YpDD2eOOycsS0yK2S1St0g1LzKDd1Cu7MgYRDrdW85-EoXFpOHN1Waotg9qbn3mMgC1P9afOG_SMgbdBDN19vnv4OSQNgAOE097JutXhcLJjKc1E_yIkdFK-6rViu8JxjWF6bh19SksDXV0rW0iP4iZYcE7yA%26cry%3D1%26dbm_d%3DAKAmf-DpcFE3cwgxaqOIauHzNAiNIQsVblQ51rFA7vE9pZv-G7hJWFuHIAikI8FqXsMX1Ovsa6tuaqHzhAI1lBp3H6yl4mXPpGqcx_9Y_TYuYmuQSa5dxH_5IGhEJJWj4Q3VNryxbh3aEIZ_OCoHBjggieeXiJKiAO-8rc2NYu_xX8koW4Axd4DIM3tmJLVz00crU4CWCMS810FCTPcBT5pJzJ2kGAfd3DmY9R-0I_CTI_YC3lwnVc0zdHN3ruzBV0HKHk6XiSSuuQM4hiZVGbC26UGd5J1I8wslf29hCKELTotopsKX-oKaNUL_9MIHepQGmoylysuS7j8dVVFrjZGed-nuRYCavGYVThKMVRqjbAEASgu-h_fZV-QEq3q_3_nlJ5byg44nGaiidV3dQAz_Pgr0RwPIIPW1SUiwQo3OihkytIX8Fl8sysQQ34eqR0PsgKupHJA2q8av11Urkv66IJwIuCQEuoMakIFwmTVfLE-qZpM1BaogUkNNc3rnQMQtZD2PSN_HhLNksv6C0v1IjOwS_cTXNzRusf-7oMRy6vo431y-FXBeGvh52F3LHctLj0MeysCyUaYv0ELGyyrho_ZMfwuuAg%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=4623972934818&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900012.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=3636decf01&subid=&uid=51726f56f2c3ce0d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPOW4_TtuZZHQI8_U29gPs_Ov8A2m5b2gaZ2cnKfJD_AuEAEg1MealwFglYqdgqwHyAEJqQJT6a7EdyWyPqgDAcgDmwSqBN4BT9AX9BMSbl6ldaR9K5PLmBw1XFFWa1XqNHWUTRDrcxfXgRXBOwBobx0uEuxrFBcGF_eBsld22SDG3HT9zx6u5_tnpg3aUX2ErUpQtMM64DF8R62XJf0SRSrBgg_bE8ZJZT5hbs8hu1p2xZK_mLv3fCXIEfCORE46I_SmFuCUwEWObYG1pN-gZwfkb7qa_m9aEKOdCNf6FMNHXVweIafu44EKNuayW2x4iNdGliQCWzi1o0PBmQDqS_sySu475dTiYGn7U-Z9W3mRIqCBmdmIQ_ar6botNzj1Kwurk3wTwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WOO6_9bU9oIDgAoBmAsByAsBgAwBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNgHUT-M_IpQZ4aKOpFn4XSC0vL51RM2IgFN5Yrm0x-rd1EnwumDqt9enuy5GQ4E4gUQ4dstU_R-cmlhUxLlA8RBpvjbm9Ijm5xRgB%26sig%3DAOD64_3Kf2G41ZyCDQPU8fQz_IBWDRJAnA%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-D3zcEUOMz0rZKW_BXysPKE2Gm-t5hv8y61sWw7IRwWm1yy2CQYaapJ7sRu3LIa3YpDD2eOOycsS0yK2S1St0g1LzKDd1Cu7MgYRDrdW85-EoXFpOHN1Waotg9qbn3mMgC1P9afOG_SMgbdBDN19vnv4OSQNgAOE097JutXhcLJjKc1E_yIkdFK-6rViu8JxjWF6bh19SksDXV0rW0iP4iZYcE7yA%26cry%3D1%26dbm_d%3DAKAmf-DpcFE3cwgxaqOIauHzNAiNIQsVblQ51rFA7vE9pZv-G7hJWFuHIAikI8FqXsMX1Ovsa6tuaqHzhAI1lBp3H6yl4mXPpGqcx_9Y_TYuYmuQSa5dxH_5IGhEJJWj4Q3VNryxbh3aEIZ_OCoHBjggieeXiJKiAO-8rc2NYu_xX8koW4Axd4DIM3tmJLVz00crU4CWCMS810FCTPcBT5pJzJ2kGAfd3DmY9R-0I_CTI_YC3lwnVc0zdHN3ruzBV0HKHk6XiSSuuQM4hiZVGbC26UGd5J1I8wslf29hCKELTotopsKX-oKaNUL_9MIHepQGmoylysuS7j8dVVFrjZGed-nuRYCavGYVThKMVRqjbAEASgu-h_fZV-QEq3q_3_nlJ5byg44nGaiidV3dQAz_Pgr0RwPIIPW1SUiwQo3OihkytIX8Fl8sysQQ34eqR0PsgKupHJA2q8av11Urkv66IJwIuCQEuoMakIFwmTVfLE-qZpM1BaogUkNNc3rnQMQtZD2PSN_HhLNksv6C0v1IjOwS_cTXNzRusf-7oMRy6vo431y-FXBeGvh52F3LHctLj0MeysCyUaYv0ELGyyrho_ZMfwuuAg%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=4623972934818&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 192
  • https://hal900026.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=0b5cc9f0f5&subid=&uid=6c115e7f3359a272&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNUB6_TtuZY-LJZGm29gPteOPgAqm5b2gab2TnKfJD_AuEAEg1MealwFglYqdgqwHyAEJqQJfaGHw1zSyPqgDAcgDmwSqBN4BT9DWwOipsf6T4IyCQGF1XNXeKT3c8EN9tYX9XYc-4CLv3JF2YRlNkDZ1po1QfPSbVdYYkn0BZKGZrE8KuWRf661DWP7R9r_OeCFwu6y1LYwbggjjjGJEVev0E5uXQWutCEUUyvOIDz85kEQA0bzzK1bnVAwcCBdgCsIHMOJxd-0bVuF_cxGsTkLLd8Q_WwlkRFCnn2NmOqZjZYd6K5d4D-WjUKHeEd2QbggLy8qjuG9tu43pbUArBixNTiL0ACv_PixGtobu5NuGeNPCQq4ISJoCX_nVHuaZG2XZGbOTwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WIjhgNfU9oIDgAoBmAsByAsBgAwBogwYKhYKFOS0sQLutbECtbixAqy6sQK7u7ECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNt3SHelvzd3trlGp829vJq3kA3oQi2diJhLby3hxkNehCipwlJlMcA3fIm4oP8bfQ1sYYfukhteSFYBYCO5wPjfsjJi1HkUunghoYAQ%26sig%3DAOD64_012Z2NE_hrgQPQs1VNTZ-dwQ_kWw%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-CvHdFiUrpU9cO0AlN_v-ceBGq-c-OlXuR3OXaqfHUMiWQexuasVeFA6Ge2ZAE5-qWpmgldxvP--YHtbyXhmk4JJaCjwlYC0GWlSVSV_rEl8R7nOZGSJpbTWyGi0s9BlKNKmBlzRUvVvXY_db4zy-z8MVayVP3MNumRN3fmvcr0jNWQI28%26cry%3D1%26dbm_d%3DAKAmf-CsLDa8C-6gDTWg4P7LRVTT3YUdw5PLCyEG7vj2AHQeDltslzonzmmRfb-j24U-7d8Vu_MUL5XTp3RwJQzELPrDr2n1D8DwzZAmcJGjqauiWK7smfp9m37ivjxcU1LGY4f_I7woyTl53dywvuzODJDHdzeWvRKOVuR3SCY5-pUkF1YFzNzImaTLcbykOb1-JNN3aJ40uWw2fkHQ6f6Iibt8C2RTW3lxtvYSxBA2ArAUHIa6GuWTdtGNRidsHhqF96Sjleod8xwYZgxjc4H2LCplIgMkeFMDWGI3GvqO9nFjYEv-XvEtPi0mtAFNQlw4hh7oO2VZlWbJcAbaQ93wdUSMIgi1XSi92J9ahMMMRJEcPfUYmgnhum1Rj-EbnlzdywNLoqT1C5LbIhAxX1GoCZReWzBTNoNSt4Stzc_30pQ48fvFLkm3adHPL_wzjQEGT1RzpGVSgNeu5B-Emj5T6sM49qNJUDj1B8Wtqm0i1qvGF31tsaTTcG5RdRdGQLjsBYXvLy_eM7QIaT6Z2HEjOISBY4vVBQin6eyUKP0ATM6ru7jNOBU%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=3195670860895&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900026.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=0b5cc9f0f5&subid=&uid=6c115e7f3359a272&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNUB6_TtuZY-LJZGm29gPteOPgAqm5b2gab2TnKfJD_AuEAEg1MealwFglYqdgqwHyAEJqQJfaGHw1zSyPqgDAcgDmwSqBN4BT9DWwOipsf6T4IyCQGF1XNXeKT3c8EN9tYX9XYc-4CLv3JF2YRlNkDZ1po1QfPSbVdYYkn0BZKGZrE8KuWRf661DWP7R9r_OeCFwu6y1LYwbggjjjGJEVev0E5uXQWutCEUUyvOIDz85kEQA0bzzK1bnVAwcCBdgCsIHMOJxd-0bVuF_cxGsTkLLd8Q_WwlkRFCnn2NmOqZjZYd6K5d4D-WjUKHeEd2QbggLy8qjuG9tu43pbUArBixNTiL0ACv_PixGtobu5NuGeNPCQq4ISJoCX_nVHuaZG2XZGbOTwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WIjhgNfU9oIDgAoBmAsByAsBgAwBogwYKhYKFOS0sQLutbECtbixAqy6sQK7u7ECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNt3SHelvzd3trlGp829vJq3kA3oQi2diJhLby3hxkNehCipwlJlMcA3fIm4oP8bfQ1sYYfukhteSFYBYCO5wPjfsjJi1HkUunghoYAQ%26sig%3DAOD64_012Z2NE_hrgQPQs1VNTZ-dwQ_kWw%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-CvHdFiUrpU9cO0AlN_v-ceBGq-c-OlXuR3OXaqfHUMiWQexuasVeFA6Ge2ZAE5-qWpmgldxvP--YHtbyXhmk4JJaCjwlYC0GWlSVSV_rEl8R7nOZGSJpbTWyGi0s9BlKNKmBlzRUvVvXY_db4zy-z8MVayVP3MNumRN3fmvcr0jNWQI28%26cry%3D1%26dbm_d%3DAKAmf-CsLDa8C-6gDTWg4P7LRVTT3YUdw5PLCyEG7vj2AHQeDltslzonzmmRfb-j24U-7d8Vu_MUL5XTp3RwJQzELPrDr2n1D8DwzZAmcJGjqauiWK7smfp9m37ivjxcU1LGY4f_I7woyTl53dywvuzODJDHdzeWvRKOVuR3SCY5-pUkF1YFzNzImaTLcbykOb1-JNN3aJ40uWw2fkHQ6f6Iibt8C2RTW3lxtvYSxBA2ArAUHIa6GuWTdtGNRidsHhqF96Sjleod8xwYZgxjc4H2LCplIgMkeFMDWGI3GvqO9nFjYEv-XvEtPi0mtAFNQlw4hh7oO2VZlWbJcAbaQ93wdUSMIgi1XSi92J9ahMMMRJEcPfUYmgnhum1Rj-EbnlzdywNLoqT1C5LbIhAxX1GoCZReWzBTNoNSt4Stzc_30pQ48fvFLkm3adHPL_wzjQEGT1RzpGVSgNeu5B-Emj5T6sM49qNJUDj1B8Wtqm0i1qvGF31tsaTTcG5RdRdGQLjsBYXvLy_eM7QIaT6Z2HEjOISBY4vVBQin6eyUKP0ATM6ru7jNOBU%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=3195670860895&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 203
  • https://fw.adsafeprotected.com/rfw/st/1627455/73523880/4.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-2920555573584698&ias_chanId=1&ias_placementId=20492285957&bidurl=https://geocult.ru/&ias_dealId=&xsId=ABAjH0gTZHddNAhSukuS397xYATe&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0gTZHddNAhSukuS397xYATe&adContainerId=brand_safety__jtuZcPjHMLAjuwPpIW_iA8&cbFunctionName=goog_wrapCb__jtuZcPjHMLAjuwPpIW_iA8&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fgeocult.ru&adsafe_type=g&adsafe_url=https%3A%2F%2Fgeocult.ru%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231130%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231130%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-0-%26adk%3D1812271801%26client%3Dca-pub-2920555573584698%26fa%3D1%26ifi%3D9%26uci%3Da!9%26btvi%3D5&adsafe_type=be&adsafe_jsinfo=,id:9682b360-9180-05a3-b4b4-90b7fca0347f,c:vRPufF,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6d84f486b7-vk26q,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:2,mot:0,app:0,maw:0,fm:tXvqQIj+11%7C12%7C13%7C141%7C142%7C1511%7C1512%7C1513%7C1514%7C161%7C1621%7C17%7C18%7C191*.1627455-73523880%7C1911%7C1912%7C1913,idMap:191*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:17,oid:00ea74ee-92e7-11ee-83b9-3ec7870a9d69,v:19.8.461,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?xsId=ABAjH0gTZHddNAhSukuS397xYATe&ias_xappb=&adContainerId=brand_safety__jtuZcPjHMLAjuwPpIW_iA8&cbFunctionName=goog_wrapCb__jtuZcPjHMLAjuwPpIW_iA8&true_pb=
Request Chain 222
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=21166900213489904444556012528012&ra_cnt_active=1&ra_cnt=1 HTTP 302
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3363925632
Request Chain 229
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=61588200208120404444994012528026&ra_cnt_active=1&ra_cnt=1 HTTP 302
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3363925631
Request Chain 262
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESECf65z83dL3nIofcIF-c374&google_cver=1&google_push=AXcoOmTVL5CI_xrh4UNIz_geySvA-YtNcbd-q9qtWHLtzNzMufveXTxQydLVoSpweHKccpr3srbUD7OENXVoVGxXReStGbb928DAX3eO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTAxMTk3MjM3NTAyMTUxMDczMw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECf65z83dL3nIofcIF-c374&google_cver=1
Request Chain 263
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESELDG9F1PUSs_jqpo1BIXsw0&google_cver=1&google_push=AXcoOmQbY2FnNzuI9vJ3f8Vpf9sCsrvOVWI2AV_w7Xcou8wDva4ZyxbcetUY6AD_oXIVzncBePLyDNjz4Luc_NheZtK8g-tV4MfT7KYA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELDG9F1PUSs_jqpo1BIXsw0&google_push=AXcoOmQbY2FnNzuI9vJ3f8Vpf9sCsrvOVWI2AV_w7Xcou8wDva4ZyxbcetUY6AD_oXIVzncBePLyDNjz4Luc_NheZtK8g-tV4MfT7KYA
Request Chain 264
  • https://um.simpli.fi/gp_match?google_gid=CAESEBQ3xEovx3gO9O6Tck0MVbo&google_cver=1&google_push=AXcoOmQVx0HUtw1OJw0tp4YUd2gf9VgnjvWnDeiVU2UMoKgFwKqqteQtH8rDDfBrmDxk1c96lbnyCBPmyuqBvJSCJddc2RwYb16fHx9x HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A63DC3AE755B4CC8AD201D43CDBD0BB6&google_push=AXcoOmQVx0HUtw1OJw0tp4YUd2gf9VgnjvWnDeiVU2UMoKgFwKqqteQtH8rDDfBrmDxk1c96lbnyCBPmyuqBvJSCJddc2RwYb16fHx9x
Request Chain 267
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEM68qmm-Jj1TMRHDRj25Oyw&google_cver=1&google_push=AXcoOmSXBNL59mnNSUeNDV_XDUNapDaLZC9GWG6H_oT2EWYgtAvde3XQrD0toWtHDjLxuL6GPd6zN39jKoJy5TQNGeYvQLFLaFH80Rom HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEM68qmm-Jj1TMRHDRj25Oyw&google_cver=1&google_push=AXcoOmSXBNL59mnNSUeNDV_XDUNapDaLZC9GWG6H_oT2EWYgtAvde3XQrD0toWtHDjLxuL6GPd6zN39jKoJy5TQNGeYvQLFLaFH80Rom HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU2ODI2MTM2MDE3MTc5MDg4NQ&google_push=AXcoOmSXBNL59mnNSUeNDV_XDUNapDaLZC9GWG6H_oT2EWYgtAvde3XQrD0toWtHDjLxuL6GPd6zN39jKoJy5TQNGeYvQLFLaFH80Rom
Request Chain 268
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELK5-DT-PJU5BzDnJ8YSCWw&google_cver=1&google_push=AXcoOmSsP1rNoioO8YAg6MpsTBpp7OVm3zeW0QKPuw-QBSyW_TvsCta99iPivsm1nUeJuX7zCX7uPKXohGmGdyU_0QBwoxBtt1zZZl_eFA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSsP1rNoioO8YAg6MpsTBpp7OVm3zeW0QKPuw-QBSyW_TvsCta99iPivsm1nUeJuX7zCX7uPKXohGmGdyU_0QBwoxBtt1zZZl_eFA HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 275
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBqB_pxpAHbmkAUrcq5LoGI&google_cver=1
Request Chain 279
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6281933688888.712 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CNCw6NfU9oIDFbPjOwId3sUNGQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6281933688888.712
Request Chain 284
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=799133291389.3201 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CPPr6NfU9oIDFZbIOwIdza4N0g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=799133291389.3201
Request Chain 314
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEEL3hqr-DQfq5_o7JC1iwoA&google_cver=1
Request Chain 344
  • https://www.awin1.com/cshow.php?s=2413240&v=14051&q=365935&r=296283&pref1=41466100212170504444556012528023&pv=1 HTTP 302
  • https://www.mietwagen-check.de/ret/aw.html
Request Chain 345
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7356166673688.367 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CPj0l9jU9oIDFfvMOwIdvlkJeA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7356166673688.367
Request Chain 362
  • https://um.simpli.fi/gp_match?google_gid=CAESEBQ3xEovx3gO9O6Tck0MVbo&google_cver=1&google_push=AXcoOmTYKQPYJnSXCqNv1KNKMUjJmbE-2FNoANz6qMoCj2hr5tIHSdtY9IEsa5kIgTjO6rdK3o8D_QYbDWqSYfMFqA6fWZXs7C5SQQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A63DC3AE755B4CC8AD201D43CDBD0BB6&google_push=AXcoOmTYKQPYJnSXCqNv1KNKMUjJmbE-2FNoANz6qMoCj2hr5tIHSdtY9IEsa5kIgTjO6rdK3o8D_QYbDWqSYfMFqA6fWZXs7C5SQQ
Request Chain 363
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEEwOCOI7yYeWpMG6ZAFE880&google_cver=1&google_push=AXcoOmQiQ57wAJuyslcuO2vgUyRxNj-ts_RIgjjRtcoB00BJzKa36vOYkMwWfM_69Ppuz5R9Gq12l8f5xEQkGKSmD337Cn5ChKnw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmQiQ57wAJuyslcuO2vgUyRxNj-ts_RIgjjRtcoB00BJzKa36vOYkMwWfM_69Ppuz5R9Gq12l8f5xEQkGKSmD337Cn5ChKnw&google_hm=1rLgNdrCQ6yMAjHdlVjRuig
Request Chain 367
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEM68qmm-Jj1TMRHDRj25Oyw&google_cver=1&google_push=AXcoOmQzblZ5lKSuncSKezcUnL1dQG63JADm60vU-u7bd8FE8Nad7PtDko1yO1_BmsY-QklBifiLY_DukjAxD91EUtcmYCeBb2e7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU2ODI2MTM2MDE3MTc5MDg4NQ&google_push=AXcoOmQzblZ5lKSuncSKezcUnL1dQG63JADm60vU-u7bd8FE8Nad7PtDko1yO1_BmsY-QklBifiLY_DukjAxD91EUtcmYCeBb2e7

382 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
geocult.ru/
Redirect Chain
  • http://geocult.ru/
  • https://geocult.ru/
99 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
8d674b28f8c316180a29763d4d735629198158a03a780fb691025830bae98b30

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=86400
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Dec 2023 20:52:12 GMT
expires
Tue, 05 Dec 2023 20:52:12 GMT
last-modified
Wed, 30 Aug 2023 14:14:56 +0000
link
<https://geocult.ru/wp-json/>; rel="https://api.w.org/" <https://geocult.ru/>; rel=shortlink
server
nginx
x-cache-status
BYPASS

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Mon, 04 Dec 2023 20:52:12 GMT
Location
https://geocult.ru/
Server
nginx
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		155 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2920555573584698
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab5e4522fcb14cc9d29811d6822c7ebaa09f3c44e34545a244d3f08f0800c97a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geocult.ru/
Origin
https://geocult.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53241
x-xss-protection
0
server
cafe
etag
8795250004696305155
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 04 Dec 2023 20:52:13 GMT
stylev2.css
geocult.ru/wp-content/themes/evolve/ 		68 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
04dff075b0c9befeaec0105bc4f7e21a284f402f0f3425896f90963c888d7f1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 08:40:06 GMT
server
nginx
etag
W/"60409ce6-1119a"
content-type
text/css
cache-control
max-age=691200
expires
Tue, 12 Dec 2023 20:52:13 GMT
logo3.gif
geocult.ru/wp-content/uploads/2013/11/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2013/11/logo3.gif
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
f97ff7af18b6fca33d99a223aaddee96afb3ddd73c2368a39acc15ff53b91c2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Wed, 07 Jan 2015 17:02:04 GMT
server
nginx
etag
"54ad668c-22e8"
content-type
image/gif
cache-control
max-age=691200
accept-ranges
bytes
content-length
8936
expires
Tue, 12 Dec 2023 20:52:13 GMT
oven_knopka2f.png
geocult.ru/wp-content/uploads/2014/08/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2014/08/oven_knopka2f.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
528b3762e36893c9075ebbb38655afaa02aecbd106aefc59881bd879ffeba9c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Sat, 27 Feb 2016 09:28:00 GMT
server
nginx
etag
"56d16c20-113f"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
4415
expires
Tue, 12 Dec 2023 20:52:13 GMT
telec_knopka1f.png
geocult.ru/wp-content/uploads/2014/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2014/08/telec_knopka1f.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
f69f24da425eac9ecd7ba5e9a956ee643849921ec5672a9a961e309c60a1feda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Sat, 27 Feb 2016 07:07:42 GMT
server
nginx
etag
"56d14b3e-123a"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
4666
expires
Tue, 12 Dec 2023 20:52:13 GMT
blizneci_knopka1f.png
geocult.ru/wp-content/uploads/2014/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2014/08/blizneci_knopka1f.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
1a4b71acc013b49315ff300c03f7163618bb6f1cc0408d710e11f97b255f9255

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Sat, 27 Feb 2016 07:16:35 GMT
server
nginx
etag
"56d14d53-1216"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
4630
expires
Tue, 12 Dec 2023 20:52:13 GMT
rak_knopka1f.png
geocult.ru/wp-content/uploads/2014/08/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2014/08/rak_knopka1f.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
914dcb400670688bb8de60c955cce8afce0838c2fa2ad297b4bd4b34ec908ed0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Sat, 27 Feb 2016 07:28:05 GMT
server
nginx
etag
"56d15005-1010"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
4112
expires
Tue, 12 Dec 2023 20:52:13 GMT
lev_knopka1f.png
geocult.ru/wp-content/uploads/2014/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2014/08/lev_knopka1f.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
df5f8f98ec7bd0263bb4dabff07ecf507a535c2c39a5e391e03e7ea124baa321

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Sat, 27 Feb 2016 08:46:05 GMT
server
nginx
etag
"56d1624d-12ba"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
4794
expires
Tue, 12 Dec 2023 20:52:13 GMT
deva_knopka1f.png
geocult.ru/wp-content/uploads/2014/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2014/08/deva_knopka1f.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
1162f2ec71eb82147a7e6a6f558b88982bb78ad2fa812c1c52020f5b7bd1bd85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Sat, 27 Feb 2016 08:52:08 GMT
server
nginx
etag
"56d163b8-122e"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
4654
expires
Tue, 12 Dec 2023 20:52:13 GMT
vesi_knopka1f.png
geocult.ru/wp-content/uploads/2014/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2014/08/vesi_knopka1f.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
daf927d970143656739c9b917412ba171dae6e997b8dfe53263effae772d1b69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Sat, 27 Feb 2016 08:57:19 GMT
server
nginx
etag
"56d164ef-125c"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
4700
expires
Tue, 12 Dec 2023 20:52:13 GMT
scorpion_knopka1f.png
geocult.ru/wp-content/uploads/2014/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2014/08/scorpion_knopka1f.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
462c848b90fb9d8f3599f4654813e4382222a6fd506a48158a01bc2eab95b357

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Sat, 27 Feb 2016 09:04:47 GMT
server
nginx
etag
"56d166af-13a6"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
5030
expires
Tue, 12 Dec 2023 20:52:13 GMT
strelec_knopka1f.png
geocult.ru/wp-content/uploads/2014/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2014/08/strelec_knopka1f.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
1479783c7b49a2bbde9ea12d6b9abb4d552311fad5ea3d1194a866c82ddf7d54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Sat, 27 Feb 2016 09:12:25 GMT
server
nginx
etag
"56d16879-1248"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
4680
expires
Tue, 12 Dec 2023 20:52:13 GMT
kozerog_knopka1f.png
geocult.ru/wp-content/uploads/2014/08/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2014/08/kozerog_knopka1f.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
d04da184f20eec8ec53c73f71b04f6eb462b391c982ca722500bb5abfb31cd20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Sat, 27 Feb 2016 09:17:15 GMT
server
nginx
etag
"56d1699b-11fd"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
4605
expires
Tue, 12 Dec 2023 20:52:13 GMT
vodoley_knopka1f.png
geocult.ru/wp-content/uploads/2014/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2014/08/vodoley_knopka1f.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
e74a84c9d52e2ef23512423d7e15031fc8644b0b800b89e82ad9abe3ad8b8912

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Sat, 27 Feb 2016 09:23:08 GMT
server
nginx
etag
"56d16afc-1383"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
4995
expires
Tue, 12 Dec 2023 20:52:13 GMT
ribi_knopka1f.png
geocult.ru/wp-content/uploads/2014/08/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2014/08/ribi_knopka1f.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
01bd238ad9742675260d4d3a5fef5b988ff74439b26a18aa0f98a48a694b07ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Sat, 27 Feb 2016 09:27:59 GMT
server
nginx
etag
"56d16c1f-1173"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
4467
expires
Tue, 12 Dec 2023 20:52:13 GMT
venera_scorpion_geocult-1f1-60x60.jpg
geocult.ru/wp-content/uploads/2015/09/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2015/09/venera_scorpion_geocult-1f1-60x60.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
72c786a14cc7a7c3831a33e49e63e54beddc81f6c50cc00149b29e0844aec2af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Wed, 27 Jan 2016 03:45:09 GMT
server
nginx
etag
"56a83d45-9e6"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
2534
expires
Tue, 12 Dec 2023 20:52:13 GMT
sharer.js
geocult.ru/scripts/social_button/ 		15 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geocult.ru/scripts/social_button/sharer.js
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
1537d4a7693f4840ad5484b03df34b08d0ed049696dd470ef07b55e1668d90a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
content-encoding
gzip
last-modified
Thu, 02 Apr 2020 23:01:12 GMT
server
nginx
etag
W/"5e866eb8-3a1e"
content-type
application/javascript
cache-control
max-age=691200
expires
Tue, 12 Dec 2023 20:52:13 GMT
venera_scorpion_geocult-1f1.jpg
geocult.ru/wp-content/uploads/2015/09/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2015/09/venera_scorpion_geocult-1f1.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
f9b2b62632d02dd438da5c717fcedbe7babf3420940398db1778d5b19d342f5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Thu, 17 Sep 2015 12:21:01 GMT
server
nginx
etag
"55fab02d-a4e"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
2638
expires
Tue, 12 Dec 2023 20:52:13 GMT
grande_trine1f-60-60.jpg
geocult.ru/wp-content/uploads/2020/07/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2020/07/grande_trine1f-60-60.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
e3df018cd61d671d60bd4a1cae119f8fcf1e58e47a62a4ae80c6b8100d868dbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Thu, 17 Dec 2020 08:31:08 GMT
server
nginx
etag
"5fdb174c-431"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
1073
expires
Tue, 12 Dec 2023 20:52:13 GMT
neptun-v1.jpg
geocult.ru/wp-content/uploads/2019/01/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2019/01/neptun-v1.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
815c4d0cf5937e27877ee3d17fb373dabb5b4cfa45a87636ad24f71bf59345db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Fri, 03 May 2019 09:17:47 GMT
server
nginx
etag
"5ccc073b-781"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
1921
expires
Tue, 12 Dec 2023 20:52:13 GMT
venus_v_3_home-60x60.jpg
geocult.ru/wp-content/uploads/2018/07/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2018/07/venus_v_3_home-60x60.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
178d21ba92f7134c1b38490946eadd0bddbf07248aa9e132d1ff30ddf735a62a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Fri, 20 Jul 2018 07:49:59 GMT
server
nginx
etag
"5b519427-c0c"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
3084
expires
Tue, 12 Dec 2023 20:52:13 GMT
moon-neptun-soedinenie-1-60x60.jpg
geocult.ru/wp-content/uploads/2017/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2017/10/moon-neptun-soedinenie-1-60x60.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
17389d2b816cd42930191c00df09c08669c18038ce38085452fc224228bfd2ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Tue, 17 Oct 2017 06:19:10 GMT
server
nginx
etag
"59e5a0de-a74"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
2676
expires
Tue, 12 Dec 2023 20:52:13 GMT
mars_uran_geocult-1f1.jpg
geocult.ru/wp-content/uploads/2015/10/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2015/10/mars_uran_geocult-1f1.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
d9b90d582c960458aef7a61a894bffb8c326910023e6be747b954cc8737986ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Mon, 05 Oct 2015 07:00:33 GMT
server
nginx
etag
"56122011-9b1"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
2481
expires
Tue, 12 Dec 2023 20:52:13 GMT
tranziti_online1f1.jpg
geocult.ru/wp-content/uploads/2016/10/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2016/10/tranziti_online1f1.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
8e483f5b5ac1b2ef3a28ccc7f8f7ab82cd8a56cb1e9c06294bf90b3020ccfe47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Wed, 19 Oct 2016 08:33:07 GMT
server
nginx
etag
"58072fc3-dce"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
3534
expires
Tue, 12 Dec 2023 20:52:13 GMT
moon_blizneci-1f-60x60.jpg
geocult.ru/wp-content/uploads/2019/03/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2019/03/moon_blizneci-1f-60x60.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
c76762b6b5695ab0c2c3688f5f0b4932911daa89e9a905ad866e853dd00020ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Sat, 23 Mar 2019 14:32:00 GMT
server
nginx
etag
"5c964360-713"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
1811
expires
Tue, 12 Dec 2023 20:52:13 GMT
mercury-v-2-dome-60x60.jpg
geocult.ru/wp-content/uploads/2018/06/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2018/06/mercury-v-2-dome-60x60.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
36c7b56d7df17e27614b04230c5fc1793653b20a1fd66fb9311f5df573c0f617

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Tue, 26 Jun 2018 07:10:54 GMT
server
nginx
etag
"5b31e6fe-ab3"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
2739
expires
Tue, 12 Dec 2023 20:52:13 GMT
goroscop_earth-1f1.jpg
geocult.ru/wp-content/uploads/2018/11/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2018/11/goroscop_earth-1f1.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
5e7ef5ef8582671b083278bf8f81e640b0f839f3ed0c336c4a96eb7e8b6c4aca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Thu, 29 Nov 2018 15:25:13 GMT
server
nginx
etag
"5c0004d9-849"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
2121
expires
Tue, 12 Dec 2023 20:52:13 GMT
planets-1280-1-60x60.jpg
geocult.ru/wp-content/uploads/2018/03/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2018/03/planets-1280-1-60x60.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
668252abb09b70642638a85544b62098dad1e03b79f534ee177e6d1ebb08c295

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Sat, 03 Mar 2018 17:16:40 GMT
server
nginx
etag
"5a9ad878-bf6"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
3062
expires
Tue, 12 Dec 2023 20:52:13 GMT
bioritm-icon-geocult-1f.jpg
geocult.ru/wp-content/uploads/2014/09/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2014/09/bioritm-icon-geocult-1f.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
eafb3e8e7ff731d4419a9683e280433e06a513e872f309333c0909890156bcdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Wed, 07 Jan 2015 17:39:32 GMT
server
nginx
etag
"54ad6f54-1884"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
6276
expires
Tue, 12 Dec 2023 20:52:13 GMT
lun1.jpg
geocult.ru/wp-content/uploads/2013/09/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2013/09/lun1.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
57fa232a003b023f9ee9ab9ca6f9d33569fc7cca884bf9b1ba464cc42df6ed79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Wed, 07 Jan 2015 16:55:15 GMT
server
nginx
etag
"54ad64f3-a1b"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
2587
expires
Tue, 12 Dec 2023 20:52:13 GMT
lun4.jpg
geocult.ru/wp-content/uploads/2013/09/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2013/09/lun4.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
ceae381ecbf5ea0d6e5f6977b195b7eae7d9167dd575f1983b07829838e20632

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Wed, 07 Jan 2015 16:55:22 GMT
server
nginx
etag
"54ad64fa-1200"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
4608
expires
Tue, 12 Dec 2023 20:52:13 GMT
lunniy_den_rojdeniya.jpg
geocult.ru/wp-content/uploads/2013/09/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2013/09/lunniy_den_rojdeniya.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
e86c41aba2a70f6e263fbe0c13257e5b4d36b0ba6ae34d86098013f7087441ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Wed, 07 Jan 2015 16:55:35 GMT
server
nginx
etag
"54ad6507-a50"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
2640
expires
Tue, 12 Dec 2023 20:52:13 GMT
lun3.jpg
geocult.ru/wp-content/uploads/2013/09/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2013/09/lun3.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
f2d27ec07598049af75b5252143a57fd29957203c5293b6f2321ac38efb629c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Wed, 07 Jan 2015 16:55:21 GMT
server
nginx
etag
"54ad64f9-1048"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
4168
expires
Tue, 12 Dec 2023 20:52:13 GMT
lun5.jpg
geocult.ru/wp-content/uploads/2013/09/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2013/09/lun5.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
50b78ad8578885f34aa7fa589dcd10075c466504e11467dd8a3ceed303ef4cb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Wed, 07 Jan 2015 16:55:27 GMT
server
nginx
etag
"54ad64ff-ab2"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
2738
expires
Tue, 12 Dec 2023 20:52:13 GMT
voc_moon-60x60.jpg
geocult.ru/wp-content/uploads/2018/12/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2018/12/voc_moon-60x60.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
ec4840b5e373feeae1a57fd926d937285246bd4437db4b08e0b99ccf611f1775

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Fri, 14 Dec 2018 12:53:35 GMT
server
nginx
etag
"5c13a7cf-81a"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
2074
expires
Tue, 12 Dec 2023 20:52:13 GMT
clfrkfgb00001jv0898897s3d_1-60x60.jpg
geocult.ru/wp-content/uploads/2023/04/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2023/04/clfrkfgb00001jv0898897s3d_1-60x60.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
5070152299c3d5a3ed255352b18e10649460f1e436363d4394e0f7d0acdb48de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Mon, 03 Apr 2023 15:17:18 GMT
server
nginx
etag
"642aedfe-771"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
1905
expires
Tue, 12 Dec 2023 20:52:13 GMT
lun7.jpg
geocult.ru/wp-content/uploads/2013/09/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2013/09/lun7.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
d1feb54f2339859c3595bd26343b468bad05a7a11c0a5a9d86084c56e3a885ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Wed, 07 Jan 2015 16:55:34 GMT
server
nginx
etag
"54ad6506-1bdb"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
7131
expires
Tue, 12 Dec 2023 20:52:13 GMT
lun61.jpg
geocult.ru/wp-content/uploads/2013/09/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2013/09/lun61.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
8b05625742e37f242707bde42df16ce7b828cc94f93238332f02624415d6c01f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Wed, 07 Jan 2015 16:55:29 GMT
server
nginx
etag
"54ad6501-c49"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
3145
expires
Tue, 12 Dec 2023 20:52:13 GMT
natalkarta-1f-60x60.jpg
geocult.ru/wp-content/uploads/2016/04/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2016/04/natalkarta-1f-60x60.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
be91c72c97adfae4e70b223c2f23ffd07eaf26d315a53bb66134b11dc40bb661

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Sun, 10 Apr 2016 10:52:42 GMT
server
nginx
etag
"570a307a-a3c"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
2620
expires
Tue, 12 Dec 2023 20:52:13 GMT
sun_lev_geocult-1-60x60.jpg
geocult.ru/wp-content/uploads/2015/09/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2015/09/sun_lev_geocult-1-60x60.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
c9092cfaa24952291b22481bfa4e399483260fc6fb162a6b942fed3ff42d76f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Wed, 27 Jan 2016 03:45:50 GMT
server
nginx
etag
"56a83d6e-9d8"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
2520
expires
Tue, 12 Dec 2023 20:52:13 GMT
fon_sovmestimost_geocult-1-60x60.jpg
geocult.ru/wp-content/uploads/2014/08/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2014/08/fon_sovmestimost_geocult-1-60x60.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
21f14e408c57d0c0c9a833c314df5ff7f7695f054253d9eb2ce123ba0f2ac049

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Wed, 27 Jan 2016 03:43:46 GMT
server
nginx
etag
"56a83cf2-af2"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
2802
expires
Tue, 12 Dec 2023 20:52:13 GMT
sun_6dome_geocult-1f-60x60.jpg
geocult.ru/wp-content/uploads/2015/10/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2015/10/sun_6dome_geocult-1f-60x60.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
aad870057003cbb9958374f555a06fb47dab183a03018ac1d1e88bffd1ded096

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Wed, 27 Jan 2016 03:43:51 GMT
server
nginx
etag
"56a83cf7-9f5"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
2549
expires
Tue, 12 Dec 2023 20:52:13 GMT
natal_wheel_geocult-2f-60x60.jpg
geocult.ru/wp-content/uploads/2016/03/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2016/03/natal_wheel_geocult-2f-60x60.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
e6e4ae30d0e1fe5bfda2cdf9a430e4d2da17e5706b0011bf909b312814bcbd1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Fri, 11 Mar 2016 10:29:39 GMT
server
nginx
etag
"56e29e13-df6"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
3574
expires
Tue, 12 Dec 2023 20:52:13 GMT
lunniy_uzel-2f-60x60.jpg
geocult.ru/wp-content/uploads/2018/04/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/uploads/2018/04/lunniy_uzel-2f-60x60.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
41e8f29b28c908a3e09da0cdfc54be6adeef57c3ac6dbf393416e84e4d2c420b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Tue, 10 Apr 2018 12:55:02 GMT
server
nginx
etag
"5accb426-8a8"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
2216
expires
Tue, 12 Dec 2023 20:52:13 GMT
avatar1-min.png
geocult.ru/wp-content/themes/evolve/images/ 		500 B
673 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/themes/evolve/images/avatar1-min.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
b87216debe85ffb5d5f3f938c1c2cfed568d6736fd9bd06d64d85711ea5c8802

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Tue, 31 Jul 2018 08:02:32 GMT
server
nginx
etag
"5b601798-1f4"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
500
expires
Tue, 12 Dec 2023 20:52:13 GMT
jquery.js
geocult.ru/wp-includes/js/jquery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geocult.ru/wp-includes/js/jquery/jquery.js?ver=1.10.2
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
content-encoding
gzip
last-modified
Mon, 23 May 2016 09:00:29 GMT
server
nginx
etag
W/"5742c6ad-17ba0"
content-type
application/javascript
cache-control
max-age=691200
expires
Tue, 12 Dec 2023 20:52:13 GMT
element.js
translate.google.com/translate_a/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
598fdd64b2840e6dadd76194ca8af798976a079a2742c967a135da24d40af2d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
jquery.fancybox.css
geocult.ru/swetest/fancybox21/source/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geocult.ru/swetest/fancybox21/source/jquery.fancybox.css?v=2.1.5
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
content-encoding
gzip
last-modified
Sat, 03 Dec 2016 23:46:32 GMT
server
nginx
etag
W/"58435958-131f"
content-type
text/css
cache-control
max-age=691200
expires
Tue, 12 Dec 2023 20:52:13 GMT
jquery.fancybox.pack.js
geocult.ru/swetest/fancybox21/source/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geocult.ru/swetest/fancybox21/source/jquery.fancybox.pack.js?v=2.1.5
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
content-encoding
gzip
last-modified
Sat, 03 Dec 2016 23:46:34 GMT
server
nginx
etag
W/"5843595a-5a5f"
content-type
application/javascript
cache-control
max-age=691200
expires
Tue, 12 Dec 2023 20:52:13 GMT
new-tab.min.js
geocult.ru/wp-content/plugins/page-links-to/js/ 		911 B
688 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geocult.ru/wp-content/plugins/page-links-to/js/new-tab.min.js?ver=2.10.4
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
2baa2ebe463ced52f500118a25caa59f75536f3a49a36ae911ff5c37e1265669

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
content-encoding
gzip
last-modified
Sun, 10 Jun 2018 09:40:17 GMT
server
nginx
etag
W/"5b1cf201-38f"
content-type
application/javascript
cache-control
max-age=691200
expires
Tue, 12 Dec 2023 20:52:13 GMT
comment-reply.min.js
geocult.ru/wp-includes/js/ 		1 KB
768 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geocult.ru/wp-includes/js/comment-reply.min.js?ver=4.9.8
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
content-encoding
gzip
last-modified
Wed, 18 Nov 2015 19:15:28 GMT
server
nginx
etag
W/"564cce50-436"
content-type
application/javascript
cache-control
max-age=691200
expires
Tue, 12 Dec 2023 20:52:13 GMT
main-bg.jpg
geocult.ru/wp-content/themes/evolve/library/media/images/ 		968 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/themes/evolve/library/media/images/main-bg.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
d0a7940c5739597d973e2bb019d3e3cc8b5e8747e607982ebdbd4890f4288f3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Fri, 19 May 2017 18:30:04 GMT
server
nginx
etag
"591f39ac-3c8"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
968
expires
Tue, 12 Dec 2023 20:52:13 GMT
green-back.jpg
geocult.ru/wp-content/themes/evolve/library/media/images/header-two/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/themes/evolve/library/media/images/header-two/green-back.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
3b3c66d6f6711dcb00f5ca69f10cc2e996c38c6c90facc8da13bbc88827433ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Fri, 19 May 2017 19:18:17 GMT
server
nginx
etag
"591f44f9-fc8"
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
content-length
4040
expires
Tue, 12 Dec 2023 20:52:13 GMT
trans.png
geocult.ru/wp-content/themes/evolve/library/media/images/dark/ 		97 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/themes/evolve/library/media/images/dark/trans.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
5942cf3294f46a9640870809b055e78887d7b48cc1e31a153d9c3b5dd7ef674b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Fri, 19 May 2017 18:30:27 GMT
server
nginx
etag
"591f39c3-61"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
97
expires
Tue, 12 Dec 2023 20:52:13 GMT
shadow-before.png
geocult.ru/wp-content/themes/evolve/library/media/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/themes/evolve/library/media/images/shadow-before.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
0d43d9f15c54f63334de8305be7fabb614396c5e190a0756a417483ba9c61631

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Fri, 19 May 2017 18:30:09 GMT
server
nginx
etag
"591f39b1-1fb1"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
8113
expires
Tue, 12 Dec 2023 20:52:13 GMT
shadow-after.png
geocult.ru/wp-content/themes/evolve/library/media/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/themes/evolve/library/media/images/shadow-after.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
9da58863c2d4a7e1f3c71a9a498588e7b74c3bf65fb97ddd126f1564fa7f9f02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Fri, 19 May 2017 18:30:09 GMT
server
nginx
etag
"591f39b1-1f66"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
8038
expires
Tue, 12 Dec 2023 20:52:13 GMT
divider.png
geocult.ru/wp-content/themes/evolve/library/media/images/ 		226 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/themes/evolve/library/media/images/divider.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
c4f459274e378b71dae7cd9514f4c3020545081e0de18560311a5aabf98f85b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Fri, 19 May 2017 18:29:53 GMT
server
nginx
etag
"591f39a1-e2"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
226
expires
Tue, 12 Dec 2023 20:52:13 GMT
search.png
geocult.ru/wp-content/themes/evolve/library/media/images/ 		788 B
961 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/themes/evolve/library/media/images/search.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
281bdb69ef6f2abc92abda9b18117ebbf50e9add63b183b2d9bc3fe3afbb3011

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Fri, 19 May 2017 18:30:08 GMT
server
nginx
etag
"591f39b0-314"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
788
expires
Tue, 12 Dec 2023 20:52:13 GMT
list-style.png
geocult.ru/wp-content/themes/evolve/library/media/images/ 		192 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/themes/evolve/library/media/images/list-style.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
83fef62511d4754a257551bd24d92efdeeb31c2886d07de22e9e947942233f6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Fri, 19 May 2017 18:30:01 GMT
server
nginx
etag
"591f39a9-c0"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
192
expires
Tue, 12 Dec 2023 20:52:13 GMT
divider-tile.png
geocult.ru/wp-content/themes/evolve/library/media/images/ 		88 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/themes/evolve/library/media/images/divider-tile.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
992f94f905118b8960ff39ecea7dcec52afbb5b2a484b14cd817844ba03d7eab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Fri, 19 May 2017 18:29:53 GMT
server
nginx
etag
"591f39a1-58"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
88
expires
Tue, 12 Dec 2023 20:52:13 GMT
m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=AAM/d=0/rs=AN8SPfoZVDB5be-TudnAO_y4l2LFY_GHyA/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=AAM/d=0/rs=AN8SPfoZVDB5be-TudnAO_y4l2LFY_GHyA/m=el_main_css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.RetS0UYVF9U.O/am=AAM/d=1/rs=AN8SPfpQYLrJxLA8Evaz5V0wt6dn4DngIw/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 18:18:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9236
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4144
x-xss-protection
0
last-modified
Sat, 15 Jul 2023 01:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Dec 2024 18:18:17 GMT
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.RetS0UYVF9U.O/d=1/exm=el_conf/ed=1/rs=AN8SPfr7lb_PXZnLNkTgvVwyoxNvsn0INQ/ 		228 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.RetS0UYVF9U.O/d=1/exm=el_conf/ed=1/rs=AN8SPfr7lb_PXZnLNkTgvVwyoxNvsn0INQ/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.RetS0UYVF9U.O/am=AAM/d=1/rs=AN8SPfpQYLrJxLA8Evaz5V0wt6dn4DngIw/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cb3f0ad4f6b1cc587a2e0d16f7c71a298a67fd445dd9ed2ca370cb831ecc02e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 18:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9004
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81976
x-xss-protection
0
last-modified
Sat, 02 Dec 2023 00:18:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Dec 2024 18:22:09 GMT
facebook.png
geocult.ru/scripts/social_button/ 		427 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/scripts/social_button/facebook.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
ec29871f7a6e470e699f7eb7a722c49ceffe8ebb682308c7279053da037d71d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Tue, 10 Sep 2019 22:48:34 GMT
server
nginx
etag
"5d782842-1ab"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
427
expires
Tue, 12 Dec 2023 20:52:13 GMT
twitter.png
geocult.ru/scripts/social_button/ 		654 B
826 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/scripts/social_button/twitter.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
24d3f7c545ffb8d31d407b24b2c130774fae929ec9a92d6fe92f42608c858372

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Tue, 10 Sep 2019 22:48:34 GMT
server
nginx
etag
"5d782842-28e"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
654
expires
Tue, 12 Dec 2023 20:52:13 GMT
mail-ru2.png
geocult.ru/scripts/social_button/ 		900 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/scripts/social_button/mail-ru2.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
a84f5718bcfaa18fbf0bc06b2fb8989141e7ef299b1a4793bd1082b48ce74cc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Tue, 10 Sep 2019 20:04:44 GMT
server
nginx
etag
"5d7801dc-384"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
900
expires
Tue, 12 Dec 2023 20:52:13 GMT
odnoklassniki.png
geocult.ru/scripts/social_button/ 		664 B
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/scripts/social_button/odnoklassniki.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
608c7e96914ee8dea1cc0bbd2eee01f5f6d0b03521cebbc6116a7ba5940043cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Tue, 10 Sep 2019 22:48:32 GMT
server
nginx
etag
"5d782840-298"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
664
expires
Tue, 12 Dec 2023 20:52:13 GMT
vk.png
geocult.ru/scripts/social_button/ 		610 B
782 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/scripts/social_button/vk.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
d3d89aa5cc7dbbdea39f3111b7460d064d7663ea92b04e79df0b39ef2e63b196

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Tue, 10 Sep 2019 22:48:32 GMT
server
nginx
etag
"5d782840-262"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
610
expires
Tue, 12 Dec 2023 20:52:13 GMT
pinterest.png
geocult.ru/scripts/social_button/ 		817 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/scripts/social_button/pinterest.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
d371219cab55549df0dc40dfb5a92d8d4be8b8ed24ab44d4c003fdb8b580cd56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Tue, 10 Sep 2019 22:48:32 GMT
server
nginx
etag
"5d782840-331"
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
content-length
817
expires
Tue, 12 Dec 2023 20:52:13 GMT
reply.gif
geocult.ru/wp-content/themes/evolve/library/media/images/ 		603 B
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geocult.ru/wp-content/themes/evolve/library/media/images/reply.gif
Requested by
Host: geocult.ru
URL: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
geocult.ru
Software
nginx /
Resource Hash
436d9fdefdf3800e7aa8d543d79138dafd6a5fa95340a6d9df9515a99d6a243f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
last-modified
Fri, 19 May 2017 18:30:06 GMT
server
nginx
etag
"591f39ae-25b"
content-type
image/gif
cache-control
max-age=691200
accept-ranges
bytes
content-length
603
expires
Tue, 12 Dec 2023 20:52:13 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 04 Dec 2023 20:31:38 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1235
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 04 Dec 2023 22:31:38 GMT
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t44.6;r;s1600*1200*24;uhttps%3A//geocult.ru/;0.579565615986257
  • https://counter.yadro.ru/hit?q;t44.6;r;s1600*1200*24;uhttps%3A//geocult.ru/;0.579565615986257
132 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t44.6;r;s1600*1200*24;uhttps%3A//geocult.ru/;0.579565615986257
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
HTTP/1.1
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
nginx/1.17.9 /
Resource Hash
fa523f248a332cb89ae3ad8cf51d840153e0f96bcc2a4c8db736e02a340dab48
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Dec 2023 20:52:13 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
132
Expires
Sat, 03 Dec 2022 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Dec 2023 20:52:13 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit?q;t44.6;r;s1600*1200*24;uhttps%3A//geocult.ru/;0.579565615986257
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Sat, 03 Dec 2022 21:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/ 		398 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2920555573584698&plah=geocult.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2920555573584698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b228053c9827d7a19943cda73e3115fe8e04d6672ea7cea90848bd0bbf467688
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137672
x-xss-protection
0
server
cafe
etag
190343989920793052
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 04 Dec 2023 20:52:13 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/ Frame 06E9 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2920555573584698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geocult.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
67693
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 02:04:00 GMT
etag
12051592065903069241
expires
Mon, 18 Dec 2023 02:04:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		16 B
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1762117947&t=pageview&_s=1&dl=https%3A%2F%2Fgeocult.ru%2F&ul=en-us&de=UTF-8&dt=Geocult.ru%20-%20%D0%90%D1%81%D1%82%D1%80%D0%BE%D0%BB%D0%BE%D0%B3%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BD%D0%B5%D0%B2%D0%BD%D0%B8%D0%BA.%20%D0%9D%D0%B0%D1%82%D0%B0%D0%BB%D1%8C%D0%BD%D0%B0%D1%8F%20%D0%BA%D0%B0%D1%80%D1%82%D0%B0%2C%20%D0%9B%D1%83%D0%BD%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%BB%D0%B5%D0%BD%D0%B4%D0%B0%D1%80%D1%8C%2C%20%D0%90%D1%81%D1%82%D1%80%D0%BE%D0%BB%D0%BE%D0%B3%D0%B8%D1%8F.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1669337709&gjid=1526501536&cid=1155716277.1701723133&tid=UA-55395314-1&_gid=808812387.1701723133&_r=1&_slc=1&z=54646445
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
d752f92d971a6a3afd2a903855c7726ba385cf2ec11757e1fd694dbd661c45ef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://geocult.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://geocult.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 6020 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Type
text/html;charset=UTF-8
24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 		6 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 03:04:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
323270
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3340
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 14:24:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 03:04:23 GMT
googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 		910 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 08:35:06 GMT
x-content-type-options
nosniff
age
44227
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
910
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 03 Dec 2024 08:35:06 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=AAM/d=0/rs=AN8SPfoZVDB5be-TudnAO_y4l2LFY_GHyA/m=el_main_css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=AAM/d=0/rs=AN8SPfoZVDB5be-TudnAO_y4l2LFY_GHyA/m=el_main_css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 19:02:52 GMT
x-content-type-options
nosniff
age
92961
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1842
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 02 Dec 2024 19:02:52 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-55395314-1&cid=1155716277.1701723133&jid=1669337709&gjid=1526501536&_gid=808812387.1701723133&_u=IEBAAEAAAAAAACAAI~&z=1995500702
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://geocult.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 04 Dec 2023 20:52:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://geocult.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		230 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DHBZR6TRD0&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
827e457fa48d082a665ac297ddeda3a27d9d824ea276dc63e35cba3d1278c9db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83522
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 04 Dec 2023 20:52:13 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-55395314-1&cid=1155716277.1701723133&jid=1669337709&_u=IEBAAEAAAAAAACAAI~&z=1351074552
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-55395314-1&cid=1155716277.1701723133&jid=1669337709&_u=IEBAAEAAAAAAACAAI~&z=1351074552
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-DHBZR6TRD0&_ono=1&gtm=45je3bt0v9135369224&_p=1701723133268&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1155716277.1701723133&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fgeocult.ru%2F&dt=Geocult.ru%20-%20%D0%90%D1%81%D1%82%D1%80%D0%BE%D0%BB%D0%BE%D0%B3%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BD%D0%B5%D0%B2%D0%BD%D0%B8%D0%BA.%20%D0%9D%D0%B0%D1%82%D0%B0%D0%BB%D1%8C%D0%BD%D0%B0%D1%8F%20%D0%BA%D0%B0%D1%80%D1%82%D0%B0%2C%20%D0%9B%D1%83%D0%BD%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%BB%D0%B5%D0%BD%D0%B4%D0%B0%D1%80%D1%8C%2C%20%D0%90%D1%81%D1%82%D1%80%D0%BE%D0%BB%D0%BE%D0%B3%D0%B8%D1%8F.&sid=1701723133&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=906
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DHBZR6TRD0&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://geocult.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-DHBZR6TRD0&cid=1155716277.1701723133&gtm=45je3bt0v9135369224&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DHBZR6TRD0&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://geocult.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-DHBZR6TRD0&cid=1155716277.1701723133&gtm=45je3bt0v9135369224&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=2019151895
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame F13C 		45 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&adk=1812271804&adf=3025194257&lmt=1693404896&plaf=2%3A2%2C7%3A2&plat=3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133202&bpp=4&bdt=210&idt=196&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7395833608473&frm=20&pv=2&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=211
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2920555573584698&plah=geocult.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f3b0f8c0e4b3c1361b83f23c8be4c210b34b0608469f40cbf9680a100a8e6303
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geocult.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
15877
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 20:52:14 GMT
expires
Mon, 04 Dec 2023 20:52:14 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A647 		26 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133206&bpp=1&bdt=214&idt=209&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=214
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2920555573584698&plah=geocult.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab79cae3c061bd624328bcb48fca50cd82a03db6290a6d6f895f7d020c1c1832
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geocult.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
11553
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 20:52:13 GMT
expires
Mon, 04 Dec 2023 20:52:13 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 759A 		26 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=4347476252&adk=504672438&adf=3417920651&pi=t.ma~as.4347476252&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133207&bpp=1&bdt=216&idt=215&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=217
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2920555573584698&plah=geocult.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
635621f3c6fe7abdbc6c52ffba448851479cb3411acd860b929895ce0f4d8b48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geocult.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
10793
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 20:52:13 GMT
expires
Mon, 04 Dec 2023 20:52:13 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 62A0 		25 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133207&bpp=1&bdt=216&idt=218&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=232
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2920555573584698&plah=geocult.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7490b1fd41c1a44d34ac47646e4c7d140fa03fd1aebaaa4d214c136a748b504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geocult.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
11410
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 20:52:14 GMT
expires
Mon, 04 Dec 2023 20:52:14 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame A647 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CAPufYRY4Fon_pI3cWri4rdcrFxciEgH58uhqTT9M94C_9sbgppk8WpM9WuiYLoTowNK7S-PFiTxGq0OfDCTlAlsvYdjDuDI6wu74XaKW7K48RPVA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133206&bpp=1&bdt=214&idt=209&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A647 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3860321303814934829&x=1&ct=77
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133206&bpp=1&bdt=214&idt=209&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame A647 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133206&bpp=1&bdt=214&idt=209&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 04 Dec 2023 20:52:14 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame A647 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133206&bpp=1&bdt=214&idt=209&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:45:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
11219
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 17:45:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame A647 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133206&bpp=1&bdt=214&idt=209&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
3004
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 20:02:10 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame A647 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133206&bpp=1&bdt=214&idt=209&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Dec 2023 20:52:14 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8EE7 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNWoWhVHG6r92GmmvgM0pr0CLadloY1zRGV-95Fcu29Z5j7SLxD7ssCHxqluZSn_ZJsVJqYGxxcRiyduqE2O1OjqzLt_Sms3ssAnDm9AOk3ZI9PGVdlpnujmKtcCXEOcvYrsuOrIWAQV_-opW4spuu4sId63fAeOTBQL55NpXHAp8QdWg-U
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133206&bpp=1&bdt=214&idt=209&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133206&bpp=1&bdt=214&idt=209&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=214
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 20:52:14 GMT
expires
Mon, 04 Dec 2023 20:52:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6F21 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGPKT3_QBMAE&v=APEucNUJChs5VLoSja0xw7iWSkFmm4MrR2WLKDbeloV_jrYIlKDBlootyIo0ZooYtPJBPhbsswpdDvtQWyByalY7VBabXIepRTFWGjzpnUDlEazW2ay-mCb5pRcf5i-vXuyv-ihrqj75gmBEo1AavCEbAvqbQSbMAp0E-39lw6zEz2i7n0R2TMU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=4347476252&adk=504672438&adf=3417920651&pi=t.ma~as.4347476252&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133207&bpp=1&bdt=216&idt=215&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=217
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=4347476252&adk=504672438&adf=3417920651&pi=t.ma~as.4347476252&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133207&bpp=1&bdt=216&idt=215&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=217
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 20:52:14 GMT
expires
Mon, 04 Dec 2023 20:52:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 86BB 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=4347476252&adk=504672438&adf=3417920651&pi=t.ma~as.4347476252&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133207&bpp=1&bdt=216&idt=215&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=217
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 04 Dec 2023 20:52:14 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 86BB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=4347476252&adk=504672438&adf=3417920651&pi=t.ma~as.4347476252&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133207&bpp=1&bdt=216&idt=215&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:45:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
11219
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 17:45:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 86BB 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=4347476252&adk=504672438&adf=3417920651&pi=t.ma~as.4347476252&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133207&bpp=1&bdt=216&idt=215&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
3004
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 20:02:10 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 86BB 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=4347476252&adk=504672438&adf=3417920651&pi=t.ma~as.4347476252&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133207&bpp=1&bdt=216&idt=215&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Dec 2023 20:52:14 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 86BB 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CzcHvCu5ZFFjqVxkZeMTYQxgInu9qnEo7y9SBhdpZaWH1Dn45gqnCoX10ppurtzDNtKI8gjq-zs_nwj6yt8Q92_HLaoCwx8-2aahVpMR4GsVwVaFc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=4347476252&adk=504672438&adf=3417920651&pi=t.ma~as.4347476252&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133207&bpp=1&bdt=216&idt=215&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=217
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 86BB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10040303086560978487&x=1&ct=76
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=4347476252&adk=504672438&adf=3417920651&pi=t.ma~as.4347476252&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133207&bpp=1&bdt=216&idt=215&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=217
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8EE7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK62U8H3ukS_vLpHi5xRQFY&google_cver=1
43 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK62U8H3ukS_vLpHi5xRQFY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNWoWhVHG6r92GmmvgM0pr0CLadloY1zRGV-95Fcu29Z5j7SLxD7ssCHxqluZSn_ZJsVJqYGxxcRiyduqE2O1OjqzLt_Sms3ssAnDm9AOk3ZI9PGVdlpnujmKtcCXEOcvYrsuOrIWAQV_-opW4spuu4sId63fAeOTBQL55NpXHAp8QdWg-U
Protocol
H3
Server
2606:4700:4400::6812:249b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pL6tgHnoCWX0TfupYMRLeJv90AJw5xlyT0WV91o6WgHmQAokRhkh5LRYQrB3mKPfGD5%2B85Nj7%2FCUaw7Y6bmRFYbHhP%2BfkowZGtNoknSBA9Rg2HX9MazsuG0RCogbDvSrksqrUVi7i9tCtKZc4USUofljya9GkA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8306ee942b796940-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK62U8H3ukS_vLpHi5xRQFY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8EE7
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW47-ujhnj3yp09FnQIP2gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB8UKel8GFwOFrYz1jMqKVU&google_cver=1
43 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB8UKel8GFwOFrYz1jMqKVU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNWoWhVHG6r92GmmvgM0pr0CLadloY1zRGV-95Fcu29Z5j7SLxD7ssCHxqluZSn_ZJsVJqYGxxcRiyduqE2O1OjqzLt_Sms3ssAnDm9AOk3ZI9PGVdlpnujmKtcCXEOcvYrsuOrIWAQV_-opW4spuu4sId63fAeOTBQL55NpXHAp8QdWg-U
Protocol
H3
Server
2606:4700:4400::6812:249b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ogsWCD1EfAX8hEOX4oyvlzw3BEFSU3SeqNZpqIFO%2FYY2xYXCWYSigTvvjBLDNgCXG0j6Ugwgpi9znU8kh91uM8TS3MaxpAh1qS5bjfgaGSZoAHOuRNKkjxkv3rW7GogbDb19DaomtPP1C5fzSLyULpzCd6FgZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8306ee946bcf6940-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB8UKel8GFwOFrYz1jMqKVU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 8EE7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMZDwJ_ltyejVJzoxz3W_fM&google_cver=1
43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMZDwJ_ltyejVJzoxz3W_fM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNWoWhVHG6r92GmmvgM0pr0CLadloY1zRGV-95Fcu29Z5j7SLxD7ssCHxqluZSn_ZJsVJqYGxxcRiyduqE2O1OjqzLt_Sms3ssAnDm9AOk3ZI9PGVdlpnujmKtcCXEOcvYrsuOrIWAQV_-opW4spuu4sId63fAeOTBQL55NpXHAp8QdWg-U
Protocol
H2
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
an-x-request-uuid
4ee8b581-9785-4161-9c8c-5ce269ffde00
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
81.95.5.40; 81.95.5.40; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMZDwJ_ltyejVJzoxz3W_fM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8EE7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUwOTA5MjQwNzIxMTc2NDYxNg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUwOTA5MjQwNzIxMTc2NDYxNg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNWoWhVHG6r92GmmvgM0pr0CLadloY1zRGV-95Fcu29Z5j7SLxD7ssCHxqluZSn_ZJsVJqYGxxcRiyduqE2O1OjqzLt_Sms3ssAnDm9AOk3ZI9PGVdlpnujmKtcCXEOcvYrsuOrIWAQV_-opW4spuu4sId63fAeOTBQL55NpXHAp8QdWg-U
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
an-x-request-uuid
b4e25427-a3da-4712-a472-536eeb0b58d3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUwOTA5MjQwNzIxMTc2NDYxNg%3D%3D
x-proxy-origin
81.95.5.40; 81.95.5.40; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6F21
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB8UKel8GFwOFrYz1jMqKVU&google_cver=1
43 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB8UKel8GFwOFrYz1jMqKVU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGPKT3_QBMAE&v=APEucNUJChs5VLoSja0xw7iWSkFmm4MrR2WLKDbeloV_jrYIlKDBlootyIo0ZooYtPJBPhbsswpdDvtQWyByalY7VBabXIepRTFWGjzpnUDlEazW2ay-mCb5pRcf5i-vXuyv-ihrqj75gmBEo1AavCEbAvqbQSbMAp0E-39lw6zEz2i7n0R2TMU
Protocol
H3
Server
2606:4700:4400::6812:249b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QtrJP05eH6E2GtUvccdpx3hWY82jnwH61KE6OZJaVTpymfV%2BgmooZlrAqf03bwSKzHiP%2BFSHLv4mVhpC%2FFmBdZg4C8cU6J9kfbd4R8N0GKcqoc4ygUthCSghuZpEoiyKmv8njtbmYKDzgyJrrOLYWh64PC4Z6g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8306ee942b776940-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB8UKel8GFwOFrYz1jMqKVU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6F21
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW47-ujhnj3yp09FnQIP2gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB8UKel8GFwOFrYz1jMqKVU&google_cver=1
43 B
747 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB8UKel8GFwOFrYz1jMqKVU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGPKT3_QBMAE&v=APEucNUJChs5VLoSja0xw7iWSkFmm4MrR2WLKDbeloV_jrYIlKDBlootyIo0ZooYtPJBPhbsswpdDvtQWyByalY7VBabXIepRTFWGjzpnUDlEazW2ay-mCb5pRcf5i-vXuyv-ihrqj75gmBEo1AavCEbAvqbQSbMAp0E-39lw6zEz2i7n0R2TMU
Protocol
H3
Server
2606:4700:4400::6812:249b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YnDgEZ4AhCselPQ0xdKjQV4QGgK1ROC9cuElyssVuCZ1fzzeM3k5jEyihcjCAHXmtLg3kXfi91xltKcCiCtru1whbGXHXnVXeK81%2FB%2BIeB%2FmyneIDsVy1n%2Fg%2BQOgSpj3vYaQSrpCMm0q6JLZmUMl9zyoUVCA2w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8306ee946bcb6940-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB8UKel8GFwOFrYz1jMqKVU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 6F21
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGRSvsNPEcg3Idc-SSvInsQ&google_cver=1
43 B
836 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGRSvsNPEcg3Idc-SSvInsQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGPKT3_QBMAE&v=APEucNUJChs5VLoSja0xw7iWSkFmm4MrR2WLKDbeloV_jrYIlKDBlootyIo0ZooYtPJBPhbsswpdDvtQWyByalY7VBabXIepRTFWGjzpnUDlEazW2ay-mCb5pRcf5i-vXuyv-ihrqj75gmBEo1AavCEbAvqbQSbMAp0E-39lw6zEz2i7n0R2TMU
Protocol
H2
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
an-x-request-uuid
023adc31-f6dc-4468-8030-c4946974e457
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
81.95.5.40; 81.95.5.40; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGRSvsNPEcg3Idc-SSvInsQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6F21
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3Nzg2NTUyNTIzMjAxNDM1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3Nzg2NTUyNTIzMjAxNDM1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGPKT3_QBMAE&v=APEucNUJChs5VLoSja0xw7iWSkFmm4MrR2WLKDbeloV_jrYIlKDBlootyIo0ZooYtPJBPhbsswpdDvtQWyByalY7VBabXIepRTFWGjzpnUDlEazW2ay-mCb5pRcf5i-vXuyv-ihrqj75gmBEo1AavCEbAvqbQSbMAp0E-39lw6zEz2i7n0R2TMU
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
an-x-request-uuid
abc1e238-3224-4c32-890a-4cf7a81ade0e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3Nzg2NTUyNTIzMjAxNDM1
x-proxy-origin
81.95.5.40; 81.95.5.40; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 62A0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BpdU9Gmwv3sGgMcqAZei5Q44SNjn66CC9oi5PW-M2FO_n1RpGyxB1kTRZK1L0Go-hCqiHvhkbpsG3DrYPSC5jMLJTs091lwCdbSmaS6may2S3t8r0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133207&bpp=1&bdt=216&idt=218&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=232
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 62A0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13354838633563513820&x=1&ct=77
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133207&bpp=1&bdt=216&idt=218&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=232
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 62A0 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133207&bpp=1&bdt=216&idt=218&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=232
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 04 Dec 2023 20:52:14 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame A584 		624 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNXFlG_jl0VQOedjw9BrPh9eLxIBrun22Xu9DLI8HnMBiybCUFovE-woZMfarbfhX3Nh0LUchbYgtNEbxfgvAn40058WjXV4P8IMVY0ZD0Q0PSbfj9wbfugyNXSw7yx8IkSpsFp46iaC2DiZMSMk74vZJdS7yo4JZvT8W2yr5KUokupE0HQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133207&bpp=1&bdt=216&idt=218&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=232
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133207&bpp=1&bdt=216&idt=218&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=232
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 20:52:14 GMT
expires
Mon, 04 Dec 2023 20:52:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 62A0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133207&bpp=1&bdt=216&idt=218&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:45:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
11219
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 17:45:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 62A0 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133207&bpp=1&bdt=216&idt=218&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
3004
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 20:02:10 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 62A0 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133207&bpp=1&bdt=216&idt=218&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Dec 2023 20:52:14 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A647 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5789754226604&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A647 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5789754226604&version=m202309260101&ct=77&x=1&cor=3860321303814935000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame A647 		20 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BO2TM61HtPK7b90tmQ7RMfJQw5fTa8F2LI7oOLMVUXuncjnwM2WxFZVDLlghvXR-UpVcJ__MlztWIHVfh1KWjF9EqnDYfdf6GKfnQHF5-lsk49vwpoEb-gfidtshordohyC5Imp-BdEbI-6m_HnhTejqsVD0K7qdU2y8yxKU2IvAVN13750Wpdr9IP90m-1j-7K548HJJGc4EJAEgboO1w9rV_0g&cry=1&dbm_d=AKAmf-CM4GcuaVXWpF7n_YggVQhwQKJ21VszCB90wOkq5ysuwDK183UuNgj5h7LZTaPFW-eixZMp-UgJ2dYNv0f-XC-k0Vhhn_Cnxp6UrEw7U8RAPyLJSMDIa34v8_4cYSJzdpbwLETLuAaQh9Cg9_ikS4aNuw8ZVGclQK6PdpBrNesBZ8fPfgjm-camUVrE0kVVxNdtYRqNbqR1FQwqoa4vPnVRljun4o9sB7gg0waFEWokKgiin7qYef7tCBfimubGHy4pEm9gdwc0OTYWT1ObPg6thvLKUcqlNU8Ls1uDGTqjJ59WMONJoLg1e-2dve2Wkn_Jk2pe2wr8MbPRrSsw2WSM1goXXpukkB_rB4xJzrLjNW6XbkfAKc4ZdMbHwZpix_-h4F7mYlBxLmv00Dirb6TXiZQpIuawPwrMKXM9PlkW4VORrh2u5paUH459XZsJzCTW3-vD9eZk5IYqY-oL-i1bBDShp5rcmDgezUkjEnoe0nFIuhslsUpgexhZfPd__v_T7iFmOQBKORmlPphkJJP24p4Rfy1Co5iozG0phECTDTPZ5LV_XOoxkdgW5d9l9bGgy8VUslzWThwsRaqIkyi_lDq5mme9m9-lZCpUU9cyqUOPtmUhpII9nJhgABWz2z14oAQheOQZ-dYw9niZP_vGT_Y_7aSowJU_3ZmXvVQmX-cy3lR4kqVZghsOBHpQIg5pJZeIxR_UMyplf4DpLAzFyEgd7mQLwX2l59TCefT3i8oH9qZoR7xFKo-drcXSFmFkUhDIK7saguFDJgas1Fr_EUhjY68p4snWffRS6quM7VuJJZeno2VEMfE28qVxBfWeXf3J9nOXTS17u-DOtEMNvO5dSPadvCdNu_lWwZcCYohYP0iYr2AFK3nl_O2KlZd4Je8K_h4sFgTZ6H3x4Uj6uU_QZBLaSp1Pdn5GXmadk0X3i5QXa7fzrhmUtqUjwgXRWGLaJm7CfoZckoERnokE82fyfUC_fX-JT2Mvt9gFYN43NYy2x6jIep4-gMsW-wbeDPb2goiFVamxOUJC1My6QuuQwdvf8a2rkl_4YPv1xYVX6s8R0PBUwLYg-nsH13_CR8rpUd88-CnIlUTu3Ru5cBHT6hqVybjpLRYiAdYG35O2WUwDWevicLBSY8oWUCWRvX05yb-QfbeCyzG9RPqsJuWlo3zekF40qy5Hyz5ChpiRnZ0OL36x-Zjar4ZY881787SaZ6TluK76G3lNtPM5Jp9dizV7FB4nRnxTIUFDUJZOUUwX3WaGDum5nEgH0kYhWuhgryk6yl8JiiySrdeHqwCwTFUirO7amZDkA4ksv1Rr8kMzyYj8SzwyN45oJJ8OYAWypxk8euu1XWnch3BCI44K_1-Ygm_aWbFEy3iPmdoVfkjJgqlNgi4SPWb1vbravRlgaPlZsDMPsYcFGOb7t-ZqsqIvfL1ufnBBayhPeFQlZfxT1UtevpWHuD7xfsC0g5UZeX-ZU1p00hJjB-8LfnZrgXDVT_akjStrRu0CwVjeEndoCwqonLaJ_BFhvR2eb5yVj9bKJVKYAWfoyn-tS2sm8uJDbHkF5L7qfND9811hdI7sdGVKcojNQNJ8qaKywWdc0-NgdUARob_q34NqRgxwtWcvmNXG8RHDiKsSlU752ziSYtkZcFN3HRsQM-sbj8_bUGX9nTRsW2pWKNDvD4Bg-Ag4E10ttDKCEtB0RiZ6VMw3nKo8Jy-bB4uHIHXjsZRyXzfgV7FkO9MaPOWlphPwoujpwW3NAkIpLoTfbmw1KjxF_mL3oE74On7i2gHHbA-_esL_IGUr52tVvjT32OYZBE8Answn8aIOgmVb4WbplwrOOJyzks0ZmzZeLs81VgGB0Y-tPmlve6NZokl3KfxBIqDsaOWUYbinPx4T7wX51Y2tapwBVAi-teeDkoloQSWIFrdRWhw6foFpbxmo7T9eVYwK0O85128BACvKdtjBq5p32sGV_x2XJxyHi5OKx7WY0S7yBA7318PIrSSh5nZsmaen4IcVR5vN4tzZHJIHWB4U30Qd4uvA39tFK7DjSpgM0M5xTYUsgI6vvhMArvlxAzM60Lcfi5QQcw0t41PMPFyjjnt1QX8ydAfSmqzq0ORhiefwh3H65P995BybRivCnWtqK2M3TIDanLtFeMzbt_g4fHFPc40QiO55ZZ4x6DYrHpEUMDbsdvndXAuOMWmlOp4jvg84-4a_vvAFnOGI-h7Hvk5xx-4KUSOnGXYQPiZVv5emJabXnoPIBqnj8DE32-o_pG1lmITQ_UPizpntF0HVsQcxj_-DJiciT_-vjbxX4YObqRkGlvc_SPQ9sRW9ldag6z80ulYk1QZAgc80n4griRrSMlGF6OF9lf2WGKnDKrxsBROwguYNx-D6y385oyEN-IK6RZg_O-Qxt0w7rst8GR5taTMKQi3zq3pUPjbWwwsaWjMVN8YqZYL3NWAhki64WjZCrEq8tkPArf9d36beqJLxuWMfQe7QnO1Nf-vAA5RU8Oz074a910kOefgP8ZGliJqXAEFO9LFrObo0wHR_rmkrMP4DBEem11paIMBj4gxcWAu4SqMGP-WbTCkSIHzIWtCiG2O5cwfGOH51No7qjrqnd402g9rOqEPegZHneCZTLXR4qw-JQECyDx_3-trw0ll5WcyOlxX2143ubbW57iNKtI2NRAydInRMeB9Cfv-a8TG594agPW7FU9lSwA2eF2bkL2ImWe69xwhLvvPDotYP2WHaptYg0x56ju9W22bZLLxVQZkA2xXvRoSoa4fppKPVLjM0YhbZmKNj9ux0lh7poUUGGUj05RfXU4THZ8UIqGARhzBZMcEY0y0K-UjsB0eV-Thl10_YCpWfFs1O9Z330ZyAcDLdCrpe6bY-0jSxpvOyWaI0jsKomMWvF6cTB6d3jABdkv4L0RCr_NsZbxCGZpK17uAat3Q0fMhsJ96a85rx3vxjDEJNdmId29ecQxNVhApofNTNghNqFb8e6Z40cuL7J5MXMI4tGPi-RsCxJC-A30dSGm-Z8OXwPvE97ysYj7JD8QpVIC8TL8m2Ht4GX6GfvM8LQyLR9EYikv-wO2yPYr8hg8nmxanPEWZZYj5usUBcE5O89D0Zob7HC0L8i9esHplTp1EFFQzjq-cFODOc6PSWM9cdFCObH8mxY4rL7b0q7vrlmeJLSLMSDSJ_E_yF7a2dnLwvzVsc8xYfIfwzAayjrO5EU0HOe-cmK1t5XOzY8vEaPGcuxUdb42XqEKr42HH0fTvI12WwLfn6WkQUhsf8_Pfi8i7acLc2yOsgmtdHZLZHJzwIIR_gU3fpJoSEYzCojdrKBcL6txv-mKXzfIDPS3v6OwhxrmCY1lM55uDCSp_P7M7P8Ap3BlRXtsv8pp32rxGsEui9V6hNYIe08x9NGDjmBJmQUyMQH2Yq2HsqjXAAU3BES8hu802nocI-WwxS6TfQ9LDhE7pAxfFeAmOS9oJ9VmF9XFARtLIsLO8LWsGmGloEHc6Yq3a28BIS22kvdy6umdBMJWnDdShqHjIHruEDGTU6x2gHpHCKrD-32IRHH1UAFEHRGXOOXuVNPyadkLvevi5pLDshzRS20Tsufc_UYNvJNn1-yKqo8yp3KOz99ylJBoAw8YrzB80caddUngruPEVAoDDkBRv8lFhWYE6AhQn4S7Ywr_KDuxzu1v3tTc7hP1pvJHZSjlD9E7qcsX1_IAt85cvgLS4USGhjaO-j4KHm5qJ14HQNrRllA5PCei9h_10zxUQ6e0tUFXjT0TtVMkxS2kTnRg6wCTioC61utQjbji9PcFV0km2Qh2s-IXt5rH0txoLfMgL8BCzite352bcFim9m7DUjEFMTli3rDR-VJtpqT6qsQTxyJ43g3n2z54V8v_QFl7bgIWbhhacEPR7UGhkjNA--O1pj70THjuZOsH49tcFNOa71tLfsgJNFTshIT9ujhHStYaRTYA4-UmDefxpM6ZVNTzfWhwx87NE6OwepmxXMWxoAVITTqX8KHJIxWVyJP2AXLiFowzTbGU0P6265biO-EvZ0vaVq1Pvud9lmKwYkLzoLLomeisP9hbbBPrDyjiNiWc1wk8yBa9Ooi4-pnC0WQt75aVIgCJzCqA&cid=CAQSTgDICaaNgHUT-M_IpQZ4aKOpFn4XSC0vL51RM2IgFN5Yrm0x-rd1EnwumDqt9enuy5GQ4E4gUQ4dstU_R-cmlhUxLlA8RBpvjbm9Ijm5xRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgeocult.ru%2F&ds=l&xdt=1&iif=1&cor=3860321303814935000&adk=250412560&idt=87&cac=0&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7888919ea360ee984df170d1b7c257532421cade6227511f28876561a8a36003
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133206&bpp=1&bdt=214&idt=209&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=214
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13772
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2920555573584698&plah=geocult.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7603ce8a9a01c12a4e8f47210006833fd6f0f9915f3de8d624092baed19b9b9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55936
x-xss-protection
0
server
cafe
etag
17547285411142443999
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Dec 2023 20:52:14 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame A467 		122 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=-M&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2920555573584698&plah=geocult.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
504888843603ae4bc4f3d01860a3bd5c2ae6fe535fb3411aefd463879939ab22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geocult.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
48098
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 20:52:14 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6D60 		32 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=0&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2920555573584698&plah=geocult.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7553072b1cf23279a2ea3f5b0c4e2a41b40e3653f942a1c7f350828e813b931
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geocult.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
13498
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 20:52:15 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame A584
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB8UKel8GFwOFrYz1jMqKVU&google_cver=1
43 B
747 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB8UKel8GFwOFrYz1jMqKVU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNXFlG_jl0VQOedjw9BrPh9eLxIBrun22Xu9DLI8HnMBiybCUFovE-woZMfarbfhX3Nh0LUchbYgtNEbxfgvAn40058WjXV4P8IMVY0ZD0Q0PSbfj9wbfugyNXSw7yx8IkSpsFp46iaC2DiZMSMk74vZJdS7yo4JZvT8W2yr5KUokupE0HQ
Protocol
H3
Server
2606:4700:4400::6812:249b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hBkiF4j0IQuP4P%2BELietTOK%2Br0mH1czhohFj2mQZyZPn95w6P5T597vpH4FLluc%2FYQMClkp1kUG87CtTl2l2oNPKHVOwHgCHMthQ74JCDPY4N4h4LHBrQPSqUGanNotI%2Fm6X59Xgo2bdyiewMGPkXCvxOc%2BN6A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8306ee949c046940-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB8UKel8GFwOFrYz1jMqKVU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A584
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW47-ujhnj3yp09FnQIP2gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB8UKel8GFwOFrYz1jMqKVU&google_cver=1
43 B
748 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB8UKel8GFwOFrYz1jMqKVU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNXFlG_jl0VQOedjw9BrPh9eLxIBrun22Xu9DLI8HnMBiybCUFovE-woZMfarbfhX3Nh0LUchbYgtNEbxfgvAn40058WjXV4P8IMVY0ZD0Q0PSbfj9wbfugyNXSw7yx8IkSpsFp46iaC2DiZMSMk74vZJdS7yo4JZvT8W2yr5KUokupE0HQ
Protocol
H3
Server
2606:4700:4400::6812:249b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2BbFZpGcpSPury6N9m%2BVp33ROJH7QbukAGnx%2F6hXmQFpMxRv0XUGT3QkHEmdIB7uD9e4VENpcNd7PXfxvl28ijEMGyn6zV7ligrY7Xj4M%2BZVf0oeQMKzKryPoiCblkqioYlbaIN33PWghR5ta2xj%2Bi7m2pxrJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8306ee94ec496940-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB8UKel8GFwOFrYz1jMqKVU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame A584
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGRSvsNPEcg3Idc-SSvInsQ&google_cver=1
43 B
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGRSvsNPEcg3Idc-SSvInsQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNXFlG_jl0VQOedjw9BrPh9eLxIBrun22Xu9DLI8HnMBiybCUFovE-woZMfarbfhX3Nh0LUchbYgtNEbxfgvAn40058WjXV4P8IMVY0ZD0Q0PSbfj9wbfugyNXSw7yx8IkSpsFp46iaC2DiZMSMk74vZJdS7yo4JZvT8W2yr5KUokupE0HQ
Protocol
H2
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
an-x-request-uuid
6b68f923-fbd6-4ffc-9370-f6e8641423cd
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
81.95.5.40; 81.95.5.40; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGRSvsNPEcg3Idc-SSvInsQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A584
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUwOTA5MjQwNzIxMTc2NDYxNg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUwOTA5MjQwNzIxMTc2NDYxNg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNXFlG_jl0VQOedjw9BrPh9eLxIBrun22Xu9DLI8HnMBiybCUFovE-woZMfarbfhX3Nh0LUchbYgtNEbxfgvAn40058WjXV4P8IMVY0ZD0Q0PSbfj9wbfugyNXSw7yx8IkSpsFp46iaC2DiZMSMk74vZJdS7yo4JZvT8W2yr5KUokupE0HQ
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
an-x-request-uuid
d01397ce-dc07-4215-9ce8-ad89046919d9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUwOTA5MjQwNzIxMTc2NDYxNg%3D%3D
x-proxy-origin
81.95.5.40; 81.95.5.40; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 86BB 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1012437837466&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 86BB 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1012437837466&version=m202309260101&ct=76&x=1&cor=10040303086560979000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 86BB 		110 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7sX6PTltYzAKKHXAamYbhmPctOcZ3uuetT2nVvYOzKSBCabuKYTMOEq-F8J2jgc-cQtBQBpi2CEcBMrwhs0B6drU6UpXyldYk05D7Orc2GRdjz1zs94oojUsUygM4VJnhoZbX1xLsYdL0ehX-yj8_ncTh4TouwQ171qwBCpUO0pR-jEg&dbm_d=AKAmf-BblGwkiOqJn0-raSVJtY-TA-EIcBAUiMR0U6x0TsBSwEcoU-9wPPq8iPOVJoWY5HgmUMao_UhT5K047VAHBkxaIXO7AKN94-MDDTxDw-MiAqsNOGNLUqgDBj8X80TV5O7sR-rDXg7VccICGiafb9rrnJAeAzWtj4itSrj2SVmL9sr8glTtSrjyPYTF_-QngxJiBL2vQzUMTeyT6SuzAIt30mAy4TkKtE9iAyNaPPuWA-8xSaoCpSS3LMJAFABRa5xsM5FHg7FMbBjWk7eWsKGi3D-wkIAZEFNqe9NEFeArn2QGPugrgxnltWv0V6zgU958upRXESKbn1buBh4ZaOYatx3AWEdLutSpeLPnPz6Kl5Bk2tgzt2X89ySl8dsJd0fFfhhH21TsZztaxW22UEREQ6ACNyQHgsEj5F-tCjtruRd--D5kJOEqgbJULgsgqUMS2h7GaYouXH4RL9fnFJ_UzSzwprX9kDfNp4VUkW8RW2LqoCg6RiWYlaLhFyUUS2PN7sQ1CHv1cR0cAoNbjJGlOS5Bn4zWRj0Smdn2HB6VlN8FPMo-6ASCqMH5drNU01-REXF8vJEyzxG2QhjRY5CIFEBdGK7UbOZAjeaFrgAP0hgmAiI9lq2ajT8YMuDg85hwDZ_z1aqRmJ8BDp1LYIMEws9qhDRnkaviWsW31ipzTLbIIHNSGbKSQrvCHFSbhNeIvGxKIbEdfAt3cPpgYpISZLghpP9-rrMvf5NLVp0Y2-Rd0Bue5j0xCpbyIT8vHachsiu8_Fm_RRLBqZ_udhc3RFa14A4nrmONc4azZ1jyQf85WOYgMzODVp0iaVpYUoLJY5aZxUr06MGtVFbkN_QtjmE0hQJ0MlqyMV31d8v3cmokKc6gI4numcbjr1K4rk1ikG3J3DvWispShs59JyoxBD-XFRmZ2vSRCeKirQhPR0v1HzZrPD7nCfbK6Q521qFUvexXvfi7xvWiBp323fEaxK8jautArjXqj-_tRE4UWECqzKYNLOEk4WgRQn0ckp5pMbQCQ4j9xVGjHJU6cs9564GrBJCDhAsdJRjj1VFp1cWJ9TMqsQ-KcP5ZwEtrLiMSCwozDjxyyqM-byjxpQhyFC__zm82t82u2D47gaWfD0lEwqhCBlBR1YDRoqT6fu5oV40WKZlHMNea2ZJ9G5WRun4mKtt_83iPq0fkLyetfxz93ODIZShoN5L8RBnKeiDff3HzLV-dm_ZHDsztA0Yuil5BhwgoO9r-JDYom1JeM1mVpsRLyAP3RTfUGrxMx7knMfMt7wMMXKSKI8B2y677pYBuoVVCq5UbfUjZ8Hd2eqMilQDR8Px28Duoi4LlaFCuy7PkuqM4Bd5YQfXinv1-oUjjwy4YJ0v7n5g7HinM6XAMQV4WiirJZeZyX55AjwjCFDpulmcLkiKC376pGaBjaeZCYYNK0V3nbbF4ag_EElSlUTwiJCFy8x0dyPig5VtWAmqZ74XCMyEb8vye4BGKgzuIN_ekUgSm6KNcg8jWlB-WDH_7q6n_ICqxcB745ZtrHZrB7X5NdCSIbSarXSM0N2EqhADU4bRVzHXOPd7aXBeKZ677zTS0KzR24PIBVudi87-lW6rGBn5NgZ_1UogVf0DkD6ZbLqLc1BBKwcABVnu4o88DEVbodx2qr88L2t7cCCw7DTGx2rvimI4QidDskeI9FDO6gr6ocPw0FJQf4MuZzVOP00-QXxlIUPdCAjE7a6ZrBomQ2ubPamRYzAEF_D9PFp4PDbq6U7USvcl-2vGLbVOOaYhSIlULYLKFI_XWTzHr_u4NKWtrbrxCjYhY59YM6pLHwFZFSNyUQTiE8ROjlMMsFhgXTbsHAlcLqztr-a8QqMLKG_TMs-d6142MCSFLd7TeJVpfxBd6lQTLYJg6I7-OCqY-JVt04ndXkHF_fn5lqPH7RCLjpCcAYo5lBRz6B6p4ZXThdtY5FSjvxMys0X3LcUMQ8-FVfLUS5Evvz1VZCThgaqjxREsbuaeoyFgotaP3-t1uOW7plhBDATqckZylDX2DQuEOZTo4wHqD_reAhzaS-cqWyJzIep86M_KPLELEda5jVlIlBqeOwtbR44EVeMGkfVgU9HJ_2_Ji4_POvZcgb04ywBjbw_xrXgeKCVNlim3t4xNFX-_qGoINlkIG0fUoPpiv9ZkRnUwJ6jn2HSY1akiKkSpLZuHqtUNFDAtmOibvj_W05D_0vBod_hSDtL4XU8S7L8dpO8Hw59O9n6D4nXvTwLLKUHuoQhjVbqFtR2Jwr2GEP8w0NREWT6oaic9PjOrZaOBB_RMdSvEurdDHDxg5ZC0sYoD06BDkorSCIqp63jTdacukFoAB1Cmos4bNIj8SdSLXWXQ51ndp6lw6ENGWc30SsT1ciXgtkfzT1rDQMgphHsBl773UoBJPtxALFk4eHABRrV8fsmBaSitdPKXuz-uv3UUC1VlTJEjeVeECxUPrLAUqNbOyOhh2lXx5hP4hHyJ6dKzF6b6LICC4fFwstHURbInH26aeec3YpyXlIfxQ-AGpKYwUPGPQt2kY9w86sOLE0j0gax_sbAZRfKDgjFdizmviMFBiXLUtlyO6QU5BC5I4rRo7q8z0rpNkXUAHwSNOsaygYHJ8oUGJbMCiAZRfwO18ixOQIEiIkEsgjKR39flE35OWGHCVSSZRc99lfO4R7LbaXSF8sMbcUjBrOZCeHrpA3L89svOsOQ5fj-3YN-CzFB-CfV0Ff57zWv79S1kwdtl91fyMJsN3lLNU6o65PzvEe0SKRcum2mpJBEo7nK4gHnngsePqNQDKvR_YHJpJq6zFCx5407wK3hkS8SKNyKcyJJUY0BaeZWSun7JGiTwILfQT50-EIZ5qfuQnqwq-ELA4eie489wF7SBGGpBHtsFl-3X8whpmMJ09wNGMv0E4S1-RFoe_Uf_7WW2OcoTvkHACKX4KssqLNBYhcZ9E-ENBJoOGhT8qgs69oiDbfEDqzVmE2ZafciSwWrxoelzBigo-WnV-FrknxeLJO1_fX7wG2nwEH-Jg8_rlqWgUYKtHaaeCEKFpTZwJvpxaO-ivGuKvBexkn_drPrMLelRClWZMJDiFqSvJ9lq72vcFJJHDUQlMj_icLB13PF1yQ_-pt0Tn4VgKOt804PhLRIX-jVxY0TFhC0stQLLh2thQH3Kot1AtpFFuTGWKLAzW4oUbPXW1g4pYgVSkSq0C6tCojxpvG3n09oAWAO-S-KukKHbB5pvGWhw65sqwLE_Gh6ckXeOPRS3hhEFzdOjWMhGIfduPrV22uvdOb1fEVNz5tOKjuq2LSOyzXNf315M9gq1HId8MNqrYTsHQGhN8g0-YdnlSOC11aJOHUt0NqTAeuXyvqNUY9cM6k5hcb_aQzJme3FBS-cjp91H9EmmXY5B--S2_OuQ5q6HiuBkO8YYvEpC96kl0YeE-2BRN2cI3LeYJ_ZA-PDN434o6uHv_iqxTJnfvoPZT8-xUl5IrTB_bJXvzT5uYth6HMfkM6aH1s3f8mcvgw25YQdnza-ADDIpA42RUb1H-vjpB9GITrNeeXtoA7XomvwTWh4Paw2TVNXLwVKP2BhoPPs0Zu9-22nxW_RP4xcKByhHd_dQB5kCAa6QOf-f5uf6ia-JPFQFGSDFqTBi_7F4STybXZxZOmqyjGftGPglBNKV9Ob6rpWkCHFiOzkU4JsIHtDlu2CEEqh_j-BEGGrEx7c8amwDX3OpJhMhwStMY8Rb7ebCGEtSvhhH89sNAVwi3IUwgIcoZNT32XanLX4ID&cid=CAQSTwDICaaNngXTSm8kT_dEIso-2Xts5ekSkTJ7PxQCnk_c6VPyC3g3MHNtoxc_3lU8tmqz_sTTzzlqy_VQjN_6KDrASHvZwDCIxRD27GWtOU8YAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgeocult.ru%2F&ds=l&xdt=1&iif=1&cor=10040303086560979000&adk=1761367587&idt=114&cac=0&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f19ae9bb101dd570a0185dff160119b41e1e33b07ac6f93ce87d40f82f5e025
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=4347476252&adk=504672438&adf=3417920651&pi=t.ma~as.4347476252&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133207&bpp=1&bdt=216&idt=215&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=217
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42426
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 62A0 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8392038703981&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 62A0 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8392038703981&version=m202309260101&ct=77&x=1&cor=13354838633563513000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 62A0 		20 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DCMKLr_8pJTKQEk-E1dtARW8p1gK4nCsJMKr0cSqI464RTB2K3Tl4qeuaAkMaHFLJ3TdSb_BXmC9T1pNVCluDXEesRwPey_LCZAXPC4ODRY_X6Dmp0itCVDM8KVvj_uNxKTwzO4pMtvAHG-iT2n99WSVpU0jhihc92jC1Z1Sngk_RdArc&cry=1&dbm_d=AKAmf-A9kIqpV6gu6A8YNo3vSItwDlZm2g8iWOMXfq42iHyl0DtNcJTCCOvuixpI4UVxiK74HmadTGkLfuG5qmUw-0fjAg9ODb6zQnRg54in3Voew6teZ1FEo8AHzJyvfTnmY5WppcpvbsAaD3AkYAFSvQ9QlZZKoM1EM1Y9sQgNdESUCzNr8x9RP6ooM6A5DWU6GYoNx4Iwq3kXgk60zUPA5oaFtnSxKf4TBAPVrqyuLVMp--1HLHkdhUpzLQ9u6duoDqkes7zfD7TCd0z0bQv6F24bZL61SNs0VSv8x1heQYETKuKosPWzOLCHsaeRulOuGxN0uLxDkpU1DH9Hv6eTmXDGypfvAtXoCPhK14WZCldCh9wbl6ypt7kT-IaHwPOM-cGMcm_UIo38F_3ypY0M_0BbVkNnJ1H0dh5t3WcXvb33rYI6KeO5H0z28GjYNMrWe5-NwbG9BFZlvIs_5-m1o1A96vToPwQ5B8fY9u22EB8Auw_kG1TFhh0muZaFFA1I2DmvfIi2b6TAWBYIiZsJbXIE8GZHeet59ANp3rtbuhxP2cJYPgQOdjDLo_kLyMDiiwmmZmKQW0lRGt6jf3Df_hNAP3X7IRrPHF5ITKWW6XMsKN4xNPG41xBZKwCZzBmiEgLqi25EqW3CU8yFocNbPCSwjbqhmCmgDmIP1_YBL7pQV_tQ23grwpWVYIP9RIL_DWiNEjp9DgrrUGNlF5zlYXRO41gvd1FNShJXn15a5XIUI4FJB0r6yjoW9oeMHQiN0npeyT0iexHLDL6fE16UMOUyJ7HmoXa0WScwrnZhbfrGFPfaEezYcD88ZS4K5uur60rUY3uqmbaga2nzXzPTcCv60_rsuIr63O0_DPL7ryem8W-HKjl-mJoIxFeijJdyXinoWJ6sa57DI6yLAvSb-Zo9uE5wcY41raM1kcVW4gXNGRppKi_1YBno-YOvxo8uxTpTy19bF6Q4pozbKHkkM-7n0vzIW6wqbOq39QzOYHSzO9NguDLHv7osxpLXQngp78zoKuAqQXuxH0F1ouekhIiXStN65wBit6RMpcwOi8dzJ6waUQLmGdv7WpV0qo295Pyyr5y2pN_8KpsM7IR-QkQeJxg5u-zaxy-QWn1uiqngQ9aLjjmkzsBp5wNi_7Vj6WL_XeO97uTdDZ7RCj7Ky_cvD8_-TwlYFlcTtqOYTwq-1DBmEx3gMy4Hi-fhGrk9COBS3j0rQ_MsH6ToEfcqoBttoVzl3l31Kagp_YFZcC9FfP2FGWhbPxppAZSkJpEFABs3L6NBLuPhyUIpqpUDyDRPQ0jFilu6jXqWFc543pHD6hipmmjSLog6ijEJaweeeArR4xv5MmF-pMK0PBkOZDkYC3jI3EbtDdaFcEb_Q5qqGgCf-7kvIQBcu1cEWkVEbu5TwmUmhwLt6W5t_w-4-F0ItZpr3eEvr-xSirkmd_VS6ks70nZMnhu-tzPFkJedwALmWUWuCd3VvGIs9JBI2jYjTsYaqa-oKL4Ilf-czbdRUNoX_SaMMBISWIGS5qHabeAv02t7InMA41WebNFYBhy2eUKWc9uxpt-wR50MawPYnUrQy1Fb3coW1arzyWYGj9j4xf2XoLztp3JldN3QPfbmIV-uxmMoGqEy7IQ5CG2t2Y4LNnN-SL8pWctNYQux2w55xXoBbaiM0-xpIPaMbgd6Y_ZsUNIEoCF6t5NjaUHYz_5vcnRZLmOOpIqG3WEDYbnat3Pyh4OnlDZ7GehQvJVWLkeBuIiDIDRfY7hfVjPcywTruqlTMK8UCa5sK56EgZ1p6Hcih-UDNFlR6nnrC2gzMugdwgZWMVP0Bjrisr0JtDED-Z8zgl4A0G1kRjT6VOTccBzWqmO7Qgu3xWFeHOP3tXfbUEIqj_hVHN05P1vuEP3JM8mQpOw1Rct7sGQzGTSX1bOJg-FMO5b0VRgt3YZFRmv8MGsZLVU3XYayPF5RvvjVdirkOUyDBkjBAs3uG0HBtvtsDydkLKRAIf3b4X23rXH4calEdsE6fDyFym6flOR1CYyfbmoAbJ6f8UOrGQPK3OtAF1KyJOJ1tONs_AvYAn28JOjCnYtyF0__UQVrnArOx9OifQv3GoBW4m4bRtNc7dkec33BeMk-_apbM2fzF1wd4_Ww8jo8bAnGn4nt8ZQq7oAXP3NPXbUmiZv2JO4FSUKGTWCgnmJ-ou5rTJ7s6dZq3ndS1_TmZD79W8lWmXulU6Q3K0q4WXa39awBowWx--kBWlweeMrymVYprU26GW5_86K1ATQzXPMGs4CpLX-IYDv5CVINYrgRaQ0xYkJf1-G3lTg1gE6EpQxEQVELwfKa4ukCbXQBNkI1Rzs5RAYiLwYgQkGLHyyibLZt78yeGVQmviHzecaUm0VZToPY26MEsbJDbUVmrmHOnA7RsUiFwC-aEjNZ0nglsbY2hfkkyBTOCsk-pTVblPzSwurVi_XNzEUyhJZM52kqTONA5eMz629W9LE2AQ3poQwFtDCcmE_ok7FndZLGa6b25qW7tEv-cbfBVEJEq5H-pxFapyo_OMzLN8uCBQ89BwUpTTp79dSXfcQkcPJirv2cbsiLHdFjTXkaualrHnyXRDbp-oYDskmIxaMtkg-IQfB4FIUHUKa-zBRwTQzYX0fDJaTIbslhnr8CaDXvtqoVaSNgc1EmbRzfvoZp1PD2YEMUyatI4vfNrSAdPShqUkERSExobZdvBdRcNXhwwCPyLEHe07NImUjAbBx7X3kA6YBNdF-Qn5bQtN2_ruHCl2IxrmYHVtCfLJAVVth-kx6rXZBRqCLnfFY8xtl9oyiskHbIFe5hjYFOfmNe-HqZJjSVWl8hsLWdFTWzy3WHcndCMYR9rJv6buZiSnvVvppWEMMbWIG1oUKFuX3UxiYNy3c6zgTixELiJdfk0SQTjEf6xatEzSGYE8wMkzq8vH2aFzFUrqVnLUPaD9rtZumJu7M36nykRJMVg99veq7WvADsy5HB5EfxHO4nWhTlyIZQyON6zbIa4l-8jv0-lLmQ27V7lbWK1CKXXg5NzkrQLM1h-mTz4SviGRZGptDt8Rx88ZAZgY-eti0JPdyw1_uJL5IZ6TxfgxSUrIS5AR0E8-Sd6RBptIaSXhtTFkjg9zoyyPEM6kloMVMkyy4VjIdLgfxWT1wdYw3-zATdfcQhW7RIZLd2h8DHgwEvtocbNwmavFJ4UJSKjKC9nHkU4WQuaiNSgz7EQvgXdudXBZcIXjVfNgbhOhCfP_QJ2Js-seSBBF8_af4Yyt6jrLAquhc78G0Vz5TZD30N6mG0Lv47IwRcSN8cTnhs-EplkvMREYRKO6-EajVDZSOGLWh1fUlkfJdNJVQ3AO1lvGoSRSk0AfmXmHsl60FYlf-bhL3jsw82H4sFl6FYUWfLSGpcu6Dq15UzvyxAOcxU2b0-YsmmwUCJQYaEwl6tc-9Wntc74K5nJVMVpii7_ZJMWc3tviop7Q29MamDdXObC2yKPySgLfRDNBw42g0ti6nWFrMTeBaE2OHSa7YZHwbgxU4PrYizqPgszsDOL6QeWEjJ1-C9nxD_dv7zbJWMEDcc3hz45xD1EDX1eO-AuwY9bCv_-ksm0houW1Iem7bsrAJBomeK_9IFrK8mt2tJZJizzTee0f6aM7wdDOirozcckjiySSCV6oAfdJpBuD5lDuRHF9PaYuTptuYpiQtYflU-UKHGZRg80MPaWNCWmYl0GQa-Egnm_iRg3aGVfEaGt9wqiW9cvzYJAn0on-YslWEK-G3MK-MS6CAtHBp1b90933nlUF8LHFPvl2a5TeTa3BiVmVJG-E3pZvAjsTYLDM3VEIz3z5piOfq40QDk24icrqQ9plDaN3TOVKY2ELf8CFessOnnTwEMcJy3uQqafcVJhS-r8ibXeHxv4IoR8001zAgUA3miuriu9NPtcRmzUHDcGBkNhctobf69-GTjQCiJjxdvOfIXr95MOh1yCl02OPnqkWNtvUzWJH3giJqj2un9jC-4pedyrUMip8xdsaV1lIGTsNx5DrloG7wEE3wi7nbsl4sNFAV7aur9fq7WzcQozlpFfjfF6IZz4ANUU40&cid=CAQSTwDICaaNt3SHelvzd3trlGp829vJq3kA3oQi2diJhLby3hxkNehCipwlJlMcA3fIm4oP8bfQ1sYYfukhteSFYBYCO5wPjfsjJi1HkUunghoYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgeocult.ru%2F&ds=l&xdt=1&iif=1&cor=13354838633563513000&adk=2228999115&idt=97&cac=0&dtd=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
70ac4d73c458cefd75935c0ff60c51f4214a0e5ada3fd33690d8c253d6916241
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133207&bpp=1&bdt=216&idt=218&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=232
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13755
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/ Frame FCE4 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2920555573584698&plah=geocult.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geocult.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
66126
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 02:30:08 GMT
etag
12051592065903069241
expires
Mon, 18 Dec 2023 02:30:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
skeleton.js
fw.adsafeprotected.com/rjss/st/1627455/73523864/ Frame 86BB 		255 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1627455/73523864/skeleton.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-2920555573584698&ias_chanId=1&ias_placementId=20492286635&bidurl=https://geocult.ru/&ias_dealId=&xsId=ABAjH0jbqBe9a-P06F5gXyyZVX_X&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jbqBe9a-P06F5gXyyZVX_X
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.68.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-68-218.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1990304af8e7c0bad353d62eb6d5968ae9a83c2a4863d62fda039e5a9df60f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 86BB 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 06:30:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51723
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 06:30:11 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 86BB 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7sX6PTltYzAKKHXAamYbhmPctOcZ3uuetT2nVvYOzKSBCabuKYTMOEq-F8J2jgc-cQtBQBpi2CEcBMrwhs0B6drU6UpXyldYk05D7Orc2GRdjz1zs94oojUsUygM4VJnhoZbX1xLsYdL0ehX-yj8_ncTh4TouwQ171qwBCpUO0pR-jEg&dbm_d=AKAmf-BblGwkiOqJn0-raSVJtY-TA-EIcBAUiMR0U6x0TsBSwEcoU-9wPPq8iPOVJoWY5HgmUMao_UhT5K047VAHBkxaIXO7AKN94-MDDTxDw-MiAqsNOGNLUqgDBj8X80TV5O7sR-rDXg7VccICGiafb9rrnJAeAzWtj4itSrj2SVmL9sr8glTtSrjyPYTF_-QngxJiBL2vQzUMTeyT6SuzAIt30mAy4TkKtE9iAyNaPPuWA-8xSaoCpSS3LMJAFABRa5xsM5FHg7FMbBjWk7eWsKGi3D-wkIAZEFNqe9NEFeArn2QGPugrgxnltWv0V6zgU958upRXESKbn1buBh4ZaOYatx3AWEdLutSpeLPnPz6Kl5Bk2tgzt2X89ySl8dsJd0fFfhhH21TsZztaxW22UEREQ6ACNyQHgsEj5F-tCjtruRd--D5kJOEqgbJULgsgqUMS2h7GaYouXH4RL9fnFJ_UzSzwprX9kDfNp4VUkW8RW2LqoCg6RiWYlaLhFyUUS2PN7sQ1CHv1cR0cAoNbjJGlOS5Bn4zWRj0Smdn2HB6VlN8FPMo-6ASCqMH5drNU01-REXF8vJEyzxG2QhjRY5CIFEBdGK7UbOZAjeaFrgAP0hgmAiI9lq2ajT8YMuDg85hwDZ_z1aqRmJ8BDp1LYIMEws9qhDRnkaviWsW31ipzTLbIIHNSGbKSQrvCHFSbhNeIvGxKIbEdfAt3cPpgYpISZLghpP9-rrMvf5NLVp0Y2-Rd0Bue5j0xCpbyIT8vHachsiu8_Fm_RRLBqZ_udhc3RFa14A4nrmONc4azZ1jyQf85WOYgMzODVp0iaVpYUoLJY5aZxUr06MGtVFbkN_QtjmE0hQJ0MlqyMV31d8v3cmokKc6gI4numcbjr1K4rk1ikG3J3DvWispShs59JyoxBD-XFRmZ2vSRCeKirQhPR0v1HzZrPD7nCfbK6Q521qFUvexXvfi7xvWiBp323fEaxK8jautArjXqj-_tRE4UWECqzKYNLOEk4WgRQn0ckp5pMbQCQ4j9xVGjHJU6cs9564GrBJCDhAsdJRjj1VFp1cWJ9TMqsQ-KcP5ZwEtrLiMSCwozDjxyyqM-byjxpQhyFC__zm82t82u2D47gaWfD0lEwqhCBlBR1YDRoqT6fu5oV40WKZlHMNea2ZJ9G5WRun4mKtt_83iPq0fkLyetfxz93ODIZShoN5L8RBnKeiDff3HzLV-dm_ZHDsztA0Yuil5BhwgoO9r-JDYom1JeM1mVpsRLyAP3RTfUGrxMx7knMfMt7wMMXKSKI8B2y677pYBuoVVCq5UbfUjZ8Hd2eqMilQDR8Px28Duoi4LlaFCuy7PkuqM4Bd5YQfXinv1-oUjjwy4YJ0v7n5g7HinM6XAMQV4WiirJZeZyX55AjwjCFDpulmcLkiKC376pGaBjaeZCYYNK0V3nbbF4ag_EElSlUTwiJCFy8x0dyPig5VtWAmqZ74XCMyEb8vye4BGKgzuIN_ekUgSm6KNcg8jWlB-WDH_7q6n_ICqxcB745ZtrHZrB7X5NdCSIbSarXSM0N2EqhADU4bRVzHXOPd7aXBeKZ677zTS0KzR24PIBVudi87-lW6rGBn5NgZ_1UogVf0DkD6ZbLqLc1BBKwcABVnu4o88DEVbodx2qr88L2t7cCCw7DTGx2rvimI4QidDskeI9FDO6gr6ocPw0FJQf4MuZzVOP00-QXxlIUPdCAjE7a6ZrBomQ2ubPamRYzAEF_D9PFp4PDbq6U7USvcl-2vGLbVOOaYhSIlULYLKFI_XWTzHr_u4NKWtrbrxCjYhY59YM6pLHwFZFSNyUQTiE8ROjlMMsFhgXTbsHAlcLqztr-a8QqMLKG_TMs-d6142MCSFLd7TeJVpfxBd6lQTLYJg6I7-OCqY-JVt04ndXkHF_fn5lqPH7RCLjpCcAYo5lBRz6B6p4ZXThdtY5FSjvxMys0X3LcUMQ8-FVfLUS5Evvz1VZCThgaqjxREsbuaeoyFgotaP3-t1uOW7plhBDATqckZylDX2DQuEOZTo4wHqD_reAhzaS-cqWyJzIep86M_KPLELEda5jVlIlBqeOwtbR44EVeMGkfVgU9HJ_2_Ji4_POvZcgb04ywBjbw_xrXgeKCVNlim3t4xNFX-_qGoINlkIG0fUoPpiv9ZkRnUwJ6jn2HSY1akiKkSpLZuHqtUNFDAtmOibvj_W05D_0vBod_hSDtL4XU8S7L8dpO8Hw59O9n6D4nXvTwLLKUHuoQhjVbqFtR2Jwr2GEP8w0NREWT6oaic9PjOrZaOBB_RMdSvEurdDHDxg5ZC0sYoD06BDkorSCIqp63jTdacukFoAB1Cmos4bNIj8SdSLXWXQ51ndp6lw6ENGWc30SsT1ciXgtkfzT1rDQMgphHsBl773UoBJPtxALFk4eHABRrV8fsmBaSitdPKXuz-uv3UUC1VlTJEjeVeECxUPrLAUqNbOyOhh2lXx5hP4hHyJ6dKzF6b6LICC4fFwstHURbInH26aeec3YpyXlIfxQ-AGpKYwUPGPQt2kY9w86sOLE0j0gax_sbAZRfKDgjFdizmviMFBiXLUtlyO6QU5BC5I4rRo7q8z0rpNkXUAHwSNOsaygYHJ8oUGJbMCiAZRfwO18ixOQIEiIkEsgjKR39flE35OWGHCVSSZRc99lfO4R7LbaXSF8sMbcUjBrOZCeHrpA3L89svOsOQ5fj-3YN-CzFB-CfV0Ff57zWv79S1kwdtl91fyMJsN3lLNU6o65PzvEe0SKRcum2mpJBEo7nK4gHnngsePqNQDKvR_YHJpJq6zFCx5407wK3hkS8SKNyKcyJJUY0BaeZWSun7JGiTwILfQT50-EIZ5qfuQnqwq-ELA4eie489wF7SBGGpBHtsFl-3X8whpmMJ09wNGMv0E4S1-RFoe_Uf_7WW2OcoTvkHACKX4KssqLNBYhcZ9E-ENBJoOGhT8qgs69oiDbfEDqzVmE2ZafciSwWrxoelzBigo-WnV-FrknxeLJO1_fX7wG2nwEH-Jg8_rlqWgUYKtHaaeCEKFpTZwJvpxaO-ivGuKvBexkn_drPrMLelRClWZMJDiFqSvJ9lq72vcFJJHDUQlMj_icLB13PF1yQ_-pt0Tn4VgKOt804PhLRIX-jVxY0TFhC0stQLLh2thQH3Kot1AtpFFuTGWKLAzW4oUbPXW1g4pYgVSkSq0C6tCojxpvG3n09oAWAO-S-KukKHbB5pvGWhw65sqwLE_Gh6ckXeOPRS3hhEFzdOjWMhGIfduPrV22uvdOb1fEVNz5tOKjuq2LSOyzXNf315M9gq1HId8MNqrYTsHQGhN8g0-YdnlSOC11aJOHUt0NqTAeuXyvqNUY9cM6k5hcb_aQzJme3FBS-cjp91H9EmmXY5B--S2_OuQ5q6HiuBkO8YYvEpC96kl0YeE-2BRN2cI3LeYJ_ZA-PDN434o6uHv_iqxTJnfvoPZT8-xUl5IrTB_bJXvzT5uYth6HMfkM6aH1s3f8mcvgw25YQdnza-ADDIpA42RUb1H-vjpB9GITrNeeXtoA7XomvwTWh4Paw2TVNXLwVKP2BhoPPs0Zu9-22nxW_RP4xcKByhHd_dQB5kCAa6QOf-f5uf6ia-JPFQFGSDFqTBi_7F4STybXZxZOmqyjGftGPglBNKV9Ob6rpWkCHFiOzkU4JsIHtDlu2CEEqh_j-BEGGrEx7c8amwDX3OpJhMhwStMY8Rb7ebCGEtSvhhH89sNAVwi3IUwgIcoZNT32XanLX4ID&cid=CAQSTwDICaaNngXTSm8kT_dEIso-2Xts5ekSkTJ7PxQCnk_c6VPyC3g3MHNtoxc_3lU8tmqz_sTTzzlqy_VQjN_6KDrASHvZwDCIxRD27GWtOU8YAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgeocult.ru%2F&ds=l&xdt=1&iif=1&cor=10040303086560979000&adk=1761367587&idt=114&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 22:37:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
80075
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Dec 2023 22:37:39 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 86BB 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7sX6PTltYzAKKHXAamYbhmPctOcZ3uuetT2nVvYOzKSBCabuKYTMOEq-F8J2jgc-cQtBQBpi2CEcBMrwhs0B6drU6UpXyldYk05D7Orc2GRdjz1zs94oojUsUygM4VJnhoZbX1xLsYdL0ehX-yj8_ncTh4TouwQ171qwBCpUO0pR-jEg&dbm_d=AKAmf-BblGwkiOqJn0-raSVJtY-TA-EIcBAUiMR0U6x0TsBSwEcoU-9wPPq8iPOVJoWY5HgmUMao_UhT5K047VAHBkxaIXO7AKN94-MDDTxDw-MiAqsNOGNLUqgDBj8X80TV5O7sR-rDXg7VccICGiafb9rrnJAeAzWtj4itSrj2SVmL9sr8glTtSrjyPYTF_-QngxJiBL2vQzUMTeyT6SuzAIt30mAy4TkKtE9iAyNaPPuWA-8xSaoCpSS3LMJAFABRa5xsM5FHg7FMbBjWk7eWsKGi3D-wkIAZEFNqe9NEFeArn2QGPugrgxnltWv0V6zgU958upRXESKbn1buBh4ZaOYatx3AWEdLutSpeLPnPz6Kl5Bk2tgzt2X89ySl8dsJd0fFfhhH21TsZztaxW22UEREQ6ACNyQHgsEj5F-tCjtruRd--D5kJOEqgbJULgsgqUMS2h7GaYouXH4RL9fnFJ_UzSzwprX9kDfNp4VUkW8RW2LqoCg6RiWYlaLhFyUUS2PN7sQ1CHv1cR0cAoNbjJGlOS5Bn4zWRj0Smdn2HB6VlN8FPMo-6ASCqMH5drNU01-REXF8vJEyzxG2QhjRY5CIFEBdGK7UbOZAjeaFrgAP0hgmAiI9lq2ajT8YMuDg85hwDZ_z1aqRmJ8BDp1LYIMEws9qhDRnkaviWsW31ipzTLbIIHNSGbKSQrvCHFSbhNeIvGxKIbEdfAt3cPpgYpISZLghpP9-rrMvf5NLVp0Y2-Rd0Bue5j0xCpbyIT8vHachsiu8_Fm_RRLBqZ_udhc3RFa14A4nrmONc4azZ1jyQf85WOYgMzODVp0iaVpYUoLJY5aZxUr06MGtVFbkN_QtjmE0hQJ0MlqyMV31d8v3cmokKc6gI4numcbjr1K4rk1ikG3J3DvWispShs59JyoxBD-XFRmZ2vSRCeKirQhPR0v1HzZrPD7nCfbK6Q521qFUvexXvfi7xvWiBp323fEaxK8jautArjXqj-_tRE4UWECqzKYNLOEk4WgRQn0ckp5pMbQCQ4j9xVGjHJU6cs9564GrBJCDhAsdJRjj1VFp1cWJ9TMqsQ-KcP5ZwEtrLiMSCwozDjxyyqM-byjxpQhyFC__zm82t82u2D47gaWfD0lEwqhCBlBR1YDRoqT6fu5oV40WKZlHMNea2ZJ9G5WRun4mKtt_83iPq0fkLyetfxz93ODIZShoN5L8RBnKeiDff3HzLV-dm_ZHDsztA0Yuil5BhwgoO9r-JDYom1JeM1mVpsRLyAP3RTfUGrxMx7knMfMt7wMMXKSKI8B2y677pYBuoVVCq5UbfUjZ8Hd2eqMilQDR8Px28Duoi4LlaFCuy7PkuqM4Bd5YQfXinv1-oUjjwy4YJ0v7n5g7HinM6XAMQV4WiirJZeZyX55AjwjCFDpulmcLkiKC376pGaBjaeZCYYNK0V3nbbF4ag_EElSlUTwiJCFy8x0dyPig5VtWAmqZ74XCMyEb8vye4BGKgzuIN_ekUgSm6KNcg8jWlB-WDH_7q6n_ICqxcB745ZtrHZrB7X5NdCSIbSarXSM0N2EqhADU4bRVzHXOPd7aXBeKZ677zTS0KzR24PIBVudi87-lW6rGBn5NgZ_1UogVf0DkD6ZbLqLc1BBKwcABVnu4o88DEVbodx2qr88L2t7cCCw7DTGx2rvimI4QidDskeI9FDO6gr6ocPw0FJQf4MuZzVOP00-QXxlIUPdCAjE7a6ZrBomQ2ubPamRYzAEF_D9PFp4PDbq6U7USvcl-2vGLbVOOaYhSIlULYLKFI_XWTzHr_u4NKWtrbrxCjYhY59YM6pLHwFZFSNyUQTiE8ROjlMMsFhgXTbsHAlcLqztr-a8QqMLKG_TMs-d6142MCSFLd7TeJVpfxBd6lQTLYJg6I7-OCqY-JVt04ndXkHF_fn5lqPH7RCLjpCcAYo5lBRz6B6p4ZXThdtY5FSjvxMys0X3LcUMQ8-FVfLUS5Evvz1VZCThgaqjxREsbuaeoyFgotaP3-t1uOW7plhBDATqckZylDX2DQuEOZTo4wHqD_reAhzaS-cqWyJzIep86M_KPLELEda5jVlIlBqeOwtbR44EVeMGkfVgU9HJ_2_Ji4_POvZcgb04ywBjbw_xrXgeKCVNlim3t4xNFX-_qGoINlkIG0fUoPpiv9ZkRnUwJ6jn2HSY1akiKkSpLZuHqtUNFDAtmOibvj_W05D_0vBod_hSDtL4XU8S7L8dpO8Hw59O9n6D4nXvTwLLKUHuoQhjVbqFtR2Jwr2GEP8w0NREWT6oaic9PjOrZaOBB_RMdSvEurdDHDxg5ZC0sYoD06BDkorSCIqp63jTdacukFoAB1Cmos4bNIj8SdSLXWXQ51ndp6lw6ENGWc30SsT1ciXgtkfzT1rDQMgphHsBl773UoBJPtxALFk4eHABRrV8fsmBaSitdPKXuz-uv3UUC1VlTJEjeVeECxUPrLAUqNbOyOhh2lXx5hP4hHyJ6dKzF6b6LICC4fFwstHURbInH26aeec3YpyXlIfxQ-AGpKYwUPGPQt2kY9w86sOLE0j0gax_sbAZRfKDgjFdizmviMFBiXLUtlyO6QU5BC5I4rRo7q8z0rpNkXUAHwSNOsaygYHJ8oUGJbMCiAZRfwO18ixOQIEiIkEsgjKR39flE35OWGHCVSSZRc99lfO4R7LbaXSF8sMbcUjBrOZCeHrpA3L89svOsOQ5fj-3YN-CzFB-CfV0Ff57zWv79S1kwdtl91fyMJsN3lLNU6o65PzvEe0SKRcum2mpJBEo7nK4gHnngsePqNQDKvR_YHJpJq6zFCx5407wK3hkS8SKNyKcyJJUY0BaeZWSun7JGiTwILfQT50-EIZ5qfuQnqwq-ELA4eie489wF7SBGGpBHtsFl-3X8whpmMJ09wNGMv0E4S1-RFoe_Uf_7WW2OcoTvkHACKX4KssqLNBYhcZ9E-ENBJoOGhT8qgs69oiDbfEDqzVmE2ZafciSwWrxoelzBigo-WnV-FrknxeLJO1_fX7wG2nwEH-Jg8_rlqWgUYKtHaaeCEKFpTZwJvpxaO-ivGuKvBexkn_drPrMLelRClWZMJDiFqSvJ9lq72vcFJJHDUQlMj_icLB13PF1yQ_-pt0Tn4VgKOt804PhLRIX-jVxY0TFhC0stQLLh2thQH3Kot1AtpFFuTGWKLAzW4oUbPXW1g4pYgVSkSq0C6tCojxpvG3n09oAWAO-S-KukKHbB5pvGWhw65sqwLE_Gh6ckXeOPRS3hhEFzdOjWMhGIfduPrV22uvdOb1fEVNz5tOKjuq2LSOyzXNf315M9gq1HId8MNqrYTsHQGhN8g0-YdnlSOC11aJOHUt0NqTAeuXyvqNUY9cM6k5hcb_aQzJme3FBS-cjp91H9EmmXY5B--S2_OuQ5q6HiuBkO8YYvEpC96kl0YeE-2BRN2cI3LeYJ_ZA-PDN434o6uHv_iqxTJnfvoPZT8-xUl5IrTB_bJXvzT5uYth6HMfkM6aH1s3f8mcvgw25YQdnza-ADDIpA42RUb1H-vjpB9GITrNeeXtoA7XomvwTWh4Paw2TVNXLwVKP2BhoPPs0Zu9-22nxW_RP4xcKByhHd_dQB5kCAa6QOf-f5uf6ia-JPFQFGSDFqTBi_7F4STybXZxZOmqyjGftGPglBNKV9Ob6rpWkCHFiOzkU4JsIHtDlu2CEEqh_j-BEGGrEx7c8amwDX3OpJhMhwStMY8Rb7ebCGEtSvhhH89sNAVwi3IUwgIcoZNT32XanLX4ID&cid=CAQSTwDICaaNngXTSm8kT_dEIso-2Xts5ekSkTJ7PxQCnk_c6VPyC3g3MHNtoxc_3lU8tmqz_sTTzzlqy_VQjN_6KDrASHvZwDCIxRD27GWtOU8YAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgeocult.ru%2F&ds=l&xdt=1&iif=1&cor=10040303086560979000&adk=1761367587&idt=114&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 23:19:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
77545
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11894
x-xss-protection
0
server
cafe
etag
8278194740845609983
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Dec 2023 23:19:49 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 86BB 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
269226
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 18:05:08 GMT
truncated
/ Frame 86BB 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2840904dbbe515a2adc59ce4c4d4805ede987425bcacb644b279701f2e727227

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3C9E 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNiL3_QBMAE&v=APEucNVyiak3KHKrmej9EByA4tvBz_F3BWoakrgjbJBhl2QlZhR9dLKw054yKwfpefYX0OjEWz18eIt3u31Us01aajJVE_7jiVSffjHDWsy_hdEwEPedlYMhllfVxvxIAcfBpmHR4OpUy3cbcrgqITwZcr-cjW5uM_4FDkdfTABlFJSmn-RGQbU
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 20:52:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 45D9 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 04 Dec 2023 20:52:14 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 45D9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:45:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
11219
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 17:45:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 45D9 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
3004
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 20:02:10 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 45D9 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Dec 2023 20:52:14 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 45D9 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C66_PTqte8vLcfj5jCDkpDJXc16mL9j_JdBp1LO7oEcLRIqddoOyOhmBGSrFxYR55eDAD656_9cGMhKQHBoagSbM73yagCkbJd7DJHoYomJTfHXl8
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 45D9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16254659146736030911&x=1&ct=76
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 0672 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
83018
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 21:48:36 GMT
expires
Mon, 02 Dec 2024 21:48:36 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/12786977581332354964/ Frame 19F6 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36d2279d6bdfd42765a2b279a36a44b84a1d2d849d0872004fe8c6e3fee1b774
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
378611
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1918
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 11:42:03 GMT
expires
Fri, 29 Nov 2024 11:42:03 GMT
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 86BB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsspIv0rcZRtUjvyzT8Oq3UUPHXlqNv-BNCfocaeHvAZBlqwpMXOjYw3EnYZ9DxrMmret_-ewSrz6apHYU1Yuo6xIdjiv9SracrSrvORPWiunWtNkULMEoGCuCB4O0I30KmU6S7HuC1xiJHH3xocSyIH_ShkIKmdxHeIxrDmRh8gGa_Wl0dap6Yb5yw8CjufEKUxxQrqDFcfmMpTe7ybwAEEyUTfuDy2MsJmIMatqKSxI0KaktMj0EAm0cjs2W_1MtsUxYGBIjY51SN5CZJdwORG1L-6ZRQsV5belIJfiyA-xvzgsFOSj4EUoq913U9ac9NErLYxTKonFIxo-aur1Yj871-AhV3D33phm4ZiZZ4Pft4Fb52G4V5TCH66uO-QGxhIshQjYIh_hMtjc-K3EQmebW1yLDj59cqfGLK8iz1PWjiCX3_h0fcuzLZPwD-spEv8roA2nMKmG6cB2-mlwhbM3QDtDrv85jj1XyD2z-ni34atkiec81WCO5SzLNNmV6NR_p2TyuqAYeibeHdt6HAD2f1RUQUzF0f0Ve73XRwhasDNxCN_mNe68hH0tOnJO3Rvip6u2Mv-NT8s7S-_YfLWOj7inIxMNVVbyrBr8W8vV7MyXnmPQVsq2i48zljOYnR1qEKcYtJQEvPsIvumkZdu4VA9F3UOMpdxlpA8CjhZspukNrZiCGgXiHe6AlGLYfKMApie89LqbOuJGVjgLx3K0oCjDg3JcuWTQuS1_xa0WRHTAc9SYK7fSOAKCD-geSknTO3pET7x-7e7Sx-UBgSRVWORIRFGUq80_Zs_YMYXoUOLzYhkL6w3NllOHFDUDotUnVF4ypFJ6j_5F0Vw_NW99LVaXQImTwBwUr0GzQyk7E2fHT-hs2jesmgRoneFnVNj942GxiGTjI-2qzyGcKfgcO7y9rf5ADMp7jWGWfT813IMkcTvLytaXkK-vfXBxOH2n3vNmUjf44iY9AFkNEqsVoCPDBdBdJh26oIcPR74EmC1zDWwJKg0SEhaop2NJF3XpQ5W9Tn3MVQ_T4lIAGgTtEqSikHvwE0LZULVbGMRm6Pu3V1b7natXurrrfa_xEUl_gGTpRQYoXuTKVjOkMnOPJrKJGgPgES-AtmpsuxE_fFFtStD6mIZPuTK5INtyaAa1h0ofVMa299cZlGn1iMxitj4lbcB9jXytmn-JJycodiqk7ONbukXTSC0zXC7NLQuNwHoAp7UpUMaSSotkST8xEFoIR0qKvmBhChn913t300vNxBXYJyHtBue5Q&sai=AMfl-YSpYM6eYSSpOi7Mf7t2bGNiy3XptNK6X7ZsTqxde0is9ELLrdAj8LU44Lvds-ENt4vROdk25FcS6t1PaxKDPvHlAqKAyOG-h9OnndEl6F75DOc6Z4uy9o_cFG81DxtWwEfotC4eIN5Jd5uZCtWtlO7hH70MGdWTnXlmApGJKvTHtF-3eLrN8zX6f5plStbWpS7v6tkQbXUHWnRMqQ8imNMo7Sz_feOqjoYkbbIQyP5vsXVP3wOq-uOceTpztkqbsI_xAJesrauHBEaQX3UJzrALtMPLO7xh2LFZMc_n5Q&sig=Cg0ArKJSzHEJ40UXYlKXEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=56&cbvp=1&cstd=55&cisv=r20231129.65419&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 04 Dec 2023 20:52:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 0672 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 10:24:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
37662
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Dec 2024 10:24:32 GMT
style.css
s0.2mdn.net/sadbundle/12786977581332354964/css/ Frame 19F6 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
507a74eb21e9a16396d226f31f5e25345a8208db821d9fc5798284c38bec5e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 21:48:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83014
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2009
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 Dec 2024 21:48:40 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 19F6 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2144997
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25267
last-modified
Tue, 01 Aug 2023 16:38:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64c93515-62b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vgKuHsSLac63DL8s8w%2FXNOsf4JpLT1dDP1OM7%2BSC%2BSh7YfkhWk3rHmzmAYDJKxcjiJTmS3Yf%2FdRkBf1EoYsf%2BklN8oJmM6UBdVRsYmKzeOE0jgZcw3IMU8HlbaJiNs1Nc6jfeKgDLYoz6EBIkKUQ74%2Fr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8306ee95b9394dbb-FRA
expires
Sat, 23 Nov 2024 20:52:14 GMT
CustomEase.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 19F6 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/CustomEase.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
308354
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3299
last-modified
Tue, 01 Aug 2023 16:38:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64c93515-ce3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EeBRUBB2DltSFEvTpb6yxUC9Z2%2BUwmJmXlV3KyKYUJrsDe8qZ%2FdyDgw13J4coSlehq03bmM4w4C%2Bcid96OEEZCQ%2BIcX2%2F4uDs5mNWKtOoCOmPdivfT2N2xkc%2F1DX%2FM08UV8po4REjadkmut2zVJDyHMY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8306ee95b9374dbb-FRA
expires
Sat, 23 Nov 2024 20:52:14 GMT
dyson.svg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 19F6 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/dyson.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 19:30:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91290
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1076
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 Dec 2024 19:30:44 GMT
rtbIcon.svg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 19F6 		2 KB
800 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/rtbIcon.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 19:30:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91290
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
771
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 Dec 2024 19:30:44 GMT
dyson-v15s-submarine-stack.svg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 19F6 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/dyson-v15s-submarine-stack.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bb76b6ed760de97f8a40e71c79ce9704e965bb287761bd81fb2fb021b8609c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 00:03:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
593307
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2891
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 27 Nov 2024 00:03:47 GMT
1-min.jpg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 19F6 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/1-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bb76af1be9c401ef3da16e31401b74f7cb0627154925d8c9fa308fba2e1413c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:31:11 GMT
x-content-type-options
nosniff
age
12063
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26291
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 03 Dec 2024 17:31:11 GMT
2-min.jpg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 19F6 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/2-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
372360f6d3fa2133dfbf08ba93b3b55985785cb74106d75839618b7d273dd3c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 00:03:47 GMT
x-content-type-options
nosniff
age
593307
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25258
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 27 Nov 2024 00:03:47 GMT
3-min.jpg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 19F6 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/3-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca4c3ad9639830e6f8f8e29775549fc24fcab33b4eeec7ae77da27c5c9e6bc80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 19:30:44 GMT
x-content-type-options
nosniff
age
91290
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20858
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 Dec 2024 19:30:44 GMT
gradient.png
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 19F6 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/gradient.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b67702d4e78a4b6d5981a50298b0989dea48fc7d95b5e593dfafbe96cdbb309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 19:30:44 GMT
x-content-type-options
nosniff
age
91290
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4218
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 Dec 2024 19:30:44 GMT
4-min.jpg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 19F6 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/4-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19dc5f765d51f715497f0eadd0dede8eaa5ee17447a22db60538f60ca7c0a01d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 21:48:40 GMT
x-content-type-options
nosniff
age
83014
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32615
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 Dec 2024 21:48:40 GMT
overlay.png
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 19F6 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/overlay.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a72990ce8413aceedbfbf2f1d7ca2231c726b29a4ab1ddbca32b45ad685b4e26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:22:52 GMT
x-content-type-options
nosniff
age
444562
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14477
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 28 Nov 2024 17:22:52 GMT
arrow.svg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 19F6 		192 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/arrow.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd99a285d81a12f549b741db9604416a669e2ee8accf00cd40c0b0344e9ba63f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 00:03:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
593307
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
161
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 27 Nov 2024 00:03:47 GMT
script.js
s0.2mdn.net/sadbundle/12786977581332354964/script/ Frame 19F6 		4 KB
1011 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/script/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a55f386367cbcc30390435806075251b8ef4afb086409bc8e301558223398245
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:42:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
378610
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
982
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 11:42:04 GMT
sd
us-u.openx.net/w/1.0/ Frame 3C9E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGeElCy62aarBhBI6BBkJ28&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGeElCy62aarBhBI6BBkJ28&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNiL3_QBMAE&v=APEucNVyiak3KHKrmej9EByA4tvBz_F3BWoakrgjbJBhl2QlZhR9dLKw054yKwfpefYX0OjEWz18eIt3u31Us01aajJVE_7jiVSffjHDWsy_hdEwEPedlYMhllfVxvxIAcfBpmHR4OpUy3cbcrgqITwZcr-cjW5uM_4FDkdfTABlFJSmn-RGQbU
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGeElCy62aarBhBI6BBkJ28&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 3C9E 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNiL3_QBMAE&v=APEucNVyiak3KHKrmej9EByA4tvBz_F3BWoakrgjbJBhl2QlZhR9dLKw054yKwfpefYX0OjEWz18eIt3u31Us01aajJVE_7jiVSffjHDWsy_hdEwEPedlYMhllfVxvxIAcfBpmHR4OpUy3cbcrgqITwZcr-cjW5uM_4FDkdfTABlFJSmn-RGQbU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 3C9E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESED5NovTiov3P7U5U-jJjZEA&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESED5NovTiov3P7U5U-jJjZEA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNiL3_QBMAE&v=APEucNVyiak3KHKrmej9EByA4tvBz_F3BWoakrgjbJBhl2QlZhR9dLKw054yKwfpefYX0OjEWz18eIt3u31Us01aajJVE_7jiVSffjHDWsy_hdEwEPedlYMhllfVxvxIAcfBpmHR4OpUy3cbcrgqITwZcr-cjW5uM_4FDkdfTABlFJSmn-RGQbU
Protocol
H2
Server
2.19.104.4 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-104-4.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires
Mon, 04 Dec 2023 20:52:14 GMT
pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESED5NovTiov3P7U5U-jJjZEA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 3C9E 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNiL3_QBMAE&v=APEucNVyiak3KHKrmej9EByA4tvBz_F3BWoakrgjbJBhl2QlZhR9dLKw054yKwfpefYX0OjEWz18eIt3u31Us01aajJVE_7jiVSffjHDWsy_hdEwEPedlYMhllfVxvxIAcfBpmHR4OpUy3cbcrgqITwZcr-cjW5uM_4FDkdfTABlFJSmn-RGQbU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.104.4 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-104-4.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires
Mon, 04 Dec 2023 20:52:14 GMT
pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
dysonfutura-book.woff
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 19F6 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/dysonfutura-book.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/css/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:10:41 GMT
x-content-type-options
nosniff
age
445293
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7928
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 28 Nov 2024 17:10:41 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0672 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BtTHV_jtuZe71CtSEjuwP8oO9yAsAAAAAOAHgBAI&bg=!0tGl0Z7NAAY3kmNgF5I7ADQBe5WfOEe8fnJqiFuz0yxCHN7bvIo6jW2_QGpdpdEha1zsOKz8M23Esu8Bb-B1Zs8FuCUAAgAAADJSAAAAAWgBB5kC8EI2ZHn0YctQjR2Xf12Di6IsbQg1nl9Nn_480_I83ikHQR-Sig9TQXCd_fvoEey3-BVkjbzGtIWEvJcQoairZ3Ao7_gHr0P926_zWvzYUP5w3gA6Et3I5yg0Ml2WW1QKwo_DxeB85BloF3ylI2rpbakfBwbjWwqFtk3-S0AEQ2OQVnnDMcr6spAQ2TRdTlqBwj4AaXH3oZtVgXrtMAbMHDPjxtivXjLrTTJFTR63UhEG3g7qZ8q1UXN-RzZKA37JUDQ_HdxPUmTxpbo8DbvKlhwPPLWeWtmTanG3AdAWu_dqAfuei9If5g-DFGfggKsLTTvErZFEnGIp3UXCAYe5p4rkjBULMnW0c57PnEGW0fjYyXgqNQLeKbWlXZf97LOVmPOlYxA_SIFsvqCEiupWJkcG-8byKUW6Cv55OZDMwbQwfyKc-nSfw8-q-l5Z1_VJ2KN34UhEa9AXcb4pDfnQC8qG_ReScYhJiv6fnvgiNHLhYYrHnzy-GP3oUR9f1OF787mMG2LU53o8pBoXRAo5UCvVGFS2rHbraE0mfjr2Pb8I0mqpRPtFBUucp7lG4IVLwK3gC7OnoRBWwopZJwFTrqz_y9AfMnqDSyMjIzxEIwoa1kigljz7ZiCguCoyFxIPll4hcvSnfjb58cgwE4TgQPoHsObYjg_xdXpQMfXPBRMcw9qkTmXXo8MQaoksqHDxLjSQfDMBkmLpMYIEksRX4OgqRzDjdEA33YsQUNb9iABqt99v4AFm2XrS5TQw1vvab6Kewz3yiA_jzgCJA-BOzUmal0Zw_Ykp4QYaUFpWaLkQhZs4D3a5xt6vzwXpDYzvY3rpJ3ix10ud8fOv3HDZaD8b_jqpSA1QmfAlgIv7XLqLyURmoX_0IW65G2D-iJRSFKWR1ZptpFNDSJz7J4kL4o2xARDzm-Ahjp-ZsOd9IqCBRcRuCObogz1mdDrwdcYC0QeO3aMFQ47pY7EDmWvhNmOWgrC0N1LVEBRyZkXzfu-i
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=4347476252&adk=504672438&adf=3417920651&pi=t.ma~as.4347476252&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133207&bpp=1&bdt=216&idt=215&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=217
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 86BB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsspIv0rcZRtUjvyzT8Oq3UUPHXlqNv-BNCfocaeHvAZBlqwpMXOjYw3EnYZ9DxrMmret_-ewSrz6apHYU1Yuo6xIdjiv9SracrSrvORPWiunWtNkULMEoGCuCB4O0I30KmU6S7HuC1xiJHH3xocSyIH_ShkIKmdxHeIxrDmRh8gGa_Wl0dap6Yb5yw8CjufEKUxxQrqDFcfmMpTe7ybwAEEyUTfuDy2MsJmIMatqKSxI0KaktMj0EAm0cjs2W_1MtsUxYGBIjY51SN5CZJdwORG1L-6ZRQsV5belIJfiyA-xvzgsFOSj4EUoq913U9ac9NErLYxTKonFIxo-aur1Yj871-AhV3D33phm4ZiZZ4Pft4Fb52G4V5TCH66uO-QGxhIshQjYIh_hMtjc-K3EQmebW1yLDj59cqfGLK8iz1PWjiCX3_h0fcuzLZPwD-spEv8roA2nMKmG6cB2-mlwhbM3QDtDrv85jj1XyD2z-ni34atkiec81WCO5SzLNNmV6NR_p2TyuqAYeibeHdt6HAD2f1RUQUzF0f0Ve73XRwhasDNxCN_mNe68hH0tOnJO3Rvip6u2Mv-NT8s7S-_YfLWOj7inIxMNVVbyrBr8W8vV7MyXnmPQVsq2i48zljOYnR1qEKcYtJQEvPsIvumkZdu4VA9F3UOMpdxlpA8CjhZspukNrZiCGgXiHe6AlGLYfKMApie89LqbOuJGVjgLx3K0oCjDg3JcuWTQuS1_xa0WRHTAc9SYK7fSOAKCD-geSknTO3pET7x-7e7Sx-UBgSRVWORIRFGUq80_Zs_YMYXoUOLzYhkL6w3NllOHFDUDotUnVF4ypFJ6j_5F0Vw_NW99LVaXQImTwBwUr0GzQyk7E2fHT-hs2jesmgRoneFnVNj942GxiGTjI-2qzyGcKfgcO7y9rf5ADMp7jWGWfT813IMkcTvLytaXkK-vfXBxOH2n3vNmUjf44iY9AFkNEqsVoCPDBdBdJh26oIcPR74EmC1zDWwJKg0SEhaop2NJF3XpQ5W9Tn3MVQ_T4lIAGgTtEqSikHvwE0LZULVbGMRm6Pu3V1b7natXurrrfa_xEUl_gGTpRQYoXuTKVjOkMnOPJrKJGgPgES-AtmpsuxE_fFFtStD6mIZPuTK5INtyaAa1h0ofVMa299cZlGn1iMxitj4lbcB9jXytmn-JJycodiqk7ONbukXTSC0zXC7NLQuNwHoAp7UpUMaSSotkST8xEFoIR0qKvmBhChn913t300vNxBXYJyHtBue5Q&sai=AMfl-YSpYM6eYSSpOi7Mf7t2bGNiy3XptNK6X7ZsTqxde0is9ELLrdAj8LU44Lvds-ENt4vROdk25FcS6t1PaxKDPvHlAqKAyOG-h9OnndEl6F75DOc6Z4uy9o_cFG81DxtWwEfotC4eIN5Jd5uZCtWtlO7hH70MGdWTnXlmApGJKvTHtF-3eLrN8zX6f5plStbWpS7v6tkQbXUHWnRMqQ8imNMo7Sz_feOqjoYkbbIQyP5vsXVP3wOq-uOceTpztkqbsI_xAJesrauHBEaQX3UJzrALtMPLO7xh2LFZMc_n5Q&sig=Cg0ArKJSzHEJ40UXYlKXEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=153&vt=11&dtpt=97&dett=3&cstd=55&cisv=r20231129.65419&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
4.js
static.adsafeprotected.com/ Frame 86BB
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1627455/73523864/4.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-2920555573584698&ias_chanId=1&ias_placementId=20492286635&bidurl=https://geocult.ru/&ias_...
  • https://static.adsafeprotected.com/4.js?xsId=ABAjH0jbqBe9a-P06F5gXyyZVX_X&ias_xappb=&adContainerId=brand_safety__jtuZe71CtSEjuwP8oO9yAs&cbFunctionName=goog_wrapCb__jtuZe71CtSEjuwP8oO9yAs&true_pb=
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?xsId=ABAjH0jbqBe9a-P06F5gXyyZVX_X&ias_xappb=&adContainerId=brand_safety__jtuZe71CtSEjuwP8oO9yAs&cbFunctionName=goog_wrapCb__jtuZe71CtSEjuwP8oO9yAs&true_pb=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=4347476252&adk=504672438&adf=3417920651&pi=t.ma~as.4347476252&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133207&bpp=1&bdt=216&idt=215&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=217
Protocol
H2
Server
2600:9000:223f:9e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:54:05 GMT
x-amz-version-id
4Cmv1jyFRAmZ7XChlLsmb9GJS5ztjryA
content-encoding
gzip
via
1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
3490
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Mon, 04 Dec 2023 19:54:03 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
ktBUPW6sPOTbcKgjQTjPwVyrlaUz1H3ClSEYWvhjH8DVRS6zDXI2aQ==

Redirect headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
server
nginx
x-server-name
app15.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?xsId=ABAjH0jbqBe9a-P06F5gXyyZVX_X&ias_xappb=&adContainerId=brand_safety__jtuZe71CtSEjuwP8oO9yAs&cbFunctionName=goog_wrapCb__jtuZe71CtSEjuwP8oO9yAs&true_pb=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 6686 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=4347476252&adk=504672438&adf=3417920651&pi=t.ma~as.4347476252&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133207&bpp=1&bdt=216&idt=215&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:9e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
6468184
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
xS7YZvfIPZzelzdm-pgkr_yuB81W96UQaqb0MOXCIh8K5HCzBHoVMQ==
dt
dt.adsafeprotected.com/ Frame 86BB 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=b305f1dc-a70a-eb8f-e8a8-c94db8c1fc08&tv=%7Bc:vRPud0,pingTime:-3,time:35,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:14%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:35,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B30~0%5D,as:%5B30~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXvqQFl+11%7C12%7C13%7C141%7C151*.1627455-73523864%7C1511%7C1512%7C1513%7C161%7C17%7C18%7C1911,idMap:151*,rmeas:1,rend:0,renddet:na,siq:15%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=4347476252&adk=504672438&adf=3417920651&pi=t.ma~as.4347476252&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133207&bpp=1&bdt=216&idt=215&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=217
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:ab5:5950:5df:f61e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
server
nginx
x-server-name
dt27.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 86BB 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=b305f1dc-a70a-eb8f-e8a8-c94db8c1fc08&tv=%7Bc:vRPud1,pingTime:-6,time:36,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:36,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B31~0%5D,as:%5B31~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXvqQFl+11%7C12%7C13%7C141%7C151*.1627455-73523864%7C1511%7C1512%7C1513%7C161%7C17%7C18%7C1911,idMap:151*,rmeas:1,rend:0,renddet:na,siq:15%7D&tpiLookup=ao:geocult.ru*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=4347476252&adk=504672438&adf=3417920651&pi=t.ma~as.4347476252&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133207&bpp=1&bdt=216&idt=215&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=217
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:ab5:5950:5df:f61e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
server
nginx
x-server-name
dt28.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 45D9 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2598117797321&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 45D9 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2598117797321&version=m202309260101&ct=76&x=1&cor=16254659146736032000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 45D9 		110 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CQ2nDbRBjpTFhdG4Y4WDHay581tiVLzdDqY606qtlmsjU9ti5h9HehwklhF-zYAX6EBSrBt4CXSUQnEf6eZMfHk-7OBJgdD_khzcJUJqCdX8cXzAj-n79AZKZbcEzT3svMBxKMX2P601SqkmahLXOchy-tJ5AIZwZnaeFG5xV9j_4CCOA&dbm_d=AKAmf-CYrJTiu_lU8J2OeL-_W9ZlmseVXfQp_-lOMZFwLtlwYgQFgvNyVfkRMJ89q_1WKIskGd0Gq1Gowb9yWaikf6A-x6kWB4PcosU5kiAoW8p5FI3ovaPKT0pZjZpefV9APMMne2qUDBoqUQh7MnngoPYsUl72CvSmCApfIThuZw7Zko3hBEEIcdeXYUHvVAWNz2_YdTDcKAncKO6sq7Ex2QfIMAV8kDX0nIBfnXh0MIhgV7pCUZ6Pv3nVFEzmXXn_-iMl-_NWi0ciKR_wXwYS_qIDyBom1P5DLwBEA2DEAiXue2ztHErC0lLBglYfp6ca08-BuYRo-eJMeuJ3g3dYv6Uo_Fs50BEtTVpkYEyMKZftD6QNBUkTDLIkIsn5J6biuusYuizQckqDo7bLgdxFNDCX54Ydhm0UsMF-8N9DGVJeetRyhLFnkixeBRawuOt4jCTU1hNphsRPvPx67U2F-5UKNpfnPLkBWttoji8ZtJ4ILEPxKeqoNNqeFjAVusqv-MDOCLQkyPgmGP5ry9dFJu5TrUu9VtsRDyBYZGyt181TPudPKiSxSiMrO76tgFhDVb6LjAhLMnV1wGBza2mxDilxkg_YuJOEGxUbKrDCQc17B8AfgFivfdxC9_cz0T2-nU2NcziY1fhhcyycw3hE7r3CyqP13FPZFhMZ4_xwjFdyPBJ9Nd2MvZwakh1BJmE7F9ucDvNDJUAbIg6GryZJOpoMo7zWUNW9OqkI3IxTd4k0oJ4NnDwPoT5ZgWMhtCzv-zXqEEmCCGzofVTr7ckIbnIdlDSy0x-BhzS4Bs4FEaLMpys892fTE0u5T0B3jNlc370LCS_XNIH3n_jNOYpPVDtVRtlQzqoziQ6D2K26FzagM69TD0Uy_SA8xe8BgxF9i8mrOc_6d5dHKsN-xk2dqfaeggD00iXZZW8smZw9isYa91PzZy2ba6Kkj5AGv1kZvQN_VCTmWG2uDSMTnz5yLCp53hJ8xfsBqf4r5DS3OwQQ0HDzoWuXY6Zb_wxlSCGa-OqY0fHfXgBVkGY8A1nqEpV1xtaId1KSzyOV0mhxw0zd8JQyiaeDBtI3HTg6hTBHQY0unN-_yCaMmkbowKVqyZ33L5jhp412bwQjL4RbUtQYRLDxqplYiiivrXwTffI21wOC5U8yKFcuRejkDzO9wHTcan8amG83yIQiqyPTgbbCIeSH3RD5QA6MhDeU1RV77zmLnUJfLogP_pdGNXZjluzglKo63-RAnYYMrTCqRl_eo3ihLFgc5ugOsRsZZJenG66zyfO6Ci1QxaJ6PCCzju-rSktQY2zmLGKhALSqar12JpRAYEH2bfeGAynDUkoCYakzx1kfahk68RYSqCR_Gp1ZXDprhDoSOAG39dQJvJv76W9kGfzC_emnKOPyNk65KJBrBoWMSWQxppGWIEgSYHz24tUSImvOi7DQx3DMcYZEKc9za66DZFjNVDD1arTf4RCQtrMxPPIQJJHeaJ9wWranO_KZU4HjmA-u2AqdcxkMN8T5QZk9UESLKUlvbsZSzB6FW1YaqlskwXqcTaqXfpvjFefTfQpVNVzjVUralBklw6SB4j2bowD3ezdadAkVQXppS3yu6IwfZO1YEzBPej3OOSYhu-_MyyFGnf95YJ89yLCSZt_wFuu9lDhdQuqKUIrNcuhHw6659F-xhlWPgOXeyzc8IMrQs_jPxq03GnFG4VGLY_rwe5OtqPbEcZEVsUWmmS46P7937tGZKU_u0k4IDRoWY7OqV9jSEivL88n21WuQ8POJwCopCgeuARaHm5d2yuUVUqpOjCV7iyrek3wL98rwRLXoIkPtzBGfSLkF7upHpKmBFhP94M8-gGHhMm_QMcDCjRWStQNdOiT_lU5HwagW4gO9TOqy5B6HIsLP0ZGVat05DRAxNJWzcA_skiwLcDTtCqS-r002ySy5OEP6nxtziXXzKh4qRMs9MRiinRUHBLMFhYvWVA1rvbiSJiZF-oDsO-UadNEOmGyrxbHif4In9rIKrw7wkDgG--h3jdcDPDZByaeMSV4GXDW4GgGIG2KxTczpKE0PYt2Vin-9_l2FFh_6U_UKdJ-Hh0zuDjKZxqqnVza1y1LYAvAyZsWzS-nnCDqMPIbUvvZm68zqYAWtdDfxqYrDrqygCsrIvwfHTfPkoWkyK3lVik2plelFbBLP-zn85G358ehZcN06ps6v77PjhaMcA6mTgC-bgAaNQ7VC-ULgrzcTFcDMuJG23umHLR2og4Ws0S_Jyei89nWx4c54qoEwiROVjQ-YbOQgT3Sgk1Rm0py4QIXVYEbQJvi-QX7Ln5J6wEbofp2WX3pRTOTxBec2mXB40zyKB7jQNN2mO84OX5F8o7T2AznElucKFZvnl-FIyT2aOlUNfg4DZOHn74hrIRFEt4gyxyUIKW9yrY0Crjcj3iT9YW1bcbpHAjl8GzUerSjOikk8oTOuwC5GAy2ml-jFq3FBNgvN2as7BOaJjx1Pc7-mMLtWXhyRucU0T_MWF5g8BpTa4Fr_pEIURmGRPSo1Z69VcDrW09a8FNZGIR-PKS-qoF0JrhKI5Pwli_q9Qm_t9lM61iXnPXsvJd5TzXmOI3DpJw2W64gvSbSArVJFuDrdNHvw0A-ZHLQYFJoiKtXjRc5SaBRBYj0Pq0BEGNxI4HBwJO_Fm7K-jCpvvqz5u0QkkR6MbLl82xNShvJ5iAMOIbUU-5Gf6uS__AGlms1byCmeNjgRxQ8IMfApAX4HW3S2YCjPDqEw02pg6i-_YvH0FAOtEKTy7SMJ2g3OdK2UHhhKz1Fd-tRhfzYYfEKGJL4A33d6h66_GTF1X-4loMiLy1LCarU_Tv0RzuDA7lYNGnJcpMhrhAPrzipREw2WW-sOtfmn-ynnzog6H91XGOuD71Uj1tSoZ35wNhH1bqCo4-eKBe51CCxxsfLMZGz90dsw2Ri29GdG7j1Eukpd_fSj9dlF2Fz22A8aSl3sIjH1xZLjJPCpsCh2Yu4_motCbBFkKk2_mUk0ADc5P4GkpfAjw50nxwr_sZ3YwlUKN-tdzw8PbaVXLDU2Hse-LWEemQflAO5KxNlR_KbDjxliI1DDMuC-kFrY1NrAN2NVjtkVRuZqUEL1xQHLMvTCmTe9JiyoVDMuYd0OeFt-bEuhRJTnL4Y_AZdxikcex0g27oNK3FVtZ5MiEXmL7SKZmrkTqEXlvKI_SL9znxqIhKBYKDjYdhY1RTIBZxDSQBJg5Kl_1G0VGQa95iCVNboQTy4i-paOZmCb3D3JqNwsZ2IaB9G4ZV1XrPAKNSpz4RzDGbJRF2hKbKUc3Xe1Qlz1vPa9WP2ykNFpA57gZ0jbe2P-AzzyTqEr3qgqI1iuce6ztfGlzAt4SIgBlKaVS4HWcjxXOkuGoy4uWTb4l7YaWCVDyn66nQTYqOJcB9P524xGWQAu20YZ-DCwQ44rTbUy6783lxZmU2g1Yw3AeKtHKrXOqoLuFad8dI5B-ikqbMYazibgO9B1SaWhYa1M9WmnZODWDOUd35kibLJB1DlcTI0MaA3jnisqA1C_xa6Vvm62ILw9AGGcxLBAtW9effXY07FzQJ0JfJFBiIZad8ddgwpwDG9FDE6YveaD8Oq4zloMm1r0IQD5IMi19cWwsy7QJwBrAAFyy5Aa_PU4VUNVX3vDdsUKvIh2dlTjU6XBrWm0_yYlH8Yu794UPI2OkBlbPsxsY3OZ2nOVVin_TQXH7W63YNncD7UQviRTTK0QX6EDrdZEZWY2rBpZJieVyd1dPhw6YASEOVSoBCWBBabZMKQ8sYxSOiJYSWQ0SKLmVOCho42edW-wmMR7vkWCAmFZi3MGpwEFujlD1cQgHXT95TUG0ORZUYJsqpFpJgsKleOz_Qfd9hu-jv9Lzz1ns4S1Wd1GQabAf4odyICYVEhxFYE5bogMjGvgdsT2cgNJiMmZpyBIlinMMmVi87JfyjnQnkFEEWLOFMDKE1nwvyXUdg5-KlknxKZsEIDaEw&cid=CAQSTwDICaaNqzhF093fshWM4bCGUEKvb4YWRqFJBYk-mL9o-C6WlzAl_QipwX10m6dkneBFpc6upcK42LdIvM6zXNeI3OlMoi35ciGrhlk3Tu8YAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgeocult.ru%2F&ds=l&xdt=1&iif=1&cor=16254659146736032000&adk=929882891&idt=138&cac=0&dtd=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b3a0f64ab4b13062d566a8bf5b0a0c8721608f700309a767e8b068a73d8e4130
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42350
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 86BB 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=b305f1dc-a70a-eb8f-e8a8-c94db8c1fc08&tv=%7Bc:vRPud5,pingTime:-2,time:40,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:418,beZ:418,mfA:420,cmA:421,inA:421,inZ:424,prA:424,prZ:429,si:432,poA:433,poZ:447,cmZ:447,mfZ:447,loA:453,loZ:454,ltA:458,ltZ:458%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:14%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:40,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B35~0%5D,as:%5B35~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXvqQFl+11%7C12%7C13%7C141%7C151*.1627455-73523864%7C1511%7C1512%7C1513%7C161%7C17%7C18%7C1911,idMap:151*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,siq:15,sinceFw:25,readyFired:true%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=4347476252&adk=504672438&adf=3417920651&pi=t.ma~as.4347476252&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133207&bpp=1&bdt=216&idt=215&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=217
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:ab5:5950:5df:f61e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
server
nginx
x-server-name
dt29.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame A647 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BO2TM61HtPK7b90tmQ7RMfJQw5fTa8F2LI7oOLMVUXuncjnwM2WxFZVDLlghvXR-UpVcJ__MlztWIHVfh1KWjF9EqnDYfdf6GKfnQHF5-lsk49vwpoEb-gfidtshordohyC5Imp-BdEbI-6m_HnhTejqsVD0K7qdU2y8yxKU2IvAVN13750Wpdr9IP90m-1j-7K548HJJGc4EJAEgboO1w9rV_0g&cry=1&dbm_d=AKAmf-CM4GcuaVXWpF7n_YggVQhwQKJ21VszCB90wOkq5ysuwDK183UuNgj5h7LZTaPFW-eixZMp-UgJ2dYNv0f-XC-k0Vhhn_Cnxp6UrEw7U8RAPyLJSMDIa34v8_4cYSJzdpbwLETLuAaQh9Cg9_ikS4aNuw8ZVGclQK6PdpBrNesBZ8fPfgjm-camUVrE0kVVxNdtYRqNbqR1FQwqoa4vPnVRljun4o9sB7gg0waFEWokKgiin7qYef7tCBfimubGHy4pEm9gdwc0OTYWT1ObPg6thvLKUcqlNU8Ls1uDGTqjJ59WMONJoLg1e-2dve2Wkn_Jk2pe2wr8MbPRrSsw2WSM1goXXpukkB_rB4xJzrLjNW6XbkfAKc4ZdMbHwZpix_-h4F7mYlBxLmv00Dirb6TXiZQpIuawPwrMKXM9PlkW4VORrh2u5paUH459XZsJzCTW3-vD9eZk5IYqY-oL-i1bBDShp5rcmDgezUkjEnoe0nFIuhslsUpgexhZfPd__v_T7iFmOQBKORmlPphkJJP24p4Rfy1Co5iozG0phECTDTPZ5LV_XOoxkdgW5d9l9bGgy8VUslzWThwsRaqIkyi_lDq5mme9m9-lZCpUU9cyqUOPtmUhpII9nJhgABWz2z14oAQheOQZ-dYw9niZP_vGT_Y_7aSowJU_3ZmXvVQmX-cy3lR4kqVZghsOBHpQIg5pJZeIxR_UMyplf4DpLAzFyEgd7mQLwX2l59TCefT3i8oH9qZoR7xFKo-drcXSFmFkUhDIK7saguFDJgas1Fr_EUhjY68p4snWffRS6quM7VuJJZeno2VEMfE28qVxBfWeXf3J9nOXTS17u-DOtEMNvO5dSPadvCdNu_lWwZcCYohYP0iYr2AFK3nl_O2KlZd4Je8K_h4sFgTZ6H3x4Uj6uU_QZBLaSp1Pdn5GXmadk0X3i5QXa7fzrhmUtqUjwgXRWGLaJm7CfoZckoERnokE82fyfUC_fX-JT2Mvt9gFYN43NYy2x6jIep4-gMsW-wbeDPb2goiFVamxOUJC1My6QuuQwdvf8a2rkl_4YPv1xYVX6s8R0PBUwLYg-nsH13_CR8rpUd88-CnIlUTu3Ru5cBHT6hqVybjpLRYiAdYG35O2WUwDWevicLBSY8oWUCWRvX05yb-QfbeCyzG9RPqsJuWlo3zekF40qy5Hyz5ChpiRnZ0OL36x-Zjar4ZY881787SaZ6TluK76G3lNtPM5Jp9dizV7FB4nRnxTIUFDUJZOUUwX3WaGDum5nEgH0kYhWuhgryk6yl8JiiySrdeHqwCwTFUirO7amZDkA4ksv1Rr8kMzyYj8SzwyN45oJJ8OYAWypxk8euu1XWnch3BCI44K_1-Ygm_aWbFEy3iPmdoVfkjJgqlNgi4SPWb1vbravRlgaPlZsDMPsYcFGOb7t-ZqsqIvfL1ufnBBayhPeFQlZfxT1UtevpWHuD7xfsC0g5UZeX-ZU1p00hJjB-8LfnZrgXDVT_akjStrRu0CwVjeEndoCwqonLaJ_BFhvR2eb5yVj9bKJVKYAWfoyn-tS2sm8uJDbHkF5L7qfND9811hdI7sdGVKcojNQNJ8qaKywWdc0-NgdUARob_q34NqRgxwtWcvmNXG8RHDiKsSlU752ziSYtkZcFN3HRsQM-sbj8_bUGX9nTRsW2pWKNDvD4Bg-Ag4E10ttDKCEtB0RiZ6VMw3nKo8Jy-bB4uHIHXjsZRyXzfgV7FkO9MaPOWlphPwoujpwW3NAkIpLoTfbmw1KjxF_mL3oE74On7i2gHHbA-_esL_IGUr52tVvjT32OYZBE8Answn8aIOgmVb4WbplwrOOJyzks0ZmzZeLs81VgGB0Y-tPmlve6NZokl3KfxBIqDsaOWUYbinPx4T7wX51Y2tapwBVAi-teeDkoloQSWIFrdRWhw6foFpbxmo7T9eVYwK0O85128BACvKdtjBq5p32sGV_x2XJxyHi5OKx7WY0S7yBA7318PIrSSh5nZsmaen4IcVR5vN4tzZHJIHWB4U30Qd4uvA39tFK7DjSpgM0M5xTYUsgI6vvhMArvlxAzM60Lcfi5QQcw0t41PMPFyjjnt1QX8ydAfSmqzq0ORhiefwh3H65P995BybRivCnWtqK2M3TIDanLtFeMzbt_g4fHFPc40QiO55ZZ4x6DYrHpEUMDbsdvndXAuOMWmlOp4jvg84-4a_vvAFnOGI-h7Hvk5xx-4KUSOnGXYQPiZVv5emJabXnoPIBqnj8DE32-o_pG1lmITQ_UPizpntF0HVsQcxj_-DJiciT_-vjbxX4YObqRkGlvc_SPQ9sRW9ldag6z80ulYk1QZAgc80n4griRrSMlGF6OF9lf2WGKnDKrxsBROwguYNx-D6y385oyEN-IK6RZg_O-Qxt0w7rst8GR5taTMKQi3zq3pUPjbWwwsaWjMVN8YqZYL3NWAhki64WjZCrEq8tkPArf9d36beqJLxuWMfQe7QnO1Nf-vAA5RU8Oz074a910kOefgP8ZGliJqXAEFO9LFrObo0wHR_rmkrMP4DBEem11paIMBj4gxcWAu4SqMGP-WbTCkSIHzIWtCiG2O5cwfGOH51No7qjrqnd402g9rOqEPegZHneCZTLXR4qw-JQECyDx_3-trw0ll5WcyOlxX2143ubbW57iNKtI2NRAydInRMeB9Cfv-a8TG594agPW7FU9lSwA2eF2bkL2ImWe69xwhLvvPDotYP2WHaptYg0x56ju9W22bZLLxVQZkA2xXvRoSoa4fppKPVLjM0YhbZmKNj9ux0lh7poUUGGUj05RfXU4THZ8UIqGARhzBZMcEY0y0K-UjsB0eV-Thl10_YCpWfFs1O9Z330ZyAcDLdCrpe6bY-0jSxpvOyWaI0jsKomMWvF6cTB6d3jABdkv4L0RCr_NsZbxCGZpK17uAat3Q0fMhsJ96a85rx3vxjDEJNdmId29ecQxNVhApofNTNghNqFb8e6Z40cuL7J5MXMI4tGPi-RsCxJC-A30dSGm-Z8OXwPvE97ysYj7JD8QpVIC8TL8m2Ht4GX6GfvM8LQyLR9EYikv-wO2yPYr8hg8nmxanPEWZZYj5usUBcE5O89D0Zob7HC0L8i9esHplTp1EFFQzjq-cFODOc6PSWM9cdFCObH8mxY4rL7b0q7vrlmeJLSLMSDSJ_E_yF7a2dnLwvzVsc8xYfIfwzAayjrO5EU0HOe-cmK1t5XOzY8vEaPGcuxUdb42XqEKr42HH0fTvI12WwLfn6WkQUhsf8_Pfi8i7acLc2yOsgmtdHZLZHJzwIIR_gU3fpJoSEYzCojdrKBcL6txv-mKXzfIDPS3v6OwhxrmCY1lM55uDCSp_P7M7P8Ap3BlRXtsv8pp32rxGsEui9V6hNYIe08x9NGDjmBJmQUyMQH2Yq2HsqjXAAU3BES8hu802nocI-WwxS6TfQ9LDhE7pAxfFeAmOS9oJ9VmF9XFARtLIsLO8LWsGmGloEHc6Yq3a28BIS22kvdy6umdBMJWnDdShqHjIHruEDGTU6x2gHpHCKrD-32IRHH1UAFEHRGXOOXuVNPyadkLvevi5pLDshzRS20Tsufc_UYNvJNn1-yKqo8yp3KOz99ylJBoAw8YrzB80caddUngruPEVAoDDkBRv8lFhWYE6AhQn4S7Ywr_KDuxzu1v3tTc7hP1pvJHZSjlD9E7qcsX1_IAt85cvgLS4USGhjaO-j4KHm5qJ14HQNrRllA5PCei9h_10zxUQ6e0tUFXjT0TtVMkxS2kTnRg6wCTioC61utQjbji9PcFV0km2Qh2s-IXt5rH0txoLfMgL8BCzite352bcFim9m7DUjEFMTli3rDR-VJtpqT6qsQTxyJ43g3n2z54V8v_QFl7bgIWbhhacEPR7UGhkjNA--O1pj70THjuZOsH49tcFNOa71tLfsgJNFTshIT9ujhHStYaRTYA4-UmDefxpM6ZVNTzfWhwx87NE6OwepmxXMWxoAVITTqX8KHJIxWVyJP2AXLiFowzTbGU0P6265biO-EvZ0vaVq1Pvud9lmKwYkLzoLLomeisP9hbbBPrDyjiNiWc1wk8yBa9Ooi4-pnC0WQt75aVIgCJzCqA&cid=CAQSTgDICaaNgHUT-M_IpQZ4aKOpFn4XSC0vL51RM2IgFN5Yrm0x-rd1EnwumDqt9enuy5GQ4E4gUQ4dstU_R-cmlhUxLlA8RBpvjbm9Ijm5xRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgeocult.ru%2F&ds=l&xdt=1&iif=1&cor=3860321303814935000&adk=250412560&idt=87&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
269226
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 18:05:08 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTcyMzEzNDEyMzI3OAogIHNlcnZlcl9pcDogMTc1NjA1MjAyCiAgcHJvY2Vzc19pZDogMzA1Mzg4NTYwNgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame A647 		0
867 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTcyMzEzNDEyMzI3OAogIHNlcnZlcl9pcDogMTc1NjA1MjAyCiAgcHJvY2Vzc19pZDogMzA1Mzg4NTYwNgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiA1NjIxMTUxNTU0NjU0Nzk5ODkzCmRlYnVnX2tleTogNjQzNzQzMzI5ODA1MDUwOTI0NAppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTItMDQiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMTg2ODk0MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMzMjE3NTQzNwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogODc4MjQzNjk2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE2NjYwMTQyMDYzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDE2MjE2Nzg3CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3JlZGludGVsbGlnZW5jZS5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9hZC1zcnYubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8va2xpY2std2VsdC5kZSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133206&bpp=1&bdt=214&idt=209&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x7986be02ed25840e0000000000000000","13":"0x280728e6e7cb7d6e0000000000000000","14":"0xd31bd2fd9eff20050000000000000000","15":"0x9726d031a072f42d0000000000000000"},"debug_key":"6437433298050509244","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"5621151554654799893"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
33lgkyejwpt3
hal9000.redintelligence.net/zone/ Frame A647 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/33lgkyejwpt3?subid=&gdpr=&gdpr_consent=&rnd=1701723133583697&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPOW4_TtuZZHQI8_U29gPs_Ov8A2m5b2gaZ2cnKfJD_AuEAEg1MealwFglYqdgqwHyAEJqQJT6a7EdyWyPqgDAcgDmwSqBN4BT9AX9BMSbl6ldaR9K5PLmBw1XFFWa1XqNHWUTRDrcxfXgRXBOwBobx0uEuxrFBcGF_eBsld22SDG3HT9zx6u5_tnpg3aUX2ErUpQtMM64DF8R62XJf0SRSrBgg_bE8ZJZT5hbs8hu1p2xZK_mLv3fCXIEfCORE46I_SmFuCUwEWObYG1pN-gZwfkb7qa_m9aEKOdCNf6FMNHXVweIafu44EKNuayW2x4iNdGliQCWzi1o0PBmQDqS_sySu475dTiYGn7U-Z9W3mRIqCBmdmIQ_ar6botNzj1Kwurk3wTwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WOO6_9bU9oIDgAoBmAsByAsBgAwBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNgHUT-M_IpQZ4aKOpFn4XSC0vL51RM2IgFN5Yrm0x-rd1EnwumDqt9enuy5GQ4E4gUQ4dstU_R-cmlhUxLlA8RBpvjbm9Ijm5xRgB%26sig%3DAOD64_3Kf2G41ZyCDQPU8fQz_IBWDRJAnA%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-D3zcEUOMz0rZKW_BXysPKE2Gm-t5hv8y61sWw7IRwWm1yy2CQYaapJ7sRu3LIa3YpDD2eOOycsS0yK2S1St0g1LzKDd1Cu7MgYRDrdW85-EoXFpOHN1Waotg9qbn3mMgC1P9afOG_SMgbdBDN19vnv4OSQNgAOE097JutXhcLJjKc1E_yIkdFK-6rViu8JxjWF6bh19SksDXV0rW0iP4iZYcE7yA%26cry%3D1%26dbm_d%3DAKAmf-DpcFE3cwgxaqOIauHzNAiNIQsVblQ51rFA7vE9pZv-G7hJWFuHIAikI8FqXsMX1Ovsa6tuaqHzhAI1lBp3H6yl4mXPpGqcx_9Y_TYuYmuQSa5dxH_5IGhEJJWj4Q3VNryxbh3aEIZ_OCoHBjggieeXiJKiAO-8rc2NYu_xX8koW4Axd4DIM3tmJLVz00crU4CWCMS810FCTPcBT5pJzJ2kGAfd3DmY9R-0I_CTI_YC3lwnVc0zdHN3ruzBV0HKHk6XiSSuuQM4hiZVGbC26UGd5J1I8wslf29hCKELTotopsKX-oKaNUL_9MIHepQGmoylysuS7j8dVVFrjZGed-nuRYCavGYVThKMVRqjbAEASgu-h_fZV-QEq3q_3_nlJ5byg44nGaiidV3dQAz_Pgr0RwPIIPW1SUiwQo3OihkytIX8Fl8sysQQ34eqR0PsgKupHJA2q8av11Urkv66IJwIuCQEuoMakIFwmTVfLE-qZpM1BaogUkNNc3rnQMQtZD2PSN_HhLNksv6C0v1IjOwS_cTXNzRusf-7oMRy6vo431y-FXBeGvh52F3LHctLj0MeysCyUaYv0ELGyyrho_ZMfwuuAg%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133206&bpp=1&bdt=214&idt=209&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=214
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
c859173194c9f1b9585646e65239ca039b93577e65ac707bf0d21529926c72eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 20:52:14 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4228
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame A019 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
83018
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 21:48:36 GMT
expires
Mon, 02 Dec 2024 21:48:36 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame A019 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 10:24:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
37662
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Dec 2024 10:24:32 GMT
request.php
hal900012.redintelligence.net/ Frame A647
Redirect Chain
  • https://hal900012.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=3636decf01&subid=&uid=51726f56f2c3ce0d&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900012.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=3636decf01&subid=&uid=51726f56f2c3ce0d&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900012.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=3636decf01&subid=&uid=51726f56f2c3ce0d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPOW4_TtuZZHQI8_U29gPs_Ov8A2m5b2gaZ2cnKfJD_AuEAEg1MealwFglYqdgqwHyAEJqQJT6a7EdyWyPqgDAcgDmwSqBN4BT9AX9BMSbl6ldaR9K5PLmBw1XFFWa1XqNHWUTRDrcxfXgRXBOwBobx0uEuxrFBcGF_eBsld22SDG3HT9zx6u5_tnpg3aUX2ErUpQtMM64DF8R62XJf0SRSrBgg_bE8ZJZT5hbs8hu1p2xZK_mLv3fCXIEfCORE46I_SmFuCUwEWObYG1pN-gZwfkb7qa_m9aEKOdCNf6FMNHXVweIafu44EKNuayW2x4iNdGliQCWzi1o0PBmQDqS_sySu475dTiYGn7U-Z9W3mRIqCBmdmIQ_ar6botNzj1Kwurk3wTwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WOO6_9bU9oIDgAoBmAsByAsBgAwBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNgHUT-M_IpQZ4aKOpFn4XSC0vL51RM2IgFN5Yrm0x-rd1EnwumDqt9enuy5GQ4E4gUQ4dstU_R-cmlhUxLlA8RBpvjbm9Ijm5xRgB%26sig%3DAOD64_3Kf2G41ZyCDQPU8fQz_IBWDRJAnA%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-D3zcEUOMz0rZKW_BXysPKE2Gm-t5hv8y61sWw7IRwWm1yy2CQYaapJ7sRu3LIa3YpDD2eOOycsS0yK2S1St0g1LzKDd1Cu7MgYRDrdW85-EoXFpOHN1Waotg9qbn3mMgC1P9afOG_SMgbdBDN19vnv4OSQNgAOE097JutXhcLJjKc1E_yIkdFK-6rViu8JxjWF6bh19SksDXV0rW0iP4iZYcE7yA%26cry%3D1%26dbm_d%3DAKAmf-DpcFE3cwgxaqOIauHzNAiNIQsVblQ51rFA7vE9pZv-G7hJWFuHIAikI8FqXsMX1Ovsa6tuaqHzhAI1lBp3H6yl4mXPpGqcx_9Y_TYuYmuQSa5dxH_5IGhEJJWj4Q3VNryxbh3aEIZ_OCoHBjggieeXiJKiAO-8rc2NYu_xX8koW4Axd4DIM3tmJLVz00crU4CWCMS810FCTPcBT5pJzJ2kGAfd3DmY9R-0I_CTI_YC3lwnVc0zdHN3ruzBV0HKHk6XiSSuuQM4hiZVGbC26UGd5J1I8wslf29hCKELTotopsKX-oKaNUL_9MIHepQGmoylysuS7j8dVVFrjZGed-nuRYCavGYVThKMVRqjbAEASgu-h_fZV-QEq3q_3_nlJ5byg44nGaiidV3dQAz_Pgr0RwPIIPW1SUiwQo3OihkytIX8Fl8sysQQ34eqR0PsgKupHJA2q8av11Urkv66IJwIuCQEuoMakIFwmTVfLE-qZpM1BaogUkNNc3rnQMQtZD2PSN_HhLNksv6C0v1IjOwS_cTXNzRusf-7oMRy6vo431y-FXBeGvh52F3LHctLj0MeysCyUaYv0ELGyyrho_ZMfwuuAg%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=4623972934818&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133206&bpp=1&bdt=214&idt=209&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=214
Protocol
HTTP/1.1
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
b40e6f42c99d9f0d49106ac74c4aa344f2223cfb246896f462e4c353b88dd2a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Dec 2023 20:52:14 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
21166900213489904444556012528012
Connection
close
Content-Length
1353
Expires
Mon, 04 Dec 2023 20:52:14 +0100

Redirect headers

Pragma
no-cache
Date
Mon, 04 Dec 2023 20:52:14 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=3636decf01&subid=&uid=51726f56f2c3ce0d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPOW4_TtuZZHQI8_U29gPs_Ov8A2m5b2gaZ2cnKfJD_AuEAEg1MealwFglYqdgqwHyAEJqQJT6a7EdyWyPqgDAcgDmwSqBN4BT9AX9BMSbl6ldaR9K5PLmBw1XFFWa1XqNHWUTRDrcxfXgRXBOwBobx0uEuxrFBcGF_eBsld22SDG3HT9zx6u5_tnpg3aUX2ErUpQtMM64DF8R62XJf0SRSrBgg_bE8ZJZT5hbs8hu1p2xZK_mLv3fCXIEfCORE46I_SmFuCUwEWObYG1pN-gZwfkb7qa_m9aEKOdCNf6FMNHXVweIafu44EKNuayW2x4iNdGliQCWzi1o0PBmQDqS_sySu475dTiYGn7U-Z9W3mRIqCBmdmIQ_ar6botNzj1Kwurk3wTwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WOO6_9bU9oIDgAoBmAsByAsBgAwBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNgHUT-M_IpQZ4aKOpFn4XSC0vL51RM2IgFN5Yrm0x-rd1EnwumDqt9enuy5GQ4E4gUQ4dstU_R-cmlhUxLlA8RBpvjbm9Ijm5xRgB%26sig%3DAOD64_3Kf2G41ZyCDQPU8fQz_IBWDRJAnA%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-D3zcEUOMz0rZKW_BXysPKE2Gm-t5hv8y61sWw7IRwWm1yy2CQYaapJ7sRu3LIa3YpDD2eOOycsS0yK2S1St0g1LzKDd1Cu7MgYRDrdW85-EoXFpOHN1Waotg9qbn3mMgC1P9afOG_SMgbdBDN19vnv4OSQNgAOE097JutXhcLJjKc1E_yIkdFK-6rViu8JxjWF6bh19SksDXV0rW0iP4iZYcE7yA%26cry%3D1%26dbm_d%3DAKAmf-DpcFE3cwgxaqOIauHzNAiNIQsVblQ51rFA7vE9pZv-G7hJWFuHIAikI8FqXsMX1Ovsa6tuaqHzhAI1lBp3H6yl4mXPpGqcx_9Y_TYuYmuQSa5dxH_5IGhEJJWj4Q3VNryxbh3aEIZ_OCoHBjggieeXiJKiAO-8rc2NYu_xX8koW4Axd4DIM3tmJLVz00crU4CWCMS810FCTPcBT5pJzJ2kGAfd3DmY9R-0I_CTI_YC3lwnVc0zdHN3ruzBV0HKHk6XiSSuuQM4hiZVGbC26UGd5J1I8wslf29hCKELTotopsKX-oKaNUL_9MIHepQGmoylysuS7j8dVVFrjZGed-nuRYCavGYVThKMVRqjbAEASgu-h_fZV-QEq3q_3_nlJ5byg44nGaiidV3dQAz_Pgr0RwPIIPW1SUiwQo3OihkytIX8Fl8sysQQ34eqR0PsgKupHJA2q8av11Urkv66IJwIuCQEuoMakIFwmTVfLE-qZpM1BaogUkNNc3rnQMQtZD2PSN_HhLNksv6C0v1IjOwS_cTXNzRusf-7oMRy6vo431y-FXBeGvh52F3LHctLj0MeysCyUaYv0ELGyyrho_ZMfwuuAg%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=4623972934818&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Mon, 04 Dec 2023 20:52:14 +0100
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 62A0 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DCMKLr_8pJTKQEk-E1dtARW8p1gK4nCsJMKr0cSqI464RTB2K3Tl4qeuaAkMaHFLJ3TdSb_BXmC9T1pNVCluDXEesRwPey_LCZAXPC4ODRY_X6Dmp0itCVDM8KVvj_uNxKTwzO4pMtvAHG-iT2n99WSVpU0jhihc92jC1Z1Sngk_RdArc&cry=1&dbm_d=AKAmf-A9kIqpV6gu6A8YNo3vSItwDlZm2g8iWOMXfq42iHyl0DtNcJTCCOvuixpI4UVxiK74HmadTGkLfuG5qmUw-0fjAg9ODb6zQnRg54in3Voew6teZ1FEo8AHzJyvfTnmY5WppcpvbsAaD3AkYAFSvQ9QlZZKoM1EM1Y9sQgNdESUCzNr8x9RP6ooM6A5DWU6GYoNx4Iwq3kXgk60zUPA5oaFtnSxKf4TBAPVrqyuLVMp--1HLHkdhUpzLQ9u6duoDqkes7zfD7TCd0z0bQv6F24bZL61SNs0VSv8x1heQYETKuKosPWzOLCHsaeRulOuGxN0uLxDkpU1DH9Hv6eTmXDGypfvAtXoCPhK14WZCldCh9wbl6ypt7kT-IaHwPOM-cGMcm_UIo38F_3ypY0M_0BbVkNnJ1H0dh5t3WcXvb33rYI6KeO5H0z28GjYNMrWe5-NwbG9BFZlvIs_5-m1o1A96vToPwQ5B8fY9u22EB8Auw_kG1TFhh0muZaFFA1I2DmvfIi2b6TAWBYIiZsJbXIE8GZHeet59ANp3rtbuhxP2cJYPgQOdjDLo_kLyMDiiwmmZmKQW0lRGt6jf3Df_hNAP3X7IRrPHF5ITKWW6XMsKN4xNPG41xBZKwCZzBmiEgLqi25EqW3CU8yFocNbPCSwjbqhmCmgDmIP1_YBL7pQV_tQ23grwpWVYIP9RIL_DWiNEjp9DgrrUGNlF5zlYXRO41gvd1FNShJXn15a5XIUI4FJB0r6yjoW9oeMHQiN0npeyT0iexHLDL6fE16UMOUyJ7HmoXa0WScwrnZhbfrGFPfaEezYcD88ZS4K5uur60rUY3uqmbaga2nzXzPTcCv60_rsuIr63O0_DPL7ryem8W-HKjl-mJoIxFeijJdyXinoWJ6sa57DI6yLAvSb-Zo9uE5wcY41raM1kcVW4gXNGRppKi_1YBno-YOvxo8uxTpTy19bF6Q4pozbKHkkM-7n0vzIW6wqbOq39QzOYHSzO9NguDLHv7osxpLXQngp78zoKuAqQXuxH0F1ouekhIiXStN65wBit6RMpcwOi8dzJ6waUQLmGdv7WpV0qo295Pyyr5y2pN_8KpsM7IR-QkQeJxg5u-zaxy-QWn1uiqngQ9aLjjmkzsBp5wNi_7Vj6WL_XeO97uTdDZ7RCj7Ky_cvD8_-TwlYFlcTtqOYTwq-1DBmEx3gMy4Hi-fhGrk9COBS3j0rQ_MsH6ToEfcqoBttoVzl3l31Kagp_YFZcC9FfP2FGWhbPxppAZSkJpEFABs3L6NBLuPhyUIpqpUDyDRPQ0jFilu6jXqWFc543pHD6hipmmjSLog6ijEJaweeeArR4xv5MmF-pMK0PBkOZDkYC3jI3EbtDdaFcEb_Q5qqGgCf-7kvIQBcu1cEWkVEbu5TwmUmhwLt6W5t_w-4-F0ItZpr3eEvr-xSirkmd_VS6ks70nZMnhu-tzPFkJedwALmWUWuCd3VvGIs9JBI2jYjTsYaqa-oKL4Ilf-czbdRUNoX_SaMMBISWIGS5qHabeAv02t7InMA41WebNFYBhy2eUKWc9uxpt-wR50MawPYnUrQy1Fb3coW1arzyWYGj9j4xf2XoLztp3JldN3QPfbmIV-uxmMoGqEy7IQ5CG2t2Y4LNnN-SL8pWctNYQux2w55xXoBbaiM0-xpIPaMbgd6Y_ZsUNIEoCF6t5NjaUHYz_5vcnRZLmOOpIqG3WEDYbnat3Pyh4OnlDZ7GehQvJVWLkeBuIiDIDRfY7hfVjPcywTruqlTMK8UCa5sK56EgZ1p6Hcih-UDNFlR6nnrC2gzMugdwgZWMVP0Bjrisr0JtDED-Z8zgl4A0G1kRjT6VOTccBzWqmO7Qgu3xWFeHOP3tXfbUEIqj_hVHN05P1vuEP3JM8mQpOw1Rct7sGQzGTSX1bOJg-FMO5b0VRgt3YZFRmv8MGsZLVU3XYayPF5RvvjVdirkOUyDBkjBAs3uG0HBtvtsDydkLKRAIf3b4X23rXH4calEdsE6fDyFym6flOR1CYyfbmoAbJ6f8UOrGQPK3OtAF1KyJOJ1tONs_AvYAn28JOjCnYtyF0__UQVrnArOx9OifQv3GoBW4m4bRtNc7dkec33BeMk-_apbM2fzF1wd4_Ww8jo8bAnGn4nt8ZQq7oAXP3NPXbUmiZv2JO4FSUKGTWCgnmJ-ou5rTJ7s6dZq3ndS1_TmZD79W8lWmXulU6Q3K0q4WXa39awBowWx--kBWlweeMrymVYprU26GW5_86K1ATQzXPMGs4CpLX-IYDv5CVINYrgRaQ0xYkJf1-G3lTg1gE6EpQxEQVELwfKa4ukCbXQBNkI1Rzs5RAYiLwYgQkGLHyyibLZt78yeGVQmviHzecaUm0VZToPY26MEsbJDbUVmrmHOnA7RsUiFwC-aEjNZ0nglsbY2hfkkyBTOCsk-pTVblPzSwurVi_XNzEUyhJZM52kqTONA5eMz629W9LE2AQ3poQwFtDCcmE_ok7FndZLGa6b25qW7tEv-cbfBVEJEq5H-pxFapyo_OMzLN8uCBQ89BwUpTTp79dSXfcQkcPJirv2cbsiLHdFjTXkaualrHnyXRDbp-oYDskmIxaMtkg-IQfB4FIUHUKa-zBRwTQzYX0fDJaTIbslhnr8CaDXvtqoVaSNgc1EmbRzfvoZp1PD2YEMUyatI4vfNrSAdPShqUkERSExobZdvBdRcNXhwwCPyLEHe07NImUjAbBx7X3kA6YBNdF-Qn5bQtN2_ruHCl2IxrmYHVtCfLJAVVth-kx6rXZBRqCLnfFY8xtl9oyiskHbIFe5hjYFOfmNe-HqZJjSVWl8hsLWdFTWzy3WHcndCMYR9rJv6buZiSnvVvppWEMMbWIG1oUKFuX3UxiYNy3c6zgTixELiJdfk0SQTjEf6xatEzSGYE8wMkzq8vH2aFzFUrqVnLUPaD9rtZumJu7M36nykRJMVg99veq7WvADsy5HB5EfxHO4nWhTlyIZQyON6zbIa4l-8jv0-lLmQ27V7lbWK1CKXXg5NzkrQLM1h-mTz4SviGRZGptDt8Rx88ZAZgY-eti0JPdyw1_uJL5IZ6TxfgxSUrIS5AR0E8-Sd6RBptIaSXhtTFkjg9zoyyPEM6kloMVMkyy4VjIdLgfxWT1wdYw3-zATdfcQhW7RIZLd2h8DHgwEvtocbNwmavFJ4UJSKjKC9nHkU4WQuaiNSgz7EQvgXdudXBZcIXjVfNgbhOhCfP_QJ2Js-seSBBF8_af4Yyt6jrLAquhc78G0Vz5TZD30N6mG0Lv47IwRcSN8cTnhs-EplkvMREYRKO6-EajVDZSOGLWh1fUlkfJdNJVQ3AO1lvGoSRSk0AfmXmHsl60FYlf-bhL3jsw82H4sFl6FYUWfLSGpcu6Dq15UzvyxAOcxU2b0-YsmmwUCJQYaEwl6tc-9Wntc74K5nJVMVpii7_ZJMWc3tviop7Q29MamDdXObC2yKPySgLfRDNBw42g0ti6nWFrMTeBaE2OHSa7YZHwbgxU4PrYizqPgszsDOL6QeWEjJ1-C9nxD_dv7zbJWMEDcc3hz45xD1EDX1eO-AuwY9bCv_-ksm0houW1Iem7bsrAJBomeK_9IFrK8mt2tJZJizzTee0f6aM7wdDOirozcckjiySSCV6oAfdJpBuD5lDuRHF9PaYuTptuYpiQtYflU-UKHGZRg80MPaWNCWmYl0GQa-Egnm_iRg3aGVfEaGt9wqiW9cvzYJAn0on-YslWEK-G3MK-MS6CAtHBp1b90933nlUF8LHFPvl2a5TeTa3BiVmVJG-E3pZvAjsTYLDM3VEIz3z5piOfq40QDk24icrqQ9plDaN3TOVKY2ELf8CFessOnnTwEMcJy3uQqafcVJhS-r8ibXeHxv4IoR8001zAgUA3miuriu9NPtcRmzUHDcGBkNhctobf69-GTjQCiJjxdvOfIXr95MOh1yCl02OPnqkWNtvUzWJH3giJqj2un9jC-4pedyrUMip8xdsaV1lIGTsNx5DrloG7wEE3wi7nbsl4sNFAV7aur9fq7WzcQozlpFfjfF6IZz4ANUU40&cid=CAQSTwDICaaNt3SHelvzd3trlGp829vJq3kA3oQi2diJhLby3hxkNehCipwlJlMcA3fIm4oP8bfQ1sYYfukhteSFYBYCO5wPjfsjJi1HkUunghoYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgeocult.ru%2F&ds=l&xdt=1&iif=1&cor=13354838633563513000&adk=2228999115&idt=97&cac=0&dtd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
269226
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 18:05:08 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTcyMzEzNDIwMTY4OQogIHNlcnZlcl9pcDogMTM0MDY0NjY5CiAgcHJvY2Vzc19pZDogMjAyMzA4NDc2Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDExODY4OTQz...
ad.doubleclick.net/ddm/activity/ Frame 62A0 		0
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTcyMzEzNDIwMTY4OQogIHNlcnZlcl9pcDogMTM0MDY0NjY5CiAgcHJvY2Vzc19pZDogMjAyMzA4NDc2Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDExODY4OTQzCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0Igp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDMwCmV2ZW50X2ltcHJlc3Npb25faWQ6IDEzNzkyNTQ5NTY1Mzg0NTI0OTYzCmRlYnVnX2tleTogMzgyMTcxNzExMjYwNDUxODQ1NwppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTItMDQiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMTg2ODk0MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMzMjI1OTc0MQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogODc4MjQzNjk2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE2NjYwMTQyMDYzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDE2MjEyMzIwCiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3JlZGludGVsbGlnZW5jZS5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9hZC1zcnYubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8va2xpY2std2VsdC5kZSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133207&bpp=1&bdt=216&idt=218&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x7986be02ed25840e0000000000000000","13":"0x280728e6e7cb7d6e0000000000000000","14":"0xd31bd2fd9eff20050000000000000000","15":"0x620192f7bbc60d660000000000000000"},"debug_key":"3821717112604518457","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"13792549565384524963"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wmoiqux43uzw
hal9000.redintelligence.net/zone/ Frame 62A0 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=&gdpr_consent=&rnd=1701723133607631&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNUB6_TtuZY-LJZGm29gPteOPgAqm5b2gab2TnKfJD_AuEAEg1MealwFglYqdgqwHyAEJqQJfaGHw1zSyPqgDAcgDmwSqBN4BT9DWwOipsf6T4IyCQGF1XNXeKT3c8EN9tYX9XYc-4CLv3JF2YRlNkDZ1po1QfPSbVdYYkn0BZKGZrE8KuWRf661DWP7R9r_OeCFwu6y1LYwbggjjjGJEVev0E5uXQWutCEUUyvOIDz85kEQA0bzzK1bnVAwcCBdgCsIHMOJxd-0bVuF_cxGsTkLLd8Q_WwlkRFCnn2NmOqZjZYd6K5d4D-WjUKHeEd2QbggLy8qjuG9tu43pbUArBixNTiL0ACv_PixGtobu5NuGeNPCQq4ISJoCX_nVHuaZG2XZGbOTwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WIjhgNfU9oIDgAoBmAsByAsBgAwBogwYKhYKFOS0sQLutbECtbixAqy6sQK7u7ECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNt3SHelvzd3trlGp829vJq3kA3oQi2diJhLby3hxkNehCipwlJlMcA3fIm4oP8bfQ1sYYfukhteSFYBYCO5wPjfsjJi1HkUunghoYAQ%26sig%3DAOD64_012Z2NE_hrgQPQs1VNTZ-dwQ_kWw%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-CvHdFiUrpU9cO0AlN_v-ceBGq-c-OlXuR3OXaqfHUMiWQexuasVeFA6Ge2ZAE5-qWpmgldxvP--YHtbyXhmk4JJaCjwlYC0GWlSVSV_rEl8R7nOZGSJpbTWyGi0s9BlKNKmBlzRUvVvXY_db4zy-z8MVayVP3MNumRN3fmvcr0jNWQI28%26cry%3D1%26dbm_d%3DAKAmf-CsLDa8C-6gDTWg4P7LRVTT3YUdw5PLCyEG7vj2AHQeDltslzonzmmRfb-j24U-7d8Vu_MUL5XTp3RwJQzELPrDr2n1D8DwzZAmcJGjqauiWK7smfp9m37ivjxcU1LGY4f_I7woyTl53dywvuzODJDHdzeWvRKOVuR3SCY5-pUkF1YFzNzImaTLcbykOb1-JNN3aJ40uWw2fkHQ6f6Iibt8C2RTW3lxtvYSxBA2ArAUHIa6GuWTdtGNRidsHhqF96Sjleod8xwYZgxjc4H2LCplIgMkeFMDWGI3GvqO9nFjYEv-XvEtPi0mtAFNQlw4hh7oO2VZlWbJcAbaQ93wdUSMIgi1XSi92J9ahMMMRJEcPfUYmgnhum1Rj-EbnlzdywNLoqT1C5LbIhAxX1GoCZReWzBTNoNSt4Stzc_30pQ48fvFLkm3adHPL_wzjQEGT1RzpGVSgNeu5B-Emj5T6sM49qNJUDj1B8Wtqm0i1qvGF31tsaTTcG5RdRdGQLjsBYXvLy_eM7QIaT6Z2HEjOISBY4vVBQin6eyUKP0ATM6ru7jNOBU%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133207&bpp=1&bdt=216&idt=218&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=232
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
4df9a54c7b5b871fcf94bc14dd604fa1e908459af33121868779330f5ef0e0c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 20:52:14 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4166
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 4A1B 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
83018
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 21:48:36 GMT
expires
Mon, 02 Dec 2024 21:48:36 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 4A1B 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 10:24:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
37662
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Dec 2024 10:24:32 GMT
request.php
hal900026.redintelligence.net/ Frame 62A0
Redirect Chain
  • https://hal900026.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=0b5cc9f0f5&subid=&uid=6c115e7f3359a272&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900026.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=0b5cc9f0f5&subid=&uid=6c115e7f3359a272&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900026.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=0b5cc9f0f5&subid=&uid=6c115e7f3359a272&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNUB6_TtuZY-LJZGm29gPteOPgAqm5b2gab2TnKfJD_AuEAEg1MealwFglYqdgqwHyAEJqQJfaGHw1zSyPqgDAcgDmwSqBN4BT9DWwOipsf6T4IyCQGF1XNXeKT3c8EN9tYX9XYc-4CLv3JF2YRlNkDZ1po1QfPSbVdYYkn0BZKGZrE8KuWRf661DWP7R9r_OeCFwu6y1LYwbggjjjGJEVev0E5uXQWutCEUUyvOIDz85kEQA0bzzK1bnVAwcCBdgCsIHMOJxd-0bVuF_cxGsTkLLd8Q_WwlkRFCnn2NmOqZjZYd6K5d4D-WjUKHeEd2QbggLy8qjuG9tu43pbUArBixNTiL0ACv_PixGtobu5NuGeNPCQq4ISJoCX_nVHuaZG2XZGbOTwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WIjhgNfU9oIDgAoBmAsByAsBgAwBogwYKhYKFOS0sQLutbECtbixAqy6sQK7u7ECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNt3SHelvzd3trlGp829vJq3kA3oQi2diJhLby3hxkNehCipwlJlMcA3fIm4oP8bfQ1sYYfukhteSFYBYCO5wPjfsjJi1HkUunghoYAQ%26sig%3DAOD64_012Z2NE_hrgQPQs1VNTZ-dwQ_kWw%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-CvHdFiUrpU9cO0AlN_v-ceBGq-c-OlXuR3OXaqfHUMiWQexuasVeFA6Ge2ZAE5-qWpmgldxvP--YHtbyXhmk4JJaCjwlYC0GWlSVSV_rEl8R7nOZGSJpbTWyGi0s9BlKNKmBlzRUvVvXY_db4zy-z8MVayVP3MNumRN3fmvcr0jNWQI28%26cry%3D1%26dbm_d%3DAKAmf-CsLDa8C-6gDTWg4P7LRVTT3YUdw5PLCyEG7vj2AHQeDltslzonzmmRfb-j24U-7d8Vu_MUL5XTp3RwJQzELPrDr2n1D8DwzZAmcJGjqauiWK7smfp9m37ivjxcU1LGY4f_I7woyTl53dywvuzODJDHdzeWvRKOVuR3SCY5-pUkF1YFzNzImaTLcbykOb1-JNN3aJ40uWw2fkHQ6f6Iibt8C2RTW3lxtvYSxBA2ArAUHIa6GuWTdtGNRidsHhqF96Sjleod8xwYZgxjc4H2LCplIgMkeFMDWGI3GvqO9nFjYEv-XvEtPi0mtAFNQlw4hh7oO2VZlWbJcAbaQ93wdUSMIgi1XSi92J9ahMMMRJEcPfUYmgnhum1Rj-EbnlzdywNLoqT1C5LbIhAxX1GoCZReWzBTNoNSt4Stzc_30pQ48fvFLkm3adHPL_wzjQEGT1RzpGVSgNeu5B-Emj5T6sM49qNJUDj1B8Wtqm0i1qvGF31tsaTTcG5RdRdGQLjsBYXvLy_eM7QIaT6Z2HEjOISBY4vVBQin6eyUKP0ATM6ru7jNOBU%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=3195670860895&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133207&bpp=1&bdt=216&idt=218&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=232
Protocol
HTTP/1.1
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
f6ad0bb22543bc743cc819d16bae00b85f9ecd930ebea298714707b285050bf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Dec 2023 20:52:14 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
61588200208120404444994012528026
Connection
close
Content-Length
1372
Expires
Mon, 04 Dec 2023 20:52:14 +0100

Redirect headers

Pragma
no-cache
Date
Mon, 04 Dec 2023 20:52:14 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=0b5cc9f0f5&subid=&uid=6c115e7f3359a272&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNUB6_TtuZY-LJZGm29gPteOPgAqm5b2gab2TnKfJD_AuEAEg1MealwFglYqdgqwHyAEJqQJfaGHw1zSyPqgDAcgDmwSqBN4BT9DWwOipsf6T4IyCQGF1XNXeKT3c8EN9tYX9XYc-4CLv3JF2YRlNkDZ1po1QfPSbVdYYkn0BZKGZrE8KuWRf661DWP7R9r_OeCFwu6y1LYwbggjjjGJEVev0E5uXQWutCEUUyvOIDz85kEQA0bzzK1bnVAwcCBdgCsIHMOJxd-0bVuF_cxGsTkLLd8Q_WwlkRFCnn2NmOqZjZYd6K5d4D-WjUKHeEd2QbggLy8qjuG9tu43pbUArBixNTiL0ACv_PixGtobu5NuGeNPCQq4ISJoCX_nVHuaZG2XZGbOTwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WIjhgNfU9oIDgAoBmAsByAsBgAwBogwYKhYKFOS0sQLutbECtbixAqy6sQK7u7ECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNt3SHelvzd3trlGp829vJq3kA3oQi2diJhLby3hxkNehCipwlJlMcA3fIm4oP8bfQ1sYYfukhteSFYBYCO5wPjfsjJi1HkUunghoYAQ%26sig%3DAOD64_012Z2NE_hrgQPQs1VNTZ-dwQ_kWw%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-CvHdFiUrpU9cO0AlN_v-ceBGq-c-OlXuR3OXaqfHUMiWQexuasVeFA6Ge2ZAE5-qWpmgldxvP--YHtbyXhmk4JJaCjwlYC0GWlSVSV_rEl8R7nOZGSJpbTWyGi0s9BlKNKmBlzRUvVvXY_db4zy-z8MVayVP3MNumRN3fmvcr0jNWQI28%26cry%3D1%26dbm_d%3DAKAmf-CsLDa8C-6gDTWg4P7LRVTT3YUdw5PLCyEG7vj2AHQeDltslzonzmmRfb-j24U-7d8Vu_MUL5XTp3RwJQzELPrDr2n1D8DwzZAmcJGjqauiWK7smfp9m37ivjxcU1LGY4f_I7woyTl53dywvuzODJDHdzeWvRKOVuR3SCY5-pUkF1YFzNzImaTLcbykOb1-JNN3aJ40uWw2fkHQ6f6Iibt8C2RTW3lxtvYSxBA2ArAUHIa6GuWTdtGNRidsHhqF96Sjleod8xwYZgxjc4H2LCplIgMkeFMDWGI3GvqO9nFjYEv-XvEtPi0mtAFNQlw4hh7oO2VZlWbJcAbaQ93wdUSMIgi1XSi92J9ahMMMRJEcPfUYmgnhum1Rj-EbnlzdywNLoqT1C5LbIhAxX1GoCZReWzBTNoNSt4Stzc_30pQ48fvFLkm3adHPL_wzjQEGT1RzpGVSgNeu5B-Emj5T6sM49qNJUDj1B8Wtqm0i1qvGF31tsaTTcG5RdRdGQLjsBYXvLy_eM7QIaT6Z2HEjOISBY4vVBQin6eyUKP0ATM6ru7jNOBU%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=3195670860895&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Mon, 04 Dec 2023 20:52:14 +0100
skeleton.js
fw.adsafeprotected.com/rjss/st/1627455/73523880/ Frame 45D9 		255 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1627455/73523880/skeleton.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-2920555573584698&ias_chanId=1&ias_placementId=20492285957&bidurl=https://geocult.ru/&ias_dealId=&xsId=ABAjH0gTZHddNAhSukuS397xYATe&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0gTZHddNAhSukuS397xYATe
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.68.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-68-218.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
99c8385d0b72ea7e0cc07d26dfd06ab32e5a800fc44b5cfe2774ee22fa6ffd79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 45D9 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 06:30:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51723
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 06:30:11 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 45D9 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CQ2nDbRBjpTFhdG4Y4WDHay581tiVLzdDqY606qtlmsjU9ti5h9HehwklhF-zYAX6EBSrBt4CXSUQnEf6eZMfHk-7OBJgdD_khzcJUJqCdX8cXzAj-n79AZKZbcEzT3svMBxKMX2P601SqkmahLXOchy-tJ5AIZwZnaeFG5xV9j_4CCOA&dbm_d=AKAmf-CYrJTiu_lU8J2OeL-_W9ZlmseVXfQp_-lOMZFwLtlwYgQFgvNyVfkRMJ89q_1WKIskGd0Gq1Gowb9yWaikf6A-x6kWB4PcosU5kiAoW8p5FI3ovaPKT0pZjZpefV9APMMne2qUDBoqUQh7MnngoPYsUl72CvSmCApfIThuZw7Zko3hBEEIcdeXYUHvVAWNz2_YdTDcKAncKO6sq7Ex2QfIMAV8kDX0nIBfnXh0MIhgV7pCUZ6Pv3nVFEzmXXn_-iMl-_NWi0ciKR_wXwYS_qIDyBom1P5DLwBEA2DEAiXue2ztHErC0lLBglYfp6ca08-BuYRo-eJMeuJ3g3dYv6Uo_Fs50BEtTVpkYEyMKZftD6QNBUkTDLIkIsn5J6biuusYuizQckqDo7bLgdxFNDCX54Ydhm0UsMF-8N9DGVJeetRyhLFnkixeBRawuOt4jCTU1hNphsRPvPx67U2F-5UKNpfnPLkBWttoji8ZtJ4ILEPxKeqoNNqeFjAVusqv-MDOCLQkyPgmGP5ry9dFJu5TrUu9VtsRDyBYZGyt181TPudPKiSxSiMrO76tgFhDVb6LjAhLMnV1wGBza2mxDilxkg_YuJOEGxUbKrDCQc17B8AfgFivfdxC9_cz0T2-nU2NcziY1fhhcyycw3hE7r3CyqP13FPZFhMZ4_xwjFdyPBJ9Nd2MvZwakh1BJmE7F9ucDvNDJUAbIg6GryZJOpoMo7zWUNW9OqkI3IxTd4k0oJ4NnDwPoT5ZgWMhtCzv-zXqEEmCCGzofVTr7ckIbnIdlDSy0x-BhzS4Bs4FEaLMpys892fTE0u5T0B3jNlc370LCS_XNIH3n_jNOYpPVDtVRtlQzqoziQ6D2K26FzagM69TD0Uy_SA8xe8BgxF9i8mrOc_6d5dHKsN-xk2dqfaeggD00iXZZW8smZw9isYa91PzZy2ba6Kkj5AGv1kZvQN_VCTmWG2uDSMTnz5yLCp53hJ8xfsBqf4r5DS3OwQQ0HDzoWuXY6Zb_wxlSCGa-OqY0fHfXgBVkGY8A1nqEpV1xtaId1KSzyOV0mhxw0zd8JQyiaeDBtI3HTg6hTBHQY0unN-_yCaMmkbowKVqyZ33L5jhp412bwQjL4RbUtQYRLDxqplYiiivrXwTffI21wOC5U8yKFcuRejkDzO9wHTcan8amG83yIQiqyPTgbbCIeSH3RD5QA6MhDeU1RV77zmLnUJfLogP_pdGNXZjluzglKo63-RAnYYMrTCqRl_eo3ihLFgc5ugOsRsZZJenG66zyfO6Ci1QxaJ6PCCzju-rSktQY2zmLGKhALSqar12JpRAYEH2bfeGAynDUkoCYakzx1kfahk68RYSqCR_Gp1ZXDprhDoSOAG39dQJvJv76W9kGfzC_emnKOPyNk65KJBrBoWMSWQxppGWIEgSYHz24tUSImvOi7DQx3DMcYZEKc9za66DZFjNVDD1arTf4RCQtrMxPPIQJJHeaJ9wWranO_KZU4HjmA-u2AqdcxkMN8T5QZk9UESLKUlvbsZSzB6FW1YaqlskwXqcTaqXfpvjFefTfQpVNVzjVUralBklw6SB4j2bowD3ezdadAkVQXppS3yu6IwfZO1YEzBPej3OOSYhu-_MyyFGnf95YJ89yLCSZt_wFuu9lDhdQuqKUIrNcuhHw6659F-xhlWPgOXeyzc8IMrQs_jPxq03GnFG4VGLY_rwe5OtqPbEcZEVsUWmmS46P7937tGZKU_u0k4IDRoWY7OqV9jSEivL88n21WuQ8POJwCopCgeuARaHm5d2yuUVUqpOjCV7iyrek3wL98rwRLXoIkPtzBGfSLkF7upHpKmBFhP94M8-gGHhMm_QMcDCjRWStQNdOiT_lU5HwagW4gO9TOqy5B6HIsLP0ZGVat05DRAxNJWzcA_skiwLcDTtCqS-r002ySy5OEP6nxtziXXzKh4qRMs9MRiinRUHBLMFhYvWVA1rvbiSJiZF-oDsO-UadNEOmGyrxbHif4In9rIKrw7wkDgG--h3jdcDPDZByaeMSV4GXDW4GgGIG2KxTczpKE0PYt2Vin-9_l2FFh_6U_UKdJ-Hh0zuDjKZxqqnVza1y1LYAvAyZsWzS-nnCDqMPIbUvvZm68zqYAWtdDfxqYrDrqygCsrIvwfHTfPkoWkyK3lVik2plelFbBLP-zn85G358ehZcN06ps6v77PjhaMcA6mTgC-bgAaNQ7VC-ULgrzcTFcDMuJG23umHLR2og4Ws0S_Jyei89nWx4c54qoEwiROVjQ-YbOQgT3Sgk1Rm0py4QIXVYEbQJvi-QX7Ln5J6wEbofp2WX3pRTOTxBec2mXB40zyKB7jQNN2mO84OX5F8o7T2AznElucKFZvnl-FIyT2aOlUNfg4DZOHn74hrIRFEt4gyxyUIKW9yrY0Crjcj3iT9YW1bcbpHAjl8GzUerSjOikk8oTOuwC5GAy2ml-jFq3FBNgvN2as7BOaJjx1Pc7-mMLtWXhyRucU0T_MWF5g8BpTa4Fr_pEIURmGRPSo1Z69VcDrW09a8FNZGIR-PKS-qoF0JrhKI5Pwli_q9Qm_t9lM61iXnPXsvJd5TzXmOI3DpJw2W64gvSbSArVJFuDrdNHvw0A-ZHLQYFJoiKtXjRc5SaBRBYj0Pq0BEGNxI4HBwJO_Fm7K-jCpvvqz5u0QkkR6MbLl82xNShvJ5iAMOIbUU-5Gf6uS__AGlms1byCmeNjgRxQ8IMfApAX4HW3S2YCjPDqEw02pg6i-_YvH0FAOtEKTy7SMJ2g3OdK2UHhhKz1Fd-tRhfzYYfEKGJL4A33d6h66_GTF1X-4loMiLy1LCarU_Tv0RzuDA7lYNGnJcpMhrhAPrzipREw2WW-sOtfmn-ynnzog6H91XGOuD71Uj1tSoZ35wNhH1bqCo4-eKBe51CCxxsfLMZGz90dsw2Ri29GdG7j1Eukpd_fSj9dlF2Fz22A8aSl3sIjH1xZLjJPCpsCh2Yu4_motCbBFkKk2_mUk0ADc5P4GkpfAjw50nxwr_sZ3YwlUKN-tdzw8PbaVXLDU2Hse-LWEemQflAO5KxNlR_KbDjxliI1DDMuC-kFrY1NrAN2NVjtkVRuZqUEL1xQHLMvTCmTe9JiyoVDMuYd0OeFt-bEuhRJTnL4Y_AZdxikcex0g27oNK3FVtZ5MiEXmL7SKZmrkTqEXlvKI_SL9znxqIhKBYKDjYdhY1RTIBZxDSQBJg5Kl_1G0VGQa95iCVNboQTy4i-paOZmCb3D3JqNwsZ2IaB9G4ZV1XrPAKNSpz4RzDGbJRF2hKbKUc3Xe1Qlz1vPa9WP2ykNFpA57gZ0jbe2P-AzzyTqEr3qgqI1iuce6ztfGlzAt4SIgBlKaVS4HWcjxXOkuGoy4uWTb4l7YaWCVDyn66nQTYqOJcB9P524xGWQAu20YZ-DCwQ44rTbUy6783lxZmU2g1Yw3AeKtHKrXOqoLuFad8dI5B-ikqbMYazibgO9B1SaWhYa1M9WmnZODWDOUd35kibLJB1DlcTI0MaA3jnisqA1C_xa6Vvm62ILw9AGGcxLBAtW9effXY07FzQJ0JfJFBiIZad8ddgwpwDG9FDE6YveaD8Oq4zloMm1r0IQD5IMi19cWwsy7QJwBrAAFyy5Aa_PU4VUNVX3vDdsUKvIh2dlTjU6XBrWm0_yYlH8Yu794UPI2OkBlbPsxsY3OZ2nOVVin_TQXH7W63YNncD7UQviRTTK0QX6EDrdZEZWY2rBpZJieVyd1dPhw6YASEOVSoBCWBBabZMKQ8sYxSOiJYSWQ0SKLmVOCho42edW-wmMR7vkWCAmFZi3MGpwEFujlD1cQgHXT95TUG0ORZUYJsqpFpJgsKleOz_Qfd9hu-jv9Lzz1ns4S1Wd1GQabAf4odyICYVEhxFYE5bogMjGvgdsT2cgNJiMmZpyBIlinMMmVi87JfyjnQnkFEEWLOFMDKE1nwvyXUdg5-KlknxKZsEIDaEw&cid=CAQSTwDICaaNqzhF093fshWM4bCGUEKvb4YWRqFJBYk-mL9o-C6WlzAl_QipwX10m6dkneBFpc6upcK42LdIvM6zXNeI3OlMoi35ciGrhlk3Tu8YAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgeocult.ru%2F&ds=l&xdt=1&iif=1&cor=16254659146736032000&adk=929882891&idt=138&cac=0&dtd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 22:37:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
80075
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Dec 2023 22:37:39 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 45D9 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CQ2nDbRBjpTFhdG4Y4WDHay581tiVLzdDqY606qtlmsjU9ti5h9HehwklhF-zYAX6EBSrBt4CXSUQnEf6eZMfHk-7OBJgdD_khzcJUJqCdX8cXzAj-n79AZKZbcEzT3svMBxKMX2P601SqkmahLXOchy-tJ5AIZwZnaeFG5xV9j_4CCOA&dbm_d=AKAmf-CYrJTiu_lU8J2OeL-_W9ZlmseVXfQp_-lOMZFwLtlwYgQFgvNyVfkRMJ89q_1WKIskGd0Gq1Gowb9yWaikf6A-x6kWB4PcosU5kiAoW8p5FI3ovaPKT0pZjZpefV9APMMne2qUDBoqUQh7MnngoPYsUl72CvSmCApfIThuZw7Zko3hBEEIcdeXYUHvVAWNz2_YdTDcKAncKO6sq7Ex2QfIMAV8kDX0nIBfnXh0MIhgV7pCUZ6Pv3nVFEzmXXn_-iMl-_NWi0ciKR_wXwYS_qIDyBom1P5DLwBEA2DEAiXue2ztHErC0lLBglYfp6ca08-BuYRo-eJMeuJ3g3dYv6Uo_Fs50BEtTVpkYEyMKZftD6QNBUkTDLIkIsn5J6biuusYuizQckqDo7bLgdxFNDCX54Ydhm0UsMF-8N9DGVJeetRyhLFnkixeBRawuOt4jCTU1hNphsRPvPx67U2F-5UKNpfnPLkBWttoji8ZtJ4ILEPxKeqoNNqeFjAVusqv-MDOCLQkyPgmGP5ry9dFJu5TrUu9VtsRDyBYZGyt181TPudPKiSxSiMrO76tgFhDVb6LjAhLMnV1wGBza2mxDilxkg_YuJOEGxUbKrDCQc17B8AfgFivfdxC9_cz0T2-nU2NcziY1fhhcyycw3hE7r3CyqP13FPZFhMZ4_xwjFdyPBJ9Nd2MvZwakh1BJmE7F9ucDvNDJUAbIg6GryZJOpoMo7zWUNW9OqkI3IxTd4k0oJ4NnDwPoT5ZgWMhtCzv-zXqEEmCCGzofVTr7ckIbnIdlDSy0x-BhzS4Bs4FEaLMpys892fTE0u5T0B3jNlc370LCS_XNIH3n_jNOYpPVDtVRtlQzqoziQ6D2K26FzagM69TD0Uy_SA8xe8BgxF9i8mrOc_6d5dHKsN-xk2dqfaeggD00iXZZW8smZw9isYa91PzZy2ba6Kkj5AGv1kZvQN_VCTmWG2uDSMTnz5yLCp53hJ8xfsBqf4r5DS3OwQQ0HDzoWuXY6Zb_wxlSCGa-OqY0fHfXgBVkGY8A1nqEpV1xtaId1KSzyOV0mhxw0zd8JQyiaeDBtI3HTg6hTBHQY0unN-_yCaMmkbowKVqyZ33L5jhp412bwQjL4RbUtQYRLDxqplYiiivrXwTffI21wOC5U8yKFcuRejkDzO9wHTcan8amG83yIQiqyPTgbbCIeSH3RD5QA6MhDeU1RV77zmLnUJfLogP_pdGNXZjluzglKo63-RAnYYMrTCqRl_eo3ihLFgc5ugOsRsZZJenG66zyfO6Ci1QxaJ6PCCzju-rSktQY2zmLGKhALSqar12JpRAYEH2bfeGAynDUkoCYakzx1kfahk68RYSqCR_Gp1ZXDprhDoSOAG39dQJvJv76W9kGfzC_emnKOPyNk65KJBrBoWMSWQxppGWIEgSYHz24tUSImvOi7DQx3DMcYZEKc9za66DZFjNVDD1arTf4RCQtrMxPPIQJJHeaJ9wWranO_KZU4HjmA-u2AqdcxkMN8T5QZk9UESLKUlvbsZSzB6FW1YaqlskwXqcTaqXfpvjFefTfQpVNVzjVUralBklw6SB4j2bowD3ezdadAkVQXppS3yu6IwfZO1YEzBPej3OOSYhu-_MyyFGnf95YJ89yLCSZt_wFuu9lDhdQuqKUIrNcuhHw6659F-xhlWPgOXeyzc8IMrQs_jPxq03GnFG4VGLY_rwe5OtqPbEcZEVsUWmmS46P7937tGZKU_u0k4IDRoWY7OqV9jSEivL88n21WuQ8POJwCopCgeuARaHm5d2yuUVUqpOjCV7iyrek3wL98rwRLXoIkPtzBGfSLkF7upHpKmBFhP94M8-gGHhMm_QMcDCjRWStQNdOiT_lU5HwagW4gO9TOqy5B6HIsLP0ZGVat05DRAxNJWzcA_skiwLcDTtCqS-r002ySy5OEP6nxtziXXzKh4qRMs9MRiinRUHBLMFhYvWVA1rvbiSJiZF-oDsO-UadNEOmGyrxbHif4In9rIKrw7wkDgG--h3jdcDPDZByaeMSV4GXDW4GgGIG2KxTczpKE0PYt2Vin-9_l2FFh_6U_UKdJ-Hh0zuDjKZxqqnVza1y1LYAvAyZsWzS-nnCDqMPIbUvvZm68zqYAWtdDfxqYrDrqygCsrIvwfHTfPkoWkyK3lVik2plelFbBLP-zn85G358ehZcN06ps6v77PjhaMcA6mTgC-bgAaNQ7VC-ULgrzcTFcDMuJG23umHLR2og4Ws0S_Jyei89nWx4c54qoEwiROVjQ-YbOQgT3Sgk1Rm0py4QIXVYEbQJvi-QX7Ln5J6wEbofp2WX3pRTOTxBec2mXB40zyKB7jQNN2mO84OX5F8o7T2AznElucKFZvnl-FIyT2aOlUNfg4DZOHn74hrIRFEt4gyxyUIKW9yrY0Crjcj3iT9YW1bcbpHAjl8GzUerSjOikk8oTOuwC5GAy2ml-jFq3FBNgvN2as7BOaJjx1Pc7-mMLtWXhyRucU0T_MWF5g8BpTa4Fr_pEIURmGRPSo1Z69VcDrW09a8FNZGIR-PKS-qoF0JrhKI5Pwli_q9Qm_t9lM61iXnPXsvJd5TzXmOI3DpJw2W64gvSbSArVJFuDrdNHvw0A-ZHLQYFJoiKtXjRc5SaBRBYj0Pq0BEGNxI4HBwJO_Fm7K-jCpvvqz5u0QkkR6MbLl82xNShvJ5iAMOIbUU-5Gf6uS__AGlms1byCmeNjgRxQ8IMfApAX4HW3S2YCjPDqEw02pg6i-_YvH0FAOtEKTy7SMJ2g3OdK2UHhhKz1Fd-tRhfzYYfEKGJL4A33d6h66_GTF1X-4loMiLy1LCarU_Tv0RzuDA7lYNGnJcpMhrhAPrzipREw2WW-sOtfmn-ynnzog6H91XGOuD71Uj1tSoZ35wNhH1bqCo4-eKBe51CCxxsfLMZGz90dsw2Ri29GdG7j1Eukpd_fSj9dlF2Fz22A8aSl3sIjH1xZLjJPCpsCh2Yu4_motCbBFkKk2_mUk0ADc5P4GkpfAjw50nxwr_sZ3YwlUKN-tdzw8PbaVXLDU2Hse-LWEemQflAO5KxNlR_KbDjxliI1DDMuC-kFrY1NrAN2NVjtkVRuZqUEL1xQHLMvTCmTe9JiyoVDMuYd0OeFt-bEuhRJTnL4Y_AZdxikcex0g27oNK3FVtZ5MiEXmL7SKZmrkTqEXlvKI_SL9znxqIhKBYKDjYdhY1RTIBZxDSQBJg5Kl_1G0VGQa95iCVNboQTy4i-paOZmCb3D3JqNwsZ2IaB9G4ZV1XrPAKNSpz4RzDGbJRF2hKbKUc3Xe1Qlz1vPa9WP2ykNFpA57gZ0jbe2P-AzzyTqEr3qgqI1iuce6ztfGlzAt4SIgBlKaVS4HWcjxXOkuGoy4uWTb4l7YaWCVDyn66nQTYqOJcB9P524xGWQAu20YZ-DCwQ44rTbUy6783lxZmU2g1Yw3AeKtHKrXOqoLuFad8dI5B-ikqbMYazibgO9B1SaWhYa1M9WmnZODWDOUd35kibLJB1DlcTI0MaA3jnisqA1C_xa6Vvm62ILw9AGGcxLBAtW9effXY07FzQJ0JfJFBiIZad8ddgwpwDG9FDE6YveaD8Oq4zloMm1r0IQD5IMi19cWwsy7QJwBrAAFyy5Aa_PU4VUNVX3vDdsUKvIh2dlTjU6XBrWm0_yYlH8Yu794UPI2OkBlbPsxsY3OZ2nOVVin_TQXH7W63YNncD7UQviRTTK0QX6EDrdZEZWY2rBpZJieVyd1dPhw6YASEOVSoBCWBBabZMKQ8sYxSOiJYSWQ0SKLmVOCho42edW-wmMR7vkWCAmFZi3MGpwEFujlD1cQgHXT95TUG0ORZUYJsqpFpJgsKleOz_Qfd9hu-jv9Lzz1ns4S1Wd1GQabAf4odyICYVEhxFYE5bogMjGvgdsT2cgNJiMmZpyBIlinMMmVi87JfyjnQnkFEEWLOFMDKE1nwvyXUdg5-KlknxKZsEIDaEw&cid=CAQSTwDICaaNqzhF093fshWM4bCGUEKvb4YWRqFJBYk-mL9o-C6WlzAl_QipwX10m6dkneBFpc6upcK42LdIvM6zXNeI3OlMoi35ciGrhlk3Tu8YAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgeocult.ru%2F&ds=l&xdt=1&iif=1&cor=16254659146736032000&adk=929882891&idt=138&cac=0&dtd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 23:19:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
77545
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11894
x-xss-protection
0
server
cafe
etag
8278194740845609983
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Dec 2023 23:19:49 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 45D9 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
269226
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 18:05:08 GMT
truncated
/ Frame 45D9 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d3c1741dfcafd07b3a753b9bf4b7f73ed5691119a22e6acaf4183c7ee8529ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame CE99 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
83018
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 21:48:36 GMT
expires
Mon, 02 Dec 2024 21:48:36 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/1064608057035189096/ Frame 76A3 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3477a72ef1db732762ffb13ba55d7df867b64c2abf5f88a1fdff29e6dbe374d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
7633
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1879
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 18:45:01 GMT
expires
Tue, 03 Dec 2024 18:45:01 GMT
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 45D9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvu99IdXLEaM4SxmTD4wVuX9Qzbri7p1hB6ZgFVq26vApblZbTBvlXFXUaa914SUxUXSE3_oQPibehyJ3d30b6Warun3RVb3RxHVqHan_-ec3HzXIMvqXs8u5DGeuYHXbs306G1MJYzyqG2Sjaec9fieMvsosbPaTNveEw-1lT24rvx5TPii8SzcAPfYd3Z_r5lGoL2SG4nvcGFZ83STpeHcLFItq6sWTLRf-uLtXjJHTw17IvtIBXzRdLmlgb-JMs0yfskpa_aEbpc3cNwfozhhseBAX87SlIuBbwnzsDDJ6-ZWBCGXpLEC_vHXumLqiTGhnBGkT-GxCHw9RfbzwHnC0eZCkeffE3Mc1VfHl8ZDwbDCCDcu9MlT8IaiYeLeQCZLt9QyLyY5bXZGyFOgEl5gUa174NRJjbY4ATloo8hGfvh3nzETBDpWWAiT9NBnqWiqYGZgzQLB2SDemhzOtHTM83bWN3WJovz0vhpuvaGNTGKSsliaHDE-HEkYg_BTDixZBqKlcM2cr0Px2B7UZ-Lwjs0rqV6yHkUkEicHH5KRKIivBfSLidG7Qs8f_ZCVYvQi9EfDCt1KYyxXeTY-4wwIVT-1tE5BwLtXMLrIG1z_zlvheIwfZqv9ouVQNmKIGoKurH5ETKf-N90a-ibRKk3m1wlKGD_kV0fJV4BYmDMZOkveUSrVb9hgiopQBWevey39gcHBKsAFSbPJA3bk-I1SYnhtGuJclXDdwJ6L37Qf0McoqbpVlxXoSgV7T3uEqpn89QbPwZgkmwQgP-_qdFanafsHk7hBWqlpozexO2AAzwnmpCfLHxutpXy817IExCSSnoGmvJhKC-iGO3ZXd8rgqRPGwocwEEKZae4qAYPRPqR9jfucXViGw9Y4HsSR5oluN5Bzh2-kYbhcVK6G4zBqtX78L8ESeop9wZt46Jvdvs9WQg6nNqJgoK1yBGOYgrbB1X7J3M4mQVpqpRdDMwTuX4Bxlr9X4OYAT5y1R4zNMfxSVhVB2iljy52nabW7_DHeoMpLjmf4Ao-9TRdMX1dcFjk6v_tDVEMLStmlKWDT7pKz9rd68FtkZjNuPGtqt5Egw0h-ialBmcAcwi0KqLtERxpmIruW_F--mgTOxz9a-4ZxOcIb7INfVmLjFbWwl9RAgcG5kdjyUTsbni_DQUZly2BFYT1DHgbsxENN6LZUKQOxgI_ceIFBcPLgskijaKzjKg6cOfQ8ZahcOeBzEYN7v3Xy6IOwSxkX4K_3kZWMFJqj0XyZqn8VLA24dsAuEq8&sai=AMfl-YQK6bKyLLR9aWbFviyTSNYiaWSPD6-GwRjiuiq4r6rf5q5i7VuIDAPzkayI0YEUwJ7rpKR2HGc5De5Q--ZLyMtSOlbbEQf2JXvhu_gSEhZLZGto_gGcvtiu1_n2txwJs_KFWsJSNBc7nXUIS0QF6FZBDA1wXCypLyJOcaD6tU6E9mhJsEJ9EmrsYI9Xo-2XQYx2Td6JG0sSnH-YWpZrL8H6udVkj_am0Ak_ZoujScRzmXppXplZXT-Mrcx4xD-F4BeNG6Z2pCWovAJR3YRCZ7d1POlhSo8oE-O0tgQmKw&sig=Cg0ArKJSzEJpOW3octr2EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=52&cbvp=1&cstd=51&cisv=r20231129.06127&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 04 Dec 2023 20:52:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame A019 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BmF32_jtuZY7DB9KL3gOmsZqwCwAAAAA4AeAEAg&bg=!PzylPHPNAAY3kmNgF5I7ADQBe5WfOIQb0VRFkr83UEmt9l8ikWX37ojexDgXKLLLq4NZ7PhmIVAEq158ZDYCDQSIkJasAgAAAE1SAAAAAmgBB5kC61XTQ7A2VQXgkuEtHcP0l1Altr_aRDMBByPJXKPfHwSX3pOL8tq_7J3zUNLLN2EjTQeuW37c7pSKls3ONNawLLXKQCB2hg5m62C6mA9qyqE_miVGcf6N-8i_ZQno7zXUBP3zgbfkDlL5eAKMR1Jc22T7szFgegbfRST1cN36JajQ6S9oPrl5g3v0rCIFlT8r3kJXrJUj2xpiC2pHgh_cRJnz8BiO55fZ6IS1fvmL20qEcnDwU3DC8cXwDUStPJH5E-O18uugbtwxB4gIYk7YBul2g-WGN6KuXG41IaFLkaOSZhZeEfZwufqLPvQpV5E-IGXFAcaABW5wwjKhd2VP53XT934WFaRUaIY2ymo8mA6Uwb-E60lNw0y30k0Nf9DZXGo3-B483anK03LIdoB8pKYBjGTh7_-mB4hsnmc0OElvfacOLN-WJQwy_X4LujWqEh3mCdyxwwH6CUnTk00ZZB1-4pXyGrG-QdAW7ZyoCHHxc0bwq0YQKnW73aweQUuAzmnNmGDogxGOyJ-rFJiz2ku0tEvJ_WHJAL1dao-dvCN1KD6R8BbZKHboL4b4sbR3BSu9PdBhl3p-ZL9yscOxfL6SfFn-ynUjv1ZsKraJCNvXsYpkjmjj4GbrSta3noPM05wP62cdtAAFr0qvC-XgweNUGp5o61gDbMt9X1OPpysCnkE6Yw7sfUp50HcyoZHtCCDxpWIcR7fsRjEccbJAhifUtgLwq7bjY5aGaKiWqDulpeT3QMuGzHOX6jByABgjQvB1CmDH7ULO2HALJ49-ZXQOx67--iUK0ClVsi6ORWgxTO3l82Wox9g-qplrbt9M8RRQtDLQae966kyUaqBLbixSuq8KnxOyJxiwqspqhvRpSGLdPC6IaAMLI1RUw9P6fZVR1et3ew2CFf4E8wwcgic6MVIFDZhm73Npx2etfnfyID04P8D4lWanRk0ezAfCTroTyXN_-Hcz3p0l5BA-dJuAEZyP9Lj-UtOnlQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133206&bpp=1&bdt=214&idt=209&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4.js
static.adsafeprotected.com/ Frame 45D9
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1627455/73523880/4.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-2920555573584698&ias_chanId=1&ias_placementId=20492285957&bidurl=https://geocult.ru/&ias_...
  • https://static.adsafeprotected.com/4.js?xsId=ABAjH0gTZHddNAhSukuS397xYATe&ias_xappb=&adContainerId=brand_safety__jtuZcPjHMLAjuwPpIW_iA8&cbFunctionName=goog_wrapCb__jtuZcPjHMLAjuwPpIW_iA8&true_pb=
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?xsId=ABAjH0gTZHddNAhSukuS397xYATe&ias_xappb=&adContainerId=brand_safety__jtuZcPjHMLAjuwPpIW_iA8&cbFunctionName=goog_wrapCb__jtuZcPjHMLAjuwPpIW_iA8&true_pb=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Server
2600:9000:223f:9e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:54:05 GMT
x-amz-version-id
4Cmv1jyFRAmZ7XChlLsmb9GJS5ztjryA
content-encoding
gzip
via
1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
3490
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Mon, 04 Dec 2023 19:54:03 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
bRxa0ApUpUSGUNoOG7dLnO98HOjgwPF9EKCDKasEf3wn0c8iIHSIPg==

Redirect headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
server
nginx
x-server-name
app11.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?xsId=ABAjH0gTZHddNAhSukuS397xYATe&ias_xappb=&adContainerId=brand_safety__jtuZcPjHMLAjuwPpIW_iA8&cbFunctionName=goog_wrapCb__jtuZcPjHMLAjuwPpIW_iA8&true_pb=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 1EF3 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:9e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
6468184
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
jYPNUyyFHm9U5BqLfc7JfScan5gbOiomGp7_PnsUJskh4jgYsLjiDw==
style.css
s0.2mdn.net/sadbundle/1064608057035189096/css/ Frame 76A3 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2b61e64a17f1488f20bafee5aa20a8d8ec897b990f709634f5bd1cc620e6b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:10:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
445288
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2000
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 28 Nov 2024 17:10:46 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 76A3 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2144997
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25267
last-modified
Tue, 01 Aug 2023 16:38:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64c93515-62b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ucvdbnxLBXopqF0RDTzrZy7iyB019tM0vGcZtnFvGiAlbJwezfgHSYWw9nsluRdBqUEbPqHesUD50zWyoJClaYaBq%2BW%2FdKLGVcwTgXS%2FTpDBh7RZfDre78Bet8kfIcdkpDbJulQwirR%2F6FhNWyqLBU3k"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8306ee978ba24dbb-FRA
expires
Sat, 23 Nov 2024 20:52:14 GMT
CustomEase.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 76A3 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/CustomEase.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
308354
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3299
last-modified
Tue, 01 Aug 2023 16:38:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64c93515-ce3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLFFfzlPx7PCzRfBt71vW%2B%2FKVaOOowMQLqP%2FOAfZ2PWoOmo7qn8HHJ83oRnIIGBvyPKwc7%2BcYxD6y7tBU%2BxxP2RsGhUQIhv%2FQF99JlrnGhol%2BRRJZ3Lly8WnHVkNqIT052rG0DlAuUyjVvOmIapSWrfu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8306ee978ba44dbb-FRA
expires
Sat, 23 Nov 2024 20:52:14 GMT
dyson.svg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame 76A3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/dyson.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:06:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2715
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1076
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 03 Dec 2024 20:06:59 GMT
rtbIcon.svg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame 76A3 		2 KB
800 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/rtbIcon.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 16:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
274837
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
771
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 30 Nov 2024 16:31:37 GMT
arrow.svg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame 76A3 		429 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/arrow.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ace6c1d1cccc4686d29e81c0821be209d2e2d8b7ba44ee24649a698a5230f6ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:42:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
378603
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
320
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 11:42:11 GMT
dyson-v15s-submarine.svg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame 76A3 		25 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/dyson-v15s-submarine.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69e1767c60e702480b7a4604f7a71a344e3e03caa6e21f6a352a9f63908dc500
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:55:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
377780
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8356
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 11:55:54 GMT
1-min.jpg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame 76A3 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/1-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
539cc993691ac34295a0b8e0b720aa3db63a2e80c78d49e1c4c4132bb4a5dc09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 18:45:02 GMT
x-content-type-options
nosniff
age
7632
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33567
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 03 Dec 2024 18:45:02 GMT
2-min.jpg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame 76A3 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/2-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8833293f6762feb57c976e996042e2dcf201b282c034504008e2bf0a98dd3527
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 21:48:44 GMT
x-content-type-options
nosniff
age
83010
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33601
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 Dec 2024 21:48:44 GMT
3-min.jpg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame 76A3 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/3-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e3479d14727cf6b6581add352dad3c9fb8a89b1586d49dc0e606249e7abe437
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 18:45:02 GMT
x-content-type-options
nosniff
age
7632
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25911
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 03 Dec 2024 18:45:02 GMT
4-min.jpg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame 76A3 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/4-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f430ad6611692180cc5bfba88afb989ac5cde063c2e929a28026be4c2c3e9f45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:42:08 GMT
x-content-type-options
nosniff
age
378606
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8971
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 11:42:08 GMT
5-min.jpg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame 76A3 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/5-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d60255211b63ebd7ab57221ffe52ae073eab1c1c3a93c48df42b224e7f7c527
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 18:45:02 GMT
x-content-type-options
nosniff
age
7632
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12054
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 03 Dec 2024 18:45:02 GMT
script.js
s0.2mdn.net/sadbundle/1064608057035189096/script/ Frame 76A3 		4 KB
967 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/script/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc757f9ba6603eb9913106a4cd83c7a7c0a8a4f845a0aceb1103606bc324ad00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 21:48:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83010
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
930
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 Dec 2024 21:48:44 GMT
dt
dt.adsafeprotected.com/ Frame 45D9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=9682b360-9180-05a3-b4b4-90b7fca0347f&tv=%7Bc:vRPug4,pingTime:-3,time:41,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:16%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:41,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B37~0%5D,as:%5B37~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXvqQIj+11%7C12%7C13%7C141%7C142%7C1511%7C1512%7C1513%7C1514%7C161%7C1621%7C17%7C18%7C191*.1627455-73523880%7C1911%7C1912%7C1913,idMap:191*,rmeas:1,rend:0,renddet:DIV,siq:17%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:ab5:5950:5df:f61e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
server
nginx
x-server-name
dt30.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 45D9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=9682b360-9180-05a3-b4b4-90b7fca0347f&tv=%7Bc:vRPug5,pingTime:-6,time:42,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:42,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B38~0%5D,as:%5B38~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXvqQIj+11%7C12%7C13%7C141%7C142%7C1511%7C1512%7C1513%7C1514%7C161%7C1621%7C17%7C18%7C191*.1627455-73523880%7C1911%7C1912%7C1913,idMap:191*,rmeas:1,rend:0,renddet:DIV,siq:17%7D&tpiLookup=ao:geocult.ru*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:ab5:5950:5df:f61e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
server
nginx
x-server-name
dt31.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 45D9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=9682b360-9180-05a3-b4b4-90b7fca0347f&tv=%7Bc:vRPugd,pingTime:-2,time:50,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:321,beZ:321,mfA:323,cmA:324,inA:324,inZ:327,prA:327,prZ:334,si:338,poA:338,poZ:351,cmZ:351,mfZ:351,loA:363,loZ:364,ltA:371,ltZ:371%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:16%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:50,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXvqQFl+11%7C12%7C13%7C141%7C142%7C151.1627455-73523864%7C1511%7C1512%7C1513%7C1514%7C161%7C1621%7C17%7C18%7C191*.1627455-73523880%7C1911%7C1912%7C1913,idMap:191*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:DIV,siq:17,sinceFw:32,readyFired:true%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:ab5:5950:5df:f61e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
server
nginx
x-server-name
dt32.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame CE99 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 10:24:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
37662
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Dec 2024 10:24:32 GMT
htlp
futalis.de/ Frame B30C
Redirect Chain
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=21166900213489904444556012528012&ra_cnt_active=1&ra_cnt=1
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3363925632
350 B
401 B 		Document
General
Check archive.org
Download Go to
Full URL
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3363925632
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=3636decf01&subid=&uid=51726f56f2c3ce0d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPOW4_TtuZZHQI8_U29gPs_Ov8A2m5b2gaZ2cnKfJD_AuEAEg1MealwFglYqdgqwHyAEJqQJT6a7EdyWyPqgDAcgDmwSqBN4BT9AX9BMSbl6ldaR9K5PLmBw1XFFWa1XqNHWUTRDrcxfXgRXBOwBobx0uEuxrFBcGF_eBsld22SDG3HT9zx6u5_tnpg3aUX2ErUpQtMM64DF8R62XJf0SRSrBgg_bE8ZJZT5hbs8hu1p2xZK_mLv3fCXIEfCORE46I_SmFuCUwEWObYG1pN-gZwfkb7qa_m9aEKOdCNf6FMNHXVweIafu44EKNuayW2x4iNdGliQCWzi1o0PBmQDqS_sySu475dTiYGn7U-Z9W3mRIqCBmdmIQ_ar6botNzj1Kwurk3wTwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WOO6_9bU9oIDgAoBmAsByAsBgAwBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNgHUT-M_IpQZ4aKOpFn4XSC0vL51RM2IgFN5Yrm0x-rd1EnwumDqt9enuy5GQ4E4gUQ4dstU_R-cmlhUxLlA8RBpvjbm9Ijm5xRgB%26sig%3DAOD64_3Kf2G41ZyCDQPU8fQz_IBWDRJAnA%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-D3zcEUOMz0rZKW_BXysPKE2Gm-t5hv8y61sWw7IRwWm1yy2CQYaapJ7sRu3LIa3YpDD2eOOycsS0yK2S1St0g1LzKDd1Cu7MgYRDrdW85-EoXFpOHN1Waotg9qbn3mMgC1P9afOG_SMgbdBDN19vnv4OSQNgAOE097JutXhcLJjKc1E_yIkdFK-6rViu8JxjWF6bh19SksDXV0rW0iP4iZYcE7yA%26cry%3D1%26dbm_d%3DAKAmf-DpcFE3cwgxaqOIauHzNAiNIQsVblQ51rFA7vE9pZv-G7hJWFuHIAikI8FqXsMX1Ovsa6tuaqHzhAI1lBp3H6yl4mXPpGqcx_9Y_TYuYmuQSa5dxH_5IGhEJJWj4Q3VNryxbh3aEIZ_OCoHBjggieeXiJKiAO-8rc2NYu_xX8koW4Axd4DIM3tmJLVz00crU4CWCMS810FCTPcBT5pJzJ2kGAfd3DmY9R-0I_CTI_YC3lwnVc0zdHN3ruzBV0HKHk6XiSSuuQM4hiZVGbC26UGd5J1I8wslf29hCKELTotopsKX-oKaNUL_9MIHepQGmoylysuS7j8dVVFrjZGed-nuRYCavGYVThKMVRqjbAEASgu-h_fZV-QEq3q_3_nlJ5byg44nGaiidV3dQAz_Pgr0RwPIIPW1SUiwQo3OihkytIX8Fl8sysQQ34eqR0PsgKupHJA2q8av11Urkv66IJwIuCQEuoMakIFwmTVfLE-qZpM1BaogUkNNc3rnQMQtZD2PSN_HhLNksv6C0v1IjOwS_cTXNzRusf-7oMRy6vo431y-FXBeGvh52F3LHctLj0MeysCyUaYv0ELGyyrho_ZMfwuuAg%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=4623972934818&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
49.12.16.151 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lb-1.futalis.de
Software
/
Resource Hash
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
350
content-type
text/html; charset=utf-8

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Mon, 04 Dec 2023 20:52:14 GMT
location
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3363925632
p3p
policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server
Apache
xphp81
true
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/epv/ Frame 62DA 		0
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=21166900213489904444556012528012&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=3636decf01&subid=&uid=51726f56f2c3ce0d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPOW4_TtuZZHQI8_U29gPs_Ov8A2m5b2gaZ2cnKfJD_AuEAEg1MealwFglYqdgqwHyAEJqQJT6a7EdyWyPqgDAcgDmwSqBN4BT9AX9BMSbl6ldaR9K5PLmBw1XFFWa1XqNHWUTRDrcxfXgRXBOwBobx0uEuxrFBcGF_eBsld22SDG3HT9zx6u5_tnpg3aUX2ErUpQtMM64DF8R62XJf0SRSrBgg_bE8ZJZT5hbs8hu1p2xZK_mLv3fCXIEfCORE46I_SmFuCUwEWObYG1pN-gZwfkb7qa_m9aEKOdCNf6FMNHXVweIafu44EKNuayW2x4iNdGliQCWzi1o0PBmQDqS_sySu475dTiYGn7U-Z9W3mRIqCBmdmIQ_ar6botNzj1Kwurk3wTwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WOO6_9bU9oIDgAoBmAsByAsBgAwBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNgHUT-M_IpQZ4aKOpFn4XSC0vL51RM2IgFN5Yrm0x-rd1EnwumDqt9enuy5GQ4E4gUQ4dstU_R-cmlhUxLlA8RBpvjbm9Ijm5xRgB%26sig%3DAOD64_3Kf2G41ZyCDQPU8fQz_IBWDRJAnA%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-D3zcEUOMz0rZKW_BXysPKE2Gm-t5hv8y61sWw7IRwWm1yy2CQYaapJ7sRu3LIa3YpDD2eOOycsS0yK2S1St0g1LzKDd1Cu7MgYRDrdW85-EoXFpOHN1Waotg9qbn3mMgC1P9afOG_SMgbdBDN19vnv4OSQNgAOE097JutXhcLJjKc1E_yIkdFK-6rViu8JxjWF6bh19SksDXV0rW0iP4iZYcE7yA%26cry%3D1%26dbm_d%3DAKAmf-DpcFE3cwgxaqOIauHzNAiNIQsVblQ51rFA7vE9pZv-G7hJWFuHIAikI8FqXsMX1Ovsa6tuaqHzhAI1lBp3H6yl4mXPpGqcx_9Y_TYuYmuQSa5dxH_5IGhEJJWj4Q3VNryxbh3aEIZ_OCoHBjggieeXiJKiAO-8rc2NYu_xX8koW4Axd4DIM3tmJLVz00crU4CWCMS810FCTPcBT5pJzJ2kGAfd3DmY9R-0I_CTI_YC3lwnVc0zdHN3ruzBV0HKHk6XiSSuuQM4hiZVGbC26UGd5J1I8wslf29hCKELTotopsKX-oKaNUL_9MIHepQGmoylysuS7j8dVVFrjZGed-nuRYCavGYVThKMVRqjbAEASgu-h_fZV-QEq3q_3_nlJ5byg44nGaiidV3dQAz_Pgr0RwPIIPW1SUiwQo3OihkytIX8Fl8sysQQ34eqR0PsgKupHJA2q8av11Urkv66IJwIuCQEuoMakIFwmTVfLE-qZpM1BaogUkNNc3rnQMQtZD2PSN_HhLNksv6C0v1IjOwS_cTXNzRusf-7oMRy6vo431y-FXBeGvh52F3LHctLj0MeysCyUaYv0ELGyyrho_ZMfwuuAg%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=4623972934818&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length
0
content-type
application/javascript; charset=utf-8
date
Mon, 04 Dec 2023 20:52:15 GMT
host
pv.medialead.de
proxy-host
pv.medialead.de
server
nginx
vary
Origin
/
adv.office-partner.de/ Frame 54CD 		930 B
922 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=3636decf01&subid=&uid=51726f56f2c3ce0d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPOW4_TtuZZHQI8_U29gPs_Ov8A2m5b2gaZ2cnKfJD_AuEAEg1MealwFglYqdgqwHyAEJqQJT6a7EdyWyPqgDAcgDmwSqBN4BT9AX9BMSbl6ldaR9K5PLmBw1XFFWa1XqNHWUTRDrcxfXgRXBOwBobx0uEuxrFBcGF_eBsld22SDG3HT9zx6u5_tnpg3aUX2ErUpQtMM64DF8R62XJf0SRSrBgg_bE8ZJZT5hbs8hu1p2xZK_mLv3fCXIEfCORE46I_SmFuCUwEWObYG1pN-gZwfkb7qa_m9aEKOdCNf6FMNHXVweIafu44EKNuayW2x4iNdGliQCWzi1o0PBmQDqS_sySu475dTiYGn7U-Z9W3mRIqCBmdmIQ_ar6botNzj1Kwurk3wTwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WOO6_9bU9oIDgAoBmAsByAsBgAwBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNgHUT-M_IpQZ4aKOpFn4XSC0vL51RM2IgFN5Yrm0x-rd1EnwumDqt9enuy5GQ4E4gUQ4dstU_R-cmlhUxLlA8RBpvjbm9Ijm5xRgB%26sig%3DAOD64_3Kf2G41ZyCDQPU8fQz_IBWDRJAnA%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-D3zcEUOMz0rZKW_BXysPKE2Gm-t5hv8y61sWw7IRwWm1yy2CQYaapJ7sRu3LIa3YpDD2eOOycsS0yK2S1St0g1LzKDd1Cu7MgYRDrdW85-EoXFpOHN1Waotg9qbn3mMgC1P9afOG_SMgbdBDN19vnv4OSQNgAOE097JutXhcLJjKc1E_yIkdFK-6rViu8JxjWF6bh19SksDXV0rW0iP4iZYcE7yA%26cry%3D1%26dbm_d%3DAKAmf-DpcFE3cwgxaqOIauHzNAiNIQsVblQ51rFA7vE9pZv-G7hJWFuHIAikI8FqXsMX1Ovsa6tuaqHzhAI1lBp3H6yl4mXPpGqcx_9Y_TYuYmuQSa5dxH_5IGhEJJWj4Q3VNryxbh3aEIZ_OCoHBjggieeXiJKiAO-8rc2NYu_xX8koW4Axd4DIM3tmJLVz00crU4CWCMS810FCTPcBT5pJzJ2kGAfd3DmY9R-0I_CTI_YC3lwnVc0zdHN3ruzBV0HKHk6XiSSuuQM4hiZVGbC26UGd5J1I8wslf29hCKELTotopsKX-oKaNUL_9MIHepQGmoylysuS7j8dVVFrjZGed-nuRYCavGYVThKMVRqjbAEASgu-h_fZV-QEq3q_3_nlJ5byg44nGaiidV3dQAz_Pgr0RwPIIPW1SUiwQo3OihkytIX8Fl8sysQQ34eqR0PsgKupHJA2q8av11Urkv66IJwIuCQEuoMakIFwmTVfLE-qZpM1BaogUkNNc3rnQMQtZD2PSN_HhLNksv6C0v1IjOwS_cTXNzRusf-7oMRy6vo431y-FXBeGvh52F3LHctLj0MeysCyUaYv0ELGyyrho_ZMfwuuAg%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=4623972934818&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Mon, 04 Dec 2023 20:52:14 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Mon, 11 Dec 2023 20:52:14 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/epv/ Frame A647 		0
327 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=21166900213489904444556012528012&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=3636decf01&subid=&uid=51726f56f2c3ce0d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPOW4_TtuZZHQI8_U29gPs_Ov8A2m5b2gaZ2cnKfJD_AuEAEg1MealwFglYqdgqwHyAEJqQJT6a7EdyWyPqgDAcgDmwSqBN4BT9AX9BMSbl6ldaR9K5PLmBw1XFFWa1XqNHWUTRDrcxfXgRXBOwBobx0uEuxrFBcGF_eBsld22SDG3HT9zx6u5_tnpg3aUX2ErUpQtMM64DF8R62XJf0SRSrBgg_bE8ZJZT5hbs8hu1p2xZK_mLv3fCXIEfCORE46I_SmFuCUwEWObYG1pN-gZwfkb7qa_m9aEKOdCNf6FMNHXVweIafu44EKNuayW2x4iNdGliQCWzi1o0PBmQDqS_sySu475dTiYGn7U-Z9W3mRIqCBmdmIQ_ar6botNzj1Kwurk3wTwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WOO6_9bU9oIDgAoBmAsByAsBgAwBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNgHUT-M_IpQZ4aKOpFn4XSC0vL51RM2IgFN5Yrm0x-rd1EnwumDqt9enuy5GQ4E4gUQ4dstU_R-cmlhUxLlA8RBpvjbm9Ijm5xRgB%26sig%3DAOD64_3Kf2G41ZyCDQPU8fQz_IBWDRJAnA%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-D3zcEUOMz0rZKW_BXysPKE2Gm-t5hv8y61sWw7IRwWm1yy2CQYaapJ7sRu3LIa3YpDD2eOOycsS0yK2S1St0g1LzKDd1Cu7MgYRDrdW85-EoXFpOHN1Waotg9qbn3mMgC1P9afOG_SMgbdBDN19vnv4OSQNgAOE097JutXhcLJjKc1E_yIkdFK-6rViu8JxjWF6bh19SksDXV0rW0iP4iZYcE7yA%26cry%3D1%26dbm_d%3DAKAmf-DpcFE3cwgxaqOIauHzNAiNIQsVblQ51rFA7vE9pZv-G7hJWFuHIAikI8FqXsMX1Ovsa6tuaqHzhAI1lBp3H6yl4mXPpGqcx_9Y_TYuYmuQSa5dxH_5IGhEJJWj4Q3VNryxbh3aEIZ_OCoHBjggieeXiJKiAO-8rc2NYu_xX8koW4Axd4DIM3tmJLVz00crU4CWCMS810FCTPcBT5pJzJ2kGAfd3DmY9R-0I_CTI_YC3lwnVc0zdHN3ruzBV0HKHk6XiSSuuQM4hiZVGbC26UGd5J1I8wslf29hCKELTotopsKX-oKaNUL_9MIHepQGmoylysuS7j8dVVFrjZGed-nuRYCavGYVThKMVRqjbAEASgu-h_fZV-QEq3q_3_nlJ5byg44nGaiidV3dQAz_Pgr0RwPIIPW1SUiwQo3OihkytIX8Fl8sysQQ34eqR0PsgKupHJA2q8av11Urkv66IJwIuCQEuoMakIFwmTVfLE-qZpM1BaogUkNNc3rnQMQtZD2PSN_HhLNksv6C0v1IjOwS_cTXNzRusf-7oMRy6vo431y-FXBeGvh52F3LHctLj0MeysCyUaYv0ELGyyrho_ZMfwuuAg%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=4623972934818&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:15 GMT
attribution-reporting-register-source
{"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx
host
pv.medialead.de
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
0
proxy-host
pv.medialead.de
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame A647 		43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=21166900213489904444556012528012&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=3636decf01&subid=&uid=51726f56f2c3ce0d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPOW4_TtuZZHQI8_U29gPs_Ov8A2m5b2gaZ2cnKfJD_AuEAEg1MealwFglYqdgqwHyAEJqQJT6a7EdyWyPqgDAcgDmwSqBN4BT9AX9BMSbl6ldaR9K5PLmBw1XFFWa1XqNHWUTRDrcxfXgRXBOwBobx0uEuxrFBcGF_eBsld22SDG3HT9zx6u5_tnpg3aUX2ErUpQtMM64DF8R62XJf0SRSrBgg_bE8ZJZT5hbs8hu1p2xZK_mLv3fCXIEfCORE46I_SmFuCUwEWObYG1pN-gZwfkb7qa_m9aEKOdCNf6FMNHXVweIafu44EKNuayW2x4iNdGliQCWzi1o0PBmQDqS_sySu475dTiYGn7U-Z9W3mRIqCBmdmIQ_ar6botNzj1Kwurk3wTwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WOO6_9bU9oIDgAoBmAsByAsBgAwBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNgHUT-M_IpQZ4aKOpFn4XSC0vL51RM2IgFN5Yrm0x-rd1EnwumDqt9enuy5GQ4E4gUQ4dstU_R-cmlhUxLlA8RBpvjbm9Ijm5xRgB%26sig%3DAOD64_3Kf2G41ZyCDQPU8fQz_IBWDRJAnA%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-D3zcEUOMz0rZKW_BXysPKE2Gm-t5hv8y61sWw7IRwWm1yy2CQYaapJ7sRu3LIa3YpDD2eOOycsS0yK2S1St0g1LzKDd1Cu7MgYRDrdW85-EoXFpOHN1Waotg9qbn3mMgC1P9afOG_SMgbdBDN19vnv4OSQNgAOE097JutXhcLJjKc1E_yIkdFK-6rViu8JxjWF6bh19SksDXV0rW0iP4iZYcE7yA%26cry%3D1%26dbm_d%3DAKAmf-DpcFE3cwgxaqOIauHzNAiNIQsVblQ51rFA7vE9pZv-G7hJWFuHIAikI8FqXsMX1Ovsa6tuaqHzhAI1lBp3H6yl4mXPpGqcx_9Y_TYuYmuQSa5dxH_5IGhEJJWj4Q3VNryxbh3aEIZ_OCoHBjggieeXiJKiAO-8rc2NYu_xX8koW4Axd4DIM3tmJLVz00crU4CWCMS810FCTPcBT5pJzJ2kGAfd3DmY9R-0I_CTI_YC3lwnVc0zdHN3ruzBV0HKHk6XiSSuuQM4hiZVGbC26UGd5J1I8wslf29hCKELTotopsKX-oKaNUL_9MIHepQGmoylysuS7j8dVVFrjZGed-nuRYCavGYVThKMVRqjbAEASgu-h_fZV-QEq3q_3_nlJ5byg44nGaiidV3dQAz_Pgr0RwPIIPW1SUiwQo3OihkytIX8Fl8sysQQ34eqR0PsgKupHJA2q8av11Urkv66IJwIuCQEuoMakIFwmTVfLE-qZpM1BaogUkNNc3rnQMQtZD2PSN_HhLNksv6C0v1IjOwS_cTXNzRusf-7oMRy6vo431y-FXBeGvh52F3LHctLj0MeysCyUaYv0ELGyyrho_ZMfwuuAg%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=4623972934818&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:15 GMT
attribution-reporting-register-source
{"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx
host
pv.medialead.de
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
43
proxy-host
pv.medialead.de
dysonfutura-book.woff
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame 76A3 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/dysonfutura-book.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/css/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 16:31:37 GMT
x-content-type-options
nosniff
age
274837
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7928
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 30 Nov 2024 16:31:37 GMT
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/epv/ Frame 67E3 		0
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=61588200208120404444994012528026&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=0b5cc9f0f5&subid=&uid=6c115e7f3359a272&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNUB6_TtuZY-LJZGm29gPteOPgAqm5b2gab2TnKfJD_AuEAEg1MealwFglYqdgqwHyAEJqQJfaGHw1zSyPqgDAcgDmwSqBN4BT9DWwOipsf6T4IyCQGF1XNXeKT3c8EN9tYX9XYc-4CLv3JF2YRlNkDZ1po1QfPSbVdYYkn0BZKGZrE8KuWRf661DWP7R9r_OeCFwu6y1LYwbggjjjGJEVev0E5uXQWutCEUUyvOIDz85kEQA0bzzK1bnVAwcCBdgCsIHMOJxd-0bVuF_cxGsTkLLd8Q_WwlkRFCnn2NmOqZjZYd6K5d4D-WjUKHeEd2QbggLy8qjuG9tu43pbUArBixNTiL0ACv_PixGtobu5NuGeNPCQq4ISJoCX_nVHuaZG2XZGbOTwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WIjhgNfU9oIDgAoBmAsByAsBgAwBogwYKhYKFOS0sQLutbECtbixAqy6sQK7u7ECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNt3SHelvzd3trlGp829vJq3kA3oQi2diJhLby3hxkNehCipwlJlMcA3fIm4oP8bfQ1sYYfukhteSFYBYCO5wPjfsjJi1HkUunghoYAQ%26sig%3DAOD64_012Z2NE_hrgQPQs1VNTZ-dwQ_kWw%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-CvHdFiUrpU9cO0AlN_v-ceBGq-c-OlXuR3OXaqfHUMiWQexuasVeFA6Ge2ZAE5-qWpmgldxvP--YHtbyXhmk4JJaCjwlYC0GWlSVSV_rEl8R7nOZGSJpbTWyGi0s9BlKNKmBlzRUvVvXY_db4zy-z8MVayVP3MNumRN3fmvcr0jNWQI28%26cry%3D1%26dbm_d%3DAKAmf-CsLDa8C-6gDTWg4P7LRVTT3YUdw5PLCyEG7vj2AHQeDltslzonzmmRfb-j24U-7d8Vu_MUL5XTp3RwJQzELPrDr2n1D8DwzZAmcJGjqauiWK7smfp9m37ivjxcU1LGY4f_I7woyTl53dywvuzODJDHdzeWvRKOVuR3SCY5-pUkF1YFzNzImaTLcbykOb1-JNN3aJ40uWw2fkHQ6f6Iibt8C2RTW3lxtvYSxBA2ArAUHIa6GuWTdtGNRidsHhqF96Sjleod8xwYZgxjc4H2LCplIgMkeFMDWGI3GvqO9nFjYEv-XvEtPi0mtAFNQlw4hh7oO2VZlWbJcAbaQ93wdUSMIgi1XSi92J9ahMMMRJEcPfUYmgnhum1Rj-EbnlzdywNLoqT1C5LbIhAxX1GoCZReWzBTNoNSt4Stzc_30pQ48fvFLkm3adHPL_wzjQEGT1RzpGVSgNeu5B-Emj5T6sM49qNJUDj1B8Wtqm0i1qvGF31tsaTTcG5RdRdGQLjsBYXvLy_eM7QIaT6Z2HEjOISBY4vVBQin6eyUKP0ATM6ru7jNOBU%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=3195670860895&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length
0
content-type
application/javascript; charset=utf-8
date
Mon, 04 Dec 2023 20:52:15 GMT
host
pv.medialead.de
proxy-host
pv.medialead.de
server
nginx
vary
Origin
htlp
futalis.de/ Frame E264
Redirect Chain
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=61588200208120404444994012528026&ra_cnt_active=1&ra_cnt=1
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3363925631
350 B
400 B 		Document
General
Check archive.org
Download Go to
Full URL
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3363925631
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=0b5cc9f0f5&subid=&uid=6c115e7f3359a272&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNUB6_TtuZY-LJZGm29gPteOPgAqm5b2gab2TnKfJD_AuEAEg1MealwFglYqdgqwHyAEJqQJfaGHw1zSyPqgDAcgDmwSqBN4BT9DWwOipsf6T4IyCQGF1XNXeKT3c8EN9tYX9XYc-4CLv3JF2YRlNkDZ1po1QfPSbVdYYkn0BZKGZrE8KuWRf661DWP7R9r_OeCFwu6y1LYwbggjjjGJEVev0E5uXQWutCEUUyvOIDz85kEQA0bzzK1bnVAwcCBdgCsIHMOJxd-0bVuF_cxGsTkLLd8Q_WwlkRFCnn2NmOqZjZYd6K5d4D-WjUKHeEd2QbggLy8qjuG9tu43pbUArBixNTiL0ACv_PixGtobu5NuGeNPCQq4ISJoCX_nVHuaZG2XZGbOTwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WIjhgNfU9oIDgAoBmAsByAsBgAwBogwYKhYKFOS0sQLutbECtbixAqy6sQK7u7ECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNt3SHelvzd3trlGp829vJq3kA3oQi2diJhLby3hxkNehCipwlJlMcA3fIm4oP8bfQ1sYYfukhteSFYBYCO5wPjfsjJi1HkUunghoYAQ%26sig%3DAOD64_012Z2NE_hrgQPQs1VNTZ-dwQ_kWw%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-CvHdFiUrpU9cO0AlN_v-ceBGq-c-OlXuR3OXaqfHUMiWQexuasVeFA6Ge2ZAE5-qWpmgldxvP--YHtbyXhmk4JJaCjwlYC0GWlSVSV_rEl8R7nOZGSJpbTWyGi0s9BlKNKmBlzRUvVvXY_db4zy-z8MVayVP3MNumRN3fmvcr0jNWQI28%26cry%3D1%26dbm_d%3DAKAmf-CsLDa8C-6gDTWg4P7LRVTT3YUdw5PLCyEG7vj2AHQeDltslzonzmmRfb-j24U-7d8Vu_MUL5XTp3RwJQzELPrDr2n1D8DwzZAmcJGjqauiWK7smfp9m37ivjxcU1LGY4f_I7woyTl53dywvuzODJDHdzeWvRKOVuR3SCY5-pUkF1YFzNzImaTLcbykOb1-JNN3aJ40uWw2fkHQ6f6Iibt8C2RTW3lxtvYSxBA2ArAUHIa6GuWTdtGNRidsHhqF96Sjleod8xwYZgxjc4H2LCplIgMkeFMDWGI3GvqO9nFjYEv-XvEtPi0mtAFNQlw4hh7oO2VZlWbJcAbaQ93wdUSMIgi1XSi92J9ahMMMRJEcPfUYmgnhum1Rj-EbnlzdywNLoqT1C5LbIhAxX1GoCZReWzBTNoNSt4Stzc_30pQ48fvFLkm3adHPL_wzjQEGT1RzpGVSgNeu5B-Emj5T6sM49qNJUDj1B8Wtqm0i1qvGF31tsaTTcG5RdRdGQLjsBYXvLy_eM7QIaT6Z2HEjOISBY4vVBQin6eyUKP0ATM6ru7jNOBU%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=3195670860895&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
49.12.16.151 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lb-1.futalis.de
Software
/
Resource Hash
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
350
content-type
text/html; charset=utf-8

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Mon, 04 Dec 2023 20:52:14 GMT
location
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3363925631
p3p
policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server
Apache
xphp81
true
/
adv.office-partner.de/ Frame A500 		930 B
923 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=0b5cc9f0f5&subid=&uid=6c115e7f3359a272&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNUB6_TtuZY-LJZGm29gPteOPgAqm5b2gab2TnKfJD_AuEAEg1MealwFglYqdgqwHyAEJqQJfaGHw1zSyPqgDAcgDmwSqBN4BT9DWwOipsf6T4IyCQGF1XNXeKT3c8EN9tYX9XYc-4CLv3JF2YRlNkDZ1po1QfPSbVdYYkn0BZKGZrE8KuWRf661DWP7R9r_OeCFwu6y1LYwbggjjjGJEVev0E5uXQWutCEUUyvOIDz85kEQA0bzzK1bnVAwcCBdgCsIHMOJxd-0bVuF_cxGsTkLLd8Q_WwlkRFCnn2NmOqZjZYd6K5d4D-WjUKHeEd2QbggLy8qjuG9tu43pbUArBixNTiL0ACv_PixGtobu5NuGeNPCQq4ISJoCX_nVHuaZG2XZGbOTwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WIjhgNfU9oIDgAoBmAsByAsBgAwBogwYKhYKFOS0sQLutbECtbixAqy6sQK7u7ECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNt3SHelvzd3trlGp829vJq3kA3oQi2diJhLby3hxkNehCipwlJlMcA3fIm4oP8bfQ1sYYfukhteSFYBYCO5wPjfsjJi1HkUunghoYAQ%26sig%3DAOD64_012Z2NE_hrgQPQs1VNTZ-dwQ_kWw%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-CvHdFiUrpU9cO0AlN_v-ceBGq-c-OlXuR3OXaqfHUMiWQexuasVeFA6Ge2ZAE5-qWpmgldxvP--YHtbyXhmk4JJaCjwlYC0GWlSVSV_rEl8R7nOZGSJpbTWyGi0s9BlKNKmBlzRUvVvXY_db4zy-z8MVayVP3MNumRN3fmvcr0jNWQI28%26cry%3D1%26dbm_d%3DAKAmf-CsLDa8C-6gDTWg4P7LRVTT3YUdw5PLCyEG7vj2AHQeDltslzonzmmRfb-j24U-7d8Vu_MUL5XTp3RwJQzELPrDr2n1D8DwzZAmcJGjqauiWK7smfp9m37ivjxcU1LGY4f_I7woyTl53dywvuzODJDHdzeWvRKOVuR3SCY5-pUkF1YFzNzImaTLcbykOb1-JNN3aJ40uWw2fkHQ6f6Iibt8C2RTW3lxtvYSxBA2ArAUHIa6GuWTdtGNRidsHhqF96Sjleod8xwYZgxjc4H2LCplIgMkeFMDWGI3GvqO9nFjYEv-XvEtPi0mtAFNQlw4hh7oO2VZlWbJcAbaQ93wdUSMIgi1XSi92J9ahMMMRJEcPfUYmgnhum1Rj-EbnlzdywNLoqT1C5LbIhAxX1GoCZReWzBTNoNSt4Stzc_30pQ48fvFLkm3adHPL_wzjQEGT1RzpGVSgNeu5B-Emj5T6sM49qNJUDj1B8Wtqm0i1qvGF31tsaTTcG5RdRdGQLjsBYXvLy_eM7QIaT6Z2HEjOISBY4vVBQin6eyUKP0ATM6ru7jNOBU%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=3195670860895&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Mon, 04 Dec 2023 20:52:14 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Mon, 11 Dec 2023 20:52:14 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/epv/ Frame 62A0 		0
326 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=61588200208120404444994012528026&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=0b5cc9f0f5&subid=&uid=6c115e7f3359a272&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNUB6_TtuZY-LJZGm29gPteOPgAqm5b2gab2TnKfJD_AuEAEg1MealwFglYqdgqwHyAEJqQJfaGHw1zSyPqgDAcgDmwSqBN4BT9DWwOipsf6T4IyCQGF1XNXeKT3c8EN9tYX9XYc-4CLv3JF2YRlNkDZ1po1QfPSbVdYYkn0BZKGZrE8KuWRf661DWP7R9r_OeCFwu6y1LYwbggjjjGJEVev0E5uXQWutCEUUyvOIDz85kEQA0bzzK1bnVAwcCBdgCsIHMOJxd-0bVuF_cxGsTkLLd8Q_WwlkRFCnn2NmOqZjZYd6K5d4D-WjUKHeEd2QbggLy8qjuG9tu43pbUArBixNTiL0ACv_PixGtobu5NuGeNPCQq4ISJoCX_nVHuaZG2XZGbOTwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WIjhgNfU9oIDgAoBmAsByAsBgAwBogwYKhYKFOS0sQLutbECtbixAqy6sQK7u7ECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNt3SHelvzd3trlGp829vJq3kA3oQi2diJhLby3hxkNehCipwlJlMcA3fIm4oP8bfQ1sYYfukhteSFYBYCO5wPjfsjJi1HkUunghoYAQ%26sig%3DAOD64_012Z2NE_hrgQPQs1VNTZ-dwQ_kWw%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-CvHdFiUrpU9cO0AlN_v-ceBGq-c-OlXuR3OXaqfHUMiWQexuasVeFA6Ge2ZAE5-qWpmgldxvP--YHtbyXhmk4JJaCjwlYC0GWlSVSV_rEl8R7nOZGSJpbTWyGi0s9BlKNKmBlzRUvVvXY_db4zy-z8MVayVP3MNumRN3fmvcr0jNWQI28%26cry%3D1%26dbm_d%3DAKAmf-CsLDa8C-6gDTWg4P7LRVTT3YUdw5PLCyEG7vj2AHQeDltslzonzmmRfb-j24U-7d8Vu_MUL5XTp3RwJQzELPrDr2n1D8DwzZAmcJGjqauiWK7smfp9m37ivjxcU1LGY4f_I7woyTl53dywvuzODJDHdzeWvRKOVuR3SCY5-pUkF1YFzNzImaTLcbykOb1-JNN3aJ40uWw2fkHQ6f6Iibt8C2RTW3lxtvYSxBA2ArAUHIa6GuWTdtGNRidsHhqF96Sjleod8xwYZgxjc4H2LCplIgMkeFMDWGI3GvqO9nFjYEv-XvEtPi0mtAFNQlw4hh7oO2VZlWbJcAbaQ93wdUSMIgi1XSi92J9ahMMMRJEcPfUYmgnhum1Rj-EbnlzdywNLoqT1C5LbIhAxX1GoCZReWzBTNoNSt4Stzc_30pQ48fvFLkm3adHPL_wzjQEGT1RzpGVSgNeu5B-Emj5T6sM49qNJUDj1B8Wtqm0i1qvGF31tsaTTcG5RdRdGQLjsBYXvLy_eM7QIaT6Z2HEjOISBY4vVBQin6eyUKP0ATM6ru7jNOBU%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=3195670860895&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:15 GMT
attribution-reporting-register-source
{"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx
host
pv.medialead.de
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
0
proxy-host
pv.medialead.de
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame 62A0 		43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=61588200208120404444994012528026&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=0b5cc9f0f5&subid=&uid=6c115e7f3359a272&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNUB6_TtuZY-LJZGm29gPteOPgAqm5b2gab2TnKfJD_AuEAEg1MealwFglYqdgqwHyAEJqQJfaGHw1zSyPqgDAcgDmwSqBN4BT9DWwOipsf6T4IyCQGF1XNXeKT3c8EN9tYX9XYc-4CLv3JF2YRlNkDZ1po1QfPSbVdYYkn0BZKGZrE8KuWRf661DWP7R9r_OeCFwu6y1LYwbggjjjGJEVev0E5uXQWutCEUUyvOIDz85kEQA0bzzK1bnVAwcCBdgCsIHMOJxd-0bVuF_cxGsTkLLd8Q_WwlkRFCnn2NmOqZjZYd6K5d4D-WjUKHeEd2QbggLy8qjuG9tu43pbUArBixNTiL0ACv_PixGtobu5NuGeNPCQq4ISJoCX_nVHuaZG2XZGbOTwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WIjhgNfU9oIDgAoBmAsByAsBgAwBogwYKhYKFOS0sQLutbECtbixAqy6sQK7u7ECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNt3SHelvzd3trlGp829vJq3kA3oQi2diJhLby3hxkNehCipwlJlMcA3fIm4oP8bfQ1sYYfukhteSFYBYCO5wPjfsjJi1HkUunghoYAQ%26sig%3DAOD64_012Z2NE_hrgQPQs1VNTZ-dwQ_kWw%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-CvHdFiUrpU9cO0AlN_v-ceBGq-c-OlXuR3OXaqfHUMiWQexuasVeFA6Ge2ZAE5-qWpmgldxvP--YHtbyXhmk4JJaCjwlYC0GWlSVSV_rEl8R7nOZGSJpbTWyGi0s9BlKNKmBlzRUvVvXY_db4zy-z8MVayVP3MNumRN3fmvcr0jNWQI28%26cry%3D1%26dbm_d%3DAKAmf-CsLDa8C-6gDTWg4P7LRVTT3YUdw5PLCyEG7vj2AHQeDltslzonzmmRfb-j24U-7d8Vu_MUL5XTp3RwJQzELPrDr2n1D8DwzZAmcJGjqauiWK7smfp9m37ivjxcU1LGY4f_I7woyTl53dywvuzODJDHdzeWvRKOVuR3SCY5-pUkF1YFzNzImaTLcbykOb1-JNN3aJ40uWw2fkHQ6f6Iibt8C2RTW3lxtvYSxBA2ArAUHIa6GuWTdtGNRidsHhqF96Sjleod8xwYZgxjc4H2LCplIgMkeFMDWGI3GvqO9nFjYEv-XvEtPi0mtAFNQlw4hh7oO2VZlWbJcAbaQ93wdUSMIgi1XSi92J9ahMMMRJEcPfUYmgnhum1Rj-EbnlzdywNLoqT1C5LbIhAxX1GoCZReWzBTNoNSt4Stzc_30pQ48fvFLkm3adHPL_wzjQEGT1RzpGVSgNeu5B-Emj5T6sM49qNJUDj1B8Wtqm0i1qvGF31tsaTTcG5RdRdGQLjsBYXvLy_eM7QIaT6Z2HEjOISBY4vVBQin6eyUKP0ATM6ru7jNOBU%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=3195670860895&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:15 GMT
attribution-reporting-register-source
{"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx
host
pv.medialead.de
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
43
proxy-host
pv.medialead.de
view
googleads4.g.doubleclick.net/pcs/ Frame 45D9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvu99IdXLEaM4SxmTD4wVuX9Qzbri7p1hB6ZgFVq26vApblZbTBvlXFXUaa914SUxUXSE3_oQPibehyJ3d30b6Warun3RVb3RxHVqHan_-ec3HzXIMvqXs8u5DGeuYHXbs306G1MJYzyqG2Sjaec9fieMvsosbPaTNveEw-1lT24rvx5TPii8SzcAPfYd3Z_r5lGoL2SG4nvcGFZ83STpeHcLFItq6sWTLRf-uLtXjJHTw17IvtIBXzRdLmlgb-JMs0yfskpa_aEbpc3cNwfozhhseBAX87SlIuBbwnzsDDJ6-ZWBCGXpLEC_vHXumLqiTGhnBGkT-GxCHw9RfbzwHnC0eZCkeffE3Mc1VfHl8ZDwbDCCDcu9MlT8IaiYeLeQCZLt9QyLyY5bXZGyFOgEl5gUa174NRJjbY4ATloo8hGfvh3nzETBDpWWAiT9NBnqWiqYGZgzQLB2SDemhzOtHTM83bWN3WJovz0vhpuvaGNTGKSsliaHDE-HEkYg_BTDixZBqKlcM2cr0Px2B7UZ-Lwjs0rqV6yHkUkEicHH5KRKIivBfSLidG7Qs8f_ZCVYvQi9EfDCt1KYyxXeTY-4wwIVT-1tE5BwLtXMLrIG1z_zlvheIwfZqv9ouVQNmKIGoKurH5ETKf-N90a-ibRKk3m1wlKGD_kV0fJV4BYmDMZOkveUSrVb9hgiopQBWevey39gcHBKsAFSbPJA3bk-I1SYnhtGuJclXDdwJ6L37Qf0McoqbpVlxXoSgV7T3uEqpn89QbPwZgkmwQgP-_qdFanafsHk7hBWqlpozexO2AAzwnmpCfLHxutpXy817IExCSSnoGmvJhKC-iGO3ZXd8rgqRPGwocwEEKZae4qAYPRPqR9jfucXViGw9Y4HsSR5oluN5Bzh2-kYbhcVK6G4zBqtX78L8ESeop9wZt46Jvdvs9WQg6nNqJgoK1yBGOYgrbB1X7J3M4mQVpqpRdDMwTuX4Bxlr9X4OYAT5y1R4zNMfxSVhVB2iljy52nabW7_DHeoMpLjmf4Ao-9TRdMX1dcFjk6v_tDVEMLStmlKWDT7pKz9rd68FtkZjNuPGtqt5Egw0h-ialBmcAcwi0KqLtERxpmIruW_F--mgTOxz9a-4ZxOcIb7INfVmLjFbWwl9RAgcG5kdjyUTsbni_DQUZly2BFYT1DHgbsxENN6LZUKQOxgI_ceIFBcPLgskijaKzjKg6cOfQ8ZahcOeBzEYN7v3Xy6IOwSxkX4K_3kZWMFJqj0XyZqn8VLA24dsAuEq8&sai=AMfl-YQK6bKyLLR9aWbFviyTSNYiaWSPD6-GwRjiuiq4r6rf5q5i7VuIDAPzkayI0YEUwJ7rpKR2HGc5De5Q--ZLyMtSOlbbEQf2JXvhu_gSEhZLZGto_gGcvtiu1_n2txwJs_KFWsJSNBc7nXUIS0QF6FZBDA1wXCypLyJOcaD6tU6E9mhJsEJ9EmrsYI9Xo-2XQYx2Td6JG0sSnH-YWpZrL8H6udVkj_am0Ak_ZoujScRzmXppXplZXT-Mrcx4xD-F4BeNG6Z2pCWovAJR3YRCZ7d1POlhSo8oE-O0tgQmKw&sig=Cg0ArKJSzEJpOW3octr2EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=173&vt=11&dtpt=121&dett=3&cstd=51&cisv=r20231129.06127&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4A1B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B439-_jtuZdmnDJ3U9u8P_Pa7YAAAAAA4AeAEAg&bg=!cXKlcj3NAAY3kmNgF5I7ADQBe5WfODytqma3u3AonS7Fw4_YRRbPiXQmVunO_Yv1xT9NfJjRNPi9SzMmEY_WemDysyvpAgAAAIhSAAAAAWgBB5kC1s1bbhaOpt9GWjLj_qcFt4ugG3LCCkP2ZhTTxakvtnFY8_W9m0evsK3ZIJ0-8eTowb5A2H1ig5ofsB7Lu1jY5yCE9TqjL_3N6xAETMMlT4HHAwkQiqGccn9dZ9QeepMmXPMHfLhYmRkwv_AIVhvdMWF4fIxIuppD2Q8RSkfaYHN5NXbFx_OmoX9AX8fickuoqsD2wLnHx7zQ69uy97SWfyc6QPSDzqCWrpUkIDo1du-ZH7wFF033mB_hdRlmYmUzn1seJFQxjzYgUncU9CxXYqxHK3j9_sibFquTjeiPj6OtN346Pb2yWeeHcAZNwLfq0RwZhkyOqFFClNLeTnusV0Mjl0Rp_FUxGypM2eRWz609I_3Ko_fWSGtiQCZdG0p-h6tDPfFwFDPHUhS68J6ZDzU1BHwd4YvTWnhQzxHASx5844YB4me1irbjSNphoyV85zZ5Ce0dTX3-tafYg3NU_5dg1IHjQcjOwcdEsrCXsjrNloZVBpafXDYgObKoo3-X4kRIfEKxikFsP7PH_0wuhkN3Pu3x815_B86hyl_c9AnmWXKsY5X6f-jOGeoZm7zE2N8EyHitOgzjzlF-J-chb-jB2ZUp3_HdoFTJBSaHZJCBBXdgmv8SY4iPnYnh7jKTRHM2rp0TPTeJAJcQvQxL7d-3rxcAbyRj2VMUf2N1eAQzLF-MF4QBsTNeL9NUO_b2l12n9p9JZjDcJ7anLh-sgQ5huXzg7yFaj2OapXTjBv3c5ZCeLM9xuBll1_wQzvhTefwEQrfVuiJSXgEoY_bQUOqiSl5a99wzi7POr_auZaa0OBlAtIGF8fkVNA9u26ZdeezFMJI963EIe1MnUM4nYIdyPD6v9Eg03uk1rZ0SrtdxyAQM4O-XITePjjeKUAZKQKI47bh9G0mZAI5fdf9BegOCF-02DSdCQIznm0S9ETFpxTqQyFgL8CRrNGKEyoS2T_NPdWieLw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133207&bpp=1&bdt=216&idt=218&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=232
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ Frame A500 		175 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
59f264444dd0f43a143ef1fb592ae97628432b5f5ce0e5225fb42aa3da0a09cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64124
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 04 Dec 2023 20:52:14 GMT
gtm.js
www.googletagmanager.com/ Frame 54CD 		175 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9b2ab5a69ba824f6a720793b0e619d71d05df4e554a268d785e0771f5e1e6485
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64127
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 04 Dec 2023 20:52:14 GMT
ts.js
cdn.retailads.net/ Frame B30C 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retailads.net/ts.js
Requested by
Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3363925632
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futalis.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:14 GMT
last-modified
Wed, 05 Apr 2023 20:14:46 GMT
server
Apache
etag
"1416-5f89c717cdc2f"
content-type
application/javascript
xphp81
true
accept-ranges
bytes
content-length
5142
ts.js
cdn.retailads.net/ Frame E264 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retailads.net/ts.js
Requested by
Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3363925631
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futalis.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:14 GMT
last-modified
Wed, 05 Apr 2023 20:14:46 GMT
server
Apache
etag
"1416-5f89c717cdc2f"
content-type
application/javascript
xphp81
true
accept-ranges
bytes
content-length
5142
dt
dt.adsafeprotected.com/ Frame 86BB 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=b305f1dc-a70a-eb8f-e8a8-c94db8c1fc08&tv=%7Bc:vRPuio,pingTime:-10,time:369,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE5OSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1701723134788%7C%7Cfe86e0bed24cdc7b5aede81cd0cdc86c%7C%7C9d9fcb00733e98b40e93b73c4ea99695%7C%7C903851cea1bd7b7c66269200a3fbaa2c%7C%7Ca3048ab1a40d41931795e2aeca69b392%7C%7C7cb7fb2be8bfd3c6366797ee87c9efae%7C%7Ccbccbe75e13b525033e2ecb3a87bba53%7C%7C7cdec0e6ed6cf77b3ab4189f8d799c91%7C%7C1663701684%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=4347476252&adk=504672438&adf=3417920651&pi=t.ma~as.4347476252&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133207&bpp=1&bdt=216&idt=215&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=217
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:ab5:5950:5df:f61e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
server
nginx
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame CE99 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BIg___jtuZcPjHMLAjuwPpIW_iA8AAAAAOAHgBAI&bg=!cnGlcT7NAAY3kmNgF5I7ADQBe5WfOFLWTRVkb1_sw7qY1Dx2NwmSBq9w_jqerMbuCID6ryWokogzNsZyQvRfWkjH-2f0AgAAAD9SAAAAAmgBB5kDAobbiurB_5GIdv2RtLe75FQjitZDNRJ22TOIhU4S1KyStefQ5W8tjwOErGou7d3wgH3RVpOs198-HN93PIQ6-g2-imYJicOtTZbqhxenEzWr-ccqVsbUah-k7V-lJl2OdubJ7xM1d30-ZNk9p4DN4lUeqtIasNFACvIYgs3hj8Wn6MYIJ0eg2MCoYzOxKlH0lLcOYZ7GQdF9FsYFCBWiVhmz1nZwtQsd241ooxIAtosEMxjJQMD_BRsG-hrwUy-_4KYbbJzBg9gEJjojZW6O7Xq-PXgw_CT1PYVfKRuP-86_Qv_4mKX0MwpTxXPWUrvf4UkzgJfFDTmnFSE8lQqiVC0GCIwyZF1W9rWzxLur9IzX4MDLGgqIph_kFQx9VkIdy-FEgr9evzJ3E9KcayAEgvNoqua7JulJq3t39gDJEZi10cl9DjgksOcNqONT-TkDWDgAIPuejztt5rdsrfgGIfInrmoGfgPyCaYJpcNXhD3G6gKt1qPhV9Y4cXlgtb_GbkhGHFK84QQy8sWBHwDOq6jJQkAG4Yf0jcJHwr4UVCOGJ_g54fx4dvNQ--GlNm3pDnA1KvSblTg0DY5u1_Gfn7nNhMJDFZ87DYsmg0VwUhlHRJ032osodOVWAfINJSo-s9Fv6fnodCNqyK7TyLeDGwYmKI8RPbEpxCU-US3JvSboPIw3EIetAxT6mlnmKF0Z-bVQsihRVZwp10cpgRNsvT3bpvpMWvx5mpLINXvRgLqGtACmsJBscfu_ZLzNqt-OhuaCrnDXyf9H8cHNFHWC20izpRXfzuSrI0_1x2i0FLv0ZfKtKiJAehecwHOIAThDIEmBhvLHZwru2ZAEy0U7-omOGiFBzyDdq4Amnw2GYRtH36f2D4hIArRLT97RbkNdKFFw-iqDDYjl8odLTSBACHC3RmBshxOGryqxMMpF8N9KXoUT5m-YqZ9YXrNcMEDxmL7_qQrTX7DasImFDKqTNYJ5gto045MXaVsivgkDXe_ZRQ6KC7iMGYTxQPNT8EVcOwzM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ Frame A500 		274 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9849e5d65c6bad9d7a0b1494d331954383f684ad1d307c06f3fa49a8504e7b68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93100
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 04 Dec 2023 20:52:14 GMT
js
www.googletagmanager.com/gtag/ Frame 54CD 		274 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bf034bf23b2ac25be652487c79584810bbe24bb762d8643f0dc2248e9ac8d2c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93100
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 04 Dec 2023 20:52:14 GMT
a
www.googletagmanager.com/ Frame A500 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-Q7C756EV6G&v=3&t=t&pid=1949472347&cv=1&rv=3bt0&tc=16&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=adv.office-partner.de%2F&tdp=G-Q7C756EV6G;131730527;1;6;0&z=0
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:14 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
td
www.googletagmanager.com/ Frame A500 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/td?id=G-Q7C756EV6G&v=3&t=t&pid=1949472347&cv=1&rv=3bt0&tc=16&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=adv.office-partner.de%2F&tdp=G-Q7C756EV6G;131730527;1;6;0&z=0
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
server
Golfe2
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ Frame A500 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-Q7C756EV6G&v=3&t=t&pid=1949472347&cv=1&rv=3bt0&tc=16&es=1&e=gtag.config&eid=0&u=AAAAAAAI&h=Ag&tr=1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ogtgooglesignals.1ccdgaregscope.1ccdemdownload.1ccdemform.1ccdemoutboundclick.1ccdempageview.1ccdemscroll.1ccdemsitesearch.1ccdemvideo.1ccdconversionmarking.1ccdautoredact.1ccdgalast&ti=2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ogtgooglesignals.2ccdgaregscope.2ccdemdownload.2ccdemform.2ccdemoutboundclick.2ccdempageview.2ccdemscroll.2ccdemsitesearch.2ccdemvideo.2ccdconversionmarking.2ccdautoredact.2ccdgalast&z=0
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:14 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ Frame A500 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-Q7C756EV6G&v=3&t=t&pid=1949472347&cv=1&rv=3bt0&tc=16&es=1&e=gtm.js&eid=1&u=AAAAAAAI&h=Ag&tr=1gct&ti=1gct&z=0
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:14 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ Frame A500 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-Q7C756EV6G&v=3&t=t&pid=1949472347&cv=1&rv=3bt0&tc=16&e=gtag.config&eid=0&u=AAAAAAAI&h=Ag&epr=1G&z=0
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:14 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ Frame A500 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-Q7C756EV6G&v=3&t=t&pid=1949472347&cv=1&rv=3bt0&tc=16&es=1&e=gtm.dom&eid=14&u=AAAAggAIAAAAACCAAAE&h=Ag&z=0
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:14 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
dt
dt.adsafeprotected.com/ Frame 86BB 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=b305f1dc-a70a-eb8f-e8a8-c94db8c1fc08&tv=%7Bc:vRPukC,time:507,type:e,im:%7Bpci:%7Btdr:469%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:507,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B502~0%5D,as:%5B502~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:110,fm:tXvqQFl+11%7C12%7C13%7C141%7C151*.1627455-73523864%7C1511%7C1512%7C1513%7C161%7C17%7C18%7C191.1627455-73523880%7C1911,idMap:151*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:15,sis:88%7D&br=c
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:ab5:5950:5df:f61e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
server
nginx
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 45D9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=9682b360-9180-05a3-b4b4-90b7fca0347f&tv=%7Bc:vRPukT,pingTime:-10,time:340,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE5OSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1701723134942%7C%7C3a68199382f8a90bf44846e3d08ba272%7C%7C9d9fcb00733e98b40e93b73c4ea99695%7C%7Cc88eac737d4a848b498108578242d998%7C%7Caf25888bb875d7325b4cdb5b4d4f95bd%7C%7Cc38086acbe32bb8aada077da0ad6d48a%7C%7Cf332fc341883a6ee13e0c28229e663a2%7C%7C56c8f9a9c895adc1c3677ab882a12fbc%7C%7C1663701684%7D
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:ab5:5950:5df:f61e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
server
nginx
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1F02 		466 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYl4fo4gEwAQ&v=APEucNV9qRnN1ljFoq3gpfQIgm0J4-f1UQqD4Oy4RWH5WjrgUZEtZNaPNlAeuZe2rP1whpYyaTQWjSFXzd_gMWTW3eOOA50zqSlnJFk9A9oXTtQmdKx59RZ7ml8bUMoGhGTn_pKMidANuK81IHVyVj9in5VUHETtH31Wr9gxxjvIq-NcnW9-5R4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=-M&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=-M&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 20:52:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 2590 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 11:58:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32019
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 11:58:35 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 2590 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 09:45:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
40004
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 09:45:30 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 2590 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 22:40:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
79878
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Dec 2023 22:40:56 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 2590 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
269226
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 18:05:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 2590 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=-M&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:45:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
11219
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 17:45:15 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4052 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=-M&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16444
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 16:18:10 GMT
etag
48472445140208031
expires
Tue, 05 Dec 2023 16:18:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 2590 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=-M&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
3004
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 20:02:10 GMT
l
www.google.com/ads/measurement/ Frame 2590 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQNITBqExMdGF8VOzjkNEjtQZZQ9PA3zHVKKdNUYvJm2kCld47nDMLU-96Lry1iNEb_1nyeyLasadnJfHy8mYqACzZDxg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=-M&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 2590 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=-M&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Dec 2023 20:52:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2590 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CcK_uwA-ctZ-GvT_qOPfzmBVRYdMSQpEoWM06ofeDvxtSftBrWkkJwJw6UXs3rbzhHJI7_rrwzuGEZn5K88t_30E1QwzqnMOSHa36sm_Veb4URVu8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=-M&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 4052
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESECf65z83dL3nIofcIF-c374&google_cver=1&google_push=AXcoOmTVL5CI_xrh4UNIz_geySvA-YtNcbd-q9qtWHLtzNzMufveXTxQydLVoSpweHKccpr3srbUD7OENXVoVGxXReStGbb928DAX3eO
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTAxMTk3MjM3NTAyMTUxMDczMw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECf65z83dL3nIofcIF-c374&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECf65z83dL3nIofcIF-c374&google_cver=1
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Server
46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 04 Dec 2023 20:52:15 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECf65z83dL3nIofcIF-c374&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4052
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELDG9F1PUSs_jqpo1BIXsw0&google_push=AXcoOmQbY2FnNzuI9vJ3f8Vpf9sCsrvOVWI2AV_w7Xcou8wDva4Zyxbcet...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELDG9F1PUSs_jqpo1BIXsw0&google_push=AXcoOmQbY2FnNzuI9vJ3f8Vpf9sCsrvOVWI2AV_w7Xcou8wDva4ZyxbcetUY6AD_oXIVzncBePLyDNjz4Luc_NheZtK8g-tV4MfT7KYA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=-M&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=2
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230049-FRA
pragma
no-cache
date
Mon, 04 Dec 2023 20:52:15 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1701723135.087070,VS0,VE93
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELDG9F1PUSs_jqpo1BIXsw0&google_push=AXcoOmQbY2FnNzuI9vJ3f8Vpf9sCsrvOVWI2AV_w7Xcou8wDva4ZyxbcetUY6AD_oXIVzncBePLyDNjz4Luc_NheZtK8g-tV4MfT7KYA
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 4052
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEBQ3xEovx3gO9O6Tck0MVbo&google_cver=1&google_push=AXcoOmQVx0HUtw1OJw0tp4YUd2gf9VgnjvWnDeiVU2UMoKgFwKqqteQtH8rDDfBrmDxk1c96lbnyCBPmyuqBvJSCJddc2RwYb16fHx9x
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A63DC3AE755B4CC8AD201D43CDBD0BB6&google_push=AXcoOmQVx0HUtw1OJw0tp4YUd2gf9VgnjvWnDeiVU2UMoKgFwKqqteQtH8rDDfBrmDxk1c96lbnyCBPmyuqBvJS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A63DC3AE755B4CC8AD201D43CDBD0BB6&google_push=AXcoOmQVx0HUtw1OJw0tp4YUd2gf9VgnjvWnDeiVU2UMoKgFwKqqteQtH8rDDfBrmDxk1c96lbnyCBPmyuqBvJSCJddc2RwYb16fHx9x
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=-M&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=2
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 04 Dec 2023 20:52:15 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A63DC3AE755B4CC8AD201D43CDBD0BB6&google_push=AXcoOmQVx0HUtw1OJw0tp4YUd2gf9VgnjvWnDeiVU2UMoKgFwKqqteQtH8rDDfBrmDxk1c96lbnyCBPmyuqBvJSCJddc2RwYb16fHx9x
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 03 Dec 2023 20:52:15 GMT
google
match.adsrvr.org/track/cmf/ Frame 4052 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEENTGPpkHHT6qoSim3er1GY&google_cver=1&google_push=AXcoOmR0a-0-z5tj6_LsakJuwJqu0EmBiSjBKCApJqe4ys0GANIcODQuwmsL_OgD4d7lyDzFTA0HMLbwg6uFI5NiE1O2ho_ov3zh5Cc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=-M&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:15 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
x.bidswitch.net/ Frame 4052 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEEC5Lod52iQvSAhIoRCblic&google_cver=1&google_push=AXcoOmQXqfog2NJf8rveEilZ_Ojy2OV6QcLNKZfvCrbDfrp0o-IXByuYKX2amJBcDnzQQ-JRXLWH6ruWU4T1a8I0kbw3IfvJw6HY3EA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=-M&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.96.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-96-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 4052
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEM68qmm-Jj1TMRHDRj25Oyw&google_cver=1&google_push=AXcoOmSXBNL59mnNSUeNDV_XDUNapDaLZC9GWG6H_oT2EWYgtAvde3XQrD0toWtHDjLxuL6GPd6zN39j...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEM68qmm-Jj1TMRHDRj25Oyw&google_cver=1&google_push=AXcoOmSXBNL59mnNSUeNDV_XDUNapDaLZC9GWG6H_oT2EWYgtAvde3XQrD0toWtHDjLxuL6GPd6...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU2ODI2MTM2MDE3MTc5MDg4NQ&google_push=AXcoOmSXBNL59mnNSUeNDV_XDUNapDaLZC9GWG6H_oT2EWYgtAvde3XQrD0toWtHDjLxuL6GPd6zN3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU2ODI2MTM2MDE3MTc5MDg4NQ&google_push=AXcoOmSXBNL59mnNSUeNDV_XDUNapDaLZC9GWG6H_oT2EWYgtAvde3XQrD0toWtHDjLxuL6GPd6zN39jKoJy5TQNGeYvQLFLaFH80Rom
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=-M&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=2
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU2ODI2MTM2MDE3MTc5MDg4NQ&google_push=AXcoOmSXBNL59mnNSUeNDV_XDUNapDaLZC9GWG6H_oT2EWYgtAvde3XQrD0toWtHDjLxuL6GPd6zN39jKoJy5TQNGeYvQLFLaFH80Rom
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
report
sync.teads.tv/um/ Frame 4052
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELK5-DT-PJU5...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSsP1rNoioO8YAg6MpsTBpp7OVm3zeW0QKPuw-QBSyW_TvsCta99iPivsm1nUeJuX7zCX7uPKXohGmGdyU_0QBwoxBtt1zZZl_eFA
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=-M&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=2
Protocol
H2
Server
2.19.104.4 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-104-4.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires
Mon, 04 Dec 2023 20:52:15 GMT
pragma
no-cache
date
Mon, 04 Dec 2023 20:52:15 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 4052 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LkL-y7OfYIPVZXlr_jp3J8ICPe91oxbVriVJ3K6OKzSutLqYN4LKvIfLXUlBADb2ZpRG2BMw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=-M&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:15 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 8358 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
83019
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 21:48:36 GMT
expires
Mon, 02 Dec 2024 21:48:36 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/12943809228921786815/ Frame 8B53 		1 KB
776 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=kUyM5SjDtI&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68b34a28617137221b76b93546359bf577aea1d6b3aadbd65b40e8bbdae7dd0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
739
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 20:52:15 GMT
expires
Tue, 03 Dec 2024 20:52:15 GMT
last-modified
Thu, 27 Apr 2023 13:46:02 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
truncated
/ Frame 2590 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2d5b487d37e9db312f0e1e2257bac8b1c6c8ffa2347af04d660018a2ff5bd45

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
view
ad.doubleclick.net/pcs/ Frame 2590 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjss_hlgGZvesY9bS3u6Msj7p2ogKd60WCsBzZJudoZDoPXN-P3k-GN8f2rZu3d8zWLi9Z0BdTjpCbATkMjJEbvjf2O6xktnaps3u6mijapUwB4lzMKZSQpUUBZDCD-7ekzXQxsSAc39AZiAZ6vS-pd6MnGr_kF9BhMcGFFJ_PaFzVJnY0kfhalfXsZeAIqPF9dzayzoW_Vu9Hy-ET1GZPs7l5efwaKsaq3xpDZlrJGfS5dqvqqConUAhUbrrz604WbA9ppg6b2A0SBLjCarJghmO4PdL-wsRCJWJo8nTzn1rTZtWkhQH3lump5bSMrZ0go8S0jv3_aQSlVURwde_5dVhqNEOxeieRUt7zyBxmF7utdz0jXEKwz0oX6mG5_etkTSHpJ436Xp2upUrscXbbd2fzgmyrduTWlA3cHbue_UN8p5icTQPPHtAALrVK0gopb9UdwqwqJ-gxT51Vj0M0h8BzQQl9u-6lXYdvS5mPwydrjfmr0j4OjO1EBL_7FqzbQIzAJWl6AnNVeAkZ8mMEcF311YMKge-43qmYekaHwYEZLqu78bAX3u_xs-INR-Q84cRMSvaFeBoeWfkajFurclpril0BJ1NQH5JShvVAao3E6FIPXJKBdicTM6RzCypWnyNPGKmflo0ZP4fiUvs23X3y1dRE9M2-fnG6gAE_4299s0WHYSO3rMhGk6qRsdq2FqDzs-z0JpwfvnwVS-97SvuPXdjGD60WTxFjpJFXlL6m97Sfzn7LQMRjRbViSoPA2HvH0sdRuVQprDMOmqn1LP_hWIbjGYUrmAcmmAhSGIlsOt_HUPR3Ebs2aciaFmZX7MWtVMBMRPOA9o_TB4MbrZ0wBoHobQTuleniaGN_fz4KmKKxnigR3TxO4FHGUTnGf-ZmGaCdKoN7ZcBTSBDwFFywKcr2ZaGd_F8ipxDf3DWt_hLfNX_gI2J7XnT-74dHUy6PINzd9dDmKYLAm1mFia772anHXHmDjsNbvli94OFoXp8TfUrGiTvCktSaWUoNNhgz-cwn_O98SRSxEADZuhmWwLD86nbkInyqWlHmVwWNGZLhI9PIMz45_64M54nRLZ4-CAOnOW3w8s-sgHp1mcJnmOtUJMhju9xjSGxzgsBsdzwN8UyEpVAm3__sqx02s_OarHwQ09lvnE-rizOvIAtnBk1KJYG7mV5IsalgjDdbr33ljUoWfIo5eIjWlBL03v7KbBfxq__Hlsy5IXhAvQqPEv6209L8erRkbX-PHSV3QQJkEvVNwH4wDHWwGFt0T9-d7mEZWqlhrUOLn9wYBKANmNUk_0tgixSc_ChIIy84znYAog4aZihxHLur3zH93lCa9gxCONBxVtHXUXpwkUe0vRE0E8ki8cQrFfBUTgBgENOES1EaRE&sai=AMfl-YRwZ89Jhe8yWJhMO0oWHw2GpgDf3xLB-KePKg-9SIvXj5QphG_8445WxaaklUl0UgVj-43Cx1N1XeWdp14OxP6sGGuacoFx7T8KpJeW4UDACMMzNyrf4OSwslosqV2y94B0w0EwV_zny_a09DIGaaw67lXPR14PxXVGyRt0olrETHIkfs8NkjybGTH039XM8_mE7HdgCRx7FmXP0rKrPsHpyKDSjjKJKLyZOSlibtsohvS5-hr2lAX0JH2VgP8kj9Gap3vuGAROucmFgKQa7s-dKik7mo7QFjNAeetZQcm3-02gv_peF0ol39ULOMOCIV4nR7_Ub3SB27tLHWUMcr73C5y8FgsBw4ouBKxg6Td7wtrXI3zhyXFnida1oe4qqwLJ6ZxOUZuGxAhyoEBDSlb1PHtQ9kVQok9SnEMk&sig=Cg0ArKJSzLhMG8dU1f_6EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sdWZ0aGFuc2EuY29tLGh0dHBzOi8vZXhhY3RhZy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=53&cbvp=1&cstd=47&cisv=r20231129.46416&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 04 Dec 2023 20:52:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ai.aspx
m.exactag.com/ Frame 2590 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26915561&extCr=180662177&extPm=361577805&gdpr_consent=&gdpr=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=-M&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
85.14.248.91 Neukirchen-Vluyn, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Mon, 04 Dec 2023 20:52:14 GMT
X-Content-Type-Options
nosniff
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
Content-Length
43
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Mo, 04 Dez 2023 08:52:15 GMT
X-ET-Code
0
Accept-CH
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1119
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
partner
sync.search.spotxchange.com/ Frame 1F02
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBqB_pxpAHbmkAUrcq5LoGI&google_cver=1
0
0
partner
sync.search.spotxchange.com/ Frame 1F02 		0
0
sync
ups.analytics.yahoo.com/ups/58269/ Frame 1F02 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYl4fo4gEwAQ&v=APEucNV9qRnN1ljFoq3gpfQIgm0J4-f1UQqD4Oy4RWH5WjrgUZEtZNaPNlAeuZe2rP1whpYyaTQWjSFXzd_gMWTW3eOOA50zqSlnJFk9A9oXTtQmdKx59RZ7ml8bUMoGhGTn_pKMidANuK81IHVyVj9in5VUHETtH31Wr9gxxjvIq-NcnW9-5R4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:15 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
link.html
track.webgains.com/ Frame A647 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=21166900213489904444556012528012&nw=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133206&bpp=1&bdt=214&idt=209&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=214
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.177.52.174 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-177-52-174.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
f85141cce352bb5ef7d8b455e813f6baf1b322f047b24d280823ac0590173dd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:15 GMT
last-modified
Mon, 04 Dec 2023 20:52:15 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Mon, 04 Dec 2023 20:53:15 GMT
activityi;dc_pre=CNCw6NfU9oIDFbPjOwId3sUNGQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6281933688888.712
8019191.fls.doubleclick.net/ Frame CC6B
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6281933688888.712?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CNCw6NfU9oIDFbPjOwId3sUNGQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6281933688888.712?
391 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CNCw6NfU9oIDFbPjOwId3sUNGQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6281933688888.712?
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133206&bpp=1&bdt=214&idt=209&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f6.1e100.net
Software
cafe /
Resource Hash
feb4375e1bb474eaf30eee0783897ecbc3fc831b627175758c7061ed4ea3fecb
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
217
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 20:52:15 GMT
expires
Mon, 04 Dec 2023 20:52:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 20:52:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CNCw6NfU9oIDFbPjOwId3sUNGQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6281933688888.712?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900012.redintelligence.net/ Frame 850E 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900012.redintelligence.net/request_content.php?s=21166900213489904444556012528012&a=921c75bd
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133206&bpp=1&bdt=214&idt=209&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=214
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
15b54442a2ae0ea45d12e48a7a066274f8e4779b5abebb7fa63f8de7e4cb939e

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2061
Content-Type
text/html; charset=utf-8
Date
Mon, 04 Dec 2023 20:52:15 GMT
Expires
Mon, 04 Dec 2023 20:52:15 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
truncated
/ Frame A647 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3e78f926d72745db8487ed135b40d9df8668e15725bb87b2637710c37af0702

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 8358 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 10:24:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
37663
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Dec 2024 10:24:32 GMT
link.html
track.webgains.com/ Frame 62A0 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=61588200208120404444994012528026&nw=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133207&bpp=1&bdt=216&idt=218&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.177.52.174 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-177-52-174.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
f57f122f28d77ef20ecdbb8b53626b220d8b39e6f3489d070e292565a058b98d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:15 GMT
last-modified
Mon, 04 Dec 2023 20:52:15 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Mon, 04 Dec 2023 20:53:15 GMT
activityi;dc_pre=CPPr6NfU9oIDFZbIOwIdza4N0g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=799133291389.3201
5994599.fls.doubleclick.net/ Frame C364
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=799133291389.3201?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CPPr6NfU9oIDFZbIOwIdza4N0g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=799133291389.3201?
391 B
329 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPPr6NfU9oIDFZbIOwIdza4N0g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=799133291389.3201?
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133207&bpp=1&bdt=216&idt=218&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f6.1e100.net
Software
cafe /
Resource Hash
81c36793e302599d9ea1cd8e65a6dc3bcae1ebd0803140fc05c41a6f3ca67fb1
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
220
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 20:52:15 GMT
expires
Mon, 04 Dec 2023 20:52:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 20:52:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPPr6NfU9oIDFZbIOwIdza4N0g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=799133291389.3201?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900026.redintelligence.net/ Frame 0581 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900026.redintelligence.net/request_content.php?s=61588200208120404444994012528026&a=645f7c07
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133207&bpp=1&bdt=216&idt=218&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=232
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
5619bbcc0008a48d3ced0397de028017507d7028d98daf1eff77e472703292aa

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2118
Content-Type
text/html; charset=utf-8
Date
Mon, 04 Dec 2023 20:52:15 GMT
Expires
Mon, 04 Dec 2023 20:52:15 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
truncated
/ Frame 62A0 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
686ae72c2db3b4c24f165cb61670e9d5c8d06e9b27f09b24b0468d10f5e4cd54

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
tweenmax_2.0.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 8B53 		113 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=kUyM5SjDtI&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=kUyM5SjDtI&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38915
x-xss-protection
0
last-modified
Tue, 19 Jun 2018 18:02:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 04 Dec 2023 20:52:15 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 8B53 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=kUyM5SjDtI&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=kUyM5SjDtI&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 21:54:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82647
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 04 Dec 2023 21:54:48 GMT
css
fonts.googleapis.com/ Frame 850E 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=21166900213489904444556012528012&a=921c75bd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 04 Dec 2023 20:52:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 20:37:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Dec 2023 20:52:15 GMT
/
hal9000.redintelligence.net/scale/ Frame 850E 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=21166900213489904444556012528012&a=921c75bd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
0b2716debc3fe9d5e2db29e3f9373859999b111c5ca86c22cee43f0c8094d533

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 20:52:15 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
20629
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 850E 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=21166900213489904444556012528012&a=921c75bd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e15abec209b8bdd2d3bde5c86cff91bb6b4056ea34702be64231728637da3e7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 20:52:15 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
27705
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 850E 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=21166900213489904444556012528012&a=921c75bd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
739541315616a3864a6652055b89e3abe03ed98b747b67fbf18a1572333b70a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 20:52:15 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
25830
Vary
Accept-Encoding
Content-Type
image/png
css
fonts.googleapis.com/ Frame 0581 		5 KB
755 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=61588200208120404444994012528026&a=645f7c07
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900026.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 04 Dec 2023 20:52:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 19:29:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Dec 2023 20:52:15 GMT
/
hal9000.redintelligence.net/scale/ Frame 0581 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=61588200208120404444994012528026&a=645f7c07
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
c5ea3f4a8da8e18119e90b4b56b84f19f0494ae176dcee9a78c4c965acdecb0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900026.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 20:52:15 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16982
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 0581 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=61588200208120404444994012528026&a=645f7c07
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
7f7616de5eaa827c590a122696f1cb364bb3b59483a2c2d84edd6b820ae2a534

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900026.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 20:52:15 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
12997
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 0581 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=61588200208120404444994012528026&a=645f7c07
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
ecd36d599952e673b28e83bc0118150c51ecd1c3f9ab910a7e6016af70b6ffd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900026.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 20:52:15 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16514
Vary
Accept-Encoding
Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6A51 		398 B
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNUUYhGz3K3hu_Xe-3DTxv2VMciUn3L8qykO5D3bPxS7MbYqc8e9sr0HKY7k5WTGjKQT2wqrO9S_mIHOJ-OrtMkKPWUBRFr26Uuf716EsYD_6jy703A7OnyE5OmaLHPgrhwnhf6MrPJ6QyL3bbU9i2hvgcV6vzmkgzJGkVnOVRuKwqCEmrA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=0&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=0&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
202
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 20:52:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 938C 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=0&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf940bd2489897434455528323cf66c4e3aecd5eea963f1d99d96acd452d6dd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31498
x-xss-protection
0
server
cafe
etag
4296746511219988724
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 04 Dec 2023 20:52:15 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 938C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=0&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 17:45:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
11220
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 17:45:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 938C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=0&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
3005
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 20:02:10 GMT
l
www.google.com/ads/measurement/ Frame 938C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQWeV3EFFk3lKBigQq13R-V4WJgHH_BZCD-CFZV6whgZNmFQtDxjJhYDhAEarqOV9nkflUmo2DgiU-jFxYyI2ApYJHFRA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=0&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 938C 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=0&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Dec 2023 20:52:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 938C 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DDhuVbzVpZOI_iDgLq874JpvnnoXHzBMBv_TCSxz6izStLyXIHMAHIY3QdSPtj-OfaCBU_4GAT0jvZfOAN2v9fP7HEMcXfx4End5WnsQcHSugj4_w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=0&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 938C 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6808852182853840567&x=1&ct=77
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=0&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal900012.redintelligence.net/ Frame 850E 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900012.redintelligence.net/viewability?s=21166900213489904444556012528012&a=15bf58e6&vb=m
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=21166900213489904444556012528012&a=921c75bd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/request_content.php?s=21166900213489904444556012528012&a=921c75bd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 20:52:15 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
viewability
hal900026.redintelligence.net/ Frame 0581 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900026.redintelligence.net/viewability?s=61588200208120404444994012528026&a=5d0e11af&vb=m
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=61588200208120404444994012528026&a=645f7c07
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900026.redintelligence.net/request_content.php?s=61588200208120404444994012528026&a=645f7c07
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 20:52:15 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 850E 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900012.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 20:50:19 GMT
x-content-type-options
nosniff
age
259316
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 20:50:19 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 850E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900012.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:37:52 GMT
x-content-type-options
nosniff
age
4463
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Dec 2024 19:37:52 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 0581 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900026.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 20:50:19 GMT
x-content-type-options
nosniff
age
259316
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 20:50:19 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 0581 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900026.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:37:52 GMT
x-content-type-options
nosniff
age
4463
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Dec 2024 19:37:52 GMT
view
ad.doubleclick.net/pcs/ Frame 2590 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjss_hlgGZvesY9bS3u6Msj7p2ogKd60WCsBzZJudoZDoPXN-P3k-GN8f2rZu3d8zWLi9Z0BdTjpCbATkMjJEbvjf2O6xktnaps3u6mijapUwB4lzMKZSQpUUBZDCD-7ekzXQxsSAc39AZiAZ6vS-pd6MnGr_kF9BhMcGFFJ_PaFzVJnY0kfhalfXsZeAIqPF9dzayzoW_Vu9Hy-ET1GZPs7l5efwaKsaq3xpDZlrJGfS5dqvqqConUAhUbrrz604WbA9ppg6b2A0SBLjCarJghmO4PdL-wsRCJWJo8nTzn1rTZtWkhQH3lump5bSMrZ0go8S0jv3_aQSlVURwde_5dVhqNEOxeieRUt7zyBxmF7utdz0jXEKwz0oX6mG5_etkTSHpJ436Xp2upUrscXbbd2fzgmyrduTWlA3cHbue_UN8p5icTQPPHtAALrVK0gopb9UdwqwqJ-gxT51Vj0M0h8BzQQl9u-6lXYdvS5mPwydrjfmr0j4OjO1EBL_7FqzbQIzAJWl6AnNVeAkZ8mMEcF311YMKge-43qmYekaHwYEZLqu78bAX3u_xs-INR-Q84cRMSvaFeBoeWfkajFurclpril0BJ1NQH5JShvVAao3E6FIPXJKBdicTM6RzCypWnyNPGKmflo0ZP4fiUvs23X3y1dRE9M2-fnG6gAE_4299s0WHYSO3rMhGk6qRsdq2FqDzs-z0JpwfvnwVS-97SvuPXdjGD60WTxFjpJFXlL6m97Sfzn7LQMRjRbViSoPA2HvH0sdRuVQprDMOmqn1LP_hWIbjGYUrmAcmmAhSGIlsOt_HUPR3Ebs2aciaFmZX7MWtVMBMRPOA9o_TB4MbrZ0wBoHobQTuleniaGN_fz4KmKKxnigR3TxO4FHGUTnGf-ZmGaCdKoN7ZcBTSBDwFFywKcr2ZaGd_F8ipxDf3DWt_hLfNX_gI2J7XnT-74dHUy6PINzd9dDmKYLAm1mFia772anHXHmDjsNbvli94OFoXp8TfUrGiTvCktSaWUoNNhgz-cwn_O98SRSxEADZuhmWwLD86nbkInyqWlHmVwWNGZLhI9PIMz45_64M54nRLZ4-CAOnOW3w8s-sgHp1mcJnmOtUJMhju9xjSGxzgsBsdzwN8UyEpVAm3__sqx02s_OarHwQ09lvnE-rizOvIAtnBk1KJYG7mV5IsalgjDdbr33ljUoWfIo5eIjWlBL03v7KbBfxq__Hlsy5IXhAvQqPEv6209L8erRkbX-PHSV3QQJkEvVNwH4wDHWwGFt0T9-d7mEZWqlhrUOLn9wYBKANmNUk_0tgixSc_ChIIy84znYAog4aZihxHLur3zH93lCa9gxCONBxVtHXUXpwkUe0vRE0E8ki8cQrFfBUTgBgENOES1EaRE&sai=AMfl-YRwZ89Jhe8yWJhMO0oWHw2GpgDf3xLB-KePKg-9SIvXj5QphG_8445WxaaklUl0UgVj-43Cx1N1XeWdp14OxP6sGGuacoFx7T8KpJeW4UDACMMzNyrf4OSwslosqV2y94B0w0EwV_zny_a09DIGaaw67lXPR14PxXVGyRt0olrETHIkfs8NkjybGTH039XM8_mE7HdgCRx7FmXP0rKrPsHpyKDSjjKJKLyZOSlibtsohvS5-hr2lAX0JH2VgP8kj9Gap3vuGAROucmFgKQa7s-dKik7mo7QFjNAeetZQcm3-02gv_peF0ol39ULOMOCIV4nR7_Ub3SB27tLHWUMcr73C5y8FgsBw4ouBKxg6Td7wtrXI3zhyXFnida1oe4qqwLJ6ZxOUZuGxAhyoEBDSlb1PHtQ9kVQok9SnEMk&sig=Cg0ArKJSzLhMG8dU1f_6EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sdWZ0aGFuc2EuY29tLGh0dHBzOi8vZXhhY3RhZy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=234&vt=11&dtpt=181&dett=3&cstd=47&cisv=r20231129.46416&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pvClk.min.js
analytics.webgains.io/ Frame A647 		53 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=21166900213489904444556012528012&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-98.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 12:36:09 GMT
content-encoding
gzip
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
last-modified
Thu, 23 Nov 2023 16:26:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
29767
x-amz-server-side-encryption
AES256
etag
W/"1180a1bfee0aad979766ecd6180b923e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
CDvptuQN7e_AK3z_71gskpYuYvooKpG6QXRUTfvCFMNdiv9e1SBqPg==
1x1_0.png
cdn.track.production.webgains.team/7121/ Frame A647 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1701723435&Signature=lYIJAg8nTSovMXj7vohPLYgFWnC466IQZUE4woaIPjFh6itH9qtZXlTGfXes7-cW3pM4c2lETkVLttbePZIz5yIaGHZwXdeAr9xCV6vvFuSkClziS6g3htm~9eacwCuZcWjYCC40nLQQcZElXih7aMc-jy5vCuSRzx51VlETG3GemZ-VFW~QEIrxvtM8K76-vTShBJFr1-oB1y21m00VSNx9XTcShPJeoI-dpwNcOxfX0Yv~z27Gh6zupNMWnSLsKmlNFqW6huB8Ke9HAW5qDb~ARHgZjIMk2GRaBng4K0lwl-pgHogDgrLJzC~yHzPFLuDFDgy1Qcra8sZMyIHUQA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133206&bpp=1&bdt=214&idt=209&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-52.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
null
date
Mon, 04 Dec 2023 04:06:39 GMT
via
1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
60338
etag
"4e57de0506fbdb487ffcd53b450caee1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2808
x-amz-cf-id
YYC8BuCY3Ioy8FBv9ulPl6DyJmGOIy1-F5UFjUbOQ3V5JkWANG9aGA==
/
rtb-csync.smartadserver.com/redir/ Frame 6A51
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEEL3hqr-DQfq5_o7JC1iwoA&google_cver=1
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEEL3hqr-DQfq5_o7JC1iwoA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNUUYhGz3K3hu_Xe-3DTxv2VMciUn3L8qykO5D3bPxS7MbYqc8e9sr0HKY7k5WTGjKQT2wqrO9S_mIHOJ-OrtMkKPWUBRFr26Uuf716EsYD_6jy703A7OnyE5OmaLHPgrhwnhf6MrPJ6QyL3bbU9i2hvgcV6vzmkgzJGkVnOVRuKwqCEmrA
Protocol
HTTP/1.1
Server
5.135.209.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ip104.ip-5-135-209.eu
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:14 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEEL3hqr-DQfq5_o7JC1iwoA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 6A51 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNUUYhGz3K3hu_Xe-3DTxv2VMciUn3L8qykO5D3bPxS7MbYqc8e9sr0HKY7k5WTGjKQT2wqrO9S_mIHOJ-OrtMkKPWUBRFr26Uuf716EsYD_6jy703A7OnyE5OmaLHPgrhwnhf6MrPJ6QyL3bbU9i2hvgcV6vzmkgzJGkVnOVRuKwqCEmrA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ip104.ip-5-135-209.eu
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:14 GMT
transfer-encoding
chunked
content-type
image/gif
pvClk.min.js
analytics.webgains.io/ Frame 62A0 		53 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=61588200208120404444994012528026&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-98.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 12:36:09 GMT
content-encoding
gzip
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
last-modified
Thu, 23 Nov 2023 16:26:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
29767
x-amz-server-side-encryption
AES256
etag
W/"1180a1bfee0aad979766ecd6180b923e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
1e1BEc_iatC1uQgUJmdS73abCsGryIDRfmBWbKJtuXBZKqKKB6RE3A==
1x1.gif
cdn.track.production.webgains.team/7121/ Frame 62A0 		85 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1701723435&Signature=EbaE1LxXz~6tNYAT1EWbCea~50BpGbFwqOkfGwgjGUX6~RvnwCecYF7U-AUUzYNcw7cZbnCs8flVhKl0pG4PJCuTKWndBn5xIxPJy3yXZZA1vqk8~1ocpG6PmgJtM9nRmmYkw2rCRD8KkvmyXvndpxrrnVMY9nL8Z2MJfQm-LGH77U-tPQjK2wUMen3gILJn2PlGWDSbik1KIuB4Owg4aqQe7QatwXOFJ9nDVH0Dn6bTUfOonN3OkeP1401hZaCa-QQrmxFOpcBTX4A1o8vwMfosCTrmasasj1efIoPGMF2T2LMIWzNCG1bmExUr4rDECPWpNYOes21UC03UEBT3xw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723133207&bpp=1&bdt=216&idt=218&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-52.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
null
date
Mon, 04 Dec 2023 14:20:47 GMT
via
1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
23489
etag
"70af33d70b6810475aae19743c8c435b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
85
x-amz-cf-id
r96svPCqiSY-YNH00ca_Rju9Tsw_ezSXyFYnhdqQBpKFQR4TEV3oDQ==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8358 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BXsEN_jtuZeKyEuLA29gP-bSb6A4AAAAAOAHgBAI&bg=!AQKlAk3NAAY3kmNgF5I7ADQBe5WfOHBsMH6jaAiqjzfqlZvndO6wxM1R7fpNhUQChZVn47a6nLpkPZN_AJpfSEdUnm04AgAAADpSAAAAAWgBBwoAd8wZY62i3iIpT-ociKrjUJ8NNQ6m1GrXQFtdb87j2L93hsiML_roZZy2GPRJWA39GyF6WsCyjcOXo9HtIDFve8Azc3b-NofYhl9fEl5W4zchPmSWUJmV5FBDbTjGxZgc04harAHm9fR8XaD3eXZ0OmoMK9OS5lQ5mQMM3B3rqUEvPJr3fxYRw4w2tRXCcslaxupJaq3pHgtJhyNiOqDaf9xhkJ-B8VOG6_Ba35vmOqOk1EHBo7A0yPiMCQ7hNRbUw4-rnRVcTf-m4_UdyKR1g9ekKt60j_9u8XT5zE0F0LGdRoVP3H1RsfGA8TvhELIzvpoHhhjslhWfjeKdcEKB0TyBWnFvlRlXxOxUnBTT7Zq_yxhX7yLbkFWVX1GhbkUXckcj92oCX05WEME9IxWlfO7Elp1VZlI5F5ltOlPfZlsQOQxenSEUIkV1O0iXq5soBKSwhvZLEHxm_J1MEnp36aPqLxuicsKv_cslzHvSoYEx_Q2Kj-tiCPR-DhhRhxq5SZNbscY20PdfhKrCsI17XozSv7hWAShvPo53gQxYSB202_IDwvuKVKrLsZR14IUrLHquQgSFcU4Q_ClzpUuAAwdiPtRqfscKnVx3H0JgFHm2DIRd3uA3Y4vdBqJvD2zqJmqRI-h7BgBZs18Q7RNvENgNnQDP-PqkmgynemZDiZ7ZTPlF0RQgigm5bFl2rlcfGpC7hhIb4On69Kx5QneTZITdpu7fbK0xKoA6EdEbRBsqVszy13m6NVuSC-l-Lf7rJmBXP82YkkmeC7KWICGLKm-UjbkmHO5nUnfNp17Sv_d3aJg1H-GxPr79wmUwPK2BIrPGfZPHzHcOZrbeDE3DxTT4xLv15urYuoBxOKnI_9qLKNwOCT1jJnIj8LANUbsR2Xi6PyZHolm8C6uxKRqlwdUa_Sjy7vI-HpvprBeD8rtNBxmZhYeZWUpXO5E0Igupa6xQxakglMnYmxygn5b4ww-HN4N9X8PmEu3aBhAViEC3gDAS3EEjwACrbrCBIaae-C-rqEOvGFkFnQQIeeABro_MX9z1t4Fd_uVuGTtwH6cbZijb1IY_GBzZePcUjhaiOp5U1Hb0bc7RJRo3wzIRwqxrvawlnZBCfHHybIliVm6LLrDrpd007z7S-czW8JxE4Kd1hH4y2XvxsF_xVQa29cNZQJ0OlBt49ssBVi4runcoYTc52uwl
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CNCw6NfU9oIDFbPjOwId3sUNGQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6281933688888.712
adservice.google.com/ddm/fls/z/ Frame CC6B 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CNCw6NfU9oIDFbPjOwId3sUNGQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6281933688888.712
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CNCw6NfU9oIDFbPjOwId3sUNGQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6281933688888.712?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CPPr6NfU9oIDFZbIOwIdza4N0g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=799133291389.3201
adservice.google.com/ddm/fls/z/ Frame C364 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPPr6NfU9oIDFZbIOwIdza4N0g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=799133291389.3201
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPPr6NfU9oIDFZbIOwIdza4N0g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=799133291389.3201?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.js
s0.2mdn.net/creatives/assets/4703545/ Frame 8B53 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=kUyM5SjDtI&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=kUyM5SjDtI&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:43:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
551
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1100
x-xss-protection
0
last-modified
Fri, 05 May 2023 10:07:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 04 Dec 2023 20:58:04 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8B53 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b9153e1d790a2ede67f1eefb26aa56e22e05c73a3857e47764161ce34c09961
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5966
x-xss-protection
0
160x600_de-de_performance.js
s0.2mdn.net/creatives/assets/4703545/ Frame 8B53 		79 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc938f914a45d9704b821d83ed0ac1360240d3ac62d7c60878288c3c67279bc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=kUyM5SjDtI&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:42:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
565
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19231
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 12:31:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 04 Dec 2023 20:57:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 938C 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9171605355764&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 938C 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9171605355764&version=m202309260101&ct=77&x=1&cor=6808852182853841000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 938C 		20 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ag6A8OYpyhhNW_d6C8qwZbiKZsQvFNJqBHRFu75w_tT3wwMazTbptc1RGlXFvDxgFGVARApUGkv0RgPGCFhtyUC2-5uNuErwANcvBUvdUBuODTdW500JcgjyCK2YmmG34Nsa2Xg1xWujqFNB-YRjUls6rTGkQUK-jJMTpTJjd-AA4MlN4&cry=1&dbm_d=AKAmf-AaFM2QUZGFXA-di7acB0Xmv2OPQ4xPcT4vcjJa9baWH42MvuCU12XzEtOH5ccaIxrAmX2vu0TLctMxcfU_Zk6ToYz52VLyo1Iv-Gd_Ik282FP4qEJi0FJ_oBl3rthgLA31pQFhRJUKaqju_S7BUGngAWg_OJXDh8eKNg-RGyprJtKObSFYMRhnoKD5pOIFC5GtjyF7BV_rJx8peJ0tAVf2Pd4zmpFvtd-gvpc4yEGmlZwmMOGbqc4D56JXoY8f81ndJgmW-UseYuTrrq7BNOI2M1TAbLQ30ZnSHJSWqPmr-s8bONkOjmZBunRpr7Kr__YrpIORvJvtkIbc-8CfmRM0SC359NkZNyk4TOhZdoJnAYiU5ckbQBNYNIwC0ia4FVc3paxZ6av3IIeQFGRc4SEhNvCT4gPFGPaYSpc4YYUbREuDEZnBePlnE8UqqbGJ4IpTdutOr5wtlZ09ktWMBQ8_G4EEaXnB9LN6iMqU_vDgN_WIALKwgLepIX76ltESxrFPdIVaOfAxsT1EQ_hvtUW7euYSj6-pqSMj2QXXDuW-H7yUe7DV45f0L72qI-u_aI-2m8io7cChEj3f4Pn_FvYXyqQYkkljf0_IsyPgGwO9sOu2Onp81WiN-WJFaExZRFBdMJio-bKJVj8_Ye4UDQk46UmAbLw__xEOMHxYybJpzYxTtcKMaw1znO-VDe3NeitUfzEqQesTDJF87YtJq__JNyE4AvkhQB-OekihnPTRX2FaXlfSLlu-uOCSkZiQM3Z_Yv9K-UN5mWf-pSKAsRtPBcJjw-KpGro4ofxKj1gEdBFimUQ0dSWvPMVs9Oo2p6GxcoD7_jXk1qZIVu3yJNYXFVt1Sfcz-sMonPEA3Q0FAaknvKt7Au2QCHo2b8zFAcTbj-dmgBYpk9BP-y8LXsxl8ElfBLkn03U41TFXX9FlCotSONIFsxJqjM_y6_YL4e5Oq4KILdx9vQ-Bz3tdNrlVogkvy11nsxFpWQpjsmgIhRMNcZccMZsy-U77OD6tGJZgPM4Jaiq2ULZotmYJY_mSwvzD7phc2idFlFDclHYn9VIJE5JNQiS57Ud5999uvzebthme03-ANM07V1V4WuplEXk8TQP0uFatEKShruClX0-PvrCTF79SK_ITRUth1WJXmpph1K728C_pkGzXrk3iO9RtE0G6A5Cy6fOCtkoa4Il3VwGSjxEWUl9h4GgkjdSsj5URDKA1_m3n_eTMcB8lDagKJBfmxChH9stmTFSeAqmdabpES_Xdj42z3Dfu9FaEMDe52KgYfPd_cvJvdq-3ari7m8DZjasUtFGMmVVRn5vHm7NTun1AmDdTacRUWlKoYyiTaGeNhbIIGSYDAzrIfCniiB-T32YDfv3wq2jflgP8yn0fCi2cYB24M30dn99Cjpmv2Mo2mwg42LpbTJ7vAHmc4OrO7jLIs7Kkt6pBdGjtCPU6lzKjlzDOeGs7M5IgLU299UlKlvUSY_suOHDiRlOjf6ztybpbzgq21mwuDBPB1s76qbMg1z1CGLJovRVPLp9ElEW_eHHaSW7I7Ejuz0du1EQUUok5uhNiZydDYzpXU7lFSOKx6ir2yBSuE-f5lj2fUpQNK88lKkMLu0cehBWzQ92qdZ9C9p8oiHfdCz45lgginlJXh_cgAtKv4tPVzVD5eqrsEWMpBJuKUHk_EFCM-tb9AR7qit966GY03lb_bzg8dIk4kUhwld-leGqEYiCh3obRwlAc4eaZj-6Ee9aoYGOIX9zih-2fFtHUpuMZRQ21jzukyve9MPjXFhyCuktLjiP3Y2macF-WyzEDUlA0Xi44TzOl-BeKgo-4j8b8ku6GKqkGAkgJ0nAlzamCSSC8wsjGhHNDkZNEKzK6X57j06ZBka5LlEye-DWMCYXhvj7HlRbbIWd13IHd3hD3x4HnS71sWjj_clvqEaUc5BbvctFdq_6zouVmdfv1oKah5sVpASvlxHYhsePeLnYZhfzEU4BCM2zkcW74iG7JxNDzFbXTGx343QJJBcuiYfLxUuNLAYhhudH4DCF_L_bws1YW9wND9QlL3zN6rmBb9fk7ItzBjfVBgnnDW6ifzGHtXNQFo8j9tKsuWddqXtG1qPo9Z0_5qVgqnTnSiSaUlzcSLA_zJguoHSI7gpC61WMiPcjfw_SWJqIedS3EkLt0KaGfwcBvJW70Gqnx5dc7BO5ICUVZdRK1xKpXmtlhueCD-fy-VE2C30LCmZfjzAAO7m_PTibKvongh0W57uDvv_CQKFZKx-CyY1tG0IDVtatkUhDSpzJmo7-tqNTllLrRPwwPMeI6FfTyRAOuFCYSHiZoDcbi0IzgBE46l0iyOty71flWWXf37-RodfXYDeK5ARGmXNnugPeZeRgfh9JRmuLsWBQkmw5XUYCsbzWxhF0kxHdROHORY4OyiBSCCaRktU9aixFqSFDdhkzsQ3UbO1lbhbm0h2XMbu0mG8c4P-2Jvzi1u36nECoQQm5csNi6jAM24GS0tuxjw5D7cYGjPnKO-2zGgDOvoxNpKgtAaI7BsYqZQqWVmQ_ohQrg6hpLzeReGr6B_khOFVg7ptcdP_YZOxQlStM9H8twq8K7EHAxem9R3yWJoK5B8BtfDhIrXk9O_x5pKu8Wm1WW_y40weZ24FFPjXyWyeP8uplVKQ4Qw6XFfqzj5WKNE2OBtHU_nSwGLBIxSyxpuc-cUPZlVCbBvu4JKYXGGCuyUx4QZet0KQorc9TUaCfTGqlwY-gpV8_2DyymSzu5zibnFJq2iHFIHukkCXPOPlEF805RG0Gud6grBPLePpweUJEgVJLJf931OFk7sMnLjJtAPSBy6rJR6SowWSmTT1nLgls8mTOqE4xEKZIx1SdrYwvgOer_Vgmr6fJTeeXdWNnDOsv_BPta5o3CoG4vkJTwB19XPv0ffzDCKaKi4XElRAayKmMnOni0ygE5n-5dAEoh5DUMhHqY-7YmNtTnR6vFJeriROCIw4tiIX0GL9fem7pV-IdCC2pqZDvxuIt7yYKvzI8v4kwuPl9lLJ7j5GhqTwAzuI2zpvyPLLve1DoXEo2EdUlo0vukrDU7zhDBPBrMMClxX-OkY2MjvWFRu79QetRYR9xPeOV7p_vlMuZse5B90lJhNkX139Vj45JDCwmfwcs6TEG6cr6FXG8pIPeBO9J4pBHjA00p7BiGHv1CqDx7zcg5WNO7kBliDWkICz0HlbcpmtWvWee6r4WDr9PqscOgnez1RXaARJjBo4f4pas5GjklPkQ6xE_gm_S4XtZPUUJRs_ZBpG0AV4GR_WWG0wS9q4GX7HThJtVYDEG-u2WXSkR-YIZk6JBIEsXlWm_Or2tD_dZJPhGx_39zcZ2PIT64vBg2ZtMQ6zldh9cWW9fwr8slQ2aPt8pUCWpjjKNUnRrK4u3DVp4YHMGXBuupvRUViLapJduI-AiXL9Jz7nxickusDmZNWQSeVH6-f0E0qoRECUVJ4bdu0ccD9ZtZ8CjzijZFv7GS2FXRruboO2ljYAmiJPdFXWPZDLJoUUXd-WUwTw9CoQPryybe6ZjSqE9WBfm1GOQoF1PmqIw-4lkrMFuKlJ6ONRF_cC04fWPRm1P604UK3j27x1Ou3bUYeA1f5FwdODMHQE8kNqL9P1sRoDJ1vi4CnEsHVSDveISg7h6bY2KYyFc1OdbALxvJbITv4huYXCLQkg1msj8nIaie7nlL_h9JRYYkedJMKn-hSH5piPr2MuyQpG9CcWXqlitVuch6DUVrFnw_QXZkvj8PsiGlYOq9k_p0zwX1mk4wLyS3oiNOHJ7q7__72ui_nURb798RPHGOZ_zuLXC7Tobeinpb_0qUNBpvBVe_BhpXKMx9ZWGBNIdg0_s7hJQcRjG-sjWRP6h17NchZsHsU9UExbiFFhiQAqhWlI6ajbr7uQJJuFcd8FS7r64i4C6vOKHikaeVTTBENL5gDUWg6oczMKfIQPPBlosoiShNqilZbw64nwjQp3vJr_JO_UYOHvs3eJz64khK8pEnvdp42uOxiM55_6tW&cid=CAQSOwDICaaNF_sXxCLwJu3EyjrrkJjbuA-aQwF_rfz6z8lIh3uJg1qtfr1frFZZXDas3Jyfzm6ImcLUxEFjGAE&dc_eid=31079495&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgeocult.ru%2F&ds=l&xdt=1&iif=1&cor=6808852182853841000&adk=1877897943&idt=110&cac=0&dtd=12
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e5c38206fb5f268a1a1d4dac28d435e124a9564bb4fb9cd1e542b6813dfd3852
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=0&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13811
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 86BB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVs2cvFoimpdNZmiYdXv0TgMXobdK2uOx3SFq-oXuyRSunpqnrGaDUHZtNa_BT080o7V-XKAgrtXMtYkYTRAhO3AINdeHCHP3Hp4E33bnCVj26uJ7WikClliqWOrN_ROIsUIJlh-82sgEV&sai=AMfl-YTHowYHy0fkLWxfLq2T_SKMHgN4_hmp4hRXoWyoWf3OO31-iG6Rup3mWRMmPMu7LrdN05oExuOds6Bnh2h5-XYjqKKbRJk0I5LAjhHOOYyXT3AxL7vRAxN0WjDMsKlxjXvLPhn5E5EefPMot___44xAwV47qTAQBoLl&sig=Cg0ArKJSzJhGoIV1hQGZEAE&cid=CAQSTwDICaaNngXTSm8kT_dEIso-2Xts5ekSkTJ7PxQCnk_c6VPyC3g3MHNtoxc_3lU8tmqz_sTTzzlqy_VQjN_6KDrASHvZwDCIxRD27GWtOU8YAQ&id=lidar2&mcvt=1007&p=0,0,250,300&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=504672438&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701723134002&rpt=275&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
star_alliance.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 8B53 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=kUyM5SjDtI&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:41:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
646
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2334
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 11:06:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 04 Dec 2023 20:56:29 GMT
lh_logotype_single.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 8B53 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=kUyM5SjDtI&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:41:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
636
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2151
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 04 Dec 2023 20:56:39 GMT
lh_crane.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 8B53 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=kUyM5SjDtI&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:40:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
715
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1311
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 04 Dec 2023 20:55:20 GMT
NH_D_AP_Pavilion_160x600.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame 8B53 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4703548/NH_D_AP_Pavilion_160x600.jpg
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf808e2a55ef3a7ce795e28193bdb130b441b2859bd3eab5120daed9d931e21c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=kUyM5SjDtI&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:49:56 GMT
x-content-type-options
nosniff
age
139
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
89340
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 17:00:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 04 Dec 2023 21:04:56 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8B53 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Dec 2023 20:52:15 GMT
LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame 8B53 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=kUyM5SjDtI&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:40:03 GMT
x-content-type-options
nosniff
age
732
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51548
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 11:46:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 04 Dec 2023 20:55:03 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 87BE 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 10:24:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
37663
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Dec 2024 10:24:32 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 45D9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvHMfrL8efRiE9BFBuSkjdSRGuMb4zAtr97vDgMTv76Y04R1ipZvFT5mcpt9aoZyAKO0jlzdZAUe6JYxd3YtFRBsHFIlR95xmRC-4mzqsj1DFH5w60oFy4cEf0d4PoyTXDeIdXD3H4OK0g8&sai=AMfl-YRxJ6qYlFngMyHxiJXyfEZY2LZWCaicvjJR0ONaHaQvCQYAmrSLRIvEssoLKW0q-p8-wsbzL5OZ9WZlmB4x9sO7YW9PjCh7Sm6YPx4pxGkcnylN0QLkbWFwe1KWIXWld4f_HHy9h29dvNBzyMqTJWeGX-PEqZC5FV70&sig=Cg0ArKJSzLWEa8fOtfxeEAE&cid=CAQSTwDICaaNqzhF093fshWM4bCGUEKvb4YWRqFJBYk-mL9o-C6WlzAl_QipwX10m6dkneBFpc6upcK42LdIvM6zXNeI3OlMoi35ciGrhlk3Tu8YAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=318,813,1000,1011,1011&tos=318,495,187,11,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701723134282&rpt=276&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 938C 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ag6A8OYpyhhNW_d6C8qwZbiKZsQvFNJqBHRFu75w_tT3wwMazTbptc1RGlXFvDxgFGVARApUGkv0RgPGCFhtyUC2-5uNuErwANcvBUvdUBuODTdW500JcgjyCK2YmmG34Nsa2Xg1xWujqFNB-YRjUls6rTGkQUK-jJMTpTJjd-AA4MlN4&cry=1&dbm_d=AKAmf-AaFM2QUZGFXA-di7acB0Xmv2OPQ4xPcT4vcjJa9baWH42MvuCU12XzEtOH5ccaIxrAmX2vu0TLctMxcfU_Zk6ToYz52VLyo1Iv-Gd_Ik282FP4qEJi0FJ_oBl3rthgLA31pQFhRJUKaqju_S7BUGngAWg_OJXDh8eKNg-RGyprJtKObSFYMRhnoKD5pOIFC5GtjyF7BV_rJx8peJ0tAVf2Pd4zmpFvtd-gvpc4yEGmlZwmMOGbqc4D56JXoY8f81ndJgmW-UseYuTrrq7BNOI2M1TAbLQ30ZnSHJSWqPmr-s8bONkOjmZBunRpr7Kr__YrpIORvJvtkIbc-8CfmRM0SC359NkZNyk4TOhZdoJnAYiU5ckbQBNYNIwC0ia4FVc3paxZ6av3IIeQFGRc4SEhNvCT4gPFGPaYSpc4YYUbREuDEZnBePlnE8UqqbGJ4IpTdutOr5wtlZ09ktWMBQ8_G4EEaXnB9LN6iMqU_vDgN_WIALKwgLepIX76ltESxrFPdIVaOfAxsT1EQ_hvtUW7euYSj6-pqSMj2QXXDuW-H7yUe7DV45f0L72qI-u_aI-2m8io7cChEj3f4Pn_FvYXyqQYkkljf0_IsyPgGwO9sOu2Onp81WiN-WJFaExZRFBdMJio-bKJVj8_Ye4UDQk46UmAbLw__xEOMHxYybJpzYxTtcKMaw1znO-VDe3NeitUfzEqQesTDJF87YtJq__JNyE4AvkhQB-OekihnPTRX2FaXlfSLlu-uOCSkZiQM3Z_Yv9K-UN5mWf-pSKAsRtPBcJjw-KpGro4ofxKj1gEdBFimUQ0dSWvPMVs9Oo2p6GxcoD7_jXk1qZIVu3yJNYXFVt1Sfcz-sMonPEA3Q0FAaknvKt7Au2QCHo2b8zFAcTbj-dmgBYpk9BP-y8LXsxl8ElfBLkn03U41TFXX9FlCotSONIFsxJqjM_y6_YL4e5Oq4KILdx9vQ-Bz3tdNrlVogkvy11nsxFpWQpjsmgIhRMNcZccMZsy-U77OD6tGJZgPM4Jaiq2ULZotmYJY_mSwvzD7phc2idFlFDclHYn9VIJE5JNQiS57Ud5999uvzebthme03-ANM07V1V4WuplEXk8TQP0uFatEKShruClX0-PvrCTF79SK_ITRUth1WJXmpph1K728C_pkGzXrk3iO9RtE0G6A5Cy6fOCtkoa4Il3VwGSjxEWUl9h4GgkjdSsj5URDKA1_m3n_eTMcB8lDagKJBfmxChH9stmTFSeAqmdabpES_Xdj42z3Dfu9FaEMDe52KgYfPd_cvJvdq-3ari7m8DZjasUtFGMmVVRn5vHm7NTun1AmDdTacRUWlKoYyiTaGeNhbIIGSYDAzrIfCniiB-T32YDfv3wq2jflgP8yn0fCi2cYB24M30dn99Cjpmv2Mo2mwg42LpbTJ7vAHmc4OrO7jLIs7Kkt6pBdGjtCPU6lzKjlzDOeGs7M5IgLU299UlKlvUSY_suOHDiRlOjf6ztybpbzgq21mwuDBPB1s76qbMg1z1CGLJovRVPLp9ElEW_eHHaSW7I7Ejuz0du1EQUUok5uhNiZydDYzpXU7lFSOKx6ir2yBSuE-f5lj2fUpQNK88lKkMLu0cehBWzQ92qdZ9C9p8oiHfdCz45lgginlJXh_cgAtKv4tPVzVD5eqrsEWMpBJuKUHk_EFCM-tb9AR7qit966GY03lb_bzg8dIk4kUhwld-leGqEYiCh3obRwlAc4eaZj-6Ee9aoYGOIX9zih-2fFtHUpuMZRQ21jzukyve9MPjXFhyCuktLjiP3Y2macF-WyzEDUlA0Xi44TzOl-BeKgo-4j8b8ku6GKqkGAkgJ0nAlzamCSSC8wsjGhHNDkZNEKzK6X57j06ZBka5LlEye-DWMCYXhvj7HlRbbIWd13IHd3hD3x4HnS71sWjj_clvqEaUc5BbvctFdq_6zouVmdfv1oKah5sVpASvlxHYhsePeLnYZhfzEU4BCM2zkcW74iG7JxNDzFbXTGx343QJJBcuiYfLxUuNLAYhhudH4DCF_L_bws1YW9wND9QlL3zN6rmBb9fk7ItzBjfVBgnnDW6ifzGHtXNQFo8j9tKsuWddqXtG1qPo9Z0_5qVgqnTnSiSaUlzcSLA_zJguoHSI7gpC61WMiPcjfw_SWJqIedS3EkLt0KaGfwcBvJW70Gqnx5dc7BO5ICUVZdRK1xKpXmtlhueCD-fy-VE2C30LCmZfjzAAO7m_PTibKvongh0W57uDvv_CQKFZKx-CyY1tG0IDVtatkUhDSpzJmo7-tqNTllLrRPwwPMeI6FfTyRAOuFCYSHiZoDcbi0IzgBE46l0iyOty71flWWXf37-RodfXYDeK5ARGmXNnugPeZeRgfh9JRmuLsWBQkmw5XUYCsbzWxhF0kxHdROHORY4OyiBSCCaRktU9aixFqSFDdhkzsQ3UbO1lbhbm0h2XMbu0mG8c4P-2Jvzi1u36nECoQQm5csNi6jAM24GS0tuxjw5D7cYGjPnKO-2zGgDOvoxNpKgtAaI7BsYqZQqWVmQ_ohQrg6hpLzeReGr6B_khOFVg7ptcdP_YZOxQlStM9H8twq8K7EHAxem9R3yWJoK5B8BtfDhIrXk9O_x5pKu8Wm1WW_y40weZ24FFPjXyWyeP8uplVKQ4Qw6XFfqzj5WKNE2OBtHU_nSwGLBIxSyxpuc-cUPZlVCbBvu4JKYXGGCuyUx4QZet0KQorc9TUaCfTGqlwY-gpV8_2DyymSzu5zibnFJq2iHFIHukkCXPOPlEF805RG0Gud6grBPLePpweUJEgVJLJf931OFk7sMnLjJtAPSBy6rJR6SowWSmTT1nLgls8mTOqE4xEKZIx1SdrYwvgOer_Vgmr6fJTeeXdWNnDOsv_BPta5o3CoG4vkJTwB19XPv0ffzDCKaKi4XElRAayKmMnOni0ygE5n-5dAEoh5DUMhHqY-7YmNtTnR6vFJeriROCIw4tiIX0GL9fem7pV-IdCC2pqZDvxuIt7yYKvzI8v4kwuPl9lLJ7j5GhqTwAzuI2zpvyPLLve1DoXEo2EdUlo0vukrDU7zhDBPBrMMClxX-OkY2MjvWFRu79QetRYR9xPeOV7p_vlMuZse5B90lJhNkX139Vj45JDCwmfwcs6TEG6cr6FXG8pIPeBO9J4pBHjA00p7BiGHv1CqDx7zcg5WNO7kBliDWkICz0HlbcpmtWvWee6r4WDr9PqscOgnez1RXaARJjBo4f4pas5GjklPkQ6xE_gm_S4XtZPUUJRs_ZBpG0AV4GR_WWG0wS9q4GX7HThJtVYDEG-u2WXSkR-YIZk6JBIEsXlWm_Or2tD_dZJPhGx_39zcZ2PIT64vBg2ZtMQ6zldh9cWW9fwr8slQ2aPt8pUCWpjjKNUnRrK4u3DVp4YHMGXBuupvRUViLapJduI-AiXL9Jz7nxickusDmZNWQSeVH6-f0E0qoRECUVJ4bdu0ccD9ZtZ8CjzijZFv7GS2FXRruboO2ljYAmiJPdFXWPZDLJoUUXd-WUwTw9CoQPryybe6ZjSqE9WBfm1GOQoF1PmqIw-4lkrMFuKlJ6ONRF_cC04fWPRm1P604UK3j27x1Ou3bUYeA1f5FwdODMHQE8kNqL9P1sRoDJ1vi4CnEsHVSDveISg7h6bY2KYyFc1OdbALxvJbITv4huYXCLQkg1msj8nIaie7nlL_h9JRYYkedJMKn-hSH5piPr2MuyQpG9CcWXqlitVuch6DUVrFnw_QXZkvj8PsiGlYOq9k_p0zwX1mk4wLyS3oiNOHJ7q7__72ui_nURb798RPHGOZ_zuLXC7Tobeinpb_0qUNBpvBVe_BhpXKMx9ZWGBNIdg0_s7hJQcRjG-sjWRP6h17NchZsHsU9UExbiFFhiQAqhWlI6ajbr7uQJJuFcd8FS7r64i4C6vOKHikaeVTTBENL5gDUWg6oczMKfIQPPBlosoiShNqilZbw64nwjQp3vJr_JO_UYOHvs3eJz64khK8pEnvdp42uOxiM55_6tW&cid=CAQSOwDICaaNF_sXxCLwJu3EyjrrkJjbuA-aQwF_rfz6z8lIh3uJg1qtfr1frFZZXDas3Jyfzm6ImcLUxEFjGAE&dc_eid=31079495&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgeocult.ru%2F&ds=l&xdt=1&iif=1&cor=6808852182853841000&adk=1877897943&idt=110&cac=0&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
269227
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 18:05:08 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTcyMzEzNTI5NjM0NwogIHNlcnZlcl9pcDogMTM0MDY0NDI1CiAgcHJvY2Vzc19pZDogMTU5NDE4MjI3NAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 938C 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTcyMzEzNTI5NjM0NwogIHNlcnZlcl9pcDogMTM0MDY0NDI1CiAgcHJvY2Vzc19pZDogMTU5NDE4MjI3NAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiA3NzQwNjM1MjQwMDM0ODA2NTg2CmRlYnVnX2tleTogMTczNDU0NzIwNjU5NDI0ODkxMDIKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTEyLTA0IgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIxNzU0MzcKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjY2MDE0MjA2MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNjIxNjc4NwogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vYWQtc3J2Lm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2tsaWNrLXdlbHQuZGUiCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=0&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:15 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x7986be02ed25840e0000000000000000","13":"0x280728e6e7cb7d6e0000000000000000","14":"0xd31bd2fd9eff20050000000000000000","15":"0x9726d031a072f42d0000000000000000"},"debug_key":"17345472065942489102","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"7740635240034806586"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
33lgkyejwpt3
hal9000.redintelligence.net/zone/ Frame 938C 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/33lgkyejwpt3?subid=&gdpr=&gdpr_consent=&rnd=1701723134313246&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCzaPr_jtuZZ6PE_Wp29gPtN0KpuW9oGmdnJynyQ_wLhABINTHmpcBYJWKnYKsB8gBCakCU-muxHclsj6oAwHIA5uEgIAEqgTeAU_QHDHj7f22v8c9P1LgkRZ8_yvCujQpFYbiYOQLldMoMiplRKJV23EDzsle2392PwGo8y8-3fBXoW0cTJahGFLBwmwvi8JibZGVW-6HiDSuOOzKm2v44k4p_A-mkKFOtP_fq43SN4wCAqowiqXGteFAP6M4Y-6IolIefxs2xw-dfkh2z1IAZx6IaDGaOQWXf8CBlovZFSX8EZJOlBSU3_rtRAn89Uw5EymZRjHmM4ubCNQD5GutevRJ7J8huP7aNcjJ_Lmt5sdnSJhgo1cwCiB0-YV3ASwBJ9NNa4l_ysAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljj3avX1PaCA4AKAZgLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNF_sXxCLwJu3EyjrrkJjbuA-aQwF_rfz6z8lIh3uJg1qtfr1frFZZXDas3Jyfzm6ImcLUxEFjGAE%26sig%3DAOD64_2sIeizTZmz6Fm75yymKvfgm7fpzA%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-AXiFg2Qpho1qoJXqPY4E-J-xucFcivO-szAtZPNJ7FKa3D8KTLg7Thj_1zAQijQmsFJ2kWgUMWnGd_GLqqTAu39DNO3MtVuOPpnLbuT67yURTBTxPC3YffdAEpkMGt-PydEhjghjwSYkOhSIODVRGkmAATygDRBgD_6WEmvLD9uUWaepY%26cry%3D1%26dbm_d%3DAKAmf-D6PKeHRCXodFrYuuFMwQrScT4_l6CoLbCaMS8_CDP6dYmJ7exj92IvMfoBJ8b2ycoonGEjIM-TKjPtglpLRFWOA8_SbXpy6g6_SsbWfU9HvaJiKpspsalDw_-TW4WSK4K41w0t_Bw2KMpugCRS3ScCpRla5mrW2WJo2B65zSo3wVfo1pq-YDErCiE2kHW9t8p2UNchLlXyIjRCnCULW6bsaHYriHX79MhCSPF60h9fOR7IzsaDv18UD8ttJDOdxhTqJFLF6-4IogBT9oSl811rjSIN0guss7jPXfTQLZjWdzo9ROumyjt3jZQx0N3xoBpdh7BBjOXPfAwXx3X98fbcIDkaGyUkUXwFPof42tC-Gct8kRUPZx5d7ybGXEQqvBulXKh7XlrkqX3gudb_wvNlXve_JvWBXW_DxzDLpBMPTTCIBUnXTHE1YldMn-soz8zt6VE3ZqaXY0IfM1Y80zNJ8_edF08Ub4uRFlfR9-6Ldo0YP5o9atyO0k6rEMJpVGhZ8kgqY6JrfDlNCstDUg3IpzvDJn3qaBw33wTbFZtagQhk4qw%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=0&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
1b5cacbcb3ed26dea073da7f91b0d9cf6e2936380d7101496d1bdd8da2625599

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 20:52:15 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4138
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame C675 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
83019
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 21:48:36 GMT
expires
Mon, 02 Dec 2024 21:48:36 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame C675 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 10:24:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
37663
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Dec 2024 10:24:32 GMT
request.php
hal900023.redintelligence.net/ Frame 938C 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900023.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=d137babf87&subid=&uid=ef3760c0d628ee2d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCzaPr_jtuZZ6PE_Wp29gPtN0KpuW9oGmdnJynyQ_wLhABINTHmpcBYJWKnYKsB8gBCakCU-muxHclsj6oAwHIA5uEgIAEqgTeAU_QHDHj7f22v8c9P1LgkRZ8_yvCujQpFYbiYOQLldMoMiplRKJV23EDzsle2392PwGo8y8-3fBXoW0cTJahGFLBwmwvi8JibZGVW-6HiDSuOOzKm2v44k4p_A-mkKFOtP_fq43SN4wCAqowiqXGteFAP6M4Y-6IolIefxs2xw-dfkh2z1IAZx6IaDGaOQWXf8CBlovZFSX8EZJOlBSU3_rtRAn89Uw5EymZRjHmM4ubCNQD5GutevRJ7J8huP7aNcjJ_Lmt5sdnSJhgo1cwCiB0-YV3ASwBJ9NNa4l_ysAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljj3avX1PaCA4AKAZgLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNF_sXxCLwJu3EyjrrkJjbuA-aQwF_rfz6z8lIh3uJg1qtfr1frFZZXDas3Jyfzm6ImcLUxEFjGAE%26sig%3DAOD64_2sIeizTZmz6Fm75yymKvfgm7fpzA%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-AXiFg2Qpho1qoJXqPY4E-J-xucFcivO-szAtZPNJ7FKa3D8KTLg7Thj_1zAQijQmsFJ2kWgUMWnGd_GLqqTAu39DNO3MtVuOPpnLbuT67yURTBTxPC3YffdAEpkMGt-PydEhjghjwSYkOhSIODVRGkmAATygDRBgD_6WEmvLD9uUWaepY%26cry%3D1%26dbm_d%3DAKAmf-D6PKeHRCXodFrYuuFMwQrScT4_l6CoLbCaMS8_CDP6dYmJ7exj92IvMfoBJ8b2ycoonGEjIM-TKjPtglpLRFWOA8_SbXpy6g6_SsbWfU9HvaJiKpspsalDw_-TW4WSK4K41w0t_Bw2KMpugCRS3ScCpRla5mrW2WJo2B65zSo3wVfo1pq-YDErCiE2kHW9t8p2UNchLlXyIjRCnCULW6bsaHYriHX79MhCSPF60h9fOR7IzsaDv18UD8ttJDOdxhTqJFLF6-4IogBT9oSl811rjSIN0guss7jPXfTQLZjWdzo9ROumyjt3jZQx0N3xoBpdh7BBjOXPfAwXx3X98fbcIDkaGyUkUXwFPof42tC-Gct8kRUPZx5d7ybGXEQqvBulXKh7XlrkqX3gudb_wvNlXve_JvWBXW_DxzDLpBMPTTCIBUnXTHE1YldMn-soz8zt6VE3ZqaXY0IfM1Y80zNJ8_edF08Ub4uRFlfR9-6Ldo0YP5o9atyO0k6rEMJpVGhZ8kgqY6JrfDlNCstDUg3IpzvDJn3qaBw33wTbFZtagQhk4qw%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2920555573584698%26output%3Dhtml%26h%3D600%26adk%3D1636830882%26adf%3D2917673112%26pi%3Dt.aa~a.1663485022~i.5~rp.4%26w%3D266%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1693404896%26num_ads%3D1%26rafmt%3D1%26armr%3D3%26sem%3Dmc%26pwprc%3D4703721224%26ad_type%3Dtext_image%26format%3D266x600%26url%3Dhttps%253A%252F%252Fgeocult.ru%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rh%3D222%26rw%3D266%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26fa%3D27%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701723134137%26bpp%3D1%26bdt%3D1145%26idt%3D0%26shv%3Dr20231130%26mjsv%3Dm202311280101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C160x600%252C336x280%252C336x280%252C266x600%26nras%3D3%26correlator%3D7395833608473%26frm%3D20%26pv%3D1%26ga_vid%3D1155716277.1701723133%26ga_sid%3D1701723133%26ga_hid%3D1762117947%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D490%26ady%3D2274%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C31079437%252C31079864%252C44807764%252C44808148%252C44808284%252C44809072%252C21065725%26oid%3D2%26pvsid%3D1489682680608387%26tmod%3D522749410%26uas%3D0%26nvt%3D1%26fc%3D1408%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D6%26uci%3Da!6%26btvi%3D4%26fsb%3D1%26dtd%3D5&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fgeocult.ru&random=5868515266887&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/33lgkyejwpt3?subid=&gdpr=&gdpr_consent=&rnd=1701723134313246&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCzaPr_jtuZZ6PE_Wp29gPtN0KpuW9oGmdnJynyQ_wLhABINTHmpcBYJWKnYKsB8gBCakCU-muxHclsj6oAwHIA5uEgIAEqgTeAU_QHDHj7f22v8c9P1LgkRZ8_yvCujQpFYbiYOQLldMoMiplRKJV23EDzsle2392PwGo8y8-3fBXoW0cTJahGFLBwmwvi8JibZGVW-6HiDSuOOzKm2v44k4p_A-mkKFOtP_fq43SN4wCAqowiqXGteFAP6M4Y-6IolIefxs2xw-dfkh2z1IAZx6IaDGaOQWXf8CBlovZFSX8EZJOlBSU3_rtRAn89Uw5EymZRjHmM4ubCNQD5GutevRJ7J8huP7aNcjJ_Lmt5sdnSJhgo1cwCiB0-YV3ASwBJ9NNa4l_ysAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljj3avX1PaCA4AKAZgLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNF_sXxCLwJu3EyjrrkJjbuA-aQwF_rfz6z8lIh3uJg1qtfr1frFZZXDas3Jyfzm6ImcLUxEFjGAE%26sig%3DAOD64_2sIeizTZmz6Fm75yymKvfgm7fpzA%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-AXiFg2Qpho1qoJXqPY4E-J-xucFcivO-szAtZPNJ7FKa3D8KTLg7Thj_1zAQijQmsFJ2kWgUMWnGd_GLqqTAu39DNO3MtVuOPpnLbuT67yURTBTxPC3YffdAEpkMGt-PydEhjghjwSYkOhSIODVRGkmAATygDRBgD_6WEmvLD9uUWaepY%26cry%3D1%26dbm_d%3DAKAmf-D6PKeHRCXodFrYuuFMwQrScT4_l6CoLbCaMS8_CDP6dYmJ7exj92IvMfoBJ8b2ycoonGEjIM-TKjPtglpLRFWOA8_SbXpy6g6_SsbWfU9HvaJiKpspsalDw_-TW4WSK4K41w0t_Bw2KMpugCRS3ScCpRla5mrW2WJo2B65zSo3wVfo1pq-YDErCiE2kHW9t8p2UNchLlXyIjRCnCULW6bsaHYriHX79MhCSPF60h9fOR7IzsaDv18UD8ttJDOdxhTqJFLF6-4IogBT9oSl811rjSIN0guss7jPXfTQLZjWdzo9ROumyjt3jZQx0N3xoBpdh7BBjOXPfAwXx3X98fbcIDkaGyUkUXwFPof42tC-Gct8kRUPZx5d7ybGXEQqvBulXKh7XlrkqX3gudb_wvNlXve_JvWBXW_DxzDLpBMPTTCIBUnXTHE1YldMn-soz8zt6VE3ZqaXY0IfM1Y80zNJ8_edF08Ub4uRFlfR9-6Ldo0YP5o9atyO0k6rEMJpVGhZ8kgqY6JrfDlNCstDUg3IpzvDJn3qaBw33wTbFZtagQhk4qw%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
b809679e09b6ad69022b180aba69a59e3397eb86b4fa6c96b0d0dd0df1b7bdf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Dec 2023 20:52:15 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
41466100212170504444556012528023
Connection
close
Content-Length
1047
Expires
Mon, 04 Dec 2023 20:52:15 +0100
dt
dt.adsafeprotected.com/ Frame 45D9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=9682b360-9180-05a3-b4b4-90b7fca0347f&tv=%7Bc:vRPuwO,time:1079,type:e,im:%7Bpci:%7Btdr:1004%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1079,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1075~0%5D,as:%5B1075~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:135,fm:tXvqQFl+11%7C12%7C13%7C141%7C142%7C151.1627455-73523864%7C1511%7C1512%7C1513%7C1514%7C161%7C1621%7C17%7C18%7C191*.1627455-73523880%7C1911%7C1912%7C1913,idMap:191*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:17,sis:123%7D&br=c
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:ab5:5950:5df:f61e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:15 GMT
server
nginx
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame C675 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BaDCM_ztuZZuLEqnS9u8PgpWV-AUAAAAAOAHgBAI&bg=!ZWalZinNAAY3kmNgF5I7ADQBe5WfOJcuGDgfFibJweAN84GY82NWLQnBQZEmOnOCZAYsrcLghYZC36vWQ-Cptoo7dLDoAgAAAEFSAAAAA2gBB5kDC17M8mzJTfyL4v3Zhiag6lsS-EZBl7jC1ajoR_V0tXuxvGUdRxc4M96Nz9Tk6IqxzHfP4BXDyVgoCP4Ee2zKQrjPnHwPdES2EUFVljvmgqJHmzLhSKuBUSM9YXO1Sa5-egMjJAdQdJPVbRFGldATOa1Z5PG-jlmQqui-1tk0tjCrx9Z_otT3R2lAp4MBPfnXFsYE_W_mNeJuqvCIZpOwaWE05HQzqpTSMRZjFKtEYDWhvxj-0FkqjL6RmPJKLS-C57ptJbjwMImCL-aWHYnROSuQaNq6frGKgzw1ix9fuMJ-jTlzWXt4ogIIYEoiFDqjFIvOIIsgv2w2pSG5CGHMOGCJO6XL1cyvI1ZoLfuaSEDlIiSdCDJwhEdj5UYb11rCy8QHrl1m9YP1z1OKb2tMuEFSox3VYoOzNmxOvrEUwUNzzwiVw7A-in89iEUpNdg0F4BrOBDTpoYF6NoMJd4HZhsPluwrR-RL7SOnG17sEVZEJA3kbf79Irg3IFI51B6tdbB18LAS1uN6LXe443ISy_HwTe0lQfW9Q0tMNuZ4XhQ2CfzHjMcKNfK41VuPa6ZpgnMLqMsWbuBkFcnUTAMeIRU6aQO3qSiqek5MR2Mzpk67QpmV3HGQXDKdvP9jk1qf0KxfJJIOVsA5NGdG7D54g5Gl6DB8bMGn1ascdGuiab41LKu8-NxPp0hnh98fzfe37pzuVvlWLhWtkkUw2wmMsD0MyvrUKAX5iz9WX03BhI9zlLpTtVtzUGzzm9vFcDsozSNI_RD3x5L2V4GIQdAgXWBOoWWsEz5sitXT6e3lS6W0oMjwziWZa_PAr8nnwSQ1NUT1kgOfDINAl9CcE2P5ElFgpWt6M1scAE4NyB9_vjSHWyiwWg0GvIZzv3eEkcu0uPRWWQBu_ZM7fT2SmfkuK475Rx8rVA-Wmmwr_qcW7BPMMO6-4VkNg8HukfVEvWuO94Jqr7rcbPTyPokX9HLFnr_Swcopuz1EFVuQp7fBVGvp2U_SlTNT6OtAMWdXieNbOub4TzBmm6qli5RC
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=0&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aw.html
www.mietwagen-check.de/ret/ Frame 15A2
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2413240&v=14051&q=365935&r=296283&pref1=41466100212170504444556012528023&pv=1
  • https://www.mietwagen-check.de/ret/aw.html
0
302 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mietwagen-check.de/ret/aw.html
Requested by
Host: hal900023.redintelligence.net
URL: https://hal900023.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=d137babf87&subid=&uid=ef3760c0d628ee2d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCzaPr_jtuZZ6PE_Wp29gPtN0KpuW9oGmdnJynyQ_wLhABINTHmpcBYJWKnYKsB8gBCakCU-muxHclsj6oAwHIA5uEgIAEqgTeAU_QHDHj7f22v8c9P1LgkRZ8_yvCujQpFYbiYOQLldMoMiplRKJV23EDzsle2392PwGo8y8-3fBXoW0cTJahGFLBwmwvi8JibZGVW-6HiDSuOOzKm2v44k4p_A-mkKFOtP_fq43SN4wCAqowiqXGteFAP6M4Y-6IolIefxs2xw-dfkh2z1IAZx6IaDGaOQWXf8CBlovZFSX8EZJOlBSU3_rtRAn89Uw5EymZRjHmM4ubCNQD5GutevRJ7J8huP7aNcjJ_Lmt5sdnSJhgo1cwCiB0-YV3ASwBJ9NNa4l_ysAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljj3avX1PaCA4AKAZgLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNF_sXxCLwJu3EyjrrkJjbuA-aQwF_rfz6z8lIh3uJg1qtfr1frFZZXDas3Jyfzm6ImcLUxEFjGAE%26sig%3DAOD64_2sIeizTZmz6Fm75yymKvfgm7fpzA%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-AXiFg2Qpho1qoJXqPY4E-J-xucFcivO-szAtZPNJ7FKa3D8KTLg7Thj_1zAQijQmsFJ2kWgUMWnGd_GLqqTAu39DNO3MtVuOPpnLbuT67yURTBTxPC3YffdAEpkMGt-PydEhjghjwSYkOhSIODVRGkmAATygDRBgD_6WEmvLD9uUWaepY%26cry%3D1%26dbm_d%3DAKAmf-D6PKeHRCXodFrYuuFMwQrScT4_l6CoLbCaMS8_CDP6dYmJ7exj92IvMfoBJ8b2ycoonGEjIM-TKjPtglpLRFWOA8_SbXpy6g6_SsbWfU9HvaJiKpspsalDw_-TW4WSK4K41w0t_Bw2KMpugCRS3ScCpRla5mrW2WJo2B65zSo3wVfo1pq-YDErCiE2kHW9t8p2UNchLlXyIjRCnCULW6bsaHYriHX79MhCSPF60h9fOR7IzsaDv18UD8ttJDOdxhTqJFLF6-4IogBT9oSl811rjSIN0guss7jPXfTQLZjWdzo9ROumyjt3jZQx0N3xoBpdh7BBjOXPfAwXx3X98fbcIDkaGyUkUXwFPof42tC-Gct8kRUPZx5d7ybGXEQqvBulXKh7XlrkqX3gudb_wvNlXve_JvWBXW_DxzDLpBMPTTCIBUnXTHE1YldMn-soz8zt6VE3ZqaXY0IfM1Y80zNJ8_edF08Ub4uRFlfR9-6Ldo0YP5o9atyO0k6rEMJpVGhZ8kgqY6JrfDlNCstDUg3IpzvDJn3qaBw33wTbFZtagQhk4qw%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2920555573584698%26output%3Dhtml%26h%3D600%26adk%3D1636830882%26adf%3D2917673112%26pi%3Dt.aa~a.1663485022~i.5~rp.4%26w%3D266%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1693404896%26num_ads%3D1%26rafmt%3D1%26armr%3D3%26sem%3Dmc%26pwprc%3D4703721224%26ad_type%3Dtext_image%26format%3D266x600%26url%3Dhttps%253A%252F%252Fgeocult.ru%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rh%3D222%26rw%3D266%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26fa%3D27%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701723134137%26bpp%3D1%26bdt%3D1145%26idt%3D0%26shv%3Dr20231130%26mjsv%3Dm202311280101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C160x600%252C336x280%252C336x280%252C266x600%26nras%3D3%26correlator%3D7395833608473%26frm%3D20%26pv%3D1%26ga_vid%3D1155716277.1701723133%26ga_sid%3D1701723133%26ga_hid%3D1762117947%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D490%26ady%3D2274%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C31079437%252C31079864%252C44807764%252C44808148%252C44808284%252C44809072%252C21065725%26oid%3D2%26pvsid%3D1489682680608387%26tmod%3D522749410%26uas%3D0%26nvt%3D1%26fc%3D1408%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D6%26uci%3Da!6%26btvi%3D4%26fsb%3D1%26dtd%3D5&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fgeocult.ru&random=5868515266887&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.205.189 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
189.205.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
max-age=0, no-cache, no-store
content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 04 Dec 2023 20:52:16 GMT
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-robots-tag
noindex, nofollow, noarchive

Redirect headers

Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
Date
Mon, 04 Dec 2023 20:52:16 GMT
Location
https://www.mietwagen-check.de/ret/aw.html
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Strict-Transport-Security
max-age=86400
activityi;dc_pre=CPj0l9jU9oIDFfvMOwIdvlkJeA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7356166673688.367
8019191.fls.doubleclick.net/ Frame 64EE
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7356166673688.367?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CPj0l9jU9oIDFfvMOwIdvlkJeA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7356166673688.367?
391 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CPj0l9jU9oIDFfvMOwIdvlkJeA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7356166673688.367?
Requested by
Host: geocult.ru
URL: https://geocult.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f6.1e100.net
Software
cafe /
Resource Hash
bce1d7a0b7fe8a827d87304ee89e4b53f453c92613a3ef2a67f23f6cc9a0d04c
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
220
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 20:52:15 GMT
expires
Mon, 04 Dec 2023 20:52:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 20:52:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CPj0l9jU9oIDFfvMOwIdvlkJeA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7356166673688.367?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900023.redintelligence.net/ Frame 9F7B 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900023.redintelligence.net/request_content.php?s=41466100212170504444556012528023&a=6db6d2a3
Requested by
Host: hal900023.redintelligence.net
URL: https://hal900023.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=d137babf87&subid=&uid=ef3760c0d628ee2d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCzaPr_jtuZZ6PE_Wp29gPtN0KpuW9oGmdnJynyQ_wLhABINTHmpcBYJWKnYKsB8gBCakCU-muxHclsj6oAwHIA5uEgIAEqgTeAU_QHDHj7f22v8c9P1LgkRZ8_yvCujQpFYbiYOQLldMoMiplRKJV23EDzsle2392PwGo8y8-3fBXoW0cTJahGFLBwmwvi8JibZGVW-6HiDSuOOzKm2v44k4p_A-mkKFOtP_fq43SN4wCAqowiqXGteFAP6M4Y-6IolIefxs2xw-dfkh2z1IAZx6IaDGaOQWXf8CBlovZFSX8EZJOlBSU3_rtRAn89Uw5EymZRjHmM4ubCNQD5GutevRJ7J8huP7aNcjJ_Lmt5sdnSJhgo1cwCiB0-YV3ASwBJ9NNa4l_ysAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljj3avX1PaCA4AKAZgLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNF_sXxCLwJu3EyjrrkJjbuA-aQwF_rfz6z8lIh3uJg1qtfr1frFZZXDas3Jyfzm6ImcLUxEFjGAE%26sig%3DAOD64_2sIeizTZmz6Fm75yymKvfgm7fpzA%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-AXiFg2Qpho1qoJXqPY4E-J-xucFcivO-szAtZPNJ7FKa3D8KTLg7Thj_1zAQijQmsFJ2kWgUMWnGd_GLqqTAu39DNO3MtVuOPpnLbuT67yURTBTxPC3YffdAEpkMGt-PydEhjghjwSYkOhSIODVRGkmAATygDRBgD_6WEmvLD9uUWaepY%26cry%3D1%26dbm_d%3DAKAmf-D6PKeHRCXodFrYuuFMwQrScT4_l6CoLbCaMS8_CDP6dYmJ7exj92IvMfoBJ8b2ycoonGEjIM-TKjPtglpLRFWOA8_SbXpy6g6_SsbWfU9HvaJiKpspsalDw_-TW4WSK4K41w0t_Bw2KMpugCRS3ScCpRla5mrW2WJo2B65zSo3wVfo1pq-YDErCiE2kHW9t8p2UNchLlXyIjRCnCULW6bsaHYriHX79MhCSPF60h9fOR7IzsaDv18UD8ttJDOdxhTqJFLF6-4IogBT9oSl811rjSIN0guss7jPXfTQLZjWdzo9ROumyjt3jZQx0N3xoBpdh7BBjOXPfAwXx3X98fbcIDkaGyUkUXwFPof42tC-Gct8kRUPZx5d7ybGXEQqvBulXKh7XlrkqX3gudb_wvNlXve_JvWBXW_DxzDLpBMPTTCIBUnXTHE1YldMn-soz8zt6VE3ZqaXY0IfM1Y80zNJ8_edF08Ub4uRFlfR9-6Ldo0YP5o9atyO0k6rEMJpVGhZ8kgqY6JrfDlNCstDUg3IpzvDJn3qaBw33wTbFZtagQhk4qw%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2920555573584698%26output%3Dhtml%26h%3D600%26adk%3D1636830882%26adf%3D2917673112%26pi%3Dt.aa~a.1663485022~i.5~rp.4%26w%3D266%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1693404896%26num_ads%3D1%26rafmt%3D1%26armr%3D3%26sem%3Dmc%26pwprc%3D4703721224%26ad_type%3Dtext_image%26format%3D266x600%26url%3Dhttps%253A%252F%252Fgeocult.ru%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rh%3D222%26rw%3D266%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26fa%3D27%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701723134137%26bpp%3D1%26bdt%3D1145%26idt%3D0%26shv%3Dr20231130%26mjsv%3Dm202311280101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C160x600%252C336x280%252C336x280%252C266x600%26nras%3D3%26correlator%3D7395833608473%26frm%3D20%26pv%3D1%26ga_vid%3D1155716277.1701723133%26ga_sid%3D1701723133%26ga_hid%3D1762117947%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D490%26ady%3D2274%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C31079437%252C31079864%252C44807764%252C44808148%252C44808284%252C44809072%252C21065725%26oid%3D2%26pvsid%3D1489682680608387%26tmod%3D522749410%26uas%3D0%26nvt%3D1%26fc%3D1408%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D6%26uci%3Da!6%26btvi%3D4%26fsb%3D1%26dtd%3D5&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fgeocult.ru&random=5868515266887&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
66c647998f275a9db29f45bc3ef1ae80c4ea703c9e6aa2ed17c365535d295271

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2010
Content-Type
text/html; charset=utf-8
Date
Mon, 04 Dec 2023 20:52:15 GMT
Expires
Mon, 04 Dec 2023 20:52:15 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cshow.php
www.awin1.com/ Frame 938C 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=41466100212170504444556012528023&pv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=0&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.218.19 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-218-19.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Dec 2023 20:52:15 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
cshow.php
www.awin1.com/ Frame 938C 		43 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2229232&v=11671&q=344795&r=296283&pref1=41466100212170504444556012528023&pv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=0&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.218.19 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-218-19.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Dec 2023 20:52:16 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 914A 		1 KB
646 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=0&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16445
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 16:18:10 GMT
etag
48472445140208031
expires
Tue, 05 Dec 2023 16:18:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 938C 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3d9a6ed0548b9163c25d6871794e7827fbb069fccfc88a135f20201c71a1ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 45D9 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2598117797321&version=m202309260101&ct=76&x=1&cor=16254659146736032000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 86BB 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1012437837466&version=m202309260101&ct=76&x=1&cor=10040303086560979000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame 62A0 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.10.29.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-29-13.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 04 Dec 2023 20:52:16 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.10.29.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-29-13.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Mon, 04 Dec 2023 20:52:16 GMT
server
nginx
css
fonts.googleapis.com/ Frame 9F7B 		5 KB
755 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900023.redintelligence.net
URL: https://hal900023.redintelligence.net/request_content.php?s=41466100212170504444556012528023&a=6db6d2a3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900023.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 04 Dec 2023 20:52:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 20:25:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Dec 2023 20:52:15 GMT
/
hal9000.redintelligence.net/scale/ Frame 9F7B 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by
Host: hal900023.redintelligence.net
URL: https://hal900023.redintelligence.net/request_content.php?s=41466100212170504444556012528023&a=6db6d2a3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
6f7a63231685fd42c23b12d1ca4876329a1064d83e0b30d61899891c1418c035

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900023.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 20:52:15 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16834
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 9F7B 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/71422/creativesup/1200x627.jpg
Requested by
Host: hal900023.redintelligence.net
URL: https://hal900023.redintelligence.net/request_content.php?s=41466100212170504444556012528023&a=6db6d2a3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
a0c339b35388cbc22f65f4afb50c6fb12ba03529a4c917c5af92f493937ca260

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900023.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 20:52:15 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
20830
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 9F7B 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/46375/creativesup/1200x627.png
Requested by
Host: hal900023.redintelligence.net
URL: https://hal900023.redintelligence.net/request_content.php?s=41466100212170504444556012528023&a=6db6d2a3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e4a5a630a0aa5c7378aef816f722ac416660447bc79aa6fcd7b574d958db3709

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900023.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 20:52:16 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
23279
Vary
Accept-Encoding
Content-Type
image/png
tracking-event
api.webgains.io/ Frame A647 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.10.29.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-29-13.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 04 Dec 2023 20:52:16 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.10.29.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-29-13.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Mon, 04 Dec 2023 20:52:16 GMT
server
nginx
dpixel
cms.quantserve.com/ Frame 914A 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIOX7JthEAm_7niQ3vfIV0Y&google_cver=1&google_push=AXcoOmS6GMHk6yxQW6qh_SouteTu33zSfhqFyZ74dCwOljurZg4cPhESIAXUdntrvKRcppXsuc9nzFi26Rg8fx4CIXXCOgURI-n5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=0&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:16 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 914A
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEBQ3xEovx3gO9O6Tck0MVbo&google_cver=1&google_push=AXcoOmTYKQPYJnSXCqNv1KNKMUjJmbE-2FNoANz6qMoCj2hr5tIHSdtY9IEsa5kIgTjO6rdK3o8D_QYbDWqSYfMFqA6fWZXs7C5SQQ
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A63DC3AE755B4CC8AD201D43CDBD0BB6&google_push=AXcoOmTYKQPYJnSXCqNv1KNKMUjJmbE-2FNoANz6qMoCj2hr5tIHSdtY9IEsa5kIgTjO6rdK3o8D_QYbDWqSYfM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A63DC3AE755B4CC8AD201D43CDBD0BB6&google_push=AXcoOmTYKQPYJnSXCqNv1KNKMUjJmbE-2FNoANz6qMoCj2hr5tIHSdtY9IEsa5kIgTjO6rdK3o8D_QYbDWqSYfMFqA6fWZXs7C5SQQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=0&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 04 Dec 2023 20:52:16 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A63DC3AE755B4CC8AD201D43CDBD0BB6&google_push=AXcoOmTYKQPYJnSXCqNv1KNKMUjJmbE-2FNoANz6qMoCj2hr5tIHSdtY9IEsa5kIgTjO6rdK3o8D_QYbDWqSYfMFqA6fWZXs7C5SQQ
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 03 Dec 2023 20:52:16 GMT
pixel
cm.g.doubleclick.net/ Frame 914A
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEEwOCOI7yYeWpMG6ZAFE880&google_cver=1&google_push=AXcoOmQiQ57wAJuyslcuO2vgUyRxNj-ts_RIgjjRtcoB00BJzKa36vOYkMwWfM_69Ppuz5R9Gq12l8f...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmQiQ57wAJuyslcuO2vgUyRxNj-ts_RIgjjRtcoB00BJzKa36vOYkMwWfM_69Ppuz5R9Gq12l8f5xEQkGKSmD337Cn5ChKnw&google_hm=1rLgNdrCQ6yMAjHdl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmQiQ57wAJuyslcuO2vgUyRxNj-ts_RIgjjRtcoB00BJzKa36vOYkMwWfM_69Ppuz5R9Gq12l8f5xEQkGKSmD337Cn5ChKnw&google_hm=1rLgNdrCQ6yMAjHdlVjRuig
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=0&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:15 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmQiQ57wAJuyslcuO2vgUyRxNj-ts_RIgjjRtcoB00BJzKa36vOYkMwWfM_69Ppuz5R9Gq12l8f5xEQkGKSmD337Cn5ChKnw&google_hm=1rLgNdrCQ6yMAjHdlVjRuig
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame 914A 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEC5Lod52iQvSAhIoRCblic&google_cver=1&google_push=AXcoOmQhDm39wuPgYWJL5FCGPEhrDSHV9zooxghwMYtMAou3HK_ufeA8anJyJCq-Yb2dIUQiiThCfjkKbXP12fE0Fe5Gxe1Z0EJGlA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=0&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.96.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-96-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
sync
x.bidswitch.net/ Frame 914A 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEEC5Lod52iQvSAhIoRCblic&google_cver=1&google_push=AXcoOmRRVIncieWi46ZF3fWEfz33V9ADPkCvwS7XK2xUYf2E3wJE3twFFPRwFZmUWx44kr9rJaGjMx_GxV6ZrzbIOd8X3oPWjOOX
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=0&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.96.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-96-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
usersync.aspx
dis.criteo.com/dis/ Frame 914A 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSWzilmEKQLOrjLp1irzcr5HRbt-qGB_CkVPUYoCpBhIB8V5kb4W2iakB29Mveo2jvETV_CJH-LP_H6mZYYK0A97Fb_PvsYtQ&google_gid=CAESELMVvJXTyg1prBe2ppEVYls&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=0&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:15 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
220053
expires
Mon, 04 Dec 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 914A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEM68qmm-Jj1TMRHDRj25Oyw&google_cver=1&google_push=AXcoOmQzblZ5lKSuncSKezcUnL1dQG63JADm60vU-u7bd8FE8Nad7PtDko1yO1_BmsY-QklBifiLY_Du...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU2ODI2MTM2MDE3MTc5MDg4NQ&google_push=AXcoOmQzblZ5lKSuncSKezcUnL1dQG63JADm60vU-u7bd8FE8Nad7PtDko1yO1_BmsY-QklBifiLY_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU2ODI2MTM2MDE3MTc5MDg4NQ&google_push=AXcoOmQzblZ5lKSuncSKezcUnL1dQG63JADm60vU-u7bd8FE8Nad7PtDko1yO1_BmsY-QklBifiLY_DukjAxD91EUtcmYCeBb2e7
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=0&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU2ODI2MTM2MDE3MTc5MDg4NQ&google_push=AXcoOmQzblZ5lKSuncSKezcUnL1dQG63JADm60vU-u7bd8FE8Nad7PtDko1yO1_BmsY-QklBifiLY_DukjAxD91EUtcmYCeBb2e7
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 914A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I29zAIGV-9MlThHefy3YHSVQYorXmMAMlpWTSxnVc1A81Azz6N2EKeDwNDN2APPBJbmahM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723134137&bpp=1&bdt=1145&idt=0&shv=r20231130&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=7395833608473&frm=20&pv=1&ga_vid=1155716277.1701723133&ga_sid=1701723133&ga_hid=1762117947&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079437%2C31079864%2C44807764%2C44808148%2C44808284%2C44809072%2C21065725&oid=2&pvsid=1489682680608387&tmod=522749410&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:16 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
viewability
hal900023.redintelligence.net/ Frame 9F7B 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900023.redintelligence.net/viewability?s=41466100212170504444556012528023&a=554daac1&vb=m
Requested by
Host: hal900023.redintelligence.net
URL: https://hal900023.redintelligence.net/request_content.php?s=41466100212170504444556012528023&a=6db6d2a3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900023.redintelligence.net/request_content.php?s=41466100212170504444556012528023&a=6db6d2a3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 20:52:16 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
dc_pre=CPj0l9jU9oIDFfvMOwIdvlkJeA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7356166673688.367
adservice.google.com/ddm/fls/z/ Frame 64EE 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPj0l9jU9oIDFfvMOwIdvlkJeA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7356166673688.367
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CPj0l9jU9oIDFfvMOwIdvlkJeA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7356166673688.367?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 9F7B 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900023.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 20:50:19 GMT
x-content-type-options
nosniff
age
259317
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 20:50:19 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 9F7B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900023.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:37:52 GMT
x-content-type-options
nosniff
age
4464
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Dec 2024 19:37:52 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231130&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2920555573584698&plah=geocult.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84e8db013ac4e73a91129a97a7b71904591adfb63d127b220b96f5cf202d2717
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12156
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2920555573584698&plah=geocult.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Dec 2023 20:52:16 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F6A9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geocult.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
10868
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 17:51:08 GMT
expires
Tue, 03 Dec 2024 17:51:08 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5983 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fcbfc7277cfd5027f95bc026ec577746532014a5b5580a5f8766cf34c4ad5715
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-J3k4mWnOtogMcZ0Hzzm60Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://geocult.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-J3k4mWnOtogMcZ0Hzzm60Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 20:52:16 GMT
expires
Mon, 04 Dec 2023 20:52:16 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 62A0 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8392038703981&version=m202309260101&ct=77&x=1&cor=13354838633563513000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A647 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5789754226604&version=m202309260101&ct=77&x=1&cor=3860321303814935000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame F6A9 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 10:24:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
37664
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Dec 2024 10:24:32 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5983 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231130&jk=1489682680608387&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame F6A9 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?foxvvA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:52:16 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dt
dt.adsafeprotected.com/ Frame 86BB 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=b305f1dc-a70a-eb8f-e8a8-c94db8c1fc08&tv=%7Bc:vRPuJo,pingTime:1,time:2043,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:14%7D,%7Bpiv:100,vs:i,r:,t:1042%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1042,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1038~0,0~100%5D,as:%5B1038~300.250%5D%7D%7D,%7Bsl:i,t:1042,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:152,fm:tXvqQFl+11%7C12%7C13%7C141%7C151*.1627455-73523864%7C1511%7C1512%7C1513%7C161%7C17%7C18%7C191.1627455-73523880%7C1911,idMap:151*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:15,sis:88%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:ab5:5950:5df:f61e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:16 GMT
server
nginx
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 86BB 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=b305f1dc-a70a-eb8f-e8a8-c94db8c1fc08&tv=%7Bc:vRPuJo,pingTime:1,time:2043,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:14%7D,%7Bpiv:100,vs:i,r:,t:1042%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1042,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1038~0,0~100%5D,as:%5B1038~300.250%5D%7D%7D,%7Bsl:i,t:1042,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:152,fm:tXvqQFl+11%7C12%7C13%7C141%7C151*.1627455-73523864%7C1511%7C1512%7C1513%7C161%7C17%7C18%7C191.1627455-73523880%7C1911,idMap:151*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:15,sis:88%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:ab5:5950:5df:f61e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:16 GMT
server
nginx
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231130&jk=1489682680608387&bg=!SUqlSgXNAAY3kmNgF5I7ADQBe5WfOHiQ34lGL4-cQMlLS3ve_IpcPvfteyXTAY3pFJRyenEVNwDuMs7h2Tm0ZOFt53dNAgAAADBSAAAAAmgBBwoAwxKgD7abZV25-U7-5C4IpNE3F49tyhb34YBaK4rWlLHFx_PytsEmnmsB8KFjobtDk82zbwjofgTOjOBfFTEueZS0CyCbM2kQ7GCUXYcL8jpENd7p4nwb1friXoqwECD14Sl98DGwreevSVLEwtAEjyiIwyeTZi_6SA_W2pIEQXzqem7sKYzjMnS_vAEKGvqTAZEViVVIK79vaqGE-x40aRx19OgSaNMn15QcClkMkRzGe4Bw3qUfrDfgNfg3IhLo2qdM3ZkCuW-EM-f5l_lR1McIjn6CxoZ1XTjfc_xKOgR_tpkzQOC1kdJ32Z4JGzOcrx9bHArM8QKKbCpbtZ6FuN26zKZs5QxhLaOyJH0zuw-F1JLxJKr8S0aAfnD5Dp4QedlCApfAhPqjnWiyi6pvR1MpxiIsqhmwoH6O4DDE8UaGuolN0vluljxCdB4XOBC5zJDfko0LkvLJ7C6ku4ik2JI1tZ44_oisFUj790fr90MZudwFuevNlgmLtG6UQUd0dxp-crakfpxrXQV_KnrWqfYNaxrpEXmSPRwykFwwJVvDbq4ZRl-pu6kWOtqM5pw81iiQeq5YPBwEPGvbB6Kd0GzQUty23oBA4af0QSz_OWABe8T_aF7FSx5mdENd7GubX0CdIbwUG9DE_Mibd18qjMSda2O4aVtU9Zprf9XbYlJMaKuGceOG0PwtmikQSvO4sXfko1vuuxD_Pp9PW0ENMUJS433oBNwp1napaU_qHA5mkhbtjTXx5gHErwR5p9ZzFlP7TcntQYn9hbyRTE5KOzrdsM8Fi6J3mmE0q2jJQQZgk8dXlXDlrnDFFQysFEhfuJc6DcUbvJtYauRba2bUI5uzC-oXLSivDWlwHOIuzir60VNDLYIBpInW-xshWYuB4cJcSDuZMYQC3sZW7peINpktUsKjnnQwcQTgcD0LDFUbzEECA9b4-_HH3Bm38eMyQmrLNopmHxlapPWUcaI0yJZDGVZYsJfWYVvFToEqbpeXyyNzoKSNdxV7GhPTNU2Xgkwjt5teoyhPX2kSChh_LCk0U9RdCo3Phlux5_c-gtt6UQCK2TekIokRjefVv65Kn-uQaUESHZEG_eL9O6QYAkRAR4ZItJtELOLEKL5V4vAFKuKG6LXW74PGLvkaclABjHNZJ_3w_vd5Z81cu0Yk3UXwGrHYdPwpGzFwzTQzIkk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geocult.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 938C 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9171605355764&version=m202309260101&ct=77&x=1&cor=6808852182853841000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 45D9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=9682b360-9180-05a3-b4b4-90b7fca0347f&tv=%7Bc:vRPuWl,pingTime:1,time:2662,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:16%7D,%7Bpiv:100,vs:i,r:,t:1656%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1006,o:1656,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1652~0,0~100%5D,as:%5B1652~728.90%5D%7D%7D,%7Bsl:i,t:1656,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1006~100%5D,as:%5B1006~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:203,fm:tXvqQFl+11%7C12%7C13%7C141%7C142%7C151.1627455-73523864%7C1511%7C1512%7C1513%7C1514%7C161%7C1621%7C17%7C18%7C191*.1627455-73523880%7C1911%7C1912%7C1913,idMap:191*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:17,sis:123%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:ab5:5950:5df:f61e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:17 GMT
server
nginx
x-server-name
dt32.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 45D9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=9682b360-9180-05a3-b4b4-90b7fca0347f&tv=%7Bc:vRPuWl,pingTime:1,time:2662,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:16%7D,%7Bpiv:100,vs:i,r:,t:1656%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1006,o:1656,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1652~0,0~100%5D,as:%5B1652~728.90%5D%7D%7D,%7Bsl:i,t:1656,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1006~100%5D,as:%5B1006~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:203,fm:tXvqQFl+11%7C12%7C13%7C141%7C142%7C151.1627455-73523864%7C1511%7C1512%7C1513%7C1514%7C161%7C1621%7C17%7C18%7C191*.1627455-73523880%7C1911%7C1912%7C1913,idMap:191*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:17,sis:123%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:ab5:5950:5df:f61e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 20:52:17 GMT
server
nginx
x-server-name
dt33.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBqB_pxpAHbmkAUrcq5LoGI&google_cver=1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| documentPictureInPicture object| adsbygoogle function| Sharer undefined| $ function| jQuery function| _DumpException object| default_tr object| _F_toggles string| MSG_TRANSLATE string| MSG_CANCEL string| MSG_CLOSE function| MSGFUNC_PAGE_TRANSLATED_TO function| MSGFUNC_TRANSLATED_TO string| MSG_GENERAL_ERROR string| MSG_LEARN_MORE function| MSGFUNC_POWERED_BY string| MSG_TRANSLATE_PRODUCT_NAME string| MSG_TRANSLATION_IN_PROGRESS function| MSGFUNC_TRANSLATE_PAGE_TO function| MSGFUNC_VIEW_PAGE_IN string| MSG_RESTORE string| MSG_SSL_INFO_LOCAL_FILE string| MSG_SSL_INFO_SECURE_PAGE string| MSG_SSL_INFO_INTRANET_PAGE string| MSG_SELECT_LANGUAGE function| MSGFUNC_TURN_OFF_TRANSLATION function| MSGFUNC_TURN_OFF_FOR string| MSG_ALWAYS_HIDE_AUTO_POPUP_BANNER string| MSG_ORIGINAL_TEXT string| MSG_FILL_SUGGESTION string| MSG_SUBMIT_SUGGESTION string| MSG_SHOW_TRANSLATE_ALL string| MSG_SHOW_RESTORE_ALL string| MSG_SHOW_CANCEL_ALL string| MSG_TRANSLATE_TO_MY_LANGUAGE function| MSGFUNC_TRANSLATE_EVERYTHING_TO string| MSG_SHOW_ORIGINAL_LANGUAGES string| MSG_OPTIONS string| MSG_TURN_OFF_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_SUGGESTION string| MSG_ALT_ACTIVITY_HELPER_TEXT string| MSG_USE_ALTERNATIVES string| MSG_DRAG_TIP string| MSG_CLICK_FOR_ALT string| MSG_DRAG_INSTUCTIONS string| MSG_SUGGESTION_SUBMITTED string| MSG_MANAGE_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_AND_CONTRIBUTE_ACTIVITY_HELPER_TEXT string| MSG_ORIGINAL_TEXT_NO_COLON string| MSG_LANGUAGE_UNSUPPORTED string| MSG_LANGUAGE_TRANSLATE_WIDGET string| MSG_RATE_THIS_TRANSLATION string| MSG_FEEDBACK_USAGE_FOR_IMPROVEMENT string| MSG_FEEDBACK_SATISFIED_LABEL string| MSG_FEEDBACK_DISSATISFIED_LABEL string| MSG_TRANSLATION_NO_COLON function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google function| googleTranslateElementInit function| $jgeo string| GoogleAnalyticsObject function| ga object| addComment object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data boolean| google_plmetrics object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| gaplugins object| gaGlobal object| gaData object| closure_lm_50706 object| dataLayer object| google_tag_manager object| googletag function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| GoogleGcLKhOms object| google_image_requests

37 Cookies

Domain/Path Name / Value
.geocult.ru/ Name: _ga
Value: GA1.2.1155716277.1701723133
.geocult.ru/ Name: _gid
Value: GA1.2.808812387.1701723133
.geocult.ru/ Name: _gat
Value: 1
.geocult.ru/ Name: _ga_DHBZR6TRD0
Value: GS1.2.1701723133.1.0.1701723133.60.0.0
.yadro.ru/ Name: FTID
Value: 1bRZlz3XhBOh1bRZlz002Qle
.yadro.ru/ Name: VID
Value: 0TAYiL0nNlOh1bRZlz002Qm9
.doubleclick.net/ Name: IDE
Value: AHWqTUlZ0O_DrhIvpVdPwjqju0oemHDpqs5RJJNpDxYcnOEuckcLH0NgFercxsD3
.casalemedia.com/ Name: CMID
Value: ZW47-ujhnj3yp09FnQIP2gAA
.casalemedia.com/ Name: CMPS
Value: 1204
.casalemedia.com/ Name: CMPRO
Value: 1204
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In8wTwa=!]tbPl1M>e)ZlrFUfJ+tGXxoi>nOVFC`zu7b!8rC_BS[$V>knKX^WB57)(`_3If)y3KL9D3I?-Npsrs4
.adnxs.com/ Name: uuid2
Value: 527786552523201435
.geocult.ru/ Name: __gads
Value: ID=c581b4dd396f0df3:T=1701723133:RT=1701723133:S=ALNI_MbbOtYHaNk60RTT3wPB2_W-wCyhsw
.geocult.ru/ Name: __gpi
Value: UID=00000d0ae2621b5a:T=1701723133:RT=1701723133:S=ALNI_MZwenRyaOxHoBJe4No7yO_FiazRFQ
.doubleclick.net/ Name: APC
Value: AfxxVi4XyUK5ZqA_SEEM3qXC7FCoHjQgRBG_oJtZ1_nJV7Sh6Ov0Ew
.doubleclick.net/ Name: ar_debug
Value: 1
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: e34c6d2642ec0f0c
.retailads.net/ Name: ppb2172
Value: 3363925632
.futalis.de/ Name: raSIDb
Value: 3363925631
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1701723134828,"clickCookie":false}}
.simpli.fi/ Name: suid
Value: A63DC3AE755B4CC8AD201D43CDBD0BB6
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 6568261360171790885
m.exactag.com/ Name: exactag_new_gk
Value: 52a358a6f9fe42aeafc46680526fc620%7C02.02.2024%2020%3A52%3A15
m.exactag.com/ Name: exactag_new_uk
Value: e8669eae1a68495c91c550b582bce0c5%7c
m.exactag.com/ Name: session_session
Value: 4e8766d63afe4fbbbf81181c
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZW47-wAEdgQMWwAM
.turn.com/ Name: uid
Value: 9011972375021510733
.awin1.com/ Name: awpv11601
Value: 113440|1701723135|01c34860-92e7-11ee-8822-2230790559d7
.awin1.com/ Name: awpv11671
Value: 296283|1701723135|01c3e4a0-92e7-11ee-a3ae-223050cf75aa
.awin1.com/ Name: awpv14051
Value: 296283|1701723135|01c32150-92e7-11ee-a3ae-223050cf75aa
.awin1.com/ Name: AWSESS
Value: 365935:2413240
.ctnsnet.com/ Name: gid_CAESEEwOCOI7yYeWpMG6ZAFE880
Value: 1
.ctnsnet.com/ Name: cid_d6b2e035dac243ac8c0231dd9558d1ba
Value: 1
.quantserve.com/ Name: d
Value: EHgBCQHKKoEA
.quantserve.com/ Name: mc
Value: 656e3c00-1544f-6f020-d64a9
www.mietwagen-check.de/ Name: TrafxSrce
Value: awin-view

2 Console Messages

Source Level URL
Text
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBqB_pxpAHbmkAUrcq5LoGI&google_cver=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
8019191.fls.doubleclick.net
ad.doubleclick.net
ad.turn.com
adservice.google.com
adv.office-partner.de
analytics.webgains.io
api.webgains.io
c1.adform.net
cdn.retailads.net
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
counter.yadro.ru
dis.criteo.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
fw.adsafeprotected.com
geocult.ru
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900012.redintelligence.net
hal900023.redintelligence.net
hal900026.redintelligence.net
ib.adnxs.com
ipac.ctnsnet.com
m.exactag.com
match.adsrvr.org
pagead2.googlesyndication.com
pv.medialead.de
r.turn.com
region1.analytics.google.com
rtb-csync.smartadserver.com
s0.2mdn.net
static.adsafeprotected.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
sync.teads.tv
tpc.googlesyndication.com
track.webgains.com
translate.google.com
translate.googleapis.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.awin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.mietwagen-check.de
x.bidswitch.net
sync.search.spotxchange.com
138.201.63.157
138.201.84.244
142.250.185.194
142.250.186.130
15.197.193.217
151.101.66.49
172.217.16.134
178.250.1.9
18.66.147.98
185.182.111.117
2.19.104.4
2001:4860:4802:32::178
2001:4860:4802:32::36
216.58.206.38
23.212.218.19
2600:1f18:1aca:4280:ab5:5950:5df:f61e
2600:9000:223f:9e00:8:48e:53c0:93a1
2606:4700:4400::6812:249b
2606:4700::6811:190e
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:802::2002
2a00:1450:4001:80e::2006
2a00:1450:4001:812::200a
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2004
2a00:1450:4001:828::2003
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c02::9d
2a01:4f8:d0a:2321::2
2a0b:4d07:101::1
3.10.29.13
3.75.62.37
35.177.52.174
35.186.193.173
35.186.205.189
35.204.74.118
35.244.159.8
37.157.6.243
37.252.171.149
46.228.164.11
49.12.16.151
5.135.209.104
52.212.68.218
52.57.96.192
78.46.23.46
85.14.248.91
88.212.201.204
91.121.248.44
94.130.102.164
99.86.4.52
01bd238ad9742675260d4d3a5fef5b988ff74439b26a18aa0f98a48a694b07ed
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
04dff075b0c9befeaec0105bc4f7e21a284f402f0f3425896f90963c888d7f1d
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
0b2716debc3fe9d5e2db29e3f9373859999b111c5ca86c22cee43f0c8094d533
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d43d9f15c54f63334de8305be7fabb614396c5e190a0756a417483ba9c61631
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1162f2ec71eb82147a7e6a6f558b88982bb78ad2fa812c1c52020f5b7bd1bd85
1479783c7b49a2bbde9ea12d6b9abb4d552311fad5ea3d1194a866c82ddf7d54
1537d4a7693f4840ad5484b03df34b08d0ed049696dd470ef07b55e1668d90a5
15b54442a2ae0ea45d12e48a7a066274f8e4779b5abebb7fa63f8de7e4cb939e
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
17389d2b816cd42930191c00df09c08669c18038ce38085452fc224228bfd2ab
178d21ba92f7134c1b38490946eadd0bddbf07248aa9e132d1ff30ddf735a62a
19dc5f765d51f715497f0eadd0dede8eaa5ee17447a22db60538f60ca7c0a01d
1a4b71acc013b49315ff300c03f7163618bb6f1cc0408d710e11f97b255f9255
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30
1b5cacbcb3ed26dea073da7f91b0d9cf6e2936380d7101496d1bdd8da2625599
1cb3f0ad4f6b1cc587a2e0d16f7c71a298a67fd445dd9ed2ca370cb831ecc02e
21f14e408c57d0c0c9a833c314df5ff7f7695f054253d9eb2ce123ba0f2ac049
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
24d3f7c545ffb8d31d407b24b2c130774fae929ec9a92d6fe92f42608c858372
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
281bdb69ef6f2abc92abda9b18117ebbf50e9add63b183b2d9bc3fe3afbb3011
2840904dbbe515a2adc59ce4c4d4805ede987425bcacb644b279701f2e727227
2b67702d4e78a4b6d5981a50298b0989dea48fc7d95b5e593dfafbe96cdbb309
2baa2ebe463ced52f500118a25caa59f75536f3a49a36ae911ff5c37e1265669
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e3479d14727cf6b6581add352dad3c9fb8a89b1586d49dc0e606249e7abe437
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
36c7b56d7df17e27614b04230c5fc1793653b20a1fd66fb9311f5df573c0f617
36d2279d6bdfd42765a2b279a36a44b84a1d2d849d0872004fe8c6e3fee1b774
372360f6d3fa2133dfbf08ba93b3b55985785cb74106d75839618b7d273dd3c6
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3b3c66d6f6711dcb00f5ca69f10cc2e996c38c6c90facc8da13bbc88827433ca
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
41e8f29b28c908a3e09da0cdfc54be6adeef57c3ac6dbf393416e84e4d2c420b
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
436d9fdefdf3800e7aa8d543d79138dafd6a5fa95340a6d9df9515a99d6a243f
43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c
462c848b90fb9d8f3599f4654813e4382222a6fd506a48158a01bc2eab95b357
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4df9a54c7b5b871fcf94bc14dd604fa1e908459af33121868779330f5ef0e0c2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
504888843603ae4bc4f3d01860a3bd5c2ae6fe535fb3411aefd463879939ab22
5070152299c3d5a3ed255352b18e10649460f1e436363d4394e0f7d0acdb48de
507a74eb21e9a16396d226f31f5e25345a8208db821d9fc5798284c38bec5e1b
50b78ad8578885f34aa7fa589dcd10075c466504e11467dd8a3ceed303ef4cb8
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
528b3762e36893c9075ebbb38655afaa02aecbd106aefc59881bd879ffeba9c8
539cc993691ac34295a0b8e0b720aa3db63a2e80c78d49e1c4c4132bb4a5dc09
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5619bbcc0008a48d3ced0397de028017507d7028d98daf1eff77e472703292aa
563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1
57fa232a003b023f9ee9ab9ca6f9d33569fc7cca884bf9b1ba464cc42df6ed79
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5942cf3294f46a9640870809b055e78887d7b48cc1e31a153d9c3b5dd7ef674b
598fdd64b2840e6dadd76194ca8af798976a079a2742c967a135da24d40af2d2
59f264444dd0f43a143ef1fb592ae97628432b5f5ce0e5225fb42aa3da0a09cc
5e7ef5ef8582671b083278bf8f81e640b0f839f3ed0c336c4a96eb7e8b6c4aca
608c7e96914ee8dea1cc0bbd2eee01f5f6d0b03521cebbc6116a7ba5940043cb
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
635621f3c6fe7abdbc6c52ffba448851479cb3411acd860b929895ce0f4d8b48
668252abb09b70642638a85544b62098dad1e03b79f534ee177e6d1ebb08c295
66c647998f275a9db29f45bc3ef1ae80c4ea703c9e6aa2ed17c365535d295271
686ae72c2db3b4c24f165cb61670e9d5c8d06e9b27f09b24b0468d10f5e4cd54
68b34a28617137221b76b93546359bf577aea1d6b3aadbd65b40e8bbdae7dd0f
69e1767c60e702480b7a4604f7a71a344e3e03caa6e21f6a352a9f63908dc500
6b9153e1d790a2ede67f1eefb26aa56e22e05c73a3857e47764161ce34c09961
6f7a63231685fd42c23b12d1ca4876329a1064d83e0b30d61899891c1418c035
70ac4d73c458cefd75935c0ff60c51f4214a0e5ada3fd33690d8c253d6916241
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
72c786a14cc7a7c3831a33e49e63e54beddc81f6c50cc00149b29e0844aec2af
739541315616a3864a6652055b89e3abe03ed98b747b67fbf18a1572333b70a4
7603ce8a9a01c12a4e8f47210006833fd6f0f9915f3de8d624092baed19b9b9e
7888919ea360ee984df170d1b7c257532421cade6227511f28876561a8a36003
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7d60255211b63ebd7ab57221ffe52ae073eab1c1c3a93c48df42b224e7f7c527
7f19ae9bb101dd570a0185dff160119b41e1e33b07ac6f93ce87d40f82f5e025
7f7616de5eaa827c590a122696f1cb364bb3b59483a2c2d84edd6b820ae2a534
815c4d0cf5937e27877ee3d17fb373dabb5b4cfa45a87636ad24f71bf59345db
81c36793e302599d9ea1cd8e65a6dc3bcae1ebd0803140fc05c41a6f3ca67fb1
827e457fa48d082a665ac297ddeda3a27d9d824ea276dc63e35cba3d1278c9db
83fef62511d4754a257551bd24d92efdeeb31c2886d07de22e9e947942233f6f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e8db013ac4e73a91129a97a7b71904591adfb63d127b220b96f5cf202d2717
8833293f6762feb57c976e996042e2dcf201b282c034504008e2bf0a98dd3527
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b05625742e37f242707bde42df16ce7b828cc94f93238332f02624415d6c01f
8bb76af1be9c401ef3da16e31401b74f7cb0627154925d8c9fa308fba2e1413c
8bb76b6ed760de97f8a40e71c79ce9704e965bb287761bd81fb2fb021b8609c5
8d674b28f8c316180a29763d4d735629198158a03a780fb691025830bae98b30
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e483f5b5ac1b2ef3a28ccc7f8f7ab82cd8a56cb1e9c06294bf90b3020ccfe47
914dcb400670688bb8de60c955cce8afce0838c2fa2ad297b4bd4b34ec908ed0
968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd
9849e5d65c6bad9d7a0b1494d331954383f684ad1d307c06f3fa49a8504e7b68
992f94f905118b8960ff39ecea7dcec52afbb5b2a484b14cd817844ba03d7eab
99c8385d0b72ea7e0cc07d26dfd06ab32e5a800fc44b5cfe2774ee22fa6ffd79
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b2ab5a69ba824f6a720793b0e619d71d05df4e554a268d785e0771f5e1e6485
9d3c1741dfcafd07b3a753b9bf4b7f73ed5691119a22e6acaf4183c7ee8529ac
9da58863c2d4a7e1f3c71a9a498588e7b74c3bf65fb97ddd126f1564fa7f9f02
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0c339b35388cbc22f65f4afb50c6fb12ba03529a4c917c5af92f493937ca260
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a55f386367cbcc30390435806075251b8ef4afb086409bc8e301558223398245
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a72990ce8413aceedbfbf2f1d7ca2231c726b29a4ab1ddbca32b45ad685b4e26
a84f5718bcfaa18fbf0bc06b2fb8989141e7ef299b1a4793bd1082b48ce74cc2
aad870057003cbb9958374f555a06fb47dab183a03018ac1d1e88bffd1ded096
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
ab5e4522fcb14cc9d29811d6822c7ebaa09f3c44e34545a244d3f08f0800c97a
ab79cae3c061bd624328bcb48fca50cd82a03db6290a6d6f895f7d020c1c1832
ace6c1d1cccc4686d29e81c0821be209d2e2d8b7ba44ee24649a698a5230f6ff
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b228053c9827d7a19943cda73e3115fe8e04d6672ea7cea90848bd0bbf467688
b2d5b487d37e9db312f0e1e2257bac8b1c6c8ffa2347af04d660018a2ff5bd45
b3a0f64ab4b13062d566a8bf5b0a0c8721608f700309a767e8b068a73d8e4130
b3e78f926d72745db8487ed135b40d9df8668e15725bb87b2637710c37af0702
b40e6f42c99d9f0d49106ac74c4aa344f2223cfb246896f462e4c353b88dd2a0
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
b809679e09b6ad69022b180aba69a59e3397eb86b4fa6c96b0d0dd0df1b7bdf0
b87216debe85ffb5d5f3f938c1c2cfed568d6736fd9bd06d64d85711ea5c8802
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
bce1d7a0b7fe8a827d87304ee89e4b53f453c92613a3ef2a67f23f6cc9a0d04c
be91c72c97adfae4e70b223c2f23ffd07eaf26d315a53bb66134b11dc40bb661
bf034bf23b2ac25be652487c79584810bbe24bb762d8643f0dc2248e9ac8d2c1
bf808e2a55ef3a7ce795e28193bdb130b441b2859bd3eab5120daed9d931e21c
c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682
c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588
c3477a72ef1db732762ffb13ba55d7df867b64c2abf5f88a1fdff29e6dbe374d
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c4f459274e378b71dae7cd9514f4c3020545081e0de18560311a5aabf98f85b9
c5ea3f4a8da8e18119e90b4b56b84f19f0494ae176dcee9a78c4c965acdecb0b
c76762b6b5695ab0c2c3688f5f0b4932911daa89e9a905ad866e853dd00020ae
c859173194c9f1b9585646e65239ca039b93577e65ac707bf0d21529926c72eb
c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf
c9092cfaa24952291b22481bfa4e399483260fc6fb162a6b942fed3ff42d76f0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca4c3ad9639830e6f8f8e29775549fc24fcab33b4eeec7ae77da27c5c9e6bc80
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
ce2b61e64a17f1488f20bafee5aa20a8d8ec897b990f709634f5bd1cc620e6b0
ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1
ceae381ecbf5ea0d6e5f6977b195b7eae7d9167dd575f1983b07829838e20632
cf940bd2489897434455528323cf66c4e3aecd5eea963f1d99d96acd452d6dd4
d04da184f20eec8ec53c73f71b04f6eb462b391c982ca722500bb5abfb31cd20
d0a7940c5739597d973e2bb019d3e3cc8b5e8747e607982ebdbd4890f4288f3c
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1990304af8e7c0bad353d62eb6d5968ae9a83c2a4863d62fda039e5a9df60f0
d1feb54f2339859c3595bd26343b468bad05a7a11c0a5a9d86084c56e3a885ed
d371219cab55549df0dc40dfb5a92d8d4be8b8ed24ab44d4c003fdb8b580cd56
d3d89aa5cc7dbbdea39f3111b7460d064d7663ea92b04e79df0b39ef2e63b196
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
d752f92d971a6a3afd2a903855c7726ba385cf2ec11757e1fd694dbd661c45ef
d9b90d582c960458aef7a61a894bffb8c326910023e6be747b954cc8737986ff
daf927d970143656739c9b917412ba171dae6e997b8dfe53263effae772d1b69
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
dc938f914a45d9704b821d83ed0ac1360240d3ac62d7c60878288c3c67279bc3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df5f8f98ec7bd0263bb4dabff07ecf507a535c2c39a5e391e03e7ea124baa321
e15abec209b8bdd2d3bde5c86cff91bb6b4056ea34702be64231728637da3e7f
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3df018cd61d671d60bd4a1cae119f8fcf1e58e47a62a4ae80c6b8100d868dbc
e4a5a630a0aa5c7378aef816f722ac416660447bc79aa6fcd7b574d958db3709
e5c38206fb5f268a1a1d4dac28d435e124a9564bb4fb9cd1e542b6813dfd3852
e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9
e6e4ae30d0e1fe5bfda2cdf9a430e4d2da17e5706b0011bf909b312814bcbd1e
e74a84c9d52e2ef23512423d7e15031fc8644b0b800b89e82ad9abe3ad8b8912
e7553072b1cf23279a2ea3f5b0c4e2a41b40e3653f942a1c7f350828e813b931
e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b
e86c41aba2a70f6e263fbe0c13257e5b4d36b0ba6ae34d86098013f7087441ba
eafb3e8e7ff731d4419a9683e280433e06a513e872f309333c0909890156bcdf
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec29871f7a6e470e699f7eb7a722c49ceffe8ebb682308c7279053da037d71d5
ec4840b5e373feeae1a57fd926d937285246bd4437db4b08e0b99ccf611f1775
ecd36d599952e673b28e83bc0118150c51ecd1c3f9ab910a7e6016af70b6ffd8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2d27ec07598049af75b5252143a57fd29957203c5293b6f2321ac38efb629c5
f3b0f8c0e4b3c1361b83f23c8be4c210b34b0608469f40cbf9680a100a8e6303
f3d9a6ed0548b9163c25d6871794e7827fbb069fccfc88a135f20201c71a1ffd
f430ad6611692180cc5bfba88afb989ac5cde063c2e929a28026be4c2c3e9f45
f57f122f28d77ef20ecdbb8b53626b220d8b39e6f3489d070e292565a058b98d
f69f24da425eac9ecd7ba5e9a956ee643849921ec5672a9a961e309c60a1feda
f6ad0bb22543bc743cc819d16bae00b85f9ecd930ebea298714707b285050bf8
f7490b1fd41c1a44d34ac47646e4c7d140fa03fd1aebaaa4d214c136a748b504
f85141cce352bb5ef7d8b455e813f6baf1b322f047b24d280823ac0590173dd4
f97ff7af18b6fca33d99a223aaddee96afb3ddd73c2368a39acc15ff53b91c2b
f9b2b62632d02dd438da5c717fcedbe7babf3420940398db1778d5b19d342f5b
fa523f248a332cb89ae3ad8cf51d840153e0f96bcc2a4c8db736e02a340dab48
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
fc757f9ba6603eb9913106a4cd83c7a7c0a8a4f845a0aceb1103606bc324ad00
fcbfc7277cfd5027f95bc026ec577746532014a5b5580a5f8766cf34c4ad5715
fd99a285d81a12f549b741db9604416a669e2ee8accf00cd40c0b0344e9ba63f
feb4375e1bb474eaf30eee0783897ecbc3fc831b627175758c7061ed4ea3fecb