geocult.ru Open in urlscan Pro
185.182.111.117 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://geocult.ru/
Effective URL:
https://geocult.ru/
Submission: On December 03 via api (December 3rd 2023, 6:38:05 pm UTC) from US — Scanned from DE

Summary HTTP 283 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 52 IPs in 10 countries across 42 domains to perform 283 HTTP transactions. The main IP is 185.182.111.117, located in Russian Federation and belongs to AS-REG, RU. The main domain is geocult.ru.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on June 24th 2023. Valid for: a year.

This is the only time geocult.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 67	185.182.111.117 185.182.111.117	197695 (AS-REG) (AS-REG)
45	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1 18	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
2	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
8 19	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
4 8	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
1 7	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
8	144.76.104.53 144.76.104.53	24940 (HETZNER-AS) (HETZNER-AS)
1 4	78.46.111.106 78.46.111.106	24940 (HETZNER-AS) (HETZNER-AS)
2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	23.43.61.33 23.43.61.33	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	3.11.198.160 3.11.198.160	16509 (AMAZON-02) (AMAZON-02)
2 4	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
3	23.212.218.19 23.212.218.19	16625 (AKAMAI-AS) (AKAMAI-AS)
3	178.63.52.121 178.63.52.121	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
1	167.233.14.134 167.233.14.134	24940 (HETZNER-AS) (HETZNER-AS)
1	108.157.4.75 108.157.4.75	16509 (AMAZON-02) (AMAZON-02)
1	18.154.63.57 18.154.63.57	16509 (AMAZON-02) (AMAZON-02)
2	5.9.137.78 5.9.137.78	24940 (HETZNER-AS) (HETZNER-AS)
11	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:21::1690	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	52.29.230.13 52.29.230.13	16509 (AMAZON-02) (AMAZON-02)
2 4	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	2a05:d018:d29... 2a05:d018:d29:3601:11b1:8ae0:b180:1e1	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
13	192.229.233.6 192.229.233.6	15133 (EDGECAST) (EDGECAST)
1	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	85.14.248.91 85.14.248.91	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:9449:420b:1a77:b906	16509 (AMAZON-02) (AMAZON-02)
1 1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
3	46.4.76.120 46.4.76.120	24940 (HETZNER-AS) (HETZNER-AS)
2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2	35.177.10.97 35.177.10.97	16509 (AMAZON-02) (AMAZON-02)
283	52

67 185.182.111.117 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)
PTR: geocult.ru

geocult.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 216.58.206.34 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.64.151.101 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.244 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 144.76.104.53 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.53.104.76.144.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 78.46.111.106 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.106.111.46.78.clients.your-server.de

hal900027.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.43.61.33 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-43-61-33.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France) 1 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.11.198.160 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-198-160.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.70 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.212.218.19 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-218-19.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.63.52.121 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.121.52.63.178.clients.your-server.de

hal900020.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.14.134 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-2.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-75.dus51.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.154.63.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-63-57.dus51.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.9.137.78 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.78.137.9.5.clients.your-server.de

ads.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:21::1690 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.230.13 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-230-13.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:19ad (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:11b1:8ae0:b180:1e1 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 192.229.233.6 (Marlborough, United States)

ASN15133 (EDGECAST, US)

cdn.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.91 (Neukirchen-Vluyn, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Loerrach, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:9449:420b:1a77:b906 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.4.76.120 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.120.76.4.46.clients.your-server.de

pix.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.177.10.97 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-10-97.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	754 KB
67	geocult.ru 1 redirects geocult.ru	263 KB
50	doubleclick.net 12 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 98422 8019191.fls.doubleclick.net — Cisco Umbrella Rank: 270869	189 KB
18	revjet.com ads.revjet.com — Cisco Umbrella Rank: 6785 cdn.revjet.com — Cisco Umbrella Rank: 6853 pix.revjet.com — Cisco Umbrella Rank: 5801	1 MB
15	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 37721 hal900027.redintelligence.net — Cisco Umbrella Rank: 201555 hal900020.redintelligence.net — Cisco Umbrella Rank: 252948	131 KB
11	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	303 KB
9	google.com 1 redirects translate.google.com — Cisco Umbrella Rank: 1298 www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2693 adservice.google.com — Cisco Umbrella Rank: 93	33 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	5 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	70 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	5 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	319 KB
4	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 802 s.tribalfusion.com — Cisco Umbrella Rank: 2218	2 KB
3	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474 ups.analytics.yahoo.com — Cisco Umbrella Rank: 307	2 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 24395 api.webgains.io — Cisco Umbrella Rank: 59842	19 KB
3	awin1.com www.awin1.com — Cisco Umbrella Rank: 13930	2 KB
3	medialead.de 2 redirects pv.medialead.de — Cisco Umbrella Rank: 47317 medialead.de — Cisco Umbrella Rank: 46843	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	236 KB
3	googleapis.com translate.googleapis.com — Cisco Umbrella Rank: 947 fonts.googleapis.com — Cisco Umbrella Rank: 29	83 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 818	2 KB
2	retailads.net 1 redirects cdn.retailads.net — Cisco Umbrella Rank: 164531	6 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1299	326 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 491	409 B
2	google.de www.google.de — Cisco Umbrella Rank: 6765	515 B
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 12199	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 714	388 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1771	297 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5555	553 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428	587 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 780	714 B
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 11353	60 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 550	363 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	149 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2627	104 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 749	463 B
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 61264	3 KB
1	futalis.de futalis.de — Cisco Umbrella Rank: 305788	401 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 49821	2 KB
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 128498	923 B
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 46149	628 B
0	spotxchange.com Failed sync.search.spotxchange.com Failed
283	42

	Domain	Requested by
67	geocult.ru	1 redirects geocult.ru
43	pagead2.googlesyndication.com	geocult.ru pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
25	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com geocult.ru s0.2mdn.net pagead2.googlesyndication.com
19	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net
18	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net geocult.ru
13	cdn.revjet.com	ads.revjet.com srcdoc geocult.ru
11	s0.2mdn.net	geocult.ru s0.2mdn.net
8	hal9000.redintelligence.net	googleads.g.doubleclick.net hal900027.redintelligence.net hal900020.redintelligence.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
7	ad.doubleclick.net	1 redirects googleads.g.doubleclick.net geocult.ru srcdoc
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net geocult.ru
5	www.google.com	1 redirects geocult.ru googleads.g.doubleclick.net tpc.googlesyndication.com
5	fonts.gstatic.com	geocult.ru fonts.googleapis.com
4	hal900027.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900027.redintelligence.net
3	pix.revjet.com	srcdoc googleads.g.doubleclick.net geocult.ru
3	hal900020.redintelligence.net	hal9000.redintelligence.net hal900020.redintelligence.net
3	www.awin1.com	googleads.g.doubleclick.net
3	www.googletagmanager.com	www.google-analytics.com adv.office-partner.de www.googletagmanager.com
3	www.gstatic.com	geocult.ru www.gstatic.com
2	api.webgains.io	analytics.webgains.io
2	www.googleadservices.com	geocult.ru
2	pr-bh.ybp.yahoo.com	2 redirects
2	s.tribalfusion.com	geocult.ru
2	a.tribalfusion.com	2 redirects
2	pm.w55c.net	2 redirects
2	ads.revjet.com	googleads.g.doubleclick.net ads.revjet.com
2	8019191.fls.doubleclick.net	1 redirects geocult.ru
2	cdn.retailads.net	1 redirects futalis.de
2	adservice.google.com	5994599.fls.doubleclick.net 8019191.fls.doubleclick.net
2	fonts.googleapis.com	hal900027.redintelligence.net hal900020.redintelligence.net
2	5994599.fls.doubleclick.net	1 redirects geocult.ru
2	pv.medialead.de	1 redirects googleads.g.doubleclick.net
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	www.google.de	geocult.ru
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	counter.yadro.ru	1 redirects geocult.ru
2	www.google-analytics.com	geocult.ru www.google-analytics.com
1	onetag-sys.com	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	ads.travelaudience.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	um.simpli.fi	1 redirects
1	m.exactag.com	googleads.g.doubleclick.net
1	ups.analytics.yahoo.com	googleads.g.doubleclick.net
1	dis.criteo.com	googleads.g.doubleclick.net
1	match.adsrvr.org	googleads.g.doubleclick.net
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	cdn.track.production.webgains.team	googleads.g.doubleclick.net
1	analytics.webgains.io	track.webgains.com
1	futalis.de	hal900020.redintelligence.net
1	medialead.de	1 redirects
1	track.webgains.com	geocult.ru
1	adv.office-partner.de	hal900027.redintelligence.net
1	pb.media01.eu	hal900027.redintelligence.net
1	region1.analytics.google.com	www.googletagmanager.com
1	translate.googleapis.com
1	translate.google.com	geocult.ru
0	sync.search.spotxchange.com Failed	googleads.g.doubleclick.net
283	61

This site contains links to these domains. Also see Links.

Domain
translate.google.com

Subject Issuer	Validity	Valid
geocult.ru AlphaSSL CA - SHA256 - G4	`2023-06-24` - `2024-07-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
redintelligence.net R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.media01.eu RapidSSL TLS RSA CA G1	`2023-05-16` - `2024-05-15`	a year	crt.sh
adv.office-partner.de R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.futalis.de R3	`2023-10-13` - `2024-01-11`	3 months	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh
*.revjet.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-04-11`	a year	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
cdn.revjet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-03-11`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G2	`2023-05-18` - `2024-05-17`	a year	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2023-08-22` - `2024-09-15`	a year	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 37 frames:

Primary Page: https://geocult.ru/
Frame ID: A0409F6D72B461F6BA6B25054997562C
Requests: 88 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Frame ID: D6C429F3FC662BA991440D60D735D141
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 0F68EDE9273AB3E9761D36AD4CA6C736
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&adk=1812271804&adf=3025194257&lmt=1693404896&plaf=2%3A2%2C7%3A2&plat=3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628680527&bpp=6&bdt=179&idt=260&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5479008603756&frm=20&pv=2&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=274
Frame ID: C9C5B52274CCE21B9EFE1201A14A62C4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628680533&bpp=1&bdt=185&idt=270&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=272
Frame ID: B81FAE2DC797757C04D930D93657848A
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=4347476252&adk=504672438&adf=3417920651&pi=t.ma~as.4347476252&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628680534&bpp=1&bdt=186&idt=272&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=274
Frame ID: 599EB784180BAC5FB54FFC7D2CC3B5BA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628680534&bpp=1&bdt=186&idt=274&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=276
Frame ID: 9321B971F3C7C7228B5F0A1420D29FC4
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNXJ8W2_mwI_S32G-tY9fMW5M53hzpj_qegyjnHaQCGGHcaTLsWFiomqoW1FfVOR1_mn95AMIMQy2jmaBFGBkfm4x5V9K0nHqaB5xLiiwaFpe5zRNNZhqonftu5qisXz3WitMHvppBY40YzEDESvbsGVFqoOuBqfIZUB5JWH3RSCLTLXET8
Frame ID: C80D4E30C5FB86BD240C30DB3B32646E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNW6cLb6qTd7CwWp-nXDVi6K3arAaCsDAoR_d0O2DhaeDo_yZF_XFVYTY5P3GyfX8R1pSIMWC0Y_6kxbQMKZfACA_JLgehrrj1G_bmw9U-J5ZFwH_42ysfnnbQNNBkhs2-s3oxJ2yJPtQ6pUIcUMuRmnJk_w6Qj0jtwyKplVp4mqZBSeOTY
Frame ID: 74F6FC24489CF7424930DEE4963E7974
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 4F9C18E594276F1CBBE3C1318065D8D9
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628681813&bpp=1&bdt=1465&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=3
Frame ID: 07C583E800F3902211F58C402071E54A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628681813&bpp=1&bdt=1465&idt=0&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
Frame ID: 264E5B78B030FC4A56A0A62745ED80C7
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 4D019DFC782A7F48EE402D1036FD3150
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGIvL3d4BMAE&v=APEucNXingN5sqD11SfrtYD9EzaNOEh0S4JhLhPGmSXPvLebAEZGMWyM-zE2Vemoc6NtkKzCTFJAn_geHt4GytG66VrnmDNi1KOdBMPeX_hZI99PiSnFFeEXUcknoPi7UPDZsnoNyQiiyvpdj7VvivY_Veh24SBi4UCpx8MFDareHFNoiTIvOlQ
Frame ID: C183C8C52268B6E297A32ADB6E551102
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 3A6EE40EC19A0622E238F6072CF65F83
Requests: 18 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=54849000155088504444556012527027&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: E80A44FA21FEA57815DCDCBFB8A3542C
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 0B979746FFA3A800BC7076873E0ED3E0
Requests: 3 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJClkOn084IDFZMLogMdMa4KuQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6478620114779.45
Frame ID: DDDA18DAC6DDDBDB2D3232024F1F984C
Requests: 2 HTTP requests in this frame

Frame: https://hal900027.redintelligence.net/request_content.php?s=54849000155088504444556012527027&a=dba4ffec
Frame ID: D1FC660F517186AC892F1DE13223663C
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 72F33B5E4131883A14C34AACF79074A8
Requests: 3 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3361161782
Frame ID: CF9C65C9A65B7E6AA8CB5AAB05C81B9A
Requests: 2 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CMT6m-n084IDFToQogMduF8CQw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2620912926399.7856
Frame ID: 7285EE34808F175F8526DF7E42E96BDC
Requests: 2 HTTP requests in this frame

Frame: https://hal900020.redintelligence.net/request_content.php?s=81115800135641404444994012527020&a=9d3f26ae
Frame ID: 268879C6ABA5674FAD36BBA3106DB7E4
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYl4fo4gEwAQ&v=APEucNUoBwRi9RQ73QHzU2WHPNndQUBUMAgcK8FiFpaXqYQE_lhdp0pwFICqSInu3vYIEMfHX_85esK3LtL3leVeGdk6SrFz8M3_IEsxlW1NiuPZKDmGvKVJaisMdawuEbR4lmOCRXKtd0Vfa4pGLmgZVJVSymDbu43x3ZWkxmD1W9ykxOdQhdQ
Frame ID: 812AF67A89EF6FAE9E5B4EB2DA92F600
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Frame ID: 22EE0523B4007A4C7FF6A467F5439DBD
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6C6200FF07BE8786646E705621205380
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 898C359B7B0A2B0A6BFC41DEE7886E24
Requests: 3 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2Fgoogleads.g.doubleclick.net
Frame ID: 9EC0D4FEF0E41518BB9D26C053B9FC9F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 4AF4757977D318B3C02FCA6B9C5E3FED
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E3B6365CA008F7A8A021728E22DB1031
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A12D328E6E98761306875322177DC204
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=UDrzxuizy5&t=1&renderingType=2&ev=01_250
Frame ID: C0563198D579F445306F2470A1BDB5E1
Requests: 12 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/elements-2.10.0.js
Frame ID: CBAD7ADB4832B7B2E87278AD63AD1E46
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: D97B212287850A81FE3CB163AD84EC13
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: BDE4D2084853BC9056A35FB3F2C7E4D5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FB8DF12EC1B7607D1CBCA93268D84BFE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5C80624B7D89BB631C942E9A792AAAD1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Geocult.ru - Астрологический дневник. Натальная карта, Лунный календарь, Астрология.

Page URL History Show full URLs

http://geocult.ru/ HTTP 301
https://geocult.ru/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

All in One SEO Pack (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- All in One SEO Pack ([\d.]+)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

283
Requests

91 %
HTTPS

40 %
IPv6

42
Domains

61
Subdomains

52
IPs

10
Countries

3529 kB
Transfer

7380 kB
Size

44
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://translate.google.com/
Title: Google Übersetzer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://geocult.ru/ HTTP 301
https://geocult.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72

https://counter.yadro.ru/hit?t44.6;r;s1600*1200*24;uhttps%3A//geocult.ru/;0.16815276348221486 HTTP 302
https://counter.yadro.ru/hit?q;t44.6;r;s1600*1200*24;uhttps%3A//geocult.ru/;0.16815276348221486

Request Chain 96

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDCw1pQNdnsVYcu9W_siWFU&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDCw1pQNdnsVYcu9W_siWFU&google_cver=1&C=1

Request Chain 97

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWzLCcWmy15J.hw06rxeWQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDCw1pQNdnsVYcu9W_siWFU&google_cver=1&google_hm=2

Request Chain 98

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMuU2oFzwEiXLUDcPO7fIZo&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMuU2oFzwEiXLUDcPO7fIZo%26google_cver%3D1

Request Chain 99

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU1ODcyMTQ4NDc5NzEyOTE3Nw%3D%3D

Request Chain 114

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDCw1pQNdnsVYcu9W_siWFU&google_cver=1

Request Chain 115

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWzLCWsfZtUmsOwhCOgB4wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDCw1pQNdnsVYcu9W_siWFU&google_cver=1

Request Chain 116

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMuU2oFzwEiXLUDcPO7fIZo&google_cver=1

Request Chain 117

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU1ODcyMTQ4NDc5NzEyOTE3Nw%3D%3D

Request Chain 122

https://hal900027.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=ecaeac0a71&subid=&uid=e4d9c2740787684e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCU4AhCMtsZaO9N8mgi9YPxdCiiAym5b2gaZ2cnKfJD_AuEAEg1MealwFglYKAgLgHyAEJqQKHFnI5ikKyPqgDAcgDmwSqBNgBT9CNq-fO3bJtdV2WzgELzBmyV4Jk-wsZwJKjBwC9QG2i4PDORMbX5MHJfl2eF0dfLUwnINI3yNM7nd_vB87Jgc69BkAbLnEKKA5d7iuaSyMHX92WULfLjjZhXPWHfuXINkJQdGDYRPfvHpqoee5niy9hPvwwgyQi4mC50xpnGItU6DdCeQLISX3VojuH8LobH2MJhqkhOFJIEfbOD9Gi77QKnUVluLv4lvoUYMEqpyhUuyyREAkDZHpHOhpwEtrnvecHZ5bVWR0J1AwWSA_xYKXKJMWgTFZvwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WL2gvuj084IDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAru7sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNehIpGHT4p3t5hXfsFlO4ZNIgihsig4XCB9djN2Q4RCtlXfoiAemjtONLPJAToWQ-Dwx_pzet9QfU9aTtnhVz67Ca2JUvbzz2RHoYAQ%26sig%3DAOD64_1whpmNBa5CJy-3pLqMmXbtJzFfYA%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-B04gPFCQxy4tw-IGAaA1j-u8t5tf7tN4gchFtYb9ztJPVtIre-KIP6LI2OqE74PDfmR_kYO6Op-yufxspXHIbPfh60Teze7gp6cMMv61nKFhkFP2Go3-Ix1bsNKLAfXByVihmNzbF0hkTBde4r6TukuOztVGSG_IM6N3TeIQppH_VvZa7Nuw0bUzXXeAKdgd_g0jnhK4gDCVodQk18hSvyH2KL7w%26cry%3D1%26dbm_d%3DAKAmf-A0abkHbd0zb_O2CEjwiHsKf-gcn0ziPgPfIKW3REDG_yZ7WV43uNf0x2w1KCCdYqC1Xz3pI10T88PUDGs0kAywVQPRfHNpsRbhyYtgQ7KQBCnVre0v4P5TETfMsuviu_A-fRet2VdxSxPU0iqnpiKUS2iJ2SOD5dXzsMYbEk-H1kqb_dP6NFSJR0gCkGd2RjPm08wTo5aTUD1Je8wzNyiB45833UyOYn1wOp7CZlC8viIfKYw5DRUK4YPdpkhNfaoHi9-mjBpwgIUZTUqaXm9iuN0kymc22F0tI5ZMb-oObK3MZN54fDyIjz1QQ1iG4pG7iYxFbU9LtkCeTxeg5T5PePABmMAfiUTZfnST0xFPPCovcd-fXv56jVeN4B_fUg7YqYTQ6Fsk0KnyIyv5QuUGXzkarjDmzQrFRBY482qOZ4jX1t0pBeCamPXU87jxJMS3g7m5xTuAWwDrjWlDISKNmz0eoMJB7H5SzJK9RAxBsEzqdLXTTmkofr5h0MhN-abgOocJPfdCFqp-V3lg2FbYBQpM5-KUd4vSG41J3qxn2tAsz47l9Fp11_2whBxkov7n26QlvlG4E5ZYDG311IWBocQsxQ%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=902251886509&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900027.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=ecaeac0a71&subid=&uid=e4d9c2740787684e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCU4AhCMtsZaO9N8mgi9YPxdCiiAym5b2gaZ2cnKfJD_AuEAEg1MealwFglYKAgLgHyAEJqQKHFnI5ikKyPqgDAcgDmwSqBNgBT9CNq-fO3bJtdV2WzgELzBmyV4Jk-wsZwJKjBwC9QG2i4PDORMbX5MHJfl2eF0dfLUwnINI3yNM7nd_vB87Jgc69BkAbLnEKKA5d7iuaSyMHX92WULfLjjZhXPWHfuXINkJQdGDYRPfvHpqoee5niy9hPvwwgyQi4mC50xpnGItU6DdCeQLISX3VojuH8LobH2MJhqkhOFJIEfbOD9Gi77QKnUVluLv4lvoUYMEqpyhUuyyREAkDZHpHOhpwEtrnvecHZ5bVWR0J1AwWSA_xYKXKJMWgTFZvwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WL2gvuj084IDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAru7sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNehIpGHT4p3t5hXfsFlO4ZNIgihsig4XCB9djN2Q4RCtlXfoiAemjtONLPJAToWQ-Dwx_pzet9QfU9aTtnhVz67Ca2JUvbzz2RHoYAQ%26sig%3DAOD64_1whpmNBa5CJy-3pLqMmXbtJzFfYA%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-B04gPFCQxy4tw-IGAaA1j-u8t5tf7tN4gchFtYb9ztJPVtIre-KIP6LI2OqE74PDfmR_kYO6Op-yufxspXHIbPfh60Teze7gp6cMMv61nKFhkFP2Go3-Ix1bsNKLAfXByVihmNzbF0hkTBde4r6TukuOztVGSG_IM6N3TeIQppH_VvZa7Nuw0bUzXXeAKdgd_g0jnhK4gDCVodQk18hSvyH2KL7w%26cry%3D1%26dbm_d%3DAKAmf-A0abkHbd0zb_O2CEjwiHsKf-gcn0ziPgPfIKW3REDG_yZ7WV43uNf0x2w1KCCdYqC1Xz3pI10T88PUDGs0kAywVQPRfHNpsRbhyYtgQ7KQBCnVre0v4P5TETfMsuviu_A-fRet2VdxSxPU0iqnpiKUS2iJ2SOD5dXzsMYbEk-H1kqb_dP6NFSJR0gCkGd2RjPm08wTo5aTUD1Je8wzNyiB45833UyOYn1wOp7CZlC8viIfKYw5DRUK4YPdpkhNfaoHi9-mjBpwgIUZTUqaXm9iuN0kymc22F0tI5ZMb-oObK3MZN54fDyIjz1QQ1iG4pG7iYxFbU9LtkCeTxeg5T5PePABmMAfiUTZfnST0xFPPCovcd-fXv56jVeN4B_fUg7YqYTQ6Fsk0KnyIyv5QuUGXzkarjDmzQrFRBY482qOZ4jX1t0pBeCamPXU87jxJMS3g7m5xTuAWwDrjWlDISKNmz0eoMJB7H5SzJK9RAxBsEzqdLXTTmkofr5h0MhN-abgOocJPfdCFqp-V3lg2FbYBQpM5-KUd4vSG41J3qxn2tAsz47l9Fp11_2whBxkov7n26QlvlG4E5ZYDG311IWBocQsxQ%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=902251886509&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 135

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBwmy7EFINadqxm7EgdQ9e4&google_cver=1

Request Chain 137

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEEGY0PCjQ6jBqQcRL9qZhZM&google_cver=1

Request Chain 142

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=54849000155088504444556012527027&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=54849000155088504444556012527027&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 145

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6478620114779.45 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJClkOn084IDFZMLogMdMa4KuQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6478620114779.45

Request Chain 147

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=54849000155088504444556012527027&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=54849000155088504444556012527027&t=htlp&gdpr=1&consent=1&gdpr_consent=

Request Chain 167

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=81115800135641404444994012527020&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3361161782

Request Chain 168

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2620912926399.7856 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CMT6m-n084IDFToQogMduF8CQw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2620912926399.7856

Request Chain 201

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGWeKVhGdAe8qqJZGnq0ahA&google_cver=1&google_push=AXcoOmR_PAUL8sFfSRPdtDM9NU5oaFkDL8K7VLVbSZPJVzQ8QSp0TY4Sm0FN1DU3BXbLJ3Kx1A_gn1vifYSThI9lss2cuRauqmvu-Q HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGWeKVhGdAe8qqJZGnq0ahA&google_cver=1&google_push=AXcoOmR_PAUL8sFfSRPdtDM9NU5oaFkDL8K7VLVbSZPJVzQ8QSp0TY4Sm0FN1DU3BXbLJ3Kx1A_gn1vifYSThI9lss2cuRauqmvu-Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NzFnamRMeVkxUjlSbFU1&google_gid=CAESEGWeKVhGdAe8qqJZGnq0ahA&google_cver=1&google_push=AXcoOmR_PAUL8sFfSRPdtDM9NU5oaFkDL8K7VLVbSZPJVzQ8QSp0TY4Sm0FN1DU3BXbLJ3Kx1A_gn1vifYSThI9lss2cuRauqmvu-Q

Request Chain 202

https://a.tribalfusion.com/i.match?p=b6&u=CAESEB_uTgH0jCE-oKa4dz0eu5E&google_cver=1&google_push=AXcoOmSRcWVijAjOky6Ciffj6BSLdnWgb85MEYdqACNtsZybrqFMyebgcQXOCJKF8Bu4Dapa6mriemNuVMNtCd4VtCofgcPtY3Tr&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSRcWVijAjOky6Ciffj6BSLdnWgb85MEYdqACNtsZybrqFMyebgcQXOCJKF8Bu4Dapa6mriemNuVMNtCd4VtCofgcPtY3Tr%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB_uTgH0jCE-oKa4dz0eu5E&google_cver=1&google_push=AXcoOmSRcWVijAjOky6Ciffj6BSLdnWgb85MEYdqACNtsZybrqFMyebgcQXOCJKF8Bu4Dapa6mriemNuVMNtCd4VtCofgcPtY3Tr&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSRcWVijAjOky6Ciffj6BSLdnWgb85MEYdqACNtsZybrqFMyebgcQXOCJKF8Bu4Dapa6mriemNuVMNtCd4VtCofgcPtY3Tr%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 204

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOZWxC-BmkSg-_kDOorz2es&google_cver=1&google_push=AXcoOmTYvt8b1EwzgjZzhAS97xeDq9QuumRwCpm0I4GiAh9Q3UgualxUsb76rC7hdiYKa6HuaM4qa0IOx-A8RkWwX5LmrX8Hx97png HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTYvt8b1EwzgjZzhAS97xeDq9QuumRwCpm0I4GiAh9Q3UgualxUsb76rC7hdiYKa6HuaM4qa0IOx-A8RkWwX5LmrX8Hx97png&google_hm=eS0wdEoxNTBaRTJwRnQ0ZlZJNEROMWFNOXhwd1FKWXZRQX5B

Request Chain 213

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEPiLFGnrl_Ck6xeaPv1Xi0U&google_cver=1

Request Chain 231

https://a.tribalfusion.com/i.match?p=b6&u=CAESEB_uTgH0jCE-oKa4dz0eu5E&google_cver=1&google_push=AXcoOmSu63VuH8CFcJ5VwT_is8QPilvTSYpKqgzhHOcgXvIMG_jJrfFmzVo3i8mCxxXt0QqRkfTMmDuViRcUXo2Nv4-gji5YlFGesJY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSu63VuH8CFcJ5VwT_is8QPilvTSYpKqgzhHOcgXvIMG_jJrfFmzVo3i8mCxxXt0QqRkfTMmDuViRcUXo2Nv4-gji5YlFGesJY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB_uTgH0jCE-oKa4dz0eu5E&google_cver=1&google_push=AXcoOmSu63VuH8CFcJ5VwT_is8QPilvTSYpKqgzhHOcgXvIMG_jJrfFmzVo3i8mCxxXt0QqRkfTMmDuViRcUXo2Nv4-gji5YlFGesJY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSu63VuH8CFcJ5VwT_is8QPilvTSYpKqgzhHOcgXvIMG_jJrfFmzVo3i8mCxxXt0QqRkfTMmDuViRcUXo2Nv4-gji5YlFGesJY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 232

https://um.simpli.fi/gp_match?google_gid=CAESEM_XupZtoAVUnIcsJK4Mofw&google_cver=1&google_push=AXcoOmT47FeauhnBvVqegB3XPuYGsMN_lVd-KLXDAU-2p72b6kQzMNneX8mtAuJE_ZshHBYrJbWpgvm33P6OY2ijQM0vvhHth7h2MNs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=434D74CCF3A847F8B76C104000EE2E37&google_push=AXcoOmT47FeauhnBvVqegB3XPuYGsMN_lVd-KLXDAU-2p72b6kQzMNneX8mtAuJE_ZshHBYrJbWpgvm33P6OY2ijQM0vvhHth7h2MNs

Request Chain 233

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBi3JC7gc5nHWoIdsnEZisA&google_cver=1&google_push=AXcoOmRMgP20ys6NRtKOhW710B3j0kLbItB56uX_s4xsldMCpMLGUugcmUsVwdkH43fEWDyKwbEaq-q0zwh1DuMnBqHhKjht1akPiCc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwODQzOTUzOTE1MTU5OTc2NQ%3D%3D&google_push=AXcoOmRMgP20ys6NRtKOhW710B3j0kLbItB56uX_s4xsldMCpMLGUugcmUsVwdkH43fEWDyKwbEaq-q0zwh1DuMnBqHhKjht1akPiCc

Request Chain 234

https://ads.travelaudience.com/google_pixel?google_gid=CAESEBp0St9gCNL1u9-jtxqiAmA&google_cver=1&google_push=AXcoOmTf2e8fY3DJuDd6MxkyfbKfDDWB9F5tMQDt2ZpyLsHkKxJ_SwPHHrftVEdzaA2NtmP0tcTnM35V7Y8-kuB1IkkLJmCMhAnr2Qw HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=IseM2QloRxUoJQiKcOqpng&google_push=AXcoOmTf2e8fY3DJuDd6MxkyfbKfDDWB9F5tMQDt2ZpyLsHkKxJ_SwPHHrftVEdzaA2NtmP0tcTnM35V7Y8-kuB1IkkLJmCMhAnr2Qw

Request Chain 235

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOZWxC-BmkSg-_kDOorz2es&google_cver=1&google_push=AXcoOmSx5VKxLAMRlyPPnHl8jH89MEQZSwBv0x8LwoYIFPM9LhozKlPY2va53OLSX0_YTYpIyZ3kEOHMMXiArsGUlI3JnLfBoi5PjNg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSx5VKxLAMRlyPPnHl8jH89MEQZSwBv0x8LwoYIFPM9LhozKlPY2va53OLSX0_YTYpIyZ3kEOHMMXiArsGUlI3JnLfBoi5PjNg&google_hm=eS1IMjRSd1V0RTJwSG5XbmkzTlNHQVdtTGl3aXNEenZaUX5B

Request Chain 237

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGT6bTXrGhgfu0P4z2J_FNE&google_cver=1&google_push=AXcoOmRYsbkuiJ73VWscyxGLhO9TdI7xz2fMVclZJydC8OVApJSMQY3B4Xl5UfKqa3sO88rCzpawvLE5sAa6BghUAENSXy5BgB34CDA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRYsbkuiJ73VWscyxGLhO9TdI7xz2fMVclZJydC8OVApJSMQY3B4Xl5UfKqa3sO88rCzpawvLE5sAa6BghUAENSXy5BgB34CDA

Request Chain 240

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 250

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29257362.357498769;dc_trk_aid=548521423;dc_trk_cid=185777388;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1701628682740 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29257362.357498769;dc_pre=CNLrtun084IDFVkx4AodCPMGhg;dc_trk_aid=548521423;dc_trk_cid=185777388;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1701628682740

Request Chain 257

https://googleads.g.doubleclick.net/pagead/adview?ai=CoiCyCctsZYLGNaKKwuIPnIGdGNDJhMd03r32x4YSwLCA7JACEAEg1MealwFglYKAgLgHoAHPr4zMKMgBAqgDAcgDyQSqBLcBT9A8Lmc6ZWaHoAK_l2sWKKHN2vx0xmjJBchup85PKimTnZunaR_Bk1WFgPeknhlriRF_cJupANkMhxJf-1vAozqZsDKp2BHPDyVABUkhudmTXGrmF4JacebV-d7V_mmw294JHWAZywMYWYRw7Fp0fyRcQOtVRZ2iZOowTuxSkNG9u4cqBoTr5loj1zKATEOgTmi-z6dNyjlJ02wxHd_ufq37zecmcdT6Zlm7CcH3ZjKzykv3AumVwAS3m-SYvgSIBY6RiqpNkgUECAQYAZIFBAgFGASgBgKAB8_n3KsDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ8MUF0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlj-v_3o9POCA5oJnwFodHRwczovL2RlLnNpbGtzaWxreS5jb20vY29sbGVjdGlvbnMvcHVyZS1zaWxrLXBhamFtYXM_c29ydF9ieT0xOS1tb21tZS1zaWxrLWhlYXJ0LXNob3J0LWNhbWlzb2xlLXNldCZ1dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWdkbiZ1dG1fY2FtcGFpZ249MjA3NTc3NzY1MjaACgHICwGiDBAqDgoM5LSxAu61sQK1uLEC2BMN0BUBmBYBgBcBshccChoIABIUcHViLTI5MjA1NTU1NzM1ODQ2OTgYAA&sigh=V7ZnlhtEgds&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwDICaaNlngn1W86zHVbDlB1IB_m6kX1z2v-jKWnX_r8uAyi6GI7A9Zp_z_pypYfM4RGf4jO_xYqXRMxGAE&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225629869434650138123%22,%22debug_reporting%22:true,%22destination%22:%22https://silksilky.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210897004495%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227226873452633400657%22}&andc=true

283 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
geocult.ru/
Redirect Chain

http://geocult.ru/
https://geocult.ru/

99 KB
21 KB

441ms
316ms

Document
text/html

185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: 8d674b28f8c316180a29763d4d735629198158a03a780fb691025830bae98b30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 03 Dec 2023 18:38:00 GMT
expires: Mon, 04 Dec 2023 18:38:00 GMT
last-modified: Wed, 30 Aug 2023 14:14:56 +0000
link: <https://geocult.ru/wp-json/>; rel="https://api.w.org/" <https://geocult.ru/>; rel=shortlink
server: nginx
x-cache-status: BYPASS

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Sun, 03 Dec 2023 18:37:59 GMT
Location: https://geocult.ru/
Server: nginx

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 154 KB
52 KB 130ms
79ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2920555573584698

Requested by

Host: geocult.ru
URL: https://geocult.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5bec70f0e0657163557891dc55bb27d7ea530b208603e17f3f06ded37e31fa38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geocult.ru/
Origin: https://geocult.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53177
x-xss-protection: 0
server: cafe
etag: 5618879398221855128
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 18:38:00 GMT

GET
H2 200 stylev2.css
geocult.ru/wp-content/themes/evolve/ 68 KB
13 KB 65ms
65ms Stylesheet
text/css 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: 04dff075b0c9befeaec0105bc4f7e21a284f402f0f3425896f90963c888d7f1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 08:40:06 GMT
server: nginx
etag: W/"60409ce6-1119a"
content-type: text/css
cache-control: max-age=691200
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 logo3.gif
geocult.ru/wp-content/uploads/2013/11/ 9 KB
9 KB 66ms
66ms Image
image/gif 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2013/11/logo3.gif
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: f97ff7af18b6fca33d99a223aaddee96afb3ddd73c2368a39acc15ff53b91c2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Wed, 07 Jan 2015 17:02:04 GMT
server: nginx
etag: "54ad668c-22e8"
content-type: image/gif
cache-control: max-age=691200
accept-ranges: bytes
content-length: 8936
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 oven_knopka2f.png
geocult.ru/wp-content/uploads/2014/08/ 4 KB
4 KB 67ms
67ms Image
image/png 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2014/08/oven_knopka2f.png
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: 528b3762e36893c9075ebbb38655afaa02aecbd106aefc59881bd879ffeba9c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Sat, 27 Feb 2016 09:28:00 GMT
server: nginx
etag: "56d16c20-113f"
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
content-length: 4415
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 telec_knopka1f.png
geocult.ru/wp-content/uploads/2014/08/ 5 KB
5 KB 108ms
102ms Image
image/png 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2014/08/telec_knopka1f.png
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: f69f24da425eac9ecd7ba5e9a956ee643849921ec5672a9a961e309c60a1feda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Sat, 27 Feb 2016 07:07:42 GMT
server: nginx
etag: "56d14b3e-123a"
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
content-length: 4666
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 blizneci_knopka1f.png
geocult.ru/wp-content/uploads/2014/08/ 5 KB
5 KB 109ms
103ms Image
image/png 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2014/08/blizneci_knopka1f.png
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: 1a4b71acc013b49315ff300c03f7163618bb6f1cc0408d710e11f97b255f9255

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Sat, 27 Feb 2016 07:16:35 GMT
server: nginx
etag: "56d14d53-1216"
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
content-length: 4630
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 rak_knopka1f.png
geocult.ru/wp-content/uploads/2014/08/ 4 KB
4 KB 110ms
103ms Image
image/png 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2014/08/rak_knopka1f.png
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: 914dcb400670688bb8de60c955cce8afce0838c2fa2ad297b4bd4b34ec908ed0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Sat, 27 Feb 2016 07:28:05 GMT
server: nginx
etag: "56d15005-1010"
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
content-length: 4112
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 lev_knopka1f.png
geocult.ru/wp-content/uploads/2014/08/ 5 KB
5 KB 169ms
163ms Image
image/png 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2014/08/lev_knopka1f.png
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: df5f8f98ec7bd0263bb4dabff07ecf507a535c2c39a5e391e03e7ea124baa321

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Sat, 27 Feb 2016 08:46:05 GMT
server: nginx
etag: "56d1624d-12ba"
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
content-length: 4794
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 deva_knopka1f.png
geocult.ru/wp-content/uploads/2014/08/ 5 KB
5 KB 169ms
163ms Image
image/png 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2014/08/deva_knopka1f.png
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: 1162f2ec71eb82147a7e6a6f558b88982bb78ad2fa812c1c52020f5b7bd1bd85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Sat, 27 Feb 2016 08:52:08 GMT
server: nginx
etag: "56d163b8-122e"
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
content-length: 4654
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 vesi_knopka1f.png
geocult.ru/wp-content/uploads/2014/08/ 5 KB
5 KB 169ms
164ms Image
image/png 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2014/08/vesi_knopka1f.png
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: daf927d970143656739c9b917412ba171dae6e997b8dfe53263effae772d1b69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Sat, 27 Feb 2016 08:57:19 GMT
server: nginx
etag: "56d164ef-125c"
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
content-length: 4700
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 scorpion_knopka1f.png
geocult.ru/wp-content/uploads/2014/08/ 5 KB
5 KB 169ms
164ms Image
image/png 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2014/08/scorpion_knopka1f.png
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: 462c848b90fb9d8f3599f4654813e4382222a6fd506a48158a01bc2eab95b357

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Sat, 27 Feb 2016 09:04:47 GMT
server: nginx
etag: "56d166af-13a6"
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
content-length: 5030
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 strelec_knopka1f.png
geocult.ru/wp-content/uploads/2014/08/ 5 KB
5 KB 169ms
164ms Image
image/png 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2014/08/strelec_knopka1f.png
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: 1479783c7b49a2bbde9ea12d6b9abb4d552311fad5ea3d1194a866c82ddf7d54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Sat, 27 Feb 2016 09:12:25 GMT
server: nginx
etag: "56d16879-1248"
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
content-length: 4680
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 kozerog_knopka1f.png
geocult.ru/wp-content/uploads/2014/08/ 4 KB
5 KB 169ms
164ms Image
image/png 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2014/08/kozerog_knopka1f.png
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: d04da184f20eec8ec53c73f71b04f6eb462b391c982ca722500bb5abfb31cd20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Sat, 27 Feb 2016 09:17:15 GMT
server: nginx
etag: "56d1699b-11fd"
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
content-length: 4605
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 vodoley_knopka1f.png
geocult.ru/wp-content/uploads/2014/08/ 5 KB
5 KB 169ms
164ms Image
image/png 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2014/08/vodoley_knopka1f.png
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: e74a84c9d52e2ef23512423d7e15031fc8644b0b800b89e82ad9abe3ad8b8912

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Sat, 27 Feb 2016 09:23:08 GMT
server: nginx
etag: "56d16afc-1383"
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
content-length: 4995
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 ribi_knopka1f.png
geocult.ru/wp-content/uploads/2014/08/ 4 KB
5 KB 169ms
165ms Image
image/png 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2014/08/ribi_knopka1f.png
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: 01bd238ad9742675260d4d3a5fef5b988ff74439b26a18aa0f98a48a694b07ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Sat, 27 Feb 2016 09:27:59 GMT
server: nginx
etag: "56d16c1f-1173"
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
content-length: 4467
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 venera_scorpion_geocult-1f1-60x60.jpg
geocult.ru/wp-content/uploads/2015/09/ 2 KB
3 KB 170ms
165ms Image
image/jpeg 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2015/09/venera_scorpion_geocult-1f1-60x60.jpg
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: 72c786a14cc7a7c3831a33e49e63e54beddc81f6c50cc00149b29e0844aec2af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Wed, 27 Jan 2016 03:45:09 GMT
server: nginx
etag: "56a83d45-9e6"
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
content-length: 2534
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 sharer.js Show response
geocult.ru/scripts/social_button/ 15 KB
3 KB 111ms
104ms Script
application/javascript 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://geocult.ru/scripts/social_button/sharer.js
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: 1537d4a7693f4840ad5484b03df34b08d0ed049696dd470ef07b55e1668d90a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
content-encoding: gzip
last-modified: Thu, 02 Apr 2020 23:01:12 GMT
server: nginx
etag: W/"5e866eb8-3a1e"
content-type: application/javascript
cache-control: max-age=691200
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 venera_scorpion_geocult-1f1.jpg
geocult.ru/wp-content/uploads/2015/09/ 3 KB
3 KB 170ms
165ms Image
image/jpeg 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2015/09/venera_scorpion_geocult-1f1.jpg
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: f9b2b62632d02dd438da5c717fcedbe7babf3420940398db1778d5b19d342f5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Thu, 17 Sep 2015 12:21:01 GMT
server: nginx
etag: "55fab02d-a4e"
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
content-length: 2638
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 grande_trine1f-60-60.jpg
geocult.ru/wp-content/uploads/2020/07/ 1 KB
1 KB 170ms
165ms Image
image/jpeg 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2020/07/grande_trine1f-60-60.jpg
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: e3df018cd61d671d60bd4a1cae119f8fcf1e58e47a62a4ae80c6b8100d868dbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Thu, 17 Dec 2020 08:31:08 GMT
server: nginx
etag: "5fdb174c-431"
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
content-length: 1073
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 neptun-v1.jpg
geocult.ru/wp-content/uploads/2019/01/ 2 KB
2 KB 170ms
165ms Image
image/jpeg 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2019/01/neptun-v1.jpg
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: 815c4d0cf5937e27877ee3d17fb373dabb5b4cfa45a87636ad24f71bf59345db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Fri, 03 May 2019 09:17:47 GMT
server: nginx
etag: "5ccc073b-781"
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
content-length: 1921
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 venus_v_3_home-60x60.jpg
geocult.ru/wp-content/uploads/2018/07/ 3 KB
3 KB 170ms
165ms Image
image/jpeg 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2018/07/venus_v_3_home-60x60.jpg
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: 178d21ba92f7134c1b38490946eadd0bddbf07248aa9e132d1ff30ddf735a62a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Fri, 20 Jul 2018 07:49:59 GMT
server: nginx
etag: "5b519427-c0c"
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
content-length: 3084
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 moon-neptun-soedinenie-1-60x60.jpg
geocult.ru/wp-content/uploads/2017/10/ 3 KB
3 KB 170ms
166ms Image
image/jpeg 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2017/10/moon-neptun-soedinenie-1-60x60.jpg
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: 17389d2b816cd42930191c00df09c08669c18038ce38085452fc224228bfd2ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Tue, 17 Oct 2017 06:19:10 GMT
server: nginx
etag: "59e5a0de-a74"
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
content-length: 2676
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 mars_uran_geocult-1f1.jpg
geocult.ru/wp-content/uploads/2015/10/ 2 KB
3 KB 170ms
166ms Image
image/jpeg 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2015/10/mars_uran_geocult-1f1.jpg
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: d9b90d582c960458aef7a61a894bffb8c326910023e6be747b954cc8737986ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Mon, 05 Oct 2015 07:00:33 GMT
server: nginx
etag: "56122011-9b1"
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
content-length: 2481
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 tranziti_online1f1.jpg
geocult.ru/wp-content/uploads/2016/10/ 3 KB
4 KB 170ms
166ms Image
image/jpeg 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2016/10/tranziti_online1f1.jpg
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: 8e483f5b5ac1b2ef3a28ccc7f8f7ab82cd8a56cb1e9c06294bf90b3020ccfe47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Wed, 19 Oct 2016 08:33:07 GMT
server: nginx
etag: "58072fc3-dce"
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
content-length: 3534
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 moon_blizneci-1f-60x60.jpg
geocult.ru/wp-content/uploads/2019/03/ 2 KB
2 KB 170ms
166ms Image
image/jpeg 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2019/03/moon_blizneci-1f-60x60.jpg
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: c76762b6b5695ab0c2c3688f5f0b4932911daa89e9a905ad866e853dd00020ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Sat, 23 Mar 2019 14:32:00 GMT
server: nginx
etag: "5c964360-713"
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
content-length: 1811
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 mercury-v-2-dome-60x60.jpg
geocult.ru/wp-content/uploads/2018/06/ 3 KB
3 KB 170ms
166ms Image
image/jpeg 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2018/06/mercury-v-2-dome-60x60.jpg
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: 36c7b56d7df17e27614b04230c5fc1793653b20a1fd66fb9311f5df573c0f617

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Tue, 26 Jun 2018 07:10:54 GMT
server: nginx
etag: "5b31e6fe-ab3"
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
content-length: 2739
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 goroscop_earth-1f1.jpg
geocult.ru/wp-content/uploads/2018/11/ 2 KB
2 KB 170ms
166ms Image
image/jpeg 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2018/11/goroscop_earth-1f1.jpg
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: 5e7ef5ef8582671b083278bf8f81e640b0f839f3ed0c336c4a96eb7e8b6c4aca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Thu, 29 Nov 2018 15:25:13 GMT
server: nginx
etag: "5c0004d9-849"
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
content-length: 2121
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 planets-1280-1-60x60.jpg
geocult.ru/wp-content/uploads/2018/03/ 3 KB
3 KB 170ms
167ms Image
image/jpeg 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2018/03/planets-1280-1-60x60.jpg
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: 668252abb09b70642638a85544b62098dad1e03b79f534ee177e6d1ebb08c295

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Sat, 03 Mar 2018 17:16:40 GMT
server: nginx
etag: "5a9ad878-bf6"
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
content-length: 3062
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 bioritm-icon-geocult-1f.jpg
geocult.ru/wp-content/uploads/2014/09/ 6 KB
6 KB 170ms
167ms Image
image/jpeg 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2014/09/bioritm-icon-geocult-1f.jpg
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: eafb3e8e7ff731d4419a9683e280433e06a513e872f309333c0909890156bcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Wed, 07 Jan 2015 17:39:32 GMT
server: nginx
etag: "54ad6f54-1884"
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
content-length: 6276
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 lun1.jpg
geocult.ru/wp-content/uploads/2013/09/ 3 KB
3 KB 170ms
167ms Image
image/jpeg 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2013/09/lun1.jpg
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: 57fa232a003b023f9ee9ab9ca6f9d33569fc7cca884bf9b1ba464cc42df6ed79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Wed, 07 Jan 2015 16:55:15 GMT
server: nginx
etag: "54ad64f3-a1b"
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
content-length: 2587
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 lun4.jpg
geocult.ru/wp-content/uploads/2013/09/ 5 KB
5 KB 170ms
167ms Image
image/jpeg 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2013/09/lun4.jpg
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: ceae381ecbf5ea0d6e5f6977b195b7eae7d9167dd575f1983b07829838e20632

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Wed, 07 Jan 2015 16:55:22 GMT
server: nginx
etag: "54ad64fa-1200"
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
content-length: 4608
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 lunniy_den_rojdeniya.jpg
geocult.ru/wp-content/uploads/2013/09/ 3 KB
3 KB 170ms
167ms Image
image/jpeg 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2013/09/lunniy_den_rojdeniya.jpg
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: e86c41aba2a70f6e263fbe0c13257e5b4d36b0ba6ae34d86098013f7087441ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Wed, 07 Jan 2015 16:55:35 GMT
server: nginx
etag: "54ad6507-a50"
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
content-length: 2640
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 lun3.jpg
geocult.ru/wp-content/uploads/2013/09/ 4 KB
4 KB 170ms
167ms Image
image/jpeg 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2013/09/lun3.jpg
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: f2d27ec07598049af75b5252143a57fd29957203c5293b6f2321ac38efb629c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Wed, 07 Jan 2015 16:55:21 GMT
server: nginx
etag: "54ad64f9-1048"
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
content-length: 4168
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 lun5.jpg
geocult.ru/wp-content/uploads/2013/09/ 3 KB
3 KB 170ms
167ms Image
image/jpeg 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2013/09/lun5.jpg
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: 50b78ad8578885f34aa7fa589dcd10075c466504e11467dd8a3ceed303ef4cb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Wed, 07 Jan 2015 16:55:27 GMT
server: nginx
etag: "54ad64ff-ab2"
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
content-length: 2738
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 voc_moon-60x60.jpg
geocult.ru/wp-content/uploads/2018/12/ 2 KB
2 KB 170ms
168ms Image
image/jpeg 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2018/12/voc_moon-60x60.jpg
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: ec4840b5e373feeae1a57fd926d937285246bd4437db4b08e0b99ccf611f1775

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Fri, 14 Dec 2018 12:53:35 GMT
server: nginx
etag: "5c13a7cf-81a"
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
content-length: 2074
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 clfrkfgb00001jv0898897s3d_1-60x60.jpg
geocult.ru/wp-content/uploads/2023/04/ 2 KB
2 KB 170ms
168ms Image
image/jpeg 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2023/04/clfrkfgb00001jv0898897s3d_1-60x60.jpg
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: 5070152299c3d5a3ed255352b18e10649460f1e436363d4394e0f7d0acdb48de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Mon, 03 Apr 2023 15:17:18 GMT
server: nginx
etag: "642aedfe-771"
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
content-length: 1905
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 lun7.jpg
geocult.ru/wp-content/uploads/2013/09/ 7 KB
7 KB 170ms
168ms Image
image/jpeg 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2013/09/lun7.jpg
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: d1feb54f2339859c3595bd26343b468bad05a7a11c0a5a9d86084c56e3a885ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Wed, 07 Jan 2015 16:55:34 GMT
server: nginx
etag: "54ad6506-1bdb"
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
content-length: 7131
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 lun61.jpg
geocult.ru/wp-content/uploads/2013/09/ 3 KB
3 KB 170ms
168ms Image
image/jpeg 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2013/09/lun61.jpg
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: 8b05625742e37f242707bde42df16ce7b828cc94f93238332f02624415d6c01f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Wed, 07 Jan 2015 16:55:29 GMT
server: nginx
etag: "54ad6501-c49"
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
content-length: 3145
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 natalkarta-1f-60x60.jpg
geocult.ru/wp-content/uploads/2016/04/ 3 KB
3 KB 170ms
168ms Image
image/jpeg 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2016/04/natalkarta-1f-60x60.jpg
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: be91c72c97adfae4e70b223c2f23ffd07eaf26d315a53bb66134b11dc40bb661

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Sun, 10 Apr 2016 10:52:42 GMT
server: nginx
etag: "570a307a-a3c"
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
content-length: 2620
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 sun_lev_geocult-1-60x60.jpg
geocult.ru/wp-content/uploads/2015/09/ 2 KB
3 KB 170ms
168ms Image
image/jpeg 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2015/09/sun_lev_geocult-1-60x60.jpg
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: c9092cfaa24952291b22481bfa4e399483260fc6fb162a6b942fed3ff42d76f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Wed, 27 Jan 2016 03:45:50 GMT
server: nginx
etag: "56a83d6e-9d8"
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
content-length: 2520
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 fon_sovmestimost_geocult-1-60x60.jpg
geocult.ru/wp-content/uploads/2014/08/ 3 KB
3 KB 171ms
168ms Image
image/jpeg 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2014/08/fon_sovmestimost_geocult-1-60x60.jpg
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: 21f14e408c57d0c0c9a833c314df5ff7f7695f054253d9eb2ce123ba0f2ac049

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Wed, 27 Jan 2016 03:43:46 GMT
server: nginx
etag: "56a83cf2-af2"
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
content-length: 2802
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 sun_6dome_geocult-1f-60x60.jpg
geocult.ru/wp-content/uploads/2015/10/ 2 KB
3 KB 171ms
169ms Image
image/jpeg 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2015/10/sun_6dome_geocult-1f-60x60.jpg
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: aad870057003cbb9958374f555a06fb47dab183a03018ac1d1e88bffd1ded096

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Wed, 27 Jan 2016 03:43:51 GMT
server: nginx
etag: "56a83cf7-9f5"
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
content-length: 2549
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 natal_wheel_geocult-2f-60x60.jpg
geocult.ru/wp-content/uploads/2016/03/ 3 KB
4 KB 171ms
169ms Image
image/jpeg 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2016/03/natal_wheel_geocult-2f-60x60.jpg
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: e6e4ae30d0e1fe5bfda2cdf9a430e4d2da17e5706b0011bf909b312814bcbd1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Fri, 11 Mar 2016 10:29:39 GMT
server: nginx
etag: "56e29e13-df6"
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
content-length: 3574
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 lunniy_uzel-2f-60x60.jpg
geocult.ru/wp-content/uploads/2018/04/ 2 KB
2 KB 171ms
169ms Image
image/jpeg 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/uploads/2018/04/lunniy_uzel-2f-60x60.jpg
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: 41e8f29b28c908a3e09da0cdfc54be6adeef57c3ac6dbf393416e84e4d2c420b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Tue, 10 Apr 2018 12:55:02 GMT
server: nginx
etag: "5accb426-8a8"
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
content-length: 2216
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 avatar1-min.png
geocult.ru/wp-content/themes/evolve/images/ 500 B
673 B 171ms
169ms Image
image/png 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/themes/evolve/images/avatar1-min.png
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: b87216debe85ffb5d5f3f938c1c2cfed568d6736fd9bd06d64d85711ea5c8802

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Tue, 31 Jul 2018 08:02:32 GMT
server: nginx
etag: "5b601798-1f4"
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
content-length: 500
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 jquery.js Show response
geocult.ru/wp-includes/js/jquery/ 95 KB
33 KB 111ms
105ms Script
application/javascript 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://geocult.ru/wp-includes/js/jquery/jquery.js?ver=1.10.2
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
content-encoding: gzip
last-modified: Mon, 23 May 2016 09:00:29 GMT
server: nginx
etag: W/"5742c6ad-17ba0"
content-type: application/javascript
cache-control: max-age=691200
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 89 KB
31 KB 91ms
37ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: geocult.ru
URL: https://geocult.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aad35991a036d79245d4bc83da400f26f31622c18a654fe692fc00128d12b6b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.fancybox.css
geocult.ru/swetest/fancybox21/source/ 5 KB
2 KB 168ms
162ms Stylesheet
text/css 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://geocult.ru/swetest/fancybox21/source/jquery.fancybox.css?v=2.1.5
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: 968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
content-encoding: gzip
last-modified: Sat, 03 Dec 2016 23:46:32 GMT
server: nginx
etag: W/"58435958-131f"
content-type: text/css
cache-control: max-age=691200
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 jquery.fancybox.pack.js Show response
geocult.ru/swetest/fancybox21/source/ 23 KB
9 KB 169ms
163ms Script
application/javascript 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://geocult.ru/swetest/fancybox21/source/jquery.fancybox.pack.js?v=2.1.5
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
content-encoding: gzip
last-modified: Sat, 03 Dec 2016 23:46:34 GMT
server: nginx
etag: W/"5843595a-5a5f"
content-type: application/javascript
cache-control: max-age=691200
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 new-tab.min.js Show response
geocult.ru/wp-content/plugins/page-links-to/js/ 911 B
688 B 169ms
163ms Script
application/javascript 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://geocult.ru/wp-content/plugins/page-links-to/js/new-tab.min.js?ver=2.10.4
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: 2baa2ebe463ced52f500118a25caa59f75536f3a49a36ae911ff5c37e1265669

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
content-encoding: gzip
last-modified: Sun, 10 Jun 2018 09:40:17 GMT
server: nginx
etag: W/"5b1cf201-38f"
content-type: application/javascript
cache-control: max-age=691200
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 comment-reply.min.js Show response
geocult.ru/wp-includes/js/ 1 KB
768 B 169ms
163ms Script
application/javascript 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://geocult.ru/wp-includes/js/comment-reply.min.js?ver=4.9.8
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: 1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
content-encoding: gzip
last-modified: Wed, 18 Nov 2015 19:15:28 GMT
server: nginx
etag: W/"564cce50-436"
content-type: application/javascript
cache-control: max-age=691200
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 main-bg.jpg
geocult.ru/wp-content/themes/evolve/library/media/images/ 968 B
1 KB 177ms
175ms Image
image/jpeg 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/themes/evolve/library/media/images/main-bg.jpg
Requested by: Host: geocult.ru
URL: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: d0a7940c5739597d973e2bb019d3e3cc8b5e8747e607982ebdbd4890f4288f3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Fri, 19 May 2017 18:30:04 GMT
server: nginx
etag: "591f39ac-3c8"
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
content-length: 968
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 green-back.jpg
geocult.ru/wp-content/themes/evolve/library/media/images/header-two/ 4 KB
4 KB 176ms
175ms Image
image/jpeg 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/themes/evolve/library/media/images/header-two/green-back.jpg
Requested by: Host: geocult.ru
URL: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: 3b3c66d6f6711dcb00f5ca69f10cc2e996c38c6c90facc8da13bbc88827433ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Fri, 19 May 2017 19:18:17 GMT
server: nginx
etag: "591f44f9-fc8"
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
content-length: 4040
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 trans.png
geocult.ru/wp-content/themes/evolve/library/media/images/dark/ 97 B
268 B 176ms
175ms Image
image/png 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/themes/evolve/library/media/images/dark/trans.png
Requested by: Host: geocult.ru
URL: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: 5942cf3294f46a9640870809b055e78887d7b48cc1e31a153d9c3b5dd7ef674b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Fri, 19 May 2017 18:30:27 GMT
server: nginx
etag: "591f39c3-61"
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
content-length: 97
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 shadow-before.png
geocult.ru/wp-content/themes/evolve/library/media/images/ 8 KB
8 KB 176ms
176ms Image
image/png 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/themes/evolve/library/media/images/shadow-before.png
Requested by: Host: geocult.ru
URL: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: 0d43d9f15c54f63334de8305be7fabb614396c5e190a0756a417483ba9c61631

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Fri, 19 May 2017 18:30:09 GMT
server: nginx
etag: "591f39b1-1fb1"
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
content-length: 8113
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 shadow-after.png
geocult.ru/wp-content/themes/evolve/library/media/images/ 8 KB
8 KB 176ms
176ms Image
image/png 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/themes/evolve/library/media/images/shadow-after.png
Requested by: Host: geocult.ru
URL: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: 9da58863c2d4a7e1f3c71a9a498588e7b74c3bf65fb97ddd126f1564fa7f9f02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Fri, 19 May 2017 18:30:09 GMT
server: nginx
etag: "591f39b1-1f66"
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
content-length: 8038
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 divider.png
geocult.ru/wp-content/themes/evolve/library/media/images/ 226 B
398 B 177ms
176ms Image
image/png 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/themes/evolve/library/media/images/divider.png
Requested by: Host: geocult.ru
URL: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: c4f459274e378b71dae7cd9514f4c3020545081e0de18560311a5aabf98f85b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Fri, 19 May 2017 18:29:53 GMT
server: nginx
etag: "591f39a1-e2"
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
content-length: 226
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 search.png
geocult.ru/wp-content/themes/evolve/library/media/images/ 788 B
961 B 176ms
176ms Image
image/png 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/themes/evolve/library/media/images/search.png
Requested by: Host: geocult.ru
URL: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: 281bdb69ef6f2abc92abda9b18117ebbf50e9add63b183b2d9bc3fe3afbb3011

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Fri, 19 May 2017 18:30:08 GMT
server: nginx
etag: "591f39b0-314"
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
content-length: 788
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 list-style.png
geocult.ru/wp-content/themes/evolve/library/media/images/ 192 B
364 B 176ms
176ms Image
image/png 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/themes/evolve/library/media/images/list-style.png
Requested by: Host: geocult.ru
URL: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: 83fef62511d4754a257551bd24d92efdeeb31c2886d07de22e9e947942233f6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Fri, 19 May 2017 18:30:01 GMT
server: nginx
etag: "591f39a9-c0"
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
content-length: 192
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 divider-tile.png
geocult.ru/wp-content/themes/evolve/library/media/images/ 88 B
259 B 162ms
162ms Image
image/png 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/themes/evolve/library/media/images/divider-tile.png
Requested by: Host: geocult.ru
URL: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: 992f94f905118b8960ff39ecea7dcec52afbb5b2a484b14cd817844ba03d7eab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Fri, 19 May 2017 18:29:53 GMT
server: nginx
etag: "591f39a1-58"
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
content-length: 88
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 facebook.png
geocult.ru/scripts/social_button/ 427 B
599 B 114ms
114ms Image
image/png 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/scripts/social_button/facebook.png
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: ec29871f7a6e470e699f7eb7a722c49ceffe8ebb682308c7279053da037d71d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Tue, 10 Sep 2019 22:48:34 GMT
server: nginx
etag: "5d782842-1ab"
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
content-length: 427
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 twitter.png
geocult.ru/scripts/social_button/ 654 B
826 B 115ms
114ms Image
image/png 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/scripts/social_button/twitter.png
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: 24d3f7c545ffb8d31d407b24b2c130774fae929ec9a92d6fe92f42608c858372

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Tue, 10 Sep 2019 22:48:34 GMT
server: nginx
etag: "5d782842-28e"
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
content-length: 654
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 mail-ru2.png
geocult.ru/scripts/social_button/ 900 B
1 KB 115ms
114ms Image
image/png 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/scripts/social_button/mail-ru2.png
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: a84f5718bcfaa18fbf0bc06b2fb8989141e7ef299b1a4793bd1082b48ce74cc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Tue, 10 Sep 2019 20:04:44 GMT
server: nginx
etag: "5d7801dc-384"
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
content-length: 900
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 odnoklassniki.png
geocult.ru/scripts/social_button/ 664 B
837 B 115ms
114ms Image
image/png 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/scripts/social_button/odnoklassniki.png
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: 608c7e96914ee8dea1cc0bbd2eee01f5f6d0b03521cebbc6116a7ba5940043cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Tue, 10 Sep 2019 22:48:32 GMT
server: nginx
etag: "5d782840-298"
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
content-length: 664
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 vk.png
geocult.ru/scripts/social_button/ 610 B
782 B 115ms
114ms Image
image/png 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/scripts/social_button/vk.png
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: d3d89aa5cc7dbbdea39f3111b7460d064d7663ea92b04e79df0b39ef2e63b196

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Tue, 10 Sep 2019 22:48:32 GMT
server: nginx
etag: "5d782840-262"
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
content-length: 610
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 pinterest.png
geocult.ru/scripts/social_button/ 817 B
990 B 115ms
114ms Image
image/png 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/scripts/social_button/pinterest.png
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: d371219cab55549df0dc40dfb5a92d8d4be8b8ed24ab44d4c003fdb8b580cd56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Tue, 10 Sep 2019 22:48:32 GMT
server: nginx
etag: "5d782840-331"
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
content-length: 817
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H2 200 reply.gif
geocult.ru/wp-content/themes/evolve/library/media/images/ 603 B
775 B 114ms
114ms Image
image/gif 185.182.111.117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geocult.ru/wp-content/themes/evolve/library/media/images/reply.gif
Requested by: Host: geocult.ru
URL: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.182.111.117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: geocult.ru
Software: nginx /
Resource Hash: 436d9fdefdf3800e7aa8d543d79138dafd6a5fa95340a6d9df9515a99d6a243f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/wp-content/themes/evolve/stylev2.css?ver=3.6.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
last-modified: Fri, 19 May 2017 18:30:06 GMT
server: nginx
etag: "591f39ae-25b"
content-type: image/gif
cache-control: max-age=691200
accept-ranges: bytes
content-length: 603
expires: Mon, 11 Dec 2023 18:38:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/ 398 KB
135 KB 159ms
105ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2920555573584698&plah=geocult.ru&bust=31079860

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2920555573584698

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94c64deba3ab0daa0d273ffb353d783334474f7359497ad2f3095a164a2d8492

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137672
x-xss-protection: 0
server: cafe
etag: 12172557236810263590
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 18:38:00 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/ Frame D6C4 9 KB
4 KB 66ms
19ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2920555573584698

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geocult.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 20:59:29 GMT
etag: 12051592065903069241
expires: Sat, 16 Dec 2023 20:59:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=CAM/d=0/rs=AN8SPfqeKn8wA30q4viup18yaci8udUjKQ/ 22 KB
5 KB 68ms
21ms Stylesheet
text/css 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=CAM/d=0/rs=AN8SPfqeKn8wA30q4viup18yaci8udUjKQ/m=el_main_css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.A9O3WaiOQis.O/am=CAM/d=1/rs=AN8SPfpMgbNKnvQJ5Vc_IlNX32zj-NNokQ/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 09:41:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 204978
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4144
x-xss-protection: 0
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Nov 2024 09:41:42 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.A9O3WaiOQis.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrxocVVP4k_NLvlzeFdJTSV2kPBIQ/ 230 KB
82 KB 74ms
20ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.A9O3WaiOQis.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrxocVVP4k_NLvlzeFdJTSV2kPBIQ/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.A9O3WaiOQis.O/am=CAM/d=1/rs=AN8SPfpMgbNKnvQJ5Vc_IlNX32zj-NNokQ/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98f6e8c47cc9172e4c8c74ec2a4b4a8df8988dd3b77803cd88bc435c42db2936

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:13:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83047
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 22:11:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Dec 2024 16:13:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 67ms
20ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: geocult.ru
URL: https://geocult.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 03 Dec 2023 17:22:36 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4524
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 03 Dec 2023 19:22:36 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t44.6;r;s1600*1200*24;uhttps%3A//geocult.ru/;0.16815276348221486
https://counter.yadro.ru/hit?q;t44.6;r;s1600*1200*24;uhttps%3A//geocult.ru/;0.16815276348221486

132 B
618 B

64ms
63ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t44.6;r;s1600*1200*24;uhttps%3A//geocult.ru/;0.16815276348221486

Requested by

Host: geocult.ru
URL: https://geocult.ru/

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

fa523f248a332cb89ae3ad8cf51d840153e0f96bcc2a4c8db736e02a340dab48

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Dec 2023 18:38:00 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 132
Expires: Fri, 02 Dec 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 03 Dec 2023 18:38:00 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t44.6;r;s1600*1200*24;uhttps%3A//geocult.ru/;0.16815276348221486
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Fri, 02 Dec 2022 21:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
218 B 27ms
27ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=22708617&t=pageview&_s=1&dl=https%3A%2F%2Fgeocult.ru%2F&ul=en-us&de=UTF-8&dt=Geocult.ru%20-%20%D0%90%D1%81%D1%82%D1%80%D0%BE%D0%BB%D0%BE%D0%B3%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BD%D0%B5%D0%B2%D0%BD%D0%B8%D0%BA.%20%D0%9D%D0%B0%D1%82%D0%B0%D0%BB%D1%8C%D0%BD%D0%B0%D1%8F%20%D0%BA%D0%B0%D1%80%D1%82%D0%B0%2C%20%D0%9B%D1%83%D0%BD%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%BB%D0%B5%D0%BD%D0%B4%D0%B0%D1%80%D1%8C%2C%20%D0%90%D1%81%D1%82%D1%80%D0%BE%D0%BB%D0%BE%D0%B3%D0%B8%D1%8F.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=905464063&gjid=1496665306&cid=34548475.1701628681&tid=UA-55395314-1&_gid=1192455180.1701628681&_r=1&_slc=1&z=166387816

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

d752f92d971a6a3afd2a903855c7726ba385cf2ec11757e1fd694dbd661c45ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://geocult.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://geocult.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
345 B 85ms
28ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-55395314-1&cid=34548475.1701628681&jid=905464063&gjid=1496665306&_gid=1192455180.1701628681&_u=IEBAAEAAAAAAACAAI~&z=427436267

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://geocult.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 03 Dec 2023 18:38:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://geocult.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
82 KB 87ms
40ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DHBZR6TRD0&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dcf83b1450b6423e29f47632dc89505e6524991602b0f44a73669e4af687174b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83526
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 03 Dec 2023 18:38:00 GMT

GET
DATA 200
OK truncated Show response
/ Frame 0F68 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 6 KB
4 KB 75ms
23ms Image
image/svg+xml 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

Requested by

Host: geocult.ru
URL: https://geocult.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 07:58:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 470359
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3340
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Nov 2024 07:58:41 GMT

GET
H2 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
1 KB 21ms
20ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: geocult.ru
URL: https://geocult.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:22:01 GMT
x-content-type-options: nosniff
age: 350159
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 910
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 28 Nov 2024 17:22:01 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 20ms
20ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=CAM/d=0/rs=AN8SPfqeKn8wA30q4viup18yaci8udUjKQ/m=el_main_css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=CAM/d=0/rs=AN8SPfqeKn8wA30q4viup18yaci8udUjKQ/m=el_main_css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:42:02 GMT
x-content-type-options: nosniff
age: 284158
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 29 Nov 2024 11:42:02 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C9C5 47 KB
16 KB 978ms
977ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&adk=1812271804&adf=3025194257&lmt=1693404896&plaf=2%3A2%2C7%3A2&plat=3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628680527&bpp=6&bdt=179&idt=260&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5479008603756&frm=20&pv=2&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=274

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2920555573584698&plah=geocult.ru&bust=31079860

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99aa931d77212e8ed5fa3bdcbcb5c4f3354d8cf7134982d0af6b9032ff13c3fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geocult.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 16648
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 18:38:01 GMT
expires: Sun, 03 Dec 2023 18:38:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B81F 26 KB
11 KB 494ms
494ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628680533&bpp=1&bdt=185&idt=270&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=272

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7556dc64e40765343d4e092cc65064c95e21721c94387b287f99c64c2fd782ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geocult.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11533
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 18:38:01 GMT
expires: Sun, 03 Dec 2023 18:38:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 599E 603 B
239 B 3255ms
3254ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=4347476252&adk=504672438&adf=3417920651&pi=t.ma~as.4347476252&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628680534&bpp=1&bdt=186&idt=272&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=274

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geocult.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 18:38:04 GMT
expires: Sun, 03 Dec 2023 18:38:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9321 25 KB
11 KB 798ms
798ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628680534&bpp=1&bdt=186&idt=274&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=276

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56a657afa978033de9998ab2d7ef9b0fd1307d9197d6991f7ad60da67c3ecd37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geocult.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11432
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 18:38:01 GMT
expires: Sun, 03 Dec 2023 18:38:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 108ms
60ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-55395314-1&cid=34548475.1701628681&jid=905464063&_u=IEBAAEAAAAAAACAAI~&z=1443258412

Requested by

Host: geocult.ru
URL: https://geocult.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 113ms
62ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-55395314-1&cid=34548475.1701628681&jid=905464063&_u=IEBAAEAAAAAAACAAI~&z=1443258412

Requested by

Host: geocult.ru
URL: https://geocult.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
250 B 80ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-DHBZR6TRD0&_ono=1&gtm=45je3bt0v9135369224&_p=1701628680745&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=34548475.1701628681&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fgeocult.ru%2F&dt=Geocult.ru%20-%20%D0%90%D1%81%D1%82%D1%80%D0%BE%D0%BB%D0%BE%D0%B3%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BD%D0%B5%D0%B2%D0%BD%D0%B8%D0%BA.%20%D0%9D%D0%B0%D1%82%D0%B0%D0%BB%D1%8C%D0%BD%D0%B0%D1%8F%20%D0%BA%D0%B0%D1%80%D1%82%D0%B0%2C%20%D0%9B%D1%83%D0%BD%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%BB%D0%B5%D0%BD%D0%B4%D0%B0%D1%80%D1%8C%2C%20%D0%90%D1%81%D1%82%D1%80%D0%BE%D0%BB%D0%BE%D0%B3%D0%B8%D1%8F.&sid=1701628680&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1199
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DHBZR6TRD0&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://geocult.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 30ms
29ms Ping
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-DHBZR6TRD0&cid=34548475.1701628681&gtm=45je3bt0v9135369224&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DHBZR6TRD0&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://geocult.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 61ms
61ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-DHBZR6TRD0&cid=34548475.1701628681&gtm=45je3bt0v9135369224&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=1686033672

Requested by

Host: geocult.ru
URL: https://geocult.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B81F 42 B
63 B 132ms
131ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AaUBFIyp2MKqM_bvNI5BxogAqFI9qTks5FGOI02NbleQ-iyb8893B9bzNn474V9_uSmkaSvrAkYdNLMfRe0mqev8Bo7-apqiwaL8vSUVY0yfXTkF8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628680533&bpp=1&bdt=185&idt=270&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=272

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B81F 0
20 B 133ms
132ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2345204573260420781&x=1&ct=77

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B81F 92 KB
32 KB 89ms
89ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f40994eab15b92af5183f9acf338e0354771054c65024e0aa679b6506f9eb87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32789
x-xss-protection: 0
server: cafe
etag: 17194431578830737671
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 18:38:01 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame B81F 3 KB
1 KB 71ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20350
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 12:58:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame B81F 20 KB
9 KB 72ms
21ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81351
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B81F 202 KB
64 KB 121ms
71ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 18:38:01 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C80D 624 B
246 B 64ms
64ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNXJ8W2_mwI_S32G-tY9fMW5M53hzpj_qegyjnHaQCGGHcaTLsWFiomqoW1FfVOR1_mn95AMIMQy2jmaBFGBkfm4x5V9K0nHqaB5xLiiwaFpe5zRNNZhqonftu5qisXz3WitMHvppBY40YzEDESvbsGVFqoOuBqfIZUB5JWH3RSCLTLXET8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628680533&bpp=1&bdt=185&idt=270&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=272
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 18:38:01 GMT
expires: Sun, 03 Dec 2023 18:38:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame C80D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDCw1pQNdnsVYcu9W_siWFU&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDCw1pQNdnsVYcu9W_siWFU&google_cver=1&C=1

43 B
337 B

36ms
36ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDCw1pQNdnsVYcu9W_siWFU&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNXJ8W2_mwI_S32G-tY9fMW5M53hzpj_qegyjnHaQCGGHcaTLsWFiomqoW1FfVOR1_mn95AMIMQy2jmaBFGBkfm4x5V9K0nHqaB5xLiiwaFpe5zRNNZhqonftu5qisXz3WitMHvppBY40YzEDESvbsGVFqoOuBqfIZUB5JWH3RSCLTLXET8
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JQ0Rc0Z1SgegHczCh9Lt%2FMbSegpgYIR5ruPTcr2kF69hiTo41cbg%2FDpwifpe%2FeJIl6Rz7iyIK0jgNgVTDRDnSA4pcScv%2BhHRbEca%2BL8kj7cNZrQzfJDVoYNY47AnNoLH2drRP93PYkiJPg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82fdec9b7e6903b0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KbNHUMgWcD4XkNsZmqcxKq5U5pMjLTXXYxycIJ9%2Bx4uJj%2F%2BNl8iPuU0rZsdbQiMKv5%2FcY5e8QBEckLdHoXxjziA7QqYDIbwTVf2HKGbLThfb8%2F1MJgV8okqBJt%2BjgdVWhSgIzSg3mDZ0yQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEDCw1pQNdnsVYcu9W_siWFU&google_cver=1&C=1
cache-control: no-cache
cf-ray: 82fdec9b3e2103b0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame C80D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWzLCcWmy15J.hw06rxeWQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDCw1pQNdnsVYcu9W_siWFU&google_cver=1&google_hm=2

43 B
774 B

43ms
43ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDCw1pQNdnsVYcu9W_siWFU&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNXJ8W2_mwI_S32G-tY9fMW5M53hzpj_qegyjnHaQCGGHcaTLsWFiomqoW1FfVOR1_mn95AMIMQy2jmaBFGBkfm4x5V9K0nHqaB5xLiiwaFpe5zRNNZhqonftu5qisXz3WitMHvppBY40YzEDESvbsGVFqoOuBqfIZUB5JWH3RSCLTLXET8
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uno4VuUJH79Equ3AWQc3mZcW%2BXmC%2BS43rZVCFfFb3%2BXRQwSCsalDmQvBnipaf61ziZOy1lAqbDzh6%2F35odnH0ND1GpQnyH%2FrmyVagKxDvyKcjfN8%2Fdtka5Qq%2FdqT5By0LtGryp81JtSzyA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82fdec9bcea66969-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDCw1pQNdnsVYcu9W_siWFU&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame C80D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMuU2oFzwEiXLUDcPO7fIZo&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMuU2oFzwEiXLUDcPO7fIZo%26google_cver%3D1

43 B
889 B

31ms
31ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMuU2oFzwEiXLUDcPO7fIZo%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNXJ8W2_mwI_S32G-tY9fMW5M53hzpj_qegyjnHaQCGGHcaTLsWFiomqoW1FfVOR1_mn95AMIMQy2jmaBFGBkfm4x5V9K0nHqaB5xLiiwaFpe5zRNNZhqonftu5qisXz3WitMHvppBY40YzEDESvbsGVFqoOuBqfIZUB5JWH3RSCLTLXET8

Protocol

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:01 GMT
an-x-request-uuid: 2514aa73-6c07-49be-a2d9-76d050f21529
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 84.19.175.184; 84.19.175.184; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:01 GMT
an-x-request-uuid: d0c17a31-d7f4-473c-ad99-fb57c46e803d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMuU2oFzwEiXLUDcPO7fIZo%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 84.19.175.184; 84.19.175.184; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C80D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU1ODcyMTQ4NDc5NzEyOTE3Nw%3D%3D

170 B
243 B

29ms
29ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU1ODcyMTQ4NDc5NzEyOTE3Nw%3D%3D

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:01 GMT
an-x-request-uuid: b4c419d0-3182-46c7-a070-de505980936c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU1ODcyMTQ4NDc5NzEyOTE3Nw%3D%3D
x-proxy-origin: 84.19.175.184; 84.19.175.184; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B81F 0
20 B 132ms
132ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=707200981112&version=m202311060101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B81F 0
20 B 135ms
134ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=707200981112&version=m202311060101&ct=77&x=1&cor=2345204573260420600

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B81F 20 KB
14 KB 193ms
192ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AWQDZGMmkNFFOHY76m7tw5axdpo3mVyKhnKmGJsRp5lWhQ5u6YK1OCSPrip3N_AFR-dxPU_X2jI4T7malZJaqcGeFLB0dluutMhsJh2qkMZrpFvRod8EGsABLNPAIQuB-qLSI2Nrry49zfwCDxWQLMYCQKl0LmiERIsG4XkHlAsz4gaT7vcNsPeiZDd_JE2qRZFRwKrybgmcp8-roFo30_NaCV9g&cry=1&dbm_d=AKAmf-DrmiOXELH0dLJMicSzRP9x3zzamB8oc51RqAsqR_hB2qt_qVdqnSTVgcW75oLpzG_dHiMU-6LOpR0mXS8p_r7w3NDgc9iPyR2axK-HbFS-LPGq82V7j2Ewdv1xhX6HQtqpG5IyjZRQEP38XbMn_XANjDMD4YxjNbOc7OUI2-U-5SsQT1-LNn565KeiU9hbvRBDvLPWn12CQ4YOmMrDv-nIatFYoxM-NZ01FbZoJkt28hXx18KmL_oe-_b5_OMAxj3eRdnET6c67z3cJ25fRYslnZ72m4IhRax214LqJwSk61lFcX_A8JLjdEIucHXmJ5r12F12MEb4Yx4Sj36vOLXkW3DQDKvMwbBjCkbR9Kaf1XW7tOqBYPMl0Apc4_bYzWFY0T4U7vEIHAgHhjwm_-JS2t8QZxE4f-pJjqI9qferRKBB27MekD3aQaUOK1Nsu1qlsq1sdXOJmB7aid1omN1QIsq2wY8yy1l9im-tEkDHFu7lL1dp7mvzWJRUz9M9eGkQsTiUYEgriKxGzdK5VDpYyifUsd67573JXBYn_gKjVDVyBkltbCEOJzhjHMRd_TUH-TXMwstbSPwQCvy448idtACt_OtoPKdfweQLL3yMdelejQ-9GH-UJyOsdLoeCnxA4MJNzZkqWaK87zXdh2jWSAg8xo0tPuKdoOXeQ6buUsFVh8G5FoLIf2aC9XVbEoOXQmjwQbXtHPoHYH9SSKDPfiKCy7-i4QGE51NRazdCSpOsjG6rlB4wPBUAigCqFqDcepssV7F0-yTVfDybIkPbr3P3SdG_lqBVSkGN4BNElxZb78kVqvskRQ9lMYkolclxcfzQXEs9XvKYhgueGR5ACGn1vcbJYvKTcdvOfEF3II-T7LUAVB4PCuC58MO7motOKrfcqtl9wZdvk02QECg3D_0YmkkwJV8hKUiAyuDLJVvVc238xkAWA41YD4e4sceRMvlKkTpJbAxgDGNxRe_QjI_9BBEaajxOW2mlooWoJTvCxtUDI9H26mvReflzArRP5iUAY36tUw6EfOdlM8XDv4P6JPwQJuRQuZnsQ-5iZUfDuoELOCdqr0RR8OI0rfwRTRKF-XPO6Ur6ONVONreMl_2Acqin1yZI2fHn0cXAbgPhnfPMdAzy4KYDf4o1JdfgI7VxH19zeG75gUaFx_malTCbcE4r8q2NLRWqKwl8ubLzGOg2PaV8gkCTK4N_T3ztiRoa5mHi30A8L7hZOni9p4ceB2PefYEm7JSaIjBgi2IJGh-UdkBe-yl7apENbpo1L2YGLf8Fp5uIX_RqBmG5kOy-yJfDnm1zPEOXzbiX5rbSP7O8lv6ythWTlAAC5ANgeuMXCAg7aNueSJOS7ZZJBMVJjF-QxJnYgDi5a-C8Dc5tvizHwtGhEJbAQmOBCCiNkgz9zo5EvVB2Msn43aYPBMnXJ1aoUhP1URfBp_tW2Bmta0ikdj3JD_6uQ-M2vYGGyeIrS1zoCMVYM0OIzqfkgZBgYguF3Y7NSLkfKx-MZryYr-gVa6QydVaVS0Ji_Kj9IMsTFxuv6I9nzveM6UXvXVjr7R-1KhXZm2tcbozeeNNGdEOu2JQ0LyBx-s7FnSS0QxjKZbqzxL1VViRBg-pGPA-Rz7zbuHDNGoJnQIBFubXiM7Q377enJDR1nDpr-nvweJR038v97il2UFYJDDOfYhtaj01eyIy8TeXVwVpA8Y3N80jdomcGi6TSEAPttnrgO8RI9EVV50v5QKFOc2QK8HaeDEmCiE-P_mNx3pvTqC52vuXWEUCnGesPqty3eoE36ZyQXKoeuf4fgmLAHvLl0ZlxRFngw3x8cJMBrP_CStmPqZ21xVYCPwTJMUKdO_0XXPHIbmm5YoOXjO0-QNTE6ua2-tzSOfYYvopCZn96h0VEcDi-uJeObtgcqi96wgKL3YCA6R5BGIhQ3JZKvPV1XmHW_7okG2UNnyyfRoGYuIGfulkKdtEdQqLZgnJi_2H5AgJmIe6agJXqTOf3fBF_34k5FZKY7hRq1ISVtIZHNzhTOax8r9O1jUbTJuUjNWsowNU8tUG3jskTkK0mUkaEZUcSqCZJB0wcrKf9rbP9qjHfH4sLR7N9SeYb78mIkMvzSkbwYqhQlcw5nL7iE81SK5-ShoxEJxWAEy9Jjp04fwilM4Z_qw4ZpcE8rV-i_GL2SuIheb79zeq0-D-FXSxILXAhkL6eveY9OR19mVXcYPwvpZXGrLgeBbHIq7qvgqvPdozbF7_IPRcptioVm6kKwvmC9QFlN5RcO0Rf0QpEwsnGLiQ_HAytRv8rRlGZEbMG4ChDzXU7qKCiCSkrgdOfcTxKq0kQ7vy75ZU2Me8mgBJs3qXK-hZmUFfOeLj-KNtOF6FhJfCLSSKtrD9CNUgkOWFVuWlAO1eHgyb7R7P3GW3desCwzxDXRN5ftyySUBp4B4yXqIW12Mcx_YcMirJBGYwosIegosHZyzHXRSECWDDuc9XJzC6JS_rFkBgnf0xTysZuBXbEtDkZA0qQbLM7pLfGk6ph04lVbGLdEh22fw_cAF0LEW2r7TlOHeRNF_Pw637_egVwFMnYXI2knm3i0rn2aPvrEqtli7-S6PZZ6chxlZApnA-J3cIPqoWHs7CWIdHBW9nFh-3U_d5NSezym8HooUcI0OH-0O94gl6lQ4y1jyWwilM7SuZSNcEwMinpz3ANrcsSVyvCSyYHv0q-sJT_oV8CKqtRAhGKKMhYZCwKu21F32bm646srsC2NqW6tn8Qdu2kR3j8zZM5dHqAL9ygZkZ22NvaNLfkZlrbi0GrysWNooX4hUCY9qJK5S7QbPxosAXDB3tUyL7L7D_zw8aJJ3Bo6wVZMe2SIFtV0mPvLAf69TcVDHoRsU2BOwmbJ9XBX-T7B8-sUlfqbFvs29trDSpMkytvLxPJjWj4NHPr6x7E3NFMPacNi7KwpNKQ6vGW3z-bF4urK5YWv9xdQNkSg-2qKaqXNiPzJiKE88yEOEF_9wvaM4LIEoJ3MpHPrlUb0dm_JHI3k9FJHYqmTEzr8XEIMKT4_UBaA2X0DLbQL_nDxH1qJi3tZYlg7QVbx5fJgd38ajzaLb8pwKl9B7A62GzX-3H5Nt-0AILQKdD6IY6lPVLKh0nFJgocuEJiRH8_XiD0pjRnA79QD52o755b6A6nreMiczdPSTKwQCE9R8gcjE4BjkIcWr30XpqAF16mjk7EGwnj76CwSb2FPWOpbQAfSmgOuthY_Q0ACpEuG5ZUha9xz17P4nD_JM0vWZ0q1h1N_63-n4qYhM-7d5JAcIZXnVeVKibxHPVkscnbdaJ_duGZ3pXEt-3Rq8T87qnFTZDtC2aqfs4Rq1xVQTM6qhN9L8LawOIZgnfL6tjRJy7hF5363_T3AHQtvFugkBszTEJkTbZr1PDhxchb4fpeEUvOB7Ve6RnuyvnPl2kQ-VlbqD17cow1vKuXF0kQtj4JK0-8XVZ3QnsFat8AKR0eoFLLtrJEAss9TGh7c5DVHs18T5b1GCG7-5SFDCUN0j_CxdY4O7EbSu_0sIlHJbWvXh_aKKzEytTx428w--J54Vy8nY0UJ15CFUz85sw_NqYRA0HxTw9t-MA7CAk0TAO6KRA6eP4pYdeePNxW67P7OsSfo4rJEaEGNviwi4dvj1YOyOHvTZs4VEMaYc6wlGG41GSIywlB9xmU5eEhOu_Vs0QMUiEgWFCvddt9ABFDvA2ydu0KdIVN0WeOvvDnyVBRnFDH73nryrYcIfiamhcKD_ebh9C7XhBibcFvzb-IQQi_n08BDezh-A2sU6vunvi29OCgXlzhjP9rsq3hZWosQiK48QI0Fx77RQTAOvsV9Eum87ekK97yeCvy2FCdTONvtJ3TOGltzhSPcJ-WRcLZMML3kpzVrK-zeS-TcAlDisTP0vRxwCC63RLo6UfFGsa8fXBq2ijkZ7CTinO7eAdveGr7H61i5g9uKbzOdbzIs23I9CkppWdAU53ChSJo7Tief_2j1gQy59V9FFrEctJ7dCKhetSp3GxmFiUJQCDr3VzKxbrxG71guv7NLo-RpnXm-rho2A4-mLcFrrWEGJQcovbNQWtIAXx09wloXb-ecEr2&cid=CAQSTwDICaaNehIpGHT4p3t5hXfsFlO4ZNIgihsig4XCB9djN2Q4RCtlXfoiAemjtONLPJAToWQ-Dwx_pzet9QfU9aTtnhVz67Ca2JUvbzz2RHoYAQ&dc_eid=31079496&dv3_ver=m202311060101&rfl=https%3A%2F%2Fgeocult.ru%2F&ds=l&xdt=1&iif=1&cor=2345204573260420600&adk=250412560&idt=97&cac=0&dtd=26

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cf33023b269c203afae38ff350b47a642fd2d8436709c4e658f2437dbd82bb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628680533&bpp=1&bdt=185&idt=270&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=272
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13873
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9321 42 B
63 B 133ms
133ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ANJ-3r6uYq7DlJUeiRCIX8A2eczhQXFvbvPDHN6fnoW4lTPGGPYvs-QyW-gN2eO06liDPMzGZOl23nbtEH7_JfuUcdtqcigLoygWWYO485qPbxwNY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628680534&bpp=1&bdt=186&idt=274&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=276

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9321 0
20 B 135ms
133ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10592661570289953208&x=1&ct=77

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9321 89 KB
31 KB 96ms
95ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 18:38:01 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 9321 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20350
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 12:58:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 9321 20 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81351
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9321 202 KB
64 KB 100ms
99ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 18:38:01 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 74F6 624 B
245 B 66ms
66ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNW6cLb6qTd7CwWp-nXDVi6K3arAaCsDAoR_d0O2DhaeDo_yZF_XFVYTY5P3GyfX8R1pSIMWC0Y_6kxbQMKZfACA_JLgehrrj1G_bmw9U-J5ZFwH_42ysfnnbQNNBkhs2-s3oxJ2yJPtQ6pUIcUMuRmnJk_w6Qj0jtwyKplVp4mqZBSeOTY

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628680534&bpp=1&bdt=186&idt=274&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=276
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 18:38:01 GMT
expires: Sun, 03 Dec 2023 18:38:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame B81F 41 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AWQDZGMmkNFFOHY76m7tw5axdpo3mVyKhnKmGJsRp5lWhQ5u6YK1OCSPrip3N_AFR-dxPU_X2jI4T7malZJaqcGeFLB0dluutMhsJh2qkMZrpFvRod8EGsABLNPAIQuB-qLSI2Nrry49zfwCDxWQLMYCQKl0LmiERIsG4XkHlAsz4gaT7vcNsPeiZDd_JE2qRZFRwKrybgmcp8-roFo30_NaCV9g&cry=1&dbm_d=AKAmf-DrmiOXELH0dLJMicSzRP9x3zzamB8oc51RqAsqR_hB2qt_qVdqnSTVgcW75oLpzG_dHiMU-6LOpR0mXS8p_r7w3NDgc9iPyR2axK-HbFS-LPGq82V7j2Ewdv1xhX6HQtqpG5IyjZRQEP38XbMn_XANjDMD4YxjNbOc7OUI2-U-5SsQT1-LNn565KeiU9hbvRBDvLPWn12CQ4YOmMrDv-nIatFYoxM-NZ01FbZoJkt28hXx18KmL_oe-_b5_OMAxj3eRdnET6c67z3cJ25fRYslnZ72m4IhRax214LqJwSk61lFcX_A8JLjdEIucHXmJ5r12F12MEb4Yx4Sj36vOLXkW3DQDKvMwbBjCkbR9Kaf1XW7tOqBYPMl0Apc4_bYzWFY0T4U7vEIHAgHhjwm_-JS2t8QZxE4f-pJjqI9qferRKBB27MekD3aQaUOK1Nsu1qlsq1sdXOJmB7aid1omN1QIsq2wY8yy1l9im-tEkDHFu7lL1dp7mvzWJRUz9M9eGkQsTiUYEgriKxGzdK5VDpYyifUsd67573JXBYn_gKjVDVyBkltbCEOJzhjHMRd_TUH-TXMwstbSPwQCvy448idtACt_OtoPKdfweQLL3yMdelejQ-9GH-UJyOsdLoeCnxA4MJNzZkqWaK87zXdh2jWSAg8xo0tPuKdoOXeQ6buUsFVh8G5FoLIf2aC9XVbEoOXQmjwQbXtHPoHYH9SSKDPfiKCy7-i4QGE51NRazdCSpOsjG6rlB4wPBUAigCqFqDcepssV7F0-yTVfDybIkPbr3P3SdG_lqBVSkGN4BNElxZb78kVqvskRQ9lMYkolclxcfzQXEs9XvKYhgueGR5ACGn1vcbJYvKTcdvOfEF3II-T7LUAVB4PCuC58MO7motOKrfcqtl9wZdvk02QECg3D_0YmkkwJV8hKUiAyuDLJVvVc238xkAWA41YD4e4sceRMvlKkTpJbAxgDGNxRe_QjI_9BBEaajxOW2mlooWoJTvCxtUDI9H26mvReflzArRP5iUAY36tUw6EfOdlM8XDv4P6JPwQJuRQuZnsQ-5iZUfDuoELOCdqr0RR8OI0rfwRTRKF-XPO6Ur6ONVONreMl_2Acqin1yZI2fHn0cXAbgPhnfPMdAzy4KYDf4o1JdfgI7VxH19zeG75gUaFx_malTCbcE4r8q2NLRWqKwl8ubLzGOg2PaV8gkCTK4N_T3ztiRoa5mHi30A8L7hZOni9p4ceB2PefYEm7JSaIjBgi2IJGh-UdkBe-yl7apENbpo1L2YGLf8Fp5uIX_RqBmG5kOy-yJfDnm1zPEOXzbiX5rbSP7O8lv6ythWTlAAC5ANgeuMXCAg7aNueSJOS7ZZJBMVJjF-QxJnYgDi5a-C8Dc5tvizHwtGhEJbAQmOBCCiNkgz9zo5EvVB2Msn43aYPBMnXJ1aoUhP1URfBp_tW2Bmta0ikdj3JD_6uQ-M2vYGGyeIrS1zoCMVYM0OIzqfkgZBgYguF3Y7NSLkfKx-MZryYr-gVa6QydVaVS0Ji_Kj9IMsTFxuv6I9nzveM6UXvXVjr7R-1KhXZm2tcbozeeNNGdEOu2JQ0LyBx-s7FnSS0QxjKZbqzxL1VViRBg-pGPA-Rz7zbuHDNGoJnQIBFubXiM7Q377enJDR1nDpr-nvweJR038v97il2UFYJDDOfYhtaj01eyIy8TeXVwVpA8Y3N80jdomcGi6TSEAPttnrgO8RI9EVV50v5QKFOc2QK8HaeDEmCiE-P_mNx3pvTqC52vuXWEUCnGesPqty3eoE36ZyQXKoeuf4fgmLAHvLl0ZlxRFngw3x8cJMBrP_CStmPqZ21xVYCPwTJMUKdO_0XXPHIbmm5YoOXjO0-QNTE6ua2-tzSOfYYvopCZn96h0VEcDi-uJeObtgcqi96wgKL3YCA6R5BGIhQ3JZKvPV1XmHW_7okG2UNnyyfRoGYuIGfulkKdtEdQqLZgnJi_2H5AgJmIe6agJXqTOf3fBF_34k5FZKY7hRq1ISVtIZHNzhTOax8r9O1jUbTJuUjNWsowNU8tUG3jskTkK0mUkaEZUcSqCZJB0wcrKf9rbP9qjHfH4sLR7N9SeYb78mIkMvzSkbwYqhQlcw5nL7iE81SK5-ShoxEJxWAEy9Jjp04fwilM4Z_qw4ZpcE8rV-i_GL2SuIheb79zeq0-D-FXSxILXAhkL6eveY9OR19mVXcYPwvpZXGrLgeBbHIq7qvgqvPdozbF7_IPRcptioVm6kKwvmC9QFlN5RcO0Rf0QpEwsnGLiQ_HAytRv8rRlGZEbMG4ChDzXU7qKCiCSkrgdOfcTxKq0kQ7vy75ZU2Me8mgBJs3qXK-hZmUFfOeLj-KNtOF6FhJfCLSSKtrD9CNUgkOWFVuWlAO1eHgyb7R7P3GW3desCwzxDXRN5ftyySUBp4B4yXqIW12Mcx_YcMirJBGYwosIegosHZyzHXRSECWDDuc9XJzC6JS_rFkBgnf0xTysZuBXbEtDkZA0qQbLM7pLfGk6ph04lVbGLdEh22fw_cAF0LEW2r7TlOHeRNF_Pw637_egVwFMnYXI2knm3i0rn2aPvrEqtli7-S6PZZ6chxlZApnA-J3cIPqoWHs7CWIdHBW9nFh-3U_d5NSezym8HooUcI0OH-0O94gl6lQ4y1jyWwilM7SuZSNcEwMinpz3ANrcsSVyvCSyYHv0q-sJT_oV8CKqtRAhGKKMhYZCwKu21F32bm646srsC2NqW6tn8Qdu2kR3j8zZM5dHqAL9ygZkZ22NvaNLfkZlrbi0GrysWNooX4hUCY9qJK5S7QbPxosAXDB3tUyL7L7D_zw8aJJ3Bo6wVZMe2SIFtV0mPvLAf69TcVDHoRsU2BOwmbJ9XBX-T7B8-sUlfqbFvs29trDSpMkytvLxPJjWj4NHPr6x7E3NFMPacNi7KwpNKQ6vGW3z-bF4urK5YWv9xdQNkSg-2qKaqXNiPzJiKE88yEOEF_9wvaM4LIEoJ3MpHPrlUb0dm_JHI3k9FJHYqmTEzr8XEIMKT4_UBaA2X0DLbQL_nDxH1qJi3tZYlg7QVbx5fJgd38ajzaLb8pwKl9B7A62GzX-3H5Nt-0AILQKdD6IY6lPVLKh0nFJgocuEJiRH8_XiD0pjRnA79QD52o755b6A6nreMiczdPSTKwQCE9R8gcjE4BjkIcWr30XpqAF16mjk7EGwnj76CwSb2FPWOpbQAfSmgOuthY_Q0ACpEuG5ZUha9xz17P4nD_JM0vWZ0q1h1N_63-n4qYhM-7d5JAcIZXnVeVKibxHPVkscnbdaJ_duGZ3pXEt-3Rq8T87qnFTZDtC2aqfs4Rq1xVQTM6qhN9L8LawOIZgnfL6tjRJy7hF5363_T3AHQtvFugkBszTEJkTbZr1PDhxchb4fpeEUvOB7Ve6RnuyvnPl2kQ-VlbqD17cow1vKuXF0kQtj4JK0-8XVZ3QnsFat8AKR0eoFLLtrJEAss9TGh7c5DVHs18T5b1GCG7-5SFDCUN0j_CxdY4O7EbSu_0sIlHJbWvXh_aKKzEytTx428w--J54Vy8nY0UJ15CFUz85sw_NqYRA0HxTw9t-MA7CAk0TAO6KRA6eP4pYdeePNxW67P7OsSfo4rJEaEGNviwi4dvj1YOyOHvTZs4VEMaYc6wlGG41GSIywlB9xmU5eEhOu_Vs0QMUiEgWFCvddt9ABFDvA2ydu0KdIVN0WeOvvDnyVBRnFDH73nryrYcIfiamhcKD_ebh9C7XhBibcFvzb-IQQi_n08BDezh-A2sU6vunvi29OCgXlzhjP9rsq3hZWosQiK48QI0Fx77RQTAOvsV9Eum87ekK97yeCvy2FCdTONvtJ3TOGltzhSPcJ-WRcLZMML3kpzVrK-zeS-TcAlDisTP0vRxwCC63RLo6UfFGsa8fXBq2ijkZ7CTinO7eAdveGr7H61i5g9uKbzOdbzIs23I9CkppWdAU53ChSJo7Tief_2j1gQy59V9FFrEctJ7dCKhetSp3GxmFiUJQCDr3VzKxbrxG71guv7NLo-RpnXm-rho2A4-mLcFrrWEGJQcovbNQWtIAXx09wloXb-ecEr2&cid=CAQSTwDICaaNehIpGHT4p3t5hXfsFlO4ZNIgihsig4XCB9djN2Q4RCtlXfoiAemjtONLPJAToWQ-Dwx_pzet9QfU9aTtnhVz67Ca2JUvbzz2RHoYAQ&dc_eid=31079496&dv3_ver=m202311060101&rfl=https%3A%2F%2Fgeocult.ru%2F&ds=l&xdt=1&iif=1&cor=2345204573260420600&adk=250412560&idt=97&cac=0&dtd=26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 174773
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTYyODY4MTQ1NTI1NgogIHNlcnZlcl9pcDogMTI2MDY4ODUyCiAgcHJvY2Vzc19pZDogNDEyNzQxMzc1NAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame B81F 0
948 B 117ms
57ms Image
image/png 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTYyODY4MTQ1NTI1NgogIHNlcnZlcl9pcDogMTI2MDY4ODUyCiAgcHJvY2Vzc19pZDogNDEyNzQxMzc1NAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAzNjU1ODM0ODE0ODk0NjYwNzA0CmRlYnVnX2tleTogMTQ4OTY0NzUzMDEyMjA5MTIwMzkKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTEyLTAzIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIxNzU0MzcKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjY2MDE0MjA2MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNjIxNjc4NwogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vYWQtc3J2Lm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2tsaWNrLXdlbHQuZGUiCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:01 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x5d733df3e328ca670000000000000000","13":"0x42a50a8e60b3c2d90000000000000000","14":"0xb6bfca98681eda470000000000000000","15":"0xc7cf36a5cbc16aab0000000000000000"},"debug_key":"14896475301220912039","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"3655834814894660704"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 33lgkyejwpt3 Show response
hal9000.redintelligence.net/zone/ Frame B81F 12 KB
4 KB 98ms
27ms Script
text/html 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/33lgkyejwpt3?subid=&gdpr=&gdpr_consent=&rnd=1701628680908963&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCU4AhCMtsZaO9N8mgi9YPxdCiiAym5b2gaZ2cnKfJD_AuEAEg1MealwFglYKAgLgHyAEJqQKHFnI5ikKyPqgDAcgDmwSqBNgBT9CNq-fO3bJtdV2WzgELzBmyV4Jk-wsZwJKjBwC9QG2i4PDORMbX5MHJfl2eF0dfLUwnINI3yNM7nd_vB87Jgc69BkAbLnEKKA5d7iuaSyMHX92WULfLjjZhXPWHfuXINkJQdGDYRPfvHpqoee5niy9hPvwwgyQi4mC50xpnGItU6DdCeQLISX3VojuH8LobH2MJhqkhOFJIEfbOD9Gi77QKnUVluLv4lvoUYMEqpyhUuyyREAkDZHpHOhpwEtrnvecHZ5bVWR0J1AwWSA_xYKXKJMWgTFZvwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WL2gvuj084IDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAru7sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNehIpGHT4p3t5hXfsFlO4ZNIgihsig4XCB9djN2Q4RCtlXfoiAemjtONLPJAToWQ-Dwx_pzet9QfU9aTtnhVz67Ca2JUvbzz2RHoYAQ%26sig%3DAOD64_1whpmNBa5CJy-3pLqMmXbtJzFfYA%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-B04gPFCQxy4tw-IGAaA1j-u8t5tf7tN4gchFtYb9ztJPVtIre-KIP6LI2OqE74PDfmR_kYO6Op-yufxspXHIbPfh60Teze7gp6cMMv61nKFhkFP2Go3-Ix1bsNKLAfXByVihmNzbF0hkTBde4r6TukuOztVGSG_IM6N3TeIQppH_VvZa7Nuw0bUzXXeAKdgd_g0jnhK4gDCVodQk18hSvyH2KL7w%26cry%3D1%26dbm_d%3DAKAmf-A0abkHbd0zb_O2CEjwiHsKf-gcn0ziPgPfIKW3REDG_yZ7WV43uNf0x2w1KCCdYqC1Xz3pI10T88PUDGs0kAywVQPRfHNpsRbhyYtgQ7KQBCnVre0v4P5TETfMsuviu_A-fRet2VdxSxPU0iqnpiKUS2iJ2SOD5dXzsMYbEk-H1kqb_dP6NFSJR0gCkGd2RjPm08wTo5aTUD1Je8wzNyiB45833UyOYn1wOp7CZlC8viIfKYw5DRUK4YPdpkhNfaoHi9-mjBpwgIUZTUqaXm9iuN0kymc22F0tI5ZMb-oObK3MZN54fDyIjz1QQ1iG4pG7iYxFbU9LtkCeTxeg5T5PePABmMAfiUTZfnST0xFPPCovcd-fXv56jVeN4B_fUg7YqYTQ6Fsk0KnyIyv5QuUGXzkarjDmzQrFRBY482qOZ4jX1t0pBeCamPXU87jxJMS3g7m5xTuAWwDrjWlDISKNmz0eoMJB7H5SzJK9RAxBsEzqdLXTTmkofr5h0MhN-abgOocJPfdCFqp-V3lg2FbYBQpM5-KUd4vSG41J3qxn2tAsz47l9Fp11_2whBxkov7n26QlvlG4E5ZYDG311IWBocQsxQ%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628680533&bpp=1&bdt=185&idt=270&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=272
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 8f449aded8f88c8b9e2c73ea930facc156452d56245347f273464bfc81ef3c47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 18:38:01 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4223
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 4F9C 38 KB
13 KB 20ms
20ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 52198
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 04:08:03 GMT
expires: Mon, 02 Dec 2024 04:08:03 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 74F6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDCw1pQNdnsVYcu9W_siWFU&google_cver=1

43 B
731 B

45ms
45ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDCw1pQNdnsVYcu9W_siWFU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNW6cLb6qTd7CwWp-nXDVi6K3arAaCsDAoR_d0O2DhaeDo_yZF_XFVYTY5P3GyfX8R1pSIMWC0Y_6kxbQMKZfACA_JLgehrrj1G_bmw9U-J5ZFwH_42ysfnnbQNNBkhs2-s3oxJ2yJPtQ6pUIcUMuRmnJk_w6Qj0jtwyKplVp4mqZBSeOTY
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Co2kCH5frV4Vs3Af9fLnqkPXz90ere0hPN6HkDhfzM8PNw8U6r%2B3L3g7kTp9luf%2BxW4OmGmp7BvEGeORDL2Zt35ryrXtcUsO1W2M6NHlX7Bpmhek2XDKiY3qXyRGb6NHWF1kXrLWg6V93A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82fdec9cc8196969-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDCw1pQNdnsVYcu9W_siWFU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 74F6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWzLCWsfZtUmsOwhCOgB4wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDCw1pQNdnsVYcu9W_siWFU&google_cver=1

43 B
734 B

58ms
58ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDCw1pQNdnsVYcu9W_siWFU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNW6cLb6qTd7CwWp-nXDVi6K3arAaCsDAoR_d0O2DhaeDo_yZF_XFVYTY5P3GyfX8R1pSIMWC0Y_6kxbQMKZfACA_JLgehrrj1G_bmw9U-J5ZFwH_42ysfnnbQNNBkhs2-s3oxJ2yJPtQ6pUIcUMuRmnJk_w6Qj0jtwyKplVp4mqZBSeOTY
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SpPONgVOYBT%2BDq5iBgqom864M4J83BHqjyPdFvvEGFQJwnQkTTROtGGhnpAI5L3soxiEZIZAY54iFFOuvB7BpHjxkzQx8Dc00DOibKnQbSGPBP7K%2BVUhknZi1OTNZ5lO1a2PfyNTXhmKGw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82fdec9d39046969-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDCw1pQNdnsVYcu9W_siWFU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 74F6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMuU2oFzwEiXLUDcPO7fIZo&google_cver=1

43 B
838 B

30ms
30ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMuU2oFzwEiXLUDcPO7fIZo&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNW6cLb6qTd7CwWp-nXDVi6K3arAaCsDAoR_d0O2DhaeDo_yZF_XFVYTY5P3GyfX8R1pSIMWC0Y_6kxbQMKZfACA_JLgehrrj1G_bmw9U-J5ZFwH_42ysfnnbQNNBkhs2-s3oxJ2yJPtQ6pUIcUMuRmnJk_w6Qj0jtwyKplVp4mqZBSeOTY

Protocol

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:01 GMT
an-x-request-uuid: 55c0f69a-60e9-4831-a65a-8bbea868a0f1
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 84.19.175.184; 84.19.175.184; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMuU2oFzwEiXLUDcPO7fIZo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 74F6
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU1ODcyMTQ4NDc5NzEyOTE3Nw%3D%3D

170 B
188 B

32ms
31ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU1ODcyMTQ4NDc5NzEyOTE3Nw%3D%3D

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:01 GMT
an-x-request-uuid: 77c5a683-9ff1-4357-9c58-52496745ea53
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU1ODcyMTQ4NDc5NzEyOTE3Nw%3D%3D
x-proxy-origin: 84.19.175.184; 84.19.175.184; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 4F9C 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:58:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Dec 2024 12:58:53 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9321 0
20 B 132ms
131ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7534212993708&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9321 0
20 B 133ms
133ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7534212993708&version=m202309260101&ct=77&x=1&cor=10592661570289953000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9321 20 KB
13 KB 315ms
314ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CkFUd8vClNRpfCtdRv8Dg5r232XoN6TceTdmgNOOEMIvEwbytDQS4yqWqMMWEW33CBpKNdbOr-ZCKoO0l_Quz185Mt57WfTWA7wV5bkJ45Vj0pe5kGQRjkTmc4fxZVbwgC9ZNGZ4yu8603nWXdAEpMCRFKWK5sCnuLmIzGbdV66U_2k1Q&cry=1&dbm_d=AKAmf-DAhoEs5X6os5OYNWQ6yRBvr0C6Bj5YYsjxIzjUbktj6PaCBE5AoBd703ffF0rHaRpXWTE8VfZQsBjk-RXgqWJ3AE6LLOy0mW5hkTwugjSRyAVTCmkMoGbYu88YGqRaVllS13QBkLKdoSAxS2Ov3vilUMgrWlM97Xfyj0TQLf9OYU_O8ORVZRNGbybEk1v_vNyZ0Uf7hEjRF_k2ZQhrIVcRwdF8VxblD4D8OeIzI5enRLv-LpDD2Z64grBdtVvVPRhiboo6yvzU3w5YSuK5eOKqgXosuNBsQc0CJ0cOycvxUFRI-ewInpf62LEF2cODmHLR7tHgvl9SRAuSNYEUKoK3v372Npp-AxX8j8UG60mxSqhqZM_gd2b_Y7upe6JhCvuwp6UC1Zzj725JVEUvca1m0dy8emcG6QEq1OO7kcLLC6Gd12CnEEIWYQhmTC6l-C92XXT4RCQm-5wDAgxNz4NsdKGcCQbTMoHsU9CHe81p4_w9Anr4mHVI6b7jTjLG1EPKCDM8Iy1zI3QMsyxhwKTCroAmMclNU3owdtweYZZURTRdWsLx5FJLfFsuuxDRfp9JgGsaRbV1PvDNTkfPe0pWUt8-T9qL_H8WWxKCkrNgMcJHAvzFgxlDMRvkcquA4asYEOWFVne_Sj4KvPB-liiQekuu4z78-n4_akMmWMd2Ecoy3Rup4wYAMhw57zOM508bwPb8rBLtSkbcNJQLLuykq-haYcwQvwTgSs9jBo_OfDwSUW0lQP0R8CQ9gIrtq4A1HrAjnmZEX63pg3UbrofIeSknbcMF5tpBfrKCwfsLOr1eH2y2vLTTSvydy4mnTzS1yJ5RjaLFH2Mi7lfuvsgbA-JldBrhxZVGO0t5UpLbbSRWn71w3kGPB-A76YfQkC8Nh6YpugQhpAY7lI5ok8ZUJNGQvRBJ6mMKsj0A_VweEO9ioIil9JAr6-lWnVdRV9FLDr6IbtXbQCcTASYE7s2TeXUnnkzRygHlGCpysv_awE4RCxHsxrpnG4cRzxk0P7-8JHoKf1TagYbTHqK0OqayoV-IME1WNXLb5k4PLUHOUKsTk4A2H0Ccyfx5xkWtNIbGCBskddG3YkQ-me91qvEeIrIvP2iiUCjpEDLCgWVPYlym49sEUWtqfijd4LXHpxW9f_LYSXjFeRByUzarWXwcopcAtQuefu9zBvI45faH5aqJz8vyRvytya6DpJu1O2F-KRcaUeH5DQUWM4czlCBkZWTKNXtMlI2tj-ue-V5K6FW0VaBZDgAnymEQ-GX32ow9LojJSVBt4SO6fms64ryW6ElDU4p8SL0I5KxI9RLd6ida78vcf9Hos-DfNY3vxO7wTGGkLy6b2gNzvMs4MXtmi6qsvPSbmPDO-fNAL5S08JnYAuax2svP8VgPdOZBi9Z6Z7cJ3PolQ_QNyGU_GRPZH5uYvbT0OZ6cAQHdPun41l_VhFkVA1aPXJW1NrCQo5emXsJjvCzK5z2hYUF7I0t5dlxypWnCAe6gRDh7Z0U6_p4JQLZAWBPLwNCRRVgWUE22D5puPLY-sRdUn8XM25I0BqaBAC5ijilxt6-xdifxz9QPCdBgIkD7temSekXp4S6wnNMGMqbY3zI6sObjvHdt-1aXc_TW-ieBOF3tHrroo83xqzUWM2f_7dcZkged_w3hKrzGdVuDWLiBluAWykR-dPBTZvazkrqgMl9rZYDzkymnICrlpsq40-kNitGi9mVJJ6cUydaWU-e7aXGv5D3VanVFksTSFne5r_DzdYnceYlJuJEGJ_I8NfLJKw_pbl3LjJByay-NO4V1P6RAy5UESfr_7G3ufI8vgBGgcifKsr-Q5NogFPJPEU6m_xL1mftKQivCUuQDE08_YVtHCmOqp4rM0xyAq8YkRqjVpTlZK7oEBJs4mJJmT3k8Ufn7p4szCtRI-SPBDN_aXCuVNNH-GAu4aZ4xh0ZhY8TlcNRao3CGjcUhckSqaxcuQK8MOUK1r8jw2hdX-f8gxREQLBEUJUoKTaiDnUldFMwYXAi29vyZYb1Ox_yha1ciB1Q-L3hgWQsyuduMzTW9E60yiLA-QuAI07007UMU1JgAMlDwIF7YEmDuFUfrjBi0oqMBG6krXLJ1sxgQpuTyjp8pMpFS3OrDbtRgZC9qJ7z5Fl7U7Ml-0Tl5izVB1igtgaRadcaKbVGR-QhdUsa5IK6eae1DZuH2MtiVr7UXwDAIzgpkIWlIAw-uBJqdz8-piPVUJtM9TCLk6qR8Q1H1q4dJygpIL2p2-z6mEeEuNgcQMrmfLvkcJUbSzk3hqKeMxXI5mVkMGQMsjzMum-5VL7uPA9wGnpGexd8Hj5jfFqltAyIp_siBJe8EjvO-b4dtu90d4pZR1rWcC-TBZwTVWNadpOXTL8GCHkAUE1vGwajU_8qsUxGjoyPSpKsBw8ZmKwKlNCYhJLng4tkEJ75Y5G4G2ubPrPHU30gVOm3DsFkwZ4cIvrwKeoU7_hoPz4PGZNZMNozh3iqfn2V28dNz85XN6-VBtUFjY1ReGg3Xx3yoEgNOJ75Ryl-nObqCRpG1BUSpm8V3um5SEziFWWZ2C4Wd4wQklxhGXZvA4Zd7dqcVDSRSKUNCwlzMlFWIdTcH6cJPqzM4rupFJpN8riatbJzgzdNFF6wIMJnufvkIjw5GpuecHJYYXGcBhAW1MTlO6P8KBMg5HomKqvH8mCjEtSlY8s1mSQRDKShMw6xhVcVIioAR8W8DSbzJTagBV71fwJUDjklf877R7xIGKsd2ekCUoEpxaqEF1-xfR17OpAIOMhdl_PZu8YquSdPrOzXcZ6h5OjhSKswzUl91DID0Px3VnlS83Elu7BpXKo5CZkTfUSRnr1Ue0rC5OhylqNDyiRvGJfifdu6uYCvSXsGrHm4kiFIOjKOGWK4NHDdIflVfvWtGUSBwV7poaOzjRX-9DR5iVYedowj_w6wUC-3rqELuKMy_Pb3ZT84lEaSfKyM6XKaE9uTwqixbN3c56VTHsBGtRkyDMgcc21rMhKcgeg3Ao1kXhRPmhwKi0CG6pO_N2CwY6o4d0y6G89yb-005tiSadxhtQ29ck_6UUA0ZIu2L4gQACKPex6QpH13iL-6jQv_6e9-5KKJQijkEZL9NvPMw8LnaYBnwrqJjepqSLi9onEGa-RSCmmioFfzs9PXu3leEbAjgvx_xc8xpBwrfMkS2GSGzshORdhKFwty2d5cPpIQlPH7u2DNyMQPNyasuODafByaW8QlmLQ_4YmFsC4JiUe-BH1rMf4CAgQFWpJjr0W1nI54rukuh1GpwTgPNdeCzNyoL5GNVBJN4bYcDJt0XLDF5UJNTlv55NBeFbd4pLeaHutN0DGupLqu7dkTgTIIs0PikGuM1HprvPTGep8Zjl3Vjhq6sD9ns4wcyX086jZ65eQWy_1mHeEmeknADdJhAuUP2jmIgSZWf7CqoAd0SfLvrdcYubx2pEiIx9UFoRWsmtlFsyRnC2qBolFaOOFGhJNRQy3qYDqVoWY-wyzNwsPplDQANN8Q608ZplvKDn9tOM8k_1eWkV00KdjSBBXVn47ZJt0RR-O-h01DUy4miWyXNYdZ2EYCuMuZKTrItW_O4_wJxo8OEin-Yare760arUW7Jj2KnrzjFnudjb-6HYoqaVOh04Ak9-3_TcfYcXg9xBEqXKPXL7Ajj1fhgbXBKNuhFeGs5m-E-AtmMngqdoqQDPgiU5vvZxgqhNMNnCm49CKAR0LpiUK28MH5xFrt_NpNYUY2SAn-Y6jF8Q4y_ZHhCvjKrSJckvWADe_NQVgACEnyPkYlVMQoQpTKwgjeSXFpi6c2oP9C9_LZn7CpqT6cAD6lFQRE3OOKdftT_Deb22D1B99CFxBo7VGUcVuJ9D0y4hmmHMlNchdAXSuqmSgWllX7txd7qVw2Tw6Nrara0CvC3nNUCb6tT6Pbnu-4SGqr0RMOzoa02ep8O4oI4nb5y-J2_gLqoqK6taNlK4lx-gVNCY6eF2hMLD3SGNA0697QN3JHuvH74J2ABk5akObU35I0t_MFHRxJxxMNhjlOjddDD_VVgyZlxGumZzhdm4v-e4Nw&cid=CAQSTwDICaaNY2UQrbJ3VoHTYm0vYpAgM48oJydNPQPwwQNMegGUZXLTH5LZ81dcvqynW_SUVlPliA5mFZ8TgRImYUnoTYnpjIF9Fx39weWQC6wYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgeocult.ru%2F&ds=l&xdt=1&iif=1&cor=10592661570289953000&adk=2228999115&idt=104&cac=0&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b137d3129b4891e8888c2fd67e1cbf91416c19d3e028470b0be882aff4526c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628680534&bpp=1&bdt=186&idt=274&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=276
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13772
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

request.php Show response
hal900027.redintelligence.net/ Frame B81F
Redirect Chain

https://hal900027.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=ecaeac0a71&subid=&uid=e4d9c2740787684e&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900027.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=ecaeac0a71&subid=&uid=e4d9c2740787684e&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

199ms
147ms

Script
application/x-javascript

78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=ecaeac0a71&subid=&uid=e4d9c2740787684e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCU4AhCMtsZaO9N8mgi9YPxdCiiAym5b2gaZ2cnKfJD_AuEAEg1MealwFglYKAgLgHyAEJqQKHFnI5ikKyPqgDAcgDmwSqBNgBT9CNq-fO3bJtdV2WzgELzBmyV4Jk-wsZwJKjBwC9QG2i4PDORMbX5MHJfl2eF0dfLUwnINI3yNM7nd_vB87Jgc69BkAbLnEKKA5d7iuaSyMHX92WULfLjjZhXPWHfuXINkJQdGDYRPfvHpqoee5niy9hPvwwgyQi4mC50xpnGItU6DdCeQLISX3VojuH8LobH2MJhqkhOFJIEfbOD9Gi77QKnUVluLv4lvoUYMEqpyhUuyyREAkDZHpHOhpwEtrnvecHZ5bVWR0J1AwWSA_xYKXKJMWgTFZvwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WL2gvuj084IDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAru7sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNehIpGHT4p3t5hXfsFlO4ZNIgihsig4XCB9djN2Q4RCtlXfoiAemjtONLPJAToWQ-Dwx_pzet9QfU9aTtnhVz67Ca2JUvbzz2RHoYAQ%26sig%3DAOD64_1whpmNBa5CJy-3pLqMmXbtJzFfYA%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-B04gPFCQxy4tw-IGAaA1j-u8t5tf7tN4gchFtYb9ztJPVtIre-KIP6LI2OqE74PDfmR_kYO6Op-yufxspXHIbPfh60Teze7gp6cMMv61nKFhkFP2Go3-Ix1bsNKLAfXByVihmNzbF0hkTBde4r6TukuOztVGSG_IM6N3TeIQppH_VvZa7Nuw0bUzXXeAKdgd_g0jnhK4gDCVodQk18hSvyH2KL7w%26cry%3D1%26dbm_d%3DAKAmf-A0abkHbd0zb_O2CEjwiHsKf-gcn0ziPgPfIKW3REDG_yZ7WV43uNf0x2w1KCCdYqC1Xz3pI10T88PUDGs0kAywVQPRfHNpsRbhyYtgQ7KQBCnVre0v4P5TETfMsuviu_A-fRet2VdxSxPU0iqnpiKUS2iJ2SOD5dXzsMYbEk-H1kqb_dP6NFSJR0gCkGd2RjPm08wTo5aTUD1Je8wzNyiB45833UyOYn1wOp7CZlC8viIfKYw5DRUK4YPdpkhNfaoHi9-mjBpwgIUZTUqaXm9iuN0kymc22F0tI5ZMb-oObK3MZN54fDyIjz1QQ1iG4pG7iYxFbU9LtkCeTxeg5T5PePABmMAfiUTZfnST0xFPPCovcd-fXv56jVeN4B_fUg7YqYTQ6Fsk0KnyIyv5QuUGXzkarjDmzQrFRBY482qOZ4jX1t0pBeCamPXU87jxJMS3g7m5xTuAWwDrjWlDISKNmz0eoMJB7H5SzJK9RAxBsEzqdLXTTmkofr5h0MhN-abgOocJPfdCFqp-V3lg2FbYBQpM5-KUd4vSG41J3qxn2tAsz47l9Fp11_2whBxkov7n26QlvlG4E5ZYDG311IWBocQsxQ%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=902251886509&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628680533&bpp=1&bdt=185&idt=270&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=272
Protocol: HTTP/1.1
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e42336e2f9e87802467acfb8c57db732724d37804d43afa5373f6b0e6be19687

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Dec 2023 18:38:01 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 54849000155088504444556012527027
Connection: close
Content-Length: 1329
Expires: Sun, 03 Dec 2023 18:38:01 +0100

Redirect headers

Pragma: no-cache
Date: Sun, 03 Dec 2023 18:38:01 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=ecaeac0a71&subid=&uid=e4d9c2740787684e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCU4AhCMtsZaO9N8mgi9YPxdCiiAym5b2gaZ2cnKfJD_AuEAEg1MealwFglYKAgLgHyAEJqQKHFnI5ikKyPqgDAcgDmwSqBNgBT9CNq-fO3bJtdV2WzgELzBmyV4Jk-wsZwJKjBwC9QG2i4PDORMbX5MHJfl2eF0dfLUwnINI3yNM7nd_vB87Jgc69BkAbLnEKKA5d7iuaSyMHX92WULfLjjZhXPWHfuXINkJQdGDYRPfvHpqoee5niy9hPvwwgyQi4mC50xpnGItU6DdCeQLISX3VojuH8LobH2MJhqkhOFJIEfbOD9Gi77QKnUVluLv4lvoUYMEqpyhUuyyREAkDZHpHOhpwEtrnvecHZ5bVWR0J1AwWSA_xYKXKJMWgTFZvwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WL2gvuj084IDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAru7sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNehIpGHT4p3t5hXfsFlO4ZNIgihsig4XCB9djN2Q4RCtlXfoiAemjtONLPJAToWQ-Dwx_pzet9QfU9aTtnhVz67Ca2JUvbzz2RHoYAQ%26sig%3DAOD64_1whpmNBa5CJy-3pLqMmXbtJzFfYA%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-B04gPFCQxy4tw-IGAaA1j-u8t5tf7tN4gchFtYb9ztJPVtIre-KIP6LI2OqE74PDfmR_kYO6Op-yufxspXHIbPfh60Teze7gp6cMMv61nKFhkFP2Go3-Ix1bsNKLAfXByVihmNzbF0hkTBde4r6TukuOztVGSG_IM6N3TeIQppH_VvZa7Nuw0bUzXXeAKdgd_g0jnhK4gDCVodQk18hSvyH2KL7w%26cry%3D1%26dbm_d%3DAKAmf-A0abkHbd0zb_O2CEjwiHsKf-gcn0ziPgPfIKW3REDG_yZ7WV43uNf0x2w1KCCdYqC1Xz3pI10T88PUDGs0kAywVQPRfHNpsRbhyYtgQ7KQBCnVre0v4P5TETfMsuviu_A-fRet2VdxSxPU0iqnpiKUS2iJ2SOD5dXzsMYbEk-H1kqb_dP6NFSJR0gCkGd2RjPm08wTo5aTUD1Je8wzNyiB45833UyOYn1wOp7CZlC8viIfKYw5DRUK4YPdpkhNfaoHi9-mjBpwgIUZTUqaXm9iuN0kymc22F0tI5ZMb-oObK3MZN54fDyIjz1QQ1iG4pG7iYxFbU9LtkCeTxeg5T5PePABmMAfiUTZfnST0xFPPCovcd-fXv56jVeN4B_fUg7YqYTQ6Fsk0KnyIyv5QuUGXzkarjDmzQrFRBY482qOZ4jX1t0pBeCamPXU87jxJMS3g7m5xTuAWwDrjWlDISKNmz0eoMJB7H5SzJK9RAxBsEzqdLXTTmkofr5h0MhN-abgOocJPfdCFqp-V3lg2FbYBQpM5-KUd4vSG41J3qxn2tAsz47l9Fp11_2whBxkov7n26QlvlG4E5ZYDG311IWBocQsxQ%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=902251886509&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Sun, 03 Dec 2023 18:38:01 +0100

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/ 160 KB
55 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/reactive_library_fy2021.js?bust=31079860

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58875ca0e2b4a16f6bef08405a014c18133d0b65419cb5191f5d08ac2eb9791d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55942
x-xss-protection: 0
server: cafe
etag: 17640346328717030248
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 18:38:01 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 07C5 122 KB
47 KB 668ms
667ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628681813&bpp=1&bdt=1465&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=3

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffab88a662b439a53767d029843f1cee63997ad2e321ed7838d626199372699d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geocult.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 48205
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 18:38:02 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 264E 109 KB
40 KB 804ms
804ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628681813&bpp=1&bdt=1465&idt=0&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f475c66d75ca7e05c2495939220483443ad32a1fc6e9a8e247ac9a482b537844

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geocult.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 41381
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 18:38:02 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F9C 0
20 B 138ms
138ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BBy2VCctsZdjkG_TQjuwP-quNsA8AAAAAOAHgBAI&bg=!9fal9rnNAAY3kmNgF5I7ADQBe5WfOD-g0ZE5Osqyqh-dm2Z5Qq15v-JBU0B9CNnxVsuvQawgxbEJCiOWVPujIYQLQSAMAgAAAGRSAAAAAmgBBwoAWIpvY-VFMZ3-PpBfMMU0LWEm1n1FunL11yQyv2XE-qxu8LPDca-BGEzNs-szUh9HgoLAdX_kGqna-12m2Iku44uWICh2g9YTh55RJIoK7epiqMVSFwl_HCmZAtriXCA6fchfdPZSRg68bNqDloKN_9M4UlV2aJTd7jB0cZDQnnwH9MdJ5ktrEtUFAGVcKYuuQk_mf-dLPFAVrEDoU3lbn8MlfoGJ5XfoHzbJOElPbDB3-liXKh-bhXuQXenyVbrROJ3l8X_rQi66WaKxQJ5dMih78xgVTsnIxGACAnMdMr2uQnPr52WWrxKO_PEyR3u_5QJAZGveMa5vg719XwIzTs9j6MTLtP1ujq-BeB7b8nkOESbO4Ufd2NoeRYlDOz-QjOT-rlXC7tj1-EZl9jOKG5VHZCEAjmTL7X-GXqHl2bfEnsh2Kz0UQeB1U8c5jxV8luUA1M3gHWhv5z8tJqIMmGrUK19c_Cowq3nMii5fEObOs3RTh6x0bWCI-cCo9d8Kavkac9-gv7-ddZFltvLQUJDjXvMfssRDCHuEt9_Zi6C8PmTMJA_4krGXlM5eXwUm-_UN5EGt445eSeeBz6eqHWCuG6kejBlhL7YywieN0roozjxJ_9GnJDhMBenNmtSoE0XOGQElYe6sxtun2ojzQqzzWN-44LfpPqwrM7EOQeEN077foPgau_0nPYtIxCaSWerWQbVzQ-mo7qC16UA6KKtrSnuhN8z8Da0TD_JftOKxhFG5hrxIadUWftRJ7KsPRPxP7ShSp-tPZyW5RRxkDnGGsAZB7b8HMcfKyPX_MW1OtyMv-NA2WlIXNKREWuuQuCduRipu4uAvM0TVdT4GqyabFjXQma8GPCBhiR3q_a0lmo7oQmWlWR-YTAcn4BgUwzNwPTmvpdbwcqOOiOwhMtkUlJRGVvF5HGILLYNR4jdmGmS1vwKQdAxOiYDmuc1cyzONBFTXA4PpT-QdYM_YEseOrVKUyMBDOjfMmneJSxzigBE4AfZYdOmP-A7ET5a-o4tRQso8oHefvcGyw0-2V-vdI_slUOsQFEM4mNEFytGAW7RYDPONpLWMVF-KQn2S11odXyB9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame 4D01 9 KB
4 KB 22ms
21ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geocult.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 66775
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 00:05:06 GMT
etag: 12051592065903069241
expires: Sun, 17 Dec 2023 00:05:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C183 640 B
265 B 65ms
64ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGIvL3d4BMAE&v=APEucNXingN5sqD11SfrtYD9EzaNOEh0S4JhLhPGmSXPvLebAEZGMWyM-zE2Vemoc6NtkKzCTFJAn_geHt4GytG66VrnmDNi1KOdBMPeX_hZI99PiSnFFeEXUcknoPi7UPDZsnoNyQiiyvpdj7VvivY_Veh24SBi4UCpx8MFDareHFNoiTIvOlQ

Requested by

Host: geocult.ru
URL: https://geocult.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 18:38:01 GMT
expires: Sun, 03 Dec 2023 18:38:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3A6E 89 KB
31 KB 110ms
110ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: geocult.ru
URL: https://geocult.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 18:38:02 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 3A6E 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: geocult.ru
URL: https://geocult.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20350
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 12:58:51 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 3A6E 20 KB
8 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: geocult.ru
URL: https://geocult.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81351
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3A6E 202 KB
64 KB 97ms
95ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: geocult.ru
URL: https://geocult.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 18:38:02 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A6E 42 B
63 B 133ms
133ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AqcL_EhDcDT-12dTBAUeEZXIHOjV2OL2KSSP1PeqtydZ403Vsd28zPLXh5-tE4RVnzN9hPzvCHI54Oeon5RGG1zWsORRfXJsFlavUKbBSUmqTWDMY

Requested by

Host: geocult.ru
URL: https://geocult.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A6E 0
20 B 133ms
132ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17544258778451517854&x=1&ct=77

Requested by

Host: geocult.ru
URL: https://geocult.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame C183
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBwmy7EFINadqxm7EgdQ9e4&google_cver=1

43 B
273 B

75ms
33ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBwmy7EFINadqxm7EgdQ9e4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGIvL3d4BMAE&v=APEucNXingN5sqD11SfrtYD9EzaNOEh0S4JhLhPGmSXPvLebAEZGMWyM-zE2Vemoc6NtkKzCTFJAn_geHt4GytG66VrnmDNi1KOdBMPeX_hZI99PiSnFFeEXUcknoPi7UPDZsnoNyQiiyvpdj7VvivY_Veh24SBi4UCpx8MFDareHFNoiTIvOlQ
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:02 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBwmy7EFINadqxm7EgdQ9e4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame C183 43 B
136 B 109ms
35ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGIvL3d4BMAE&v=APEucNXingN5sqD11SfrtYD9EzaNOEh0S4JhLhPGmSXPvLebAEZGMWyM-zE2Vemoc6NtkKzCTFJAn_geHt4GytG66VrnmDNi1KOdBMPeX_hZI99PiSnFFeEXUcknoPi7UPDZsnoNyQiiyvpdj7VvivY_Veh24SBi4UCpx8MFDareHFNoiTIvOlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:02 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame C183
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEEGY0PCjQ6jBqQcRL9qZhZM&google_cver=1

23 B
163 B

193ms
69ms

Image
image/gif

23.43.61.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEEGY0PCjQ6jBqQcRL9qZhZM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGIvL3d4BMAE&v=APEucNXingN5sqD11SfrtYD9EzaNOEh0S4JhLhPGmSXPvLebAEZGMWyM-zE2Vemoc6NtkKzCTFJAn_geHt4GytG66VrnmDNi1KOdBMPeX_hZI99PiSnFFeEXUcknoPi7UPDZsnoNyQiiyvpdj7VvivY_Veh24SBi4UCpx8MFDareHFNoiTIvOlQ
Protocol: H2
Server: 23.43.61.33 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-43-61-33.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Sun, 03 Dec 2023 18:38:02 GMT
pragma: no-cache
date: Sun, 03 Dec 2023 18:38:02 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEEGY0PCjQ6jBqQcRL9qZhZM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame C183 23 B
163 B 219ms
64ms Image
image/gif 23.43.61.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGIvL3d4BMAE&v=APEucNXingN5sqD11SfrtYD9EzaNOEh0S4JhLhPGmSXPvLebAEZGMWyM-zE2Vemoc6NtkKzCTFJAn_geHt4GytG66VrnmDNi1KOdBMPeX_hZI99PiSnFFeEXUcknoPi7UPDZsnoNyQiiyvpdj7VvivY_Veh24SBi4UCpx8MFDareHFNoiTIvOlQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.43.61.33 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-43-61-33.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Sun, 03 Dec 2023 18:38:02 GMT
pragma: no-cache
date: Sun, 03 Dec 2023 18:38:02 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 9321 41 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CkFUd8vClNRpfCtdRv8Dg5r232XoN6TceTdmgNOOEMIvEwbytDQS4yqWqMMWEW33CBpKNdbOr-ZCKoO0l_Quz185Mt57WfTWA7wV5bkJ45Vj0pe5kGQRjkTmc4fxZVbwgC9ZNGZ4yu8603nWXdAEpMCRFKWK5sCnuLmIzGbdV66U_2k1Q&cry=1&dbm_d=AKAmf-DAhoEs5X6os5OYNWQ6yRBvr0C6Bj5YYsjxIzjUbktj6PaCBE5AoBd703ffF0rHaRpXWTE8VfZQsBjk-RXgqWJ3AE6LLOy0mW5hkTwugjSRyAVTCmkMoGbYu88YGqRaVllS13QBkLKdoSAxS2Ov3vilUMgrWlM97Xfyj0TQLf9OYU_O8ORVZRNGbybEk1v_vNyZ0Uf7hEjRF_k2ZQhrIVcRwdF8VxblD4D8OeIzI5enRLv-LpDD2Z64grBdtVvVPRhiboo6yvzU3w5YSuK5eOKqgXosuNBsQc0CJ0cOycvxUFRI-ewInpf62LEF2cODmHLR7tHgvl9SRAuSNYEUKoK3v372Npp-AxX8j8UG60mxSqhqZM_gd2b_Y7upe6JhCvuwp6UC1Zzj725JVEUvca1m0dy8emcG6QEq1OO7kcLLC6Gd12CnEEIWYQhmTC6l-C92XXT4RCQm-5wDAgxNz4NsdKGcCQbTMoHsU9CHe81p4_w9Anr4mHVI6b7jTjLG1EPKCDM8Iy1zI3QMsyxhwKTCroAmMclNU3owdtweYZZURTRdWsLx5FJLfFsuuxDRfp9JgGsaRbV1PvDNTkfPe0pWUt8-T9qL_H8WWxKCkrNgMcJHAvzFgxlDMRvkcquA4asYEOWFVne_Sj4KvPB-liiQekuu4z78-n4_akMmWMd2Ecoy3Rup4wYAMhw57zOM508bwPb8rBLtSkbcNJQLLuykq-haYcwQvwTgSs9jBo_OfDwSUW0lQP0R8CQ9gIrtq4A1HrAjnmZEX63pg3UbrofIeSknbcMF5tpBfrKCwfsLOr1eH2y2vLTTSvydy4mnTzS1yJ5RjaLFH2Mi7lfuvsgbA-JldBrhxZVGO0t5UpLbbSRWn71w3kGPB-A76YfQkC8Nh6YpugQhpAY7lI5ok8ZUJNGQvRBJ6mMKsj0A_VweEO9ioIil9JAr6-lWnVdRV9FLDr6IbtXbQCcTASYE7s2TeXUnnkzRygHlGCpysv_awE4RCxHsxrpnG4cRzxk0P7-8JHoKf1TagYbTHqK0OqayoV-IME1WNXLb5k4PLUHOUKsTk4A2H0Ccyfx5xkWtNIbGCBskddG3YkQ-me91qvEeIrIvP2iiUCjpEDLCgWVPYlym49sEUWtqfijd4LXHpxW9f_LYSXjFeRByUzarWXwcopcAtQuefu9zBvI45faH5aqJz8vyRvytya6DpJu1O2F-KRcaUeH5DQUWM4czlCBkZWTKNXtMlI2tj-ue-V5K6FW0VaBZDgAnymEQ-GX32ow9LojJSVBt4SO6fms64ryW6ElDU4p8SL0I5KxI9RLd6ida78vcf9Hos-DfNY3vxO7wTGGkLy6b2gNzvMs4MXtmi6qsvPSbmPDO-fNAL5S08JnYAuax2svP8VgPdOZBi9Z6Z7cJ3PolQ_QNyGU_GRPZH5uYvbT0OZ6cAQHdPun41l_VhFkVA1aPXJW1NrCQo5emXsJjvCzK5z2hYUF7I0t5dlxypWnCAe6gRDh7Z0U6_p4JQLZAWBPLwNCRRVgWUE22D5puPLY-sRdUn8XM25I0BqaBAC5ijilxt6-xdifxz9QPCdBgIkD7temSekXp4S6wnNMGMqbY3zI6sObjvHdt-1aXc_TW-ieBOF3tHrroo83xqzUWM2f_7dcZkged_w3hKrzGdVuDWLiBluAWykR-dPBTZvazkrqgMl9rZYDzkymnICrlpsq40-kNitGi9mVJJ6cUydaWU-e7aXGv5D3VanVFksTSFne5r_DzdYnceYlJuJEGJ_I8NfLJKw_pbl3LjJByay-NO4V1P6RAy5UESfr_7G3ufI8vgBGgcifKsr-Q5NogFPJPEU6m_xL1mftKQivCUuQDE08_YVtHCmOqp4rM0xyAq8YkRqjVpTlZK7oEBJs4mJJmT3k8Ufn7p4szCtRI-SPBDN_aXCuVNNH-GAu4aZ4xh0ZhY8TlcNRao3CGjcUhckSqaxcuQK8MOUK1r8jw2hdX-f8gxREQLBEUJUoKTaiDnUldFMwYXAi29vyZYb1Ox_yha1ciB1Q-L3hgWQsyuduMzTW9E60yiLA-QuAI07007UMU1JgAMlDwIF7YEmDuFUfrjBi0oqMBG6krXLJ1sxgQpuTyjp8pMpFS3OrDbtRgZC9qJ7z5Fl7U7Ml-0Tl5izVB1igtgaRadcaKbVGR-QhdUsa5IK6eae1DZuH2MtiVr7UXwDAIzgpkIWlIAw-uBJqdz8-piPVUJtM9TCLk6qR8Q1H1q4dJygpIL2p2-z6mEeEuNgcQMrmfLvkcJUbSzk3hqKeMxXI5mVkMGQMsjzMum-5VL7uPA9wGnpGexd8Hj5jfFqltAyIp_siBJe8EjvO-b4dtu90d4pZR1rWcC-TBZwTVWNadpOXTL8GCHkAUE1vGwajU_8qsUxGjoyPSpKsBw8ZmKwKlNCYhJLng4tkEJ75Y5G4G2ubPrPHU30gVOm3DsFkwZ4cIvrwKeoU7_hoPz4PGZNZMNozh3iqfn2V28dNz85XN6-VBtUFjY1ReGg3Xx3yoEgNOJ75Ryl-nObqCRpG1BUSpm8V3um5SEziFWWZ2C4Wd4wQklxhGXZvA4Zd7dqcVDSRSKUNCwlzMlFWIdTcH6cJPqzM4rupFJpN8riatbJzgzdNFF6wIMJnufvkIjw5GpuecHJYYXGcBhAW1MTlO6P8KBMg5HomKqvH8mCjEtSlY8s1mSQRDKShMw6xhVcVIioAR8W8DSbzJTagBV71fwJUDjklf877R7xIGKsd2ekCUoEpxaqEF1-xfR17OpAIOMhdl_PZu8YquSdPrOzXcZ6h5OjhSKswzUl91DID0Px3VnlS83Elu7BpXKo5CZkTfUSRnr1Ue0rC5OhylqNDyiRvGJfifdu6uYCvSXsGrHm4kiFIOjKOGWK4NHDdIflVfvWtGUSBwV7poaOzjRX-9DR5iVYedowj_w6wUC-3rqELuKMy_Pb3ZT84lEaSfKyM6XKaE9uTwqixbN3c56VTHsBGtRkyDMgcc21rMhKcgeg3Ao1kXhRPmhwKi0CG6pO_N2CwY6o4d0y6G89yb-005tiSadxhtQ29ck_6UUA0ZIu2L4gQACKPex6QpH13iL-6jQv_6e9-5KKJQijkEZL9NvPMw8LnaYBnwrqJjepqSLi9onEGa-RSCmmioFfzs9PXu3leEbAjgvx_xc8xpBwrfMkS2GSGzshORdhKFwty2d5cPpIQlPH7u2DNyMQPNyasuODafByaW8QlmLQ_4YmFsC4JiUe-BH1rMf4CAgQFWpJjr0W1nI54rukuh1GpwTgPNdeCzNyoL5GNVBJN4bYcDJt0XLDF5UJNTlv55NBeFbd4pLeaHutN0DGupLqu7dkTgTIIs0PikGuM1HprvPTGep8Zjl3Vjhq6sD9ns4wcyX086jZ65eQWy_1mHeEmeknADdJhAuUP2jmIgSZWf7CqoAd0SfLvrdcYubx2pEiIx9UFoRWsmtlFsyRnC2qBolFaOOFGhJNRQy3qYDqVoWY-wyzNwsPplDQANN8Q608ZplvKDn9tOM8k_1eWkV00KdjSBBXVn47ZJt0RR-O-h01DUy4miWyXNYdZ2EYCuMuZKTrItW_O4_wJxo8OEin-Yare760arUW7Jj2KnrzjFnudjb-6HYoqaVOh04Ak9-3_TcfYcXg9xBEqXKPXL7Ajj1fhgbXBKNuhFeGs5m-E-AtmMngqdoqQDPgiU5vvZxgqhNMNnCm49CKAR0LpiUK28MH5xFrt_NpNYUY2SAn-Y6jF8Q4y_ZHhCvjKrSJckvWADe_NQVgACEnyPkYlVMQoQpTKwgjeSXFpi6c2oP9C9_LZn7CpqT6cAD6lFQRE3OOKdftT_Deb22D1B99CFxBo7VGUcVuJ9D0y4hmmHMlNchdAXSuqmSgWllX7txd7qVw2Tw6Nrara0CvC3nNUCb6tT6Pbnu-4SGqr0RMOzoa02ep8O4oI4nb5y-J2_gLqoqK6taNlK4lx-gVNCY6eF2hMLD3SGNA0697QN3JHuvH74J2ABk5akObU35I0t_MFHRxJxxMNhjlOjddDD_VVgyZlxGumZzhdm4v-e4Nw&cid=CAQSTwDICaaNY2UQrbJ3VoHTYm0vYpAgM48oJydNPQPwwQNMegGUZXLTH5LZ81dcvqynW_SUVlPliA5mFZ8TgRImYUnoTYnpjIF9Fx39weWQC6wYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgeocult.ru%2F&ds=l&xdt=1&iif=1&cor=10592661570289953000&adk=2228999115&idt=104&cac=0&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 174774
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTYyODY4MTc1ODk2MgogIHNlcnZlcl9pcDogMTI2MDY3ODA3CiAgcHJvY2Vzc19pZDogMzI3MjI5NTg3MAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 9321 0
508 B 58ms
57ms Image
image/png 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTYyODY4MTc1ODk2MgogIHNlcnZlcl9pcDogMTI2MDY3ODA3CiAgcHJvY2Vzc19pZDogMzI3MjI5NTg3MAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxNDcwMzEyMDIxMTA5NjQwNDYzNwpkZWJ1Z19rZXk6IDE1MDY4NzgyNDQ0Mzc5MjIyMDQ5CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyMy0xMi0wMyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExODY4OTQzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzMyMjU5NzQxCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA4NzgyNDM2OTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTY2NjAxNDIwNjMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MTYyMTIzMjAKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2FkLXNydi5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9rbGljay13ZWx0LmRlIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:02 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x5d733df3e328ca670000000000000000","13":"0x42a50a8e60b3c2d90000000000000000","14":"0xb6bfca98681eda470000000000000000","15":"0x5da29884dfe551e30000000000000000"},"debug_key":"15068782444379222049","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"14703120211096404637"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK wmoiqux43uzw Show response
hal9000.redintelligence.net/zone/ Frame 9321 11 KB
4 KB 77ms
27ms Script
text/html 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=&gdpr_consent=&rnd=1701628680975669&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvMOUCMtsZbXGO5uqvcAPvMuokAim5b2gab2TnKfJD_AuEAEg1MealwFglYKAgLgHyAEJqQKHFnI5ikKyPqgDAcgDmwSqBNgBT9BTQycje7CDapjLu_kWRxd8SRMH68UxqK664caGi3-0QOY8gzju6tniDMhd6-0Mda70bJCQcoFjBAa-ZBUgjWtJbAM56oTPX86dTSVwr6gqMwdkOT1LUDW5NoiAV44j4i1w_PrTTUPcdHT_0dxBicUodWvbgrV9exubP3XRcpmN9WsFHll77sUx0xwYQpkk0n23sMPnJGdPU_0jAeZKuKh-EDwR9GOcOSg6OLC90vIlq8kH56SRrI3kSxJkQSe7qK-aF1DNP4ntWLpC7Ea69Ca1uF151VqhwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLW7vuj084IDgAoBmAsByAsBgAwBogwcKhoKGOS0sQLutbECtbixAuS0sQLutbECu7uxAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNY2UQrbJ3VoHTYm0vYpAgM48oJydNPQPwwQNMegGUZXLTH5LZ81dcvqynW_SUVlPliA5mFZ8TgRImYUnoTYnpjIF9Fx39weWQC6wYAQ%26sig%3DAOD64_0YY6shiQOC2QGE9b1U31i8d77egw%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-DYxUmFU6ZOEc34iEUdhqFmCTc6gu-OUeofVPkFZkA6fzzaxT5-B7tq-a_wdxu8AnxPnVwqtaruQrtBzQX1c2KHfrLONbWO9Q_F3LPXIYe3D6XJW2cs-NT_jggk4BZ_emtb6H-QyhgAUCiFGl4rbDDz7YMD669e5W60P8CBK5k3F1u27H8%26cry%3D1%26dbm_d%3DAKAmf-DobKM3S9DYwpvuP9r8s6NWPzuZkLhwMPftz0kWsWEpUEdreHT0JLI7-4nvOwMOr9zwiOXt05ub1zKx9iR56qklimZYUd3hzHaCubjHluiN0u1_V7IlIzSR9lzs0P7axvXnh32R4cbduERAXOL9W6gxiazTgVfGcO3qrAm54dfVtZMsveTNH3_n62B7Dik2qjxROPqPgIb8Qq_uWSwPaAPX_qm9uiyfDAUK2P5tFWyhYQmmKhKXHH_yVweOFeHvBP7Ki_41V4d_sL9dMxpbi4sALakBIet6rBMUw6WoSSKFILKFQH5lg2MjI7-e3-qjg7RGBUGxMRAz5S0ra0wnv-NqnXL9l1SVS7hLVHplWigGGua6Cc_l7bvvGO6Py7wlaIEeiF61z43nJAPIEwu-W6MApRtWR3TLh_2Io-8ylRTlfYd1B-joS3nD4e4NOhZk7XgAzyaa2QSITFNye37CpKIjF7Bc-hRRj2_hGeuwB73aoh_6hMm5YQ9OXcM1nYOa4fK_re5qFr-4Mxko7Ycj2sQPghnSRul3M2d5MX1f_ih7m2wM2-s%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=280&slotname=6212002511&adk=1854347006&adf=3400082548&pi=t.ma~as.6212002511&w=336&lmt=1693404896&format=336x280&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628680534&bpp=1&bdt=186&idt=274&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280&nras=1&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=604&ady=2725&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=276
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: a59faa617f75b8bfc732f07abe63b4b6e8dd79ec6e8a0969732b0ff07cbe8d1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 18:38:02 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4156
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame E80A
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=54849000155088504444556012527027&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=54849000155088504444556012527027&actionid=879111&produktid=ratenkredit&dt_url=

0
628 B

126ms
55ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=54849000155088504444556012527027&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=ecaeac0a71&subid=&uid=e4d9c2740787684e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCU4AhCMtsZaO9N8mgi9YPxdCiiAym5b2gaZ2cnKfJD_AuEAEg1MealwFglYKAgLgHyAEJqQKHFnI5ikKyPqgDAcgDmwSqBNgBT9CNq-fO3bJtdV2WzgELzBmyV4Jk-wsZwJKjBwC9QG2i4PDORMbX5MHJfl2eF0dfLUwnINI3yNM7nd_vB87Jgc69BkAbLnEKKA5d7iuaSyMHX92WULfLjjZhXPWHfuXINkJQdGDYRPfvHpqoee5niy9hPvwwgyQi4mC50xpnGItU6DdCeQLISX3VojuH8LobH2MJhqkhOFJIEfbOD9Gi77QKnUVluLv4lvoUYMEqpyhUuyyREAkDZHpHOhpwEtrnvecHZ5bVWR0J1AwWSA_xYKXKJMWgTFZvwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WL2gvuj084IDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAru7sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNehIpGHT4p3t5hXfsFlO4ZNIgihsig4XCB9djN2Q4RCtlXfoiAemjtONLPJAToWQ-Dwx_pzet9QfU9aTtnhVz67Ca2JUvbzz2RHoYAQ%26sig%3DAOD64_1whpmNBa5CJy-3pLqMmXbtJzFfYA%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-B04gPFCQxy4tw-IGAaA1j-u8t5tf7tN4gchFtYb9ztJPVtIre-KIP6LI2OqE74PDfmR_kYO6Op-yufxspXHIbPfh60Teze7gp6cMMv61nKFhkFP2Go3-Ix1bsNKLAfXByVihmNzbF0hkTBde4r6TukuOztVGSG_IM6N3TeIQppH_VvZa7Nuw0bUzXXeAKdgd_g0jnhK4gDCVodQk18hSvyH2KL7w%26cry%3D1%26dbm_d%3DAKAmf-A0abkHbd0zb_O2CEjwiHsKf-gcn0ziPgPfIKW3REDG_yZ7WV43uNf0x2w1KCCdYqC1Xz3pI10T88PUDGs0kAywVQPRfHNpsRbhyYtgQ7KQBCnVre0v4P5TETfMsuviu_A-fRet2VdxSxPU0iqnpiKUS2iJ2SOD5dXzsMYbEk-H1kqb_dP6NFSJR0gCkGd2RjPm08wTo5aTUD1Je8wzNyiB45833UyOYn1wOp7CZlC8viIfKYw5DRUK4YPdpkhNfaoHi9-mjBpwgIUZTUqaXm9iuN0kymc22F0tI5ZMb-oObK3MZN54fDyIjz1QQ1iG4pG7iYxFbU9LtkCeTxeg5T5PePABmMAfiUTZfnST0xFPPCovcd-fXv56jVeN4B_fUg7YqYTQ6Fsk0KnyIyv5QuUGXzkarjDmzQrFRBY482qOZ4jX1t0pBeCamPXU87jxJMS3g7m5xTuAWwDrjWlDISKNmz0eoMJB7H5SzJK9RAxBsEzqdLXTTmkofr5h0MhN-abgOocJPfdCFqp-V3lg2FbYBQpM5-KUd4vSG41J3qxn2tAsz47l9Fp11_2whBxkov7n26QlvlG4E5ZYDG311IWBocQsxQ%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=902251886509&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 03 Dec 2023 18:38:01 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 03 Dec 2023 07:38:02 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript
date: Sun, 03 Dec 2023 18:38:02 GMT
host: pv.medialead.de
keep-alive: timeout=20
location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=54849000155088504444556012527027&actionid=879111&produktid=ratenkredit&dt_url=
proxy-host: pv.medialead.de
server: nginx/1.17.5
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 53349
x-iplb-request-id: 5413AFB8:8DFC_91EFC182:01BB_656CCB0A_749E196:55DF

GET
H2 200 / Show response
adv.office-partner.de/ Frame 0B97 930 B
923 B 136ms
34ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=ecaeac0a71&subid=&uid=e4d9c2740787684e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCU4AhCMtsZaO9N8mgi9YPxdCiiAym5b2gaZ2cnKfJD_AuEAEg1MealwFglYKAgLgHyAEJqQKHFnI5ikKyPqgDAcgDmwSqBNgBT9CNq-fO3bJtdV2WzgELzBmyV4Jk-wsZwJKjBwC9QG2i4PDORMbX5MHJfl2eF0dfLUwnINI3yNM7nd_vB87Jgc69BkAbLnEKKA5d7iuaSyMHX92WULfLjjZhXPWHfuXINkJQdGDYRPfvHpqoee5niy9hPvwwgyQi4mC50xpnGItU6DdCeQLISX3VojuH8LobH2MJhqkhOFJIEfbOD9Gi77QKnUVluLv4lvoUYMEqpyhUuyyREAkDZHpHOhpwEtrnvecHZ5bVWR0J1AwWSA_xYKXKJMWgTFZvwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WL2gvuj084IDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAru7sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNehIpGHT4p3t5hXfsFlO4ZNIgihsig4XCB9djN2Q4RCtlXfoiAemjtONLPJAToWQ-Dwx_pzet9QfU9aTtnhVz67Ca2JUvbzz2RHoYAQ%26sig%3DAOD64_1whpmNBa5CJy-3pLqMmXbtJzFfYA%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-B04gPFCQxy4tw-IGAaA1j-u8t5tf7tN4gchFtYb9ztJPVtIre-KIP6LI2OqE74PDfmR_kYO6Op-yufxspXHIbPfh60Teze7gp6cMMv61nKFhkFP2Go3-Ix1bsNKLAfXByVihmNzbF0hkTBde4r6TukuOztVGSG_IM6N3TeIQppH_VvZa7Nuw0bUzXXeAKdgd_g0jnhK4gDCVodQk18hSvyH2KL7w%26cry%3D1%26dbm_d%3DAKAmf-A0abkHbd0zb_O2CEjwiHsKf-gcn0ziPgPfIKW3REDG_yZ7WV43uNf0x2w1KCCdYqC1Xz3pI10T88PUDGs0kAywVQPRfHNpsRbhyYtgQ7KQBCnVre0v4P5TETfMsuviu_A-fRet2VdxSxPU0iqnpiKUS2iJ2SOD5dXzsMYbEk-H1kqb_dP6NFSJR0gCkGd2RjPm08wTo5aTUD1Je8wzNyiB45833UyOYn1wOp7CZlC8viIfKYw5DRUK4YPdpkhNfaoHi9-mjBpwgIUZTUqaXm9iuN0kymc22F0tI5ZMb-oObK3MZN54fDyIjz1QQ1iG4pG7iYxFbU9LtkCeTxeg5T5PePABmMAfiUTZfnST0xFPPCovcd-fXv56jVeN4B_fUg7YqYTQ6Fsk0KnyIyv5QuUGXzkarjDmzQrFRBY482qOZ4jX1t0pBeCamPXU87jxJMS3g7m5xTuAWwDrjWlDISKNmz0eoMJB7H5SzJK9RAxBsEzqdLXTTmkofr5h0MhN-abgOocJPfdCFqp-V3lg2FbYBQpM5-KUd4vSG41J3qxn2tAsz47l9Fp11_2whBxkov7n26QlvlG4E5ZYDG311IWBocQsxQ%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=902251886509&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Sun, 03 Dec 2023 18:38:02 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Sun, 10 Dec 2023 18:38:02 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2 200 link.html Show response
track.webgains.com/ Frame B81F 2 KB
2 KB 257ms
123ms Script
text/html 3.11.198.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=54849000155088504444556012527027&nw=1
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.198.160 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-198-160.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 8f805bf68e4e340486dc66c588877c60541762f728e859bc9759229ce6d9dbd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:02 GMT
last-modified: Sun, 03 Dec 2023 18:38:02 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 03 Dec 2023 18:39:02 GMT

GET
H2

200

activityi;dc_pre=CJClkOn084IDFZMLogMdMa4KuQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6478620114779.45 Show response
5994599.fls.doubleclick.net/ Frame DDDA
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6478620114779.45?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJClkOn084IDFZMLogMdMa4KuQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6478620114779.45?

390 B
323 B

68ms
67ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CJClkOn084IDFZMLogMdMa4KuQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6478620114779.45?

Requested by

Host: geocult.ru
URL: https://geocult.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

b23a5abdd7f5dd9f3415fe94dad8475c6001d80044f24c32a55f4fd0ab88ab4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 214
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 18:38:02 GMT
expires: Sun, 03 Dec 2023 18:38:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 18:38:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJClkOn084IDFZMLogMdMa4KuQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6478620114779.45?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900027.redintelligence.net/ Frame D1FC 7 KB
2 KB 80ms
27ms Document
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/request_content.php?s=54849000155088504444556012527027&a=dba4ffec
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=ecaeac0a71&subid=&uid=e4d9c2740787684e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCU4AhCMtsZaO9N8mgi9YPxdCiiAym5b2gaZ2cnKfJD_AuEAEg1MealwFglYKAgLgHyAEJqQKHFnI5ikKyPqgDAcgDmwSqBNgBT9CNq-fO3bJtdV2WzgELzBmyV4Jk-wsZwJKjBwC9QG2i4PDORMbX5MHJfl2eF0dfLUwnINI3yNM7nd_vB87Jgc69BkAbLnEKKA5d7iuaSyMHX92WULfLjjZhXPWHfuXINkJQdGDYRPfvHpqoee5niy9hPvwwgyQi4mC50xpnGItU6DdCeQLISX3VojuH8LobH2MJhqkhOFJIEfbOD9Gi77QKnUVluLv4lvoUYMEqpyhUuyyREAkDZHpHOhpwEtrnvecHZ5bVWR0J1AwWSA_xYKXKJMWgTFZvwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WL2gvuj084IDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAru7sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNehIpGHT4p3t5hXfsFlO4ZNIgihsig4XCB9djN2Q4RCtlXfoiAemjtONLPJAToWQ-Dwx_pzet9QfU9aTtnhVz67Ca2JUvbzz2RHoYAQ%26sig%3DAOD64_1whpmNBa5CJy-3pLqMmXbtJzFfYA%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-B04gPFCQxy4tw-IGAaA1j-u8t5tf7tN4gchFtYb9ztJPVtIre-KIP6LI2OqE74PDfmR_kYO6Op-yufxspXHIbPfh60Teze7gp6cMMv61nKFhkFP2Go3-Ix1bsNKLAfXByVihmNzbF0hkTBde4r6TukuOztVGSG_IM6N3TeIQppH_VvZa7Nuw0bUzXXeAKdgd_g0jnhK4gDCVodQk18hSvyH2KL7w%26cry%3D1%26dbm_d%3DAKAmf-A0abkHbd0zb_O2CEjwiHsKf-gcn0ziPgPfIKW3REDG_yZ7WV43uNf0x2w1KCCdYqC1Xz3pI10T88PUDGs0kAywVQPRfHNpsRbhyYtgQ7KQBCnVre0v4P5TETfMsuviu_A-fRet2VdxSxPU0iqnpiKUS2iJ2SOD5dXzsMYbEk-H1kqb_dP6NFSJR0gCkGd2RjPm08wTo5aTUD1Je8wzNyiB45833UyOYn1wOp7CZlC8viIfKYw5DRUK4YPdpkhNfaoHi9-mjBpwgIUZTUqaXm9iuN0kymc22F0tI5ZMb-oObK3MZN54fDyIjz1QQ1iG4pG7iYxFbU9LtkCeTxeg5T5PePABmMAfiUTZfnST0xFPPCovcd-fXv56jVeN4B_fUg7YqYTQ6Fsk0KnyIyv5QuUGXzkarjDmzQrFRBY482qOZ4jX1t0pBeCamPXU87jxJMS3g7m5xTuAWwDrjWlDISKNmz0eoMJB7H5SzJK9RAxBsEzqdLXTTmkofr5h0MhN-abgOocJPfdCFqp-V3lg2FbYBQpM5-KUd4vSG41J3qxn2tAsz47l9Fp11_2whBxkov7n26QlvlG4E5ZYDG311IWBocQsxQ%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=902251886509&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: cc6b249df9a309343ff4c4fb97dbf8e9f1e6d542bc4d7c3fd5a8afb7fc435e85

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2029
Content-Type: text/html; charset=utf-8
Date: Sun, 03 Dec 2023 18:38:02 GMT
Expires: Sun, 03 Dec 2023 18:38:02 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame B81F
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=54849000155088504444556012527027&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=54849000155088504444556012527027&t=htlp&gdpr=1&consent=1&gdpr_consent=

43 B
665 B

1454ms
1390ms

Image
image/gif

145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=54849000155088504444556012527027&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:03 GMT
strict-transport-security: max-age=15768000
attribution-reporting-register-source: {"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx/1.17.5
host: pv.medialead.de
x-iplb-request-id: 5413AFB8:8E04_91EFC182:01BB_656CCB0A_749E1C7:55DF
x-iplb-instance: 53349
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
keep-alive: timeout=20
content-length: 43
proxy-host: pv.medialead.de

Redirect headers

location: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=54849000155088504444556012527027&t=htlp&gdpr=1&consent=1&gdpr_consent=
date: Sun, 03 Dec 2023 18:38:02 GMT
server: nginx
content-length: 138
content-type: text/html

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame B81F 43 B
702 B 251ms
167ms Image
image/gif 23.212.218.19
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=54849000155088504444556012527027&pv=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.212.218.19 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-218-19.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Dec 2023 18:38:02 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
DATA 200
OK truncated
/ Frame B81F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd35c1a7b38fb6686d589fc6c41678bae811f8fb40112972940722f55d35d15a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A6E 0
20 B 131ms
131ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1922135872645&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A6E 0
20 B 132ms
132ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1922135872645&version=m202309260101&ct=77&x=1&cor=17544258778451517000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3A6E 34 KB
19 KB 314ms
314ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5awfnE2v6JxJKrsUi6FyBjWLBd5BHuXkFc4n4zAQyQ36Ky5RgF29h6iLi3ZeTUjN9D6_7-setI9G79D3BlRO-Cjtrrcalc6b1QrMOBp6eXb7dbU6x1gj6QlcWPsUq067DOVdgBJ4TzdIxCwi-S6wuSflrDKJlvdEPbl-18gyjIXwi6mg&cry=1&dbm_d=AKAmf-BTMTGbhXjbxqZQ8TWLiICXBZz7AzhJ1hydu7Mf0xN6Wgal6GTU_5AUTMKygUP4RYWU2xHoj0nStDCQsLxXwr7rx2-j5vhTGHcJ4_wbQx4kMNqN988c9ymENRNZiVFptRtcf8g6f8mkHLXrWEEqtKIlcvZQXC0AC_8RdQRZFf7KMjsA0inhzUF8Wqaa0beVU414HK0x9WVcZhEgzIBPyfOjjzeNidODH6w28-Pi2tqeVlB0yznKYBYj6Oy40YPhFUvuRFeDNaIHJXCKW9TVqoDcbZeIb22oMfDp-_L5gYZlmrYlqSyNOaIcAVekG1wrgSXbbAnrU3Uq9m8CJXxT8WPrXz6pgH7x1SYowyIMVsEC2h5btYfJdqISXANa6im1uD8tYzF6FsyOgR6RWTUtRtY-HXu8NDk8FomJFfMbNDQo9bE8lIUhO9UGhuSRByN3IbdVQXtEYpaPy46kq2kyOsw1uFy6bXNpWuSjwtHJ9AplZUg4V5pp7MUZn5HMply9AnsQqrOH79ZkY2_jjA98lNmGgHD4zQ3SVpoDHs1SIzydClyVRq4Zhd_PchW-NUKe0qn6VbE_DIOo__h7eGz1MwEZIAAd4nfxgr_veB70WAKrme-U0mXDm_UVw9BIi0l47XFVJsA4H2MjGIK1nJLDa6uyg5oCzNFV_RPbXSPyHQrxrvu-WxrKmMlXsjWjj0ry5CnwiOXwVJTmxVfclIDQgIwpiw0XbRwnYsZAFw_iu_qjphOicF37REy6ldcn4R3dZB0VNTxvwJef3fsexr7x6KibWwpZ6ZFT3JPLV5OF5nXvr19Hpw5eCYDKtU2uGh5kAWbszySJuej9XXUEO5KlNFelMXFqarmZRPenW2TJO58aHxMc4qb97D6L-kg-dYzclAPPqENuV1XavRxB3dFcDaXBiBwXG9bAlDwoVuNIhHdn9AOt0KbVmo5S_8vH2I8nne-bkshOp4uQ0qOc_CLC9gQvOLzhdJaUivVnADbb4APgCUcTYISiH9UzPOPkT1tauDMONP-M4aakBlMiTJciixhgmiRDNeo8_Ef4Q56hSc8liMhQUJVi0-vWlUJdTRG2WUt6QykFBYqikbv-l-TUwmxoESc6e5TGX3-OGlrpwe32Oxoj9D2Rrfp3FpPxtgXVNW23gaF8nHB-PruFAAqduQL9qNuibT-j_08ihQ2wvAKNwYb2kINsnbGNLhKuxzHSrYbDOWwEmovS66aNvR4IotdTCkyB8yyGca0THDAUE33nHd5jMDZIAdZkBd_Ib8mgKeluqeduDLhFAU93u-pkEc_Gr0NyWknziMsblfU_OKKM4QnJlxtGqz3fWIImfNTruIea9KAuyeBHRik3s9MviIVWTG1m6tid3RYj3dSLMTpeR0y9_4GSrIVQAODbZghsbItxbP2P72ZNKEa8E_8PngzqOMN3-3U3C29Ck30DdXvtRAUQOWu2S1YMjz5MalagzIhEkjz2mAQoeJf34qK8G2WvERmWufp-aaRu_R1gBSDfRxYdHj9UPKFZOWdHYZqNYxvn0tRC5FAUgFC-ixuj1RpsdAore3fdAm5elNPPZZ0fQ3sy2hby_06AhD0EhTLqi_VL9MnAr0XDz4jfgCQxf-tyeBFE5dXJ1NmIyALW5cTw3KmTHHxWMT1GPZlzb2KY8AFAp0z10-EG0jhlHiMH9dFHACn341EVtlMi0UP9C3J1Km0op0uZg3L6hITiVYSQmwUlbgV9aCF2fe9bICSnNLPFcFdXKVtQ1rJryfKE93-pD7TsE10poArbxXn9dDSFxn8aPWrCM3SO3I92cQciiTLL6ATM1t3shS8S5-4bxh5gdQzNSBjrnotOp55p3HBIFEahalh9pfE2gU6-180QnQe5wcbHZlNeUSjUrGquGQTXWdOu5N7XIjbhiSw3x2EmtGx2aUzZ44JtI8jNrq33vEW-1utHn61bZZpfLdbYx6ay4y7VCEqzQRtTcdvcp9OEAXAjcm8urUzUaDGziU9HqxoXlUV7BeRSSbdTa_mx5J7NN5PUItQ8jrO9UKEV1z0aMy2vmZu-zrJyCx3OtIW_6meut3f2TS59TeOgOxMQwVvht2AflT_1JD8-qI5KVtTcJTkt97RZNJoCtCHOaktA9w9ACPrH9m8qkXmPVkBuQJA8fbw6YsI4K0PH1XdLLNVh86kN615tP9SqRGkGHIuFdpjIPFbIk9MTma_CIFce1zWb7ZURXg-O1EOSqEFcX0j2hMZY8bH05UOdCY48peqwqubnL2nqv8juYOJc23VjvdXfrduaiHsP-14qmOzAayXR_mXHMTeMdQBJKvIS2Kk2-kf-OxY5H5_R_HNjLSKa6ZgGXOgd52vHCBLdjJHFn9_wf6DnlN2-yR9mQToUX095Q31HQHWkvkVKhDv5DGhJc52fj2Su4p5aTK5AdkbKBeNU2zMJACtSlhq2dROGxBTaLWkwe5hTeV2C9-C4HUeil-2W4iufIa0rVD1ehj4FG34Xg9MmimDqZ09v5rRqnznx6nyuY4JdBqfRxsg5bZHPu7zzUwRJzbhxtXq8hFD8BgSBm5_LI3izLI0_ZCox6CVt-cGt710TUKNlgxksHMUnNUr-I4qxC4MWInTcYW73J_-GqirduYWxWeKuPDP1g3PdDvXcSWv3MAf3oFPgg_wYPqYMiZkHeEcGvimulYe9F_NEH3S9XRSJNxXQo81ksBGx01DG8bPUtU2KPRqEI8aeMwYLl7JHRU5E2xCPiEF3Sd4jdkw2GypQNE-a-zjJa6msQY0LZ-zTs4lVAVdIvQB71KcQe17XwrSCYmyu5tzFUSNxJb1BJUPotuLwzmschEnB4SgKtciORJB7Iux9zrExO0W5TRcDbgrAdI4xJftKrsHALgWeyejqnFkQpioy9mgHoHUDlRm5_Ox0tLPGnJ7ls5VolBBeFnoslz7WrXTOnuJoPxguxPkHnpSYNF6cpdRw-H4txxk6j02guP8qz-PglAHpWxzAevB8U6y3U1FWII7LPOJB-yiVQzZ2vtRFJTYgNJ-mM3GQ0Fsg2jJyudW-5WuT6XmirTfO4SmY70c4JF8BVcAw-RkDLPWmwVdQ_MwGCW-B3tf4B0osLDvjroxt98dg5DkEGmj2-PzrcOWok1xeHfGy3zqfw_WYbe2tNueXH10F9Fk5gqiVZpFxh2Xmb7VmC0Umuscjlz3cr1ltNrCRxnoJlosx0EoZzvT0U-KVc9EC73rmcVBE40El_N4-iB4XSBIyP54c4DaCOmmjDyzXDhMm8xqxSdnjkhVuVVNyUMqqYy-LL1NuIyQeSsv1xKj8A75C3RYd2mHAZEWsvAvrpZyFhTjOy2a38JGLbeaYXcdUxTuMUcbTvKCoProkZWoNSaKNMGNI8rOTnNCe6lzBkOxSgrN730Y-31IFr4LEbyqw1urq2C-DGpvRBsXvAHRoXF39LFj5mMsoHwpLpBVFIgvegLHVemQC62uKtWGcciVAP1Y8AN3fccKqhh6IKuCk8QKpHHQW5jsE6-OiJPU3bL65z1JehT58KD74GZtalMvLarOXoqAz1M2KHAjsYsPQWQildLyXkIvGDXz3WJh03j5YMip2PuU6dSaMJR-2QpsBMtwzCvFttk9OJ1jpbpJKSJzhZYXu210BR1rWnX1195s09A73&cid=CAQSTwDICaaNhP534Q83BqzHnsGlFxf2z0X_-LIlPbr-k8f_B6-ZfMEPgo94QZBmLlDgoe7J1hGYB4sxx-fLrnaoI4Gg00yVYLkyeeKNM_DTBUAYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgeocult.ru%2F&ds=l&xdt=1&iif=1&cor=17544258778451517000&adk=929882891&idt=117&cac=0&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc39baae76f9b3580bca8529e9f7827105cd0e6c85c718e9662bc35e6c3e6f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19874
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 72F3 38 KB
13 KB 20ms
20ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 52199
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 04:08:03 GMT
expires: Mon, 02 Dec 2024 04:08:03 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request.php Show response
hal900020.redintelligence.net/ Frame 9321 3 KB
2 KB 166ms
99ms Script
application/x-javascript 178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900020.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=b1813cfbfa&subid=&uid=e10b7b8a623fe69e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvMOUCMtsZbXGO5uqvcAPvMuokAim5b2gab2TnKfJD_AuEAEg1MealwFglYKAgLgHyAEJqQKHFnI5ikKyPqgDAcgDmwSqBNgBT9BTQycje7CDapjLu_kWRxd8SRMH68UxqK664caGi3-0QOY8gzju6tniDMhd6-0Mda70bJCQcoFjBAa-ZBUgjWtJbAM56oTPX86dTSVwr6gqMwdkOT1LUDW5NoiAV44j4i1w_PrTTUPcdHT_0dxBicUodWvbgrV9exubP3XRcpmN9WsFHll77sUx0xwYQpkk0n23sMPnJGdPU_0jAeZKuKh-EDwR9GOcOSg6OLC90vIlq8kH56SRrI3kSxJkQSe7qK-aF1DNP4ntWLpC7Ea69Ca1uF151VqhwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLW7vuj084IDgAoBmAsByAsBgAwBogwcKhoKGOS0sQLutbECtbixAuS0sQLutbECu7uxAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNY2UQrbJ3VoHTYm0vYpAgM48oJydNPQPwwQNMegGUZXLTH5LZ81dcvqynW_SUVlPliA5mFZ8TgRImYUnoTYnpjIF9Fx39weWQC6wYAQ%26sig%3DAOD64_0YY6shiQOC2QGE9b1U31i8d77egw%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-DYxUmFU6ZOEc34iEUdhqFmCTc6gu-OUeofVPkFZkA6fzzaxT5-B7tq-a_wdxu8AnxPnVwqtaruQrtBzQX1c2KHfrLONbWO9Q_F3LPXIYe3D6XJW2cs-NT_jggk4BZ_emtb6H-QyhgAUCiFGl4rbDDz7YMD669e5W60P8CBK5k3F1u27H8%26cry%3D1%26dbm_d%3DAKAmf-DobKM3S9DYwpvuP9r8s6NWPzuZkLhwMPftz0kWsWEpUEdreHT0JLI7-4nvOwMOr9zwiOXt05ub1zKx9iR56qklimZYUd3hzHaCubjHluiN0u1_V7IlIzSR9lzs0P7axvXnh32R4cbduERAXOL9W6gxiazTgVfGcO3qrAm54dfVtZMsveTNH3_n62B7Dik2qjxROPqPgIb8Qq_uWSwPaAPX_qm9uiyfDAUK2P5tFWyhYQmmKhKXHH_yVweOFeHvBP7Ki_41V4d_sL9dMxpbi4sALakBIet6rBMUw6WoSSKFILKFQH5lg2MjI7-e3-qjg7RGBUGxMRAz5S0ra0wnv-NqnXL9l1SVS7hLVHplWigGGua6Cc_l7bvvGO6Py7wlaIEeiF61z43nJAPIEwu-W6MApRtWR3TLh_2Io-8ylRTlfYd1B-joS3nD4e4NOhZk7XgAzyaa2QSITFNye37CpKIjF7Bc-hRRj2_hGeuwB73aoh_6hMm5YQ9OXcM1nYOa4fK_re5qFr-4Mxko7Ycj2sQPghnSRul3M2d5MX1f_ih7m2wM2-s%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=1828570771241&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=&gdpr_consent=&rnd=1701628680975669&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvMOUCMtsZbXGO5uqvcAPvMuokAim5b2gab2TnKfJD_AuEAEg1MealwFglYKAgLgHyAEJqQKHFnI5ikKyPqgDAcgDmwSqBNgBT9BTQycje7CDapjLu_kWRxd8SRMH68UxqK664caGi3-0QOY8gzju6tniDMhd6-0Mda70bJCQcoFjBAa-ZBUgjWtJbAM56oTPX86dTSVwr6gqMwdkOT1LUDW5NoiAV44j4i1w_PrTTUPcdHT_0dxBicUodWvbgrV9exubP3XRcpmN9WsFHll77sUx0xwYQpkk0n23sMPnJGdPU_0jAeZKuKh-EDwR9GOcOSg6OLC90vIlq8kH56SRrI3kSxJkQSe7qK-aF1DNP4ntWLpC7Ea69Ca1uF151VqhwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLW7vuj084IDgAoBmAsByAsBgAwBogwcKhoKGOS0sQLutbECtbixAuS0sQLutbECu7uxAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNY2UQrbJ3VoHTYm0vYpAgM48oJydNPQPwwQNMegGUZXLTH5LZ81dcvqynW_SUVlPliA5mFZ8TgRImYUnoTYnpjIF9Fx39weWQC6wYAQ%26sig%3DAOD64_0YY6shiQOC2QGE9b1U31i8d77egw%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-DYxUmFU6ZOEc34iEUdhqFmCTc6gu-OUeofVPkFZkA6fzzaxT5-B7tq-a_wdxu8AnxPnVwqtaruQrtBzQX1c2KHfrLONbWO9Q_F3LPXIYe3D6XJW2cs-NT_jggk4BZ_emtb6H-QyhgAUCiFGl4rbDDz7YMD669e5W60P8CBK5k3F1u27H8%26cry%3D1%26dbm_d%3DAKAmf-DobKM3S9DYwpvuP9r8s6NWPzuZkLhwMPftz0kWsWEpUEdreHT0JLI7-4nvOwMOr9zwiOXt05ub1zKx9iR56qklimZYUd3hzHaCubjHluiN0u1_V7IlIzSR9lzs0P7axvXnh32R4cbduERAXOL9W6gxiazTgVfGcO3qrAm54dfVtZMsveTNH3_n62B7Dik2qjxROPqPgIb8Qq_uWSwPaAPX_qm9uiyfDAUK2P5tFWyhYQmmKhKXHH_yVweOFeHvBP7Ki_41V4d_sL9dMxpbi4sALakBIet6rBMUw6WoSSKFILKFQH5lg2MjI7-e3-qjg7RGBUGxMRAz5S0ra0wnv-NqnXL9l1SVS7hLVHplWigGGua6Cc_l7bvvGO6Py7wlaIEeiF61z43nJAPIEwu-W6MApRtWR3TLh_2Io-8ylRTlfYd1B-joS3nD4e4NOhZk7XgAzyaa2QSITFNye37CpKIjF7Bc-hRRj2_hGeuwB73aoh_6hMm5YQ9OXcM1nYOa4fK_re5qFr-4Mxko7Ycj2sQPghnSRul3M2d5MX1f_ih7m2wM2-s%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: d3983efaab76ab87fb3051ba4146d467940514972bc87439b5be3651766c0722

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Dec 2023 18:38:02 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 81115800135641404444994012527020
Connection: close
Content-Length: 1077
Expires: Sun, 03 Dec 2023 18:38:02 +0100

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 72F3 39 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:58:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Dec 2024 12:58:53 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D1FC 5 KB
1 KB 82ms
30ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=54849000155088504444556012527027&a=dba4ffec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Dec 2023 18:38:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 18:28:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Dec 2023 18:38:02 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame D1FC 27 KB
27 KB 141ms
89ms Image
image/png 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=54849000155088504444556012527027&a=dba4ffec
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 8252b9124ebcee90d13b419b027fc2ea8103698a438715fe4a33546f1b144ffc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 18:38:02 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 27705
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame D1FC 25 KB
25 KB 175ms
122ms Image
image/png 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=54849000155088504444556012527027&a=dba4ffec
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: ed39095ea8d3302a3a8975e7237aa7aa0d5eb757a156b706a104e196c4e356eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 18:38:02 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 25830
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame D1FC 16 KB
17 KB 80ms
28ms Image
image/png 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=54849000155088504444556012527027&a=dba4ffec
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 1d68fd9a6d78578c2d8d59b811eb6ef010b0b075da0808c04a67a08125d609b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 18:38:02 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16833
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 0B97 175 KB
63 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fd2b431f12a703cc81d342eef4e2765952fc7ae20604395161641e8b6d975970

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64122
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 03 Dec 2023 18:38:02 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 72F3 0
20 B 137ms
137ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BgTfCCctsZbKpLt_IjuwPvoutmAwAAAAAOAHgBAI&bg=!dXaldjnNAAY3kmNgF5I7ADQBe5WfOHxks0Hk0tAMH8wzOtqBvER0qw0plQ1Hm7XRGt3tn3RToDiRZWtEjmcpvpsjp7w_AgAAAC1SAAAAAmgBBwoAHgkj6h7AO0Qjs3kbQH5xBV8CQmJppcaeDLH6r91aa5kC4eW_yfI0aMf8rHLTb8WWc5hg0VTA5VebTrA58CDdGgwW6W2KZcYM1M3mBAmGthiO3dZMv--pgSKh-6PF2gnlU3j4i7CG65BW2riNaIut62u5Ycld4w7srt5l8xjlrG9w_DyJRCyOIAd2QAN6_8LFpWrdnouFJN4V03ruBDRiYJsDnbMadUEjlH6k_WF8jcoRsFAAw-uXzjDQZigsUmJhc4WumUjTx1I_BNqy_fHZExSrl867h8fJamxcSJ9-TqtBIoyqY59PPf2Y9_SFA2B5kTs0QPY4_zotmyblS8PP3zkWA8lSN6hB0_Vg9XY-tlGMkPw1fyp32qiKsYa5FSEQ05QNtIZzdsl6OYDqIr8h3A2NpRQV5LECRBitrAR5EDqdDUBVbQqgtDO-SX_Y5TpDHURh_xUvK1rfqEGF_Ucw1cT2xVsbRgr1c50MknGgMYJ9aeJUu1dYTxBpk_lRLcuCf0BVHIAue526sDh4KrL7s4R37_7PJI_aiLE_fhMvAdWm3E_H3hesUpuYEFzDrPAiBGQpEXYZwzzMLDltFLutlJoKuEIa0DXJmGLdkfCzcv_L4GB-rzKVEgc3qW4C7xNDvzpOivRzsx0-doUUv3cpwPv9IP5wm7MrnZmSM4B7zx9doUdtaa_DGrxlV_QJzwm-d72iqC8ZXPg25zt5epCVV3cEDgOIEUzVWe6ek1Gv7S52bs7r5Mjtiit8PK9fmxULvmvVDxeKvXNELJxluXMW5jiv0IATz6PQ15Gsdsdk5Nkqyvmo98gvd3iVacnHYsuGB0VZhnZ5ZbTYaaB8F9poyeutjVVKQ09dplyYEAW2CwAUFIgdSiI1koM2FKWbxm2e8BX_XGd202EkPvGCks9LGf3mXHb03sCbZtkLksA6MurpvhDyQiXsGDTNpTXqLPzQ2xRGVZUHPD7i2JcY2OhcqkKJFjKdEwDrrzGFbs8jbPmFfHI-51d4-JRUhcrEfdBTXgF_

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900027.redintelligence.net/ Frame D1FC 0
150 B 82ms
29ms Script
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/viewability?s=54849000155088504444556012527027&a=67fdcdf1&vb=m
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=54849000155088504444556012527027&a=dba4ffec
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/request_content.php?s=54849000155088504444556012527027&a=dba4ffec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 18:38:02 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame D1FC 14 KB
15 KB 75ms
30ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900027.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:10:39 GMT
x-content-type-options: nosniff
age: 350843
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 17:10:39 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame D1FC 15 KB
15 KB 66ms
22ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900027.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:59:44 GMT
x-content-type-options: nosniff
age: 77898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 20:59:44 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 0B97 274 KB
91 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a51e8c550456383636cf20e50afe7d978ac72fd6088527d06c9a05f1a32cfdd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93076
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 03 Dec 2023 18:38:02 GMT

GET
H2 200 dc_pre=CJClkOn084IDFZMLogMdMa4KuQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6478620114779.45
adservice.google.com/ddm/fls/z/ Frame DDDA 42 B
401 B 108ms
60ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJClkOn084IDFZMLogMdMa4KuQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6478620114779.45

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJClkOn084IDFZMLogMdMa4KuQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6478620114779.45?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

htlp Show response
futalis.de/ Frame CF9C
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=81115800135641404444994012527020&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3361161782

350 B
401 B

94ms
26ms

Document
text/html

167.233.14.134
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3361161782
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=b1813cfbfa&subid=&uid=e10b7b8a623fe69e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvMOUCMtsZbXGO5uqvcAPvMuokAim5b2gab2TnKfJD_AuEAEg1MealwFglYKAgLgHyAEJqQKHFnI5ikKyPqgDAcgDmwSqBNgBT9BTQycje7CDapjLu_kWRxd8SRMH68UxqK664caGi3-0QOY8gzju6tniDMhd6-0Mda70bJCQcoFjBAa-ZBUgjWtJbAM56oTPX86dTSVwr6gqMwdkOT1LUDW5NoiAV44j4i1w_PrTTUPcdHT_0dxBicUodWvbgrV9exubP3XRcpmN9WsFHll77sUx0xwYQpkk0n23sMPnJGdPU_0jAeZKuKh-EDwR9GOcOSg6OLC90vIlq8kH56SRrI3kSxJkQSe7qK-aF1DNP4ntWLpC7Ea69Ca1uF151VqhwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLW7vuj084IDgAoBmAsByAsBgAwBogwcKhoKGOS0sQLutbECtbixAuS0sQLutbECu7uxAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNY2UQrbJ3VoHTYm0vYpAgM48oJydNPQPwwQNMegGUZXLTH5LZ81dcvqynW_SUVlPliA5mFZ8TgRImYUnoTYnpjIF9Fx39weWQC6wYAQ%26sig%3DAOD64_0YY6shiQOC2QGE9b1U31i8d77egw%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-DYxUmFU6ZOEc34iEUdhqFmCTc6gu-OUeofVPkFZkA6fzzaxT5-B7tq-a_wdxu8AnxPnVwqtaruQrtBzQX1c2KHfrLONbWO9Q_F3LPXIYe3D6XJW2cs-NT_jggk4BZ_emtb6H-QyhgAUCiFGl4rbDDz7YMD669e5W60P8CBK5k3F1u27H8%26cry%3D1%26dbm_d%3DAKAmf-DobKM3S9DYwpvuP9r8s6NWPzuZkLhwMPftz0kWsWEpUEdreHT0JLI7-4nvOwMOr9zwiOXt05ub1zKx9iR56qklimZYUd3hzHaCubjHluiN0u1_V7IlIzSR9lzs0P7axvXnh32R4cbduERAXOL9W6gxiazTgVfGcO3qrAm54dfVtZMsveTNH3_n62B7Dik2qjxROPqPgIb8Qq_uWSwPaAPX_qm9uiyfDAUK2P5tFWyhYQmmKhKXHH_yVweOFeHvBP7Ki_41V4d_sL9dMxpbi4sALakBIet6rBMUw6WoSSKFILKFQH5lg2MjI7-e3-qjg7RGBUGxMRAz5S0ra0wnv-NqnXL9l1SVS7hLVHplWigGGua6Cc_l7bvvGO6Py7wlaIEeiF61z43nJAPIEwu-W6MApRtWR3TLh_2Io-8ylRTlfYd1B-joS3nD4e4NOhZk7XgAzyaa2QSITFNye37CpKIjF7Bc-hRRj2_hGeuwB73aoh_6hMm5YQ9OXcM1nYOa4fK_re5qFr-4Mxko7Ycj2sQPghnSRul3M2d5MX1f_ih7m2wM2-s%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=1828570771241&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.233.14.134 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-2.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Sun, 03 Dec 2023 18:38:02 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3361161782
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H3

200

activityi;dc_pre=CMT6m-n084IDFToQogMduF8CQw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2620912926399.7856 Show response
8019191.fls.doubleclick.net/ Frame 7285
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2620912926399.7856?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CMT6m-n084IDFToQogMduF8CQw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2620912926399.7856?

392 B
244 B

72ms
71ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CMT6m-n084IDFToQogMduF8CQw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2620912926399.7856?

Requested by

Host: geocult.ru
URL: https://geocult.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

4a1334943e3478fc431ad0aa3dd70b2d2fb3d5cd35582094ab6305282672829b

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 221
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 18:38:02 GMT
expires: Sun, 03 Dec 2023 18:38:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 18:38:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CMT6m-n084IDFToQogMduF8CQw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2620912926399.7856?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900020.redintelligence.net/ Frame 2688 7 KB
2 KB 80ms
27ms Document
text/html 178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900020.redintelligence.net/request_content.php?s=81115800135641404444994012527020&a=9d3f26ae
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=b1813cfbfa&subid=&uid=e10b7b8a623fe69e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvMOUCMtsZbXGO5uqvcAPvMuokAim5b2gab2TnKfJD_AuEAEg1MealwFglYKAgLgHyAEJqQKHFnI5ikKyPqgDAcgDmwSqBNgBT9BTQycje7CDapjLu_kWRxd8SRMH68UxqK664caGi3-0QOY8gzju6tniDMhd6-0Mda70bJCQcoFjBAa-ZBUgjWtJbAM56oTPX86dTSVwr6gqMwdkOT1LUDW5NoiAV44j4i1w_PrTTUPcdHT_0dxBicUodWvbgrV9exubP3XRcpmN9WsFHll77sUx0xwYQpkk0n23sMPnJGdPU_0jAeZKuKh-EDwR9GOcOSg6OLC90vIlq8kH56SRrI3kSxJkQSe7qK-aF1DNP4ntWLpC7Ea69Ca1uF151VqhwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLW7vuj084IDgAoBmAsByAsBgAwBogwcKhoKGOS0sQLutbECtbixAuS0sQLutbECu7uxAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNY2UQrbJ3VoHTYm0vYpAgM48oJydNPQPwwQNMegGUZXLTH5LZ81dcvqynW_SUVlPliA5mFZ8TgRImYUnoTYnpjIF9Fx39weWQC6wYAQ%26sig%3DAOD64_0YY6shiQOC2QGE9b1U31i8d77egw%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-DYxUmFU6ZOEc34iEUdhqFmCTc6gu-OUeofVPkFZkA6fzzaxT5-B7tq-a_wdxu8AnxPnVwqtaruQrtBzQX1c2KHfrLONbWO9Q_F3LPXIYe3D6XJW2cs-NT_jggk4BZ_emtb6H-QyhgAUCiFGl4rbDDz7YMD669e5W60P8CBK5k3F1u27H8%26cry%3D1%26dbm_d%3DAKAmf-DobKM3S9DYwpvuP9r8s6NWPzuZkLhwMPftz0kWsWEpUEdreHT0JLI7-4nvOwMOr9zwiOXt05ub1zKx9iR56qklimZYUd3hzHaCubjHluiN0u1_V7IlIzSR9lzs0P7axvXnh32R4cbduERAXOL9W6gxiazTgVfGcO3qrAm54dfVtZMsveTNH3_n62B7Dik2qjxROPqPgIb8Qq_uWSwPaAPX_qm9uiyfDAUK2P5tFWyhYQmmKhKXHH_yVweOFeHvBP7Ki_41V4d_sL9dMxpbi4sALakBIet6rBMUw6WoSSKFILKFQH5lg2MjI7-e3-qjg7RGBUGxMRAz5S0ra0wnv-NqnXL9l1SVS7hLVHplWigGGua6Cc_l7bvvGO6Py7wlaIEeiF61z43nJAPIEwu-W6MApRtWR3TLh_2Io-8ylRTlfYd1B-joS3nD4e4NOhZk7XgAzyaa2QSITFNye37CpKIjF7Bc-hRRj2_hGeuwB73aoh_6hMm5YQ9OXcM1nYOa4fK_re5qFr-4Mxko7Ycj2sQPghnSRul3M2d5MX1f_ih7m2wM2-s%26adurl%3D&documentReferer=https%3A%2F%2Fgeocult.ru%2F&ancestorOrigins=https%3A%2F%2Fgeocult.ru&random=1828570771241&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: 02c0b0cefbe5e2a0a5ef8703cefa1025b9c805016b3da4ed094d153c546b5210

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2072
Content-Type: text/html; charset=utf-8
Date: Sun, 03 Dec 2023 18:38:02 GMT
Expires: Sun, 03 Dec 2023 18:38:02 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 9321 43 B
703 B 344ms
336ms Image
image/gif 23.212.218.19
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2229232&v=11671&q=344795&r=296283&pref1=81115800135641404444994012527020&pv=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.212.218.19 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-218-19.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Dec 2023 18:38:02 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 9321 43 B
703 B 272ms
225ms Image
image/gif 23.212.218.19
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338577&v=11830&q=357066&r=296283&pref1=81115800135641404444994012527020&pv=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.212.218.19 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-218-19.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Dec 2023 18:38:02 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
DATA 200
OK truncated
/ Frame 9321 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad9428af606aceefa4695c18a8904ddb275a328dd01735ec5c62cc70e760d0cd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame B81F 53 KB
19 KB 203ms
43ms Script
application/javascript 108.157.4.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=54849000155088504444556012527027&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-75.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:36:09 GMT
content-encoding: gzip
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
last-modified: Thu, 23 Nov 2023 16:26:10 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
age: 21714
x-amz-server-side-encryption: AES256
etag: W/"1180a1bfee0aad979766ecd6180b923e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: IgzgYvo36ZxlppBg0a-oqXnbLqlEbMLia5_xVx_RqkI_ucuo3TubFw==

GET
H2 200 1x1.png
cdn.track.production.webgains.team/7121/ Frame B81F 3 KB
3 KB 179ms
24ms Image
image/png 18.154.63.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1701628982&Signature=RQFMYPAlOfismfKAWquxqRVVP5tRs0C~9MNjQya-8Z3jabFhAit3gUBpmHTISrmgNWRGJBGYV6mK85xSdibb-e4FbO6F4ULCVtVhxnd2Siod0x-qxu-EO4q4PuWGD14gLGNJdxQYS2~3ick57JqBmoxc7dc11J~~EOqd0J8P8tb6~4QeZgFOmDcyCtkc98dHcsFb7gBWOPWMZTjtaM0i45fQJsQJ9flqHvJ-jcusND0nDjQmooTraC0s2Seq2r-3Hl92ykfaym3ZCZlMZoYas4y-7wgRpCLmLm1YIwHG8NcxS41JhJXFoBXfMEjBhqYHG9OHk7rMI-tqLcR0gClycQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&slotname=6315164047&adk=1815116396&adf=2119670097&pi=t.ma~as.6315164047&w=160&lmt=1693404896&format=160x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628680533&bpp=1&bdt=185&idt=270&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1897&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=272
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-57.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 03 Dec 2023 08:53:03 GMT
via: 1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P4
age: 54902
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: yz_SUTdLYM0fM3GkdXlwBZeK9TAiWSzhwY19N-wONXZfgPJz_cSoFQ==

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 3A6E 31 KB
12 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5awfnE2v6JxJKrsUi6FyBjWLBd5BHuXkFc4n4zAQyQ36Ky5RgF29h6iLi3ZeTUjN9D6_7-setI9G79D3BlRO-Cjtrrcalc6b1QrMOBp6eXb7dbU6x1gj6QlcWPsUq067DOVdgBJ4TzdIxCwi-S6wuSflrDKJlvdEPbl-18gyjIXwi6mg&cry=1&dbm_d=AKAmf-BTMTGbhXjbxqZQ8TWLiICXBZz7AzhJ1hydu7Mf0xN6Wgal6GTU_5AUTMKygUP4RYWU2xHoj0nStDCQsLxXwr7rx2-j5vhTGHcJ4_wbQx4kMNqN988c9ymENRNZiVFptRtcf8g6f8mkHLXrWEEqtKIlcvZQXC0AC_8RdQRZFf7KMjsA0inhzUF8Wqaa0beVU414HK0x9WVcZhEgzIBPyfOjjzeNidODH6w28-Pi2tqeVlB0yznKYBYj6Oy40YPhFUvuRFeDNaIHJXCKW9TVqoDcbZeIb22oMfDp-_L5gYZlmrYlqSyNOaIcAVekG1wrgSXbbAnrU3Uq9m8CJXxT8WPrXz6pgH7x1SYowyIMVsEC2h5btYfJdqISXANa6im1uD8tYzF6FsyOgR6RWTUtRtY-HXu8NDk8FomJFfMbNDQo9bE8lIUhO9UGhuSRByN3IbdVQXtEYpaPy46kq2kyOsw1uFy6bXNpWuSjwtHJ9AplZUg4V5pp7MUZn5HMply9AnsQqrOH79ZkY2_jjA98lNmGgHD4zQ3SVpoDHs1SIzydClyVRq4Zhd_PchW-NUKe0qn6VbE_DIOo__h7eGz1MwEZIAAd4nfxgr_veB70WAKrme-U0mXDm_UVw9BIi0l47XFVJsA4H2MjGIK1nJLDa6uyg5oCzNFV_RPbXSPyHQrxrvu-WxrKmMlXsjWjj0ry5CnwiOXwVJTmxVfclIDQgIwpiw0XbRwnYsZAFw_iu_qjphOicF37REy6ldcn4R3dZB0VNTxvwJef3fsexr7x6KibWwpZ6ZFT3JPLV5OF5nXvr19Hpw5eCYDKtU2uGh5kAWbszySJuej9XXUEO5KlNFelMXFqarmZRPenW2TJO58aHxMc4qb97D6L-kg-dYzclAPPqENuV1XavRxB3dFcDaXBiBwXG9bAlDwoVuNIhHdn9AOt0KbVmo5S_8vH2I8nne-bkshOp4uQ0qOc_CLC9gQvOLzhdJaUivVnADbb4APgCUcTYISiH9UzPOPkT1tauDMONP-M4aakBlMiTJciixhgmiRDNeo8_Ef4Q56hSc8liMhQUJVi0-vWlUJdTRG2WUt6QykFBYqikbv-l-TUwmxoESc6e5TGX3-OGlrpwe32Oxoj9D2Rrfp3FpPxtgXVNW23gaF8nHB-PruFAAqduQL9qNuibT-j_08ihQ2wvAKNwYb2kINsnbGNLhKuxzHSrYbDOWwEmovS66aNvR4IotdTCkyB8yyGca0THDAUE33nHd5jMDZIAdZkBd_Ib8mgKeluqeduDLhFAU93u-pkEc_Gr0NyWknziMsblfU_OKKM4QnJlxtGqz3fWIImfNTruIea9KAuyeBHRik3s9MviIVWTG1m6tid3RYj3dSLMTpeR0y9_4GSrIVQAODbZghsbItxbP2P72ZNKEa8E_8PngzqOMN3-3U3C29Ck30DdXvtRAUQOWu2S1YMjz5MalagzIhEkjz2mAQoeJf34qK8G2WvERmWufp-aaRu_R1gBSDfRxYdHj9UPKFZOWdHYZqNYxvn0tRC5FAUgFC-ixuj1RpsdAore3fdAm5elNPPZZ0fQ3sy2hby_06AhD0EhTLqi_VL9MnAr0XDz4jfgCQxf-tyeBFE5dXJ1NmIyALW5cTw3KmTHHxWMT1GPZlzb2KY8AFAp0z10-EG0jhlHiMH9dFHACn341EVtlMi0UP9C3J1Km0op0uZg3L6hITiVYSQmwUlbgV9aCF2fe9bICSnNLPFcFdXKVtQ1rJryfKE93-pD7TsE10poArbxXn9dDSFxn8aPWrCM3SO3I92cQciiTLL6ATM1t3shS8S5-4bxh5gdQzNSBjrnotOp55p3HBIFEahalh9pfE2gU6-180QnQe5wcbHZlNeUSjUrGquGQTXWdOu5N7XIjbhiSw3x2EmtGx2aUzZ44JtI8jNrq33vEW-1utHn61bZZpfLdbYx6ay4y7VCEqzQRtTcdvcp9OEAXAjcm8urUzUaDGziU9HqxoXlUV7BeRSSbdTa_mx5J7NN5PUItQ8jrO9UKEV1z0aMy2vmZu-zrJyCx3OtIW_6meut3f2TS59TeOgOxMQwVvht2AflT_1JD8-qI5KVtTcJTkt97RZNJoCtCHOaktA9w9ACPrH9m8qkXmPVkBuQJA8fbw6YsI4K0PH1XdLLNVh86kN615tP9SqRGkGHIuFdpjIPFbIk9MTma_CIFce1zWb7ZURXg-O1EOSqEFcX0j2hMZY8bH05UOdCY48peqwqubnL2nqv8juYOJc23VjvdXfrduaiHsP-14qmOzAayXR_mXHMTeMdQBJKvIS2Kk2-kf-OxY5H5_R_HNjLSKa6ZgGXOgd52vHCBLdjJHFn9_wf6DnlN2-yR9mQToUX095Q31HQHWkvkVKhDv5DGhJc52fj2Su4p5aTK5AdkbKBeNU2zMJACtSlhq2dROGxBTaLWkwe5hTeV2C9-C4HUeil-2W4iufIa0rVD1ehj4FG34Xg9MmimDqZ09v5rRqnznx6nyuY4JdBqfRxsg5bZHPu7zzUwRJzbhxtXq8hFD8BgSBm5_LI3izLI0_ZCox6CVt-cGt710TUKNlgxksHMUnNUr-I4qxC4MWInTcYW73J_-GqirduYWxWeKuPDP1g3PdDvXcSWv3MAf3oFPgg_wYPqYMiZkHeEcGvimulYe9F_NEH3S9XRSJNxXQo81ksBGx01DG8bPUtU2KPRqEI8aeMwYLl7JHRU5E2xCPiEF3Sd4jdkw2GypQNE-a-zjJa6msQY0LZ-zTs4lVAVdIvQB71KcQe17XwrSCYmyu5tzFUSNxJb1BJUPotuLwzmschEnB4SgKtciORJB7Iux9zrExO0W5TRcDbgrAdI4xJftKrsHALgWeyejqnFkQpioy9mgHoHUDlRm5_Ox0tLPGnJ7ls5VolBBeFnoslz7WrXTOnuJoPxguxPkHnpSYNF6cpdRw-H4txxk6j02guP8qz-PglAHpWxzAevB8U6y3U1FWII7LPOJB-yiVQzZ2vtRFJTYgNJ-mM3GQ0Fsg2jJyudW-5WuT6XmirTfO4SmY70c4JF8BVcAw-RkDLPWmwVdQ_MwGCW-B3tf4B0osLDvjroxt98dg5DkEGmj2-PzrcOWok1xeHfGy3zqfw_WYbe2tNueXH10F9Fk5gqiVZpFxh2Xmb7VmC0Umuscjlz3cr1ltNrCRxnoJlosx0EoZzvT0U-KVc9EC73rmcVBE40El_N4-iB4XSBIyP54c4DaCOmmjDyzXDhMm8xqxSdnjkhVuVVNyUMqqYy-LL1NuIyQeSsv1xKj8A75C3RYd2mHAZEWsvAvrpZyFhTjOy2a38JGLbeaYXcdUxTuMUcbTvKCoProkZWoNSaKNMGNI8rOTnNCe6lzBkOxSgrN730Y-31IFr4LEbyqw1urq2C-DGpvRBsXvAHRoXF39LFj5mMsoHwpLpBVFIgvegLHVemQC62uKtWGcciVAP1Y8AN3fccKqhh6IKuCk8QKpHHQW5jsE6-OiJPU3bL65z1JehT58KD74GZtalMvLarOXoqAz1M2KHAjsYsPQWQildLyXkIvGDXz3WJh03j5YMip2PuU6dSaMJR-2QpsBMtwzCvFttk9OJ1jpbpJKSJzhZYXu210BR1rWnX1195s09A73&cid=CAQSTwDICaaNhP534Q83BqzHnsGlFxf2z0X_-LIlPbr-k8f_B6-ZfMEPgo94QZBmLlDgoe7J1hGYB4sxx-fLrnaoI4Gg00yVYLkyeeKNM_DTBUAYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgeocult.ru%2F&ds=l&xdt=1&iif=1&cor=17544258778451517000&adk=929882891&idt=117&cac=0&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:51:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11894
x-xss-protection: 0
server: cafe
etag: 8278194740845609983
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:51:49 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 3A6E 41 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 174774
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
H3 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTYyODY4MjExOTgyNgogIHNlcnZlcl9pcDogMTQ2NTMxMDU0CiAgcHJvY2Vzc19pZDogMTE3NDcwODA3Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDMyNzY4MTcK...
ad.doubleclick.net/ddm/activity/ Frame 3A6E 0
22 B 60ms
59ms Image
image/png 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTYyODY4MjExOTgyNgogIHNlcnZlcl9pcDogMTQ2NTMxMDU0CiAgcHJvY2Vzc19pZDogMTE3NDcwODA3Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDMyNzY4MTcKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL3phbGFuZG8uZGUiCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBWSUVXCmltcHJlc3Npb25fcHJpb3JpdHk6IDAKaW1wcmVzc2lvbl9leHBpcnlfaW5fZGF5czogMgpldmVudF9pbXByZXNzaW9uX2lkOiAxNjgwOTIwOTMwNzA2MDg2NjcyOApkZWJ1Z19rZXk6IDUzMjM2NzcwNDU0MTIxMTA2MzEKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTEyLTAzIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzI3NjgxNwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDM1NzY5NjYwMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTExMTc5OTc0MAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyMDMxMzEzNDMzOQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQ2NzEwMTA2NwogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly96YWxhbmRvLmRlIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vemFsYW5kby5mciIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3phbGFuZG8ucGwiCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:02 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x2ffd0adc348721a90000000000000000","13":"0xc7a76f7d5fbf54290000000000000000","14":"0x3f1568b2dd425050000000000000000","15":"0x6dd0299d067782040000000000000000"},"debug_key":"5323677045412110631","debug_reporting":true,"destination":"https://zalando.de","expiry":"172800","filter_data":{"14":[],"21":[],"8":["3276817"]},"priority":"0","source_event_id":"16809209307060866728"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bg Show response
ads.revjet.com/ Frame 3A6E 43 KB
18 KB 107ms
25ms Script
application/javascript 5.9.137.78
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/bg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.9.137.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.78.137.9.5.clients.your-server.de
Software: nginx /
Resource Hash: 1b16a5af84666feb9f8f195d3a8b74042f80439ca327b61f1c598f58072911ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p: CP="CAO PSA OUR"
date: Sun, 03 Dec 2023 18:38:02 GMT
cache-control: max-age=10800
content-encoding: gzip
content-type: application/javascript
server: nginx
expires: Sun, 03 Dec 2023 21:38:02 GMT

GET
DATA 200
OK truncated
/ Frame 3A6E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8333148d2208e6e672e22d928e408eea1e2568339917e9ed18e5d6d9cb964fdc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 2688 5 KB
755 B 32ms
31ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=81115800135641404444994012527020&a=9d3f26ae

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Dec 2023 18:38:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 18:19:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Dec 2023 18:38:02 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 2688 14 KB
14 KB 77ms
26ms Image
image/png 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/71422/creativesup/image-1200x627.jpg
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=81115800135641404444994012527020&a=9d3f26ae
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 651a6d9487526a326703528b63445bc657443628ea7a8fa63d08504ff1a68fbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 18:38:02 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 13920
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 2688 13 KB
13 KB 84ms
28ms Image
image/png 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=81115800135641404444994012527020&a=9d3f26ae
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: a602a1b8f590d0521b3aae7690f7528645f92bb4052a025dd9fa8b4a1210ff3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 18:38:02 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12998
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 2688 15 KB
15 KB 81ms
28ms Image
image/png 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/32783/creativesup/1200x627-1.jpg
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=81115800135641404444994012527020&a=9d3f26ae
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 36d2919a38bb9906f76ed8a7e30a0696bcf4e18b4c0da38a4660437a5e7ea49d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 18:38:02 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 15527
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 812A 466 B
235 B 62ms
62ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYl4fo4gEwAQ&v=APEucNUoBwRi9RQ73QHzU2WHPNndQUBUMAgcK8FiFpaXqYQE_lhdp0pwFICqSInu3vYIEMfHX_85esK3LtL3leVeGdk6SrFz8M3_IEsxlW1NiuPZKDmGvKVJaisMdawuEbR4lmOCRXKtd0Vfa4pGLmgZVJVSymDbu43x3ZWkxmD1W9ykxOdQhdQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628681813&bpp=1&bdt=1465&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628681813&bpp=1&bdt=1465&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 18:38:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 22EE 172 KB
61 KB 75ms
22ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: geocult.ru
URL: https://geocult.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24573
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Dec 2023 11:48:29 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 22EE 7 KB
3 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: geocult.ru
URL: https://geocult.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:42:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71708
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:42:54 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 22EE 24 KB
9 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: geocult.ru
URL: https://geocult.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:42:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71708
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:42:54 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 22EE 41 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: geocult.ru
URL: https://geocult.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 174774
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 22EE 3 KB
1 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20351
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 12:58:51 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6C62 1 KB
643 B 22ms
21ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 27952
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 10:52:10 GMT
etag: 48472445140208031
expires: Mon, 04 Dec 2023 10:52:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 22EE 20 KB
8 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81352
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 22EE 0
0 31ms
29ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSPZNfvyLAyMxT21uXKjvUG_7lNcum0eaZ957iG8UxLEuADE043f0NqxnawtX777JHLReevOcKNxIYvPlLIOcp9acSAXA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628681813&bpp=1&bdt=1465&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 22EE 202 KB
64 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 18:38:02 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 22EE 42 B
63 B 133ms
132ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CsHhyMpPkpCHwW4AGlbthpRm9zCl1_YilOzTFC8sCn9DhkB63dj_fBvjmMh3lQvyJg3TkbDltRSl72OzVLjrIkKoSXJm7cZJ-Ns3-XbE27G8-8vuw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 898C 38 KB
13 KB 22ms
22ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 52199
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 04:08:03 GMT
expires: Mon, 02 Dec 2024 04:08:03 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK viewability Show response
hal900020.redintelligence.net/ Frame 2688 0
150 B 77ms
26ms Script
text/html 178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900020.redintelligence.net/viewability?s=81115800135641404444994012527020&a=a1db3cbf&vb=m
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=81115800135641404444994012527020&a=9d3f26ae
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/request_content.php?s=81115800135641404444994012527020&a=9d3f26ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 18:38:02 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 2688 14 KB
15 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900020.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:10:39 GMT
x-content-type-options: nosniff
age: 350843
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 17:10:39 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 2688 15 KB
15 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900020.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:59:44 GMT
x-content-type-options: nosniff
age: 77898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 20:59:44 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 6C62 35 B
463 B 65ms
22ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEChTtHy4ZS-Qy67h9geWmQ8&google_cver=1&google_push=AXcoOmSWXQFG-LHwFtJZYjhEGpwZpg4fj80ydDt-FxOvhqgPT9lIZZzHMINyH-hTFNn1eY1dkykRstxkjVOV9BbeLafE4A21JfN9Mg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:02 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 6C62 0
104 B 353ms
202ms Image
text/plain 2a02:fa8:8806:21::1690
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHHhNizH270GDa1CvDEAxlk&google_cver=1&google_push=AXcoOmQp-BZTf1LcR7WYYYVSfwfm8kq0pr0bGjSyW-dx2Kt-20XR_EiX4g9UK610Ud0c86qZULrEwZBbQ_r14w5oUmbvfwh4Dwm1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628681813&bpp=1&bdt=1465&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:21::1690 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:02 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6C62
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGWeKVhGdAe8qqJZGnq0ahA&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGWeKVhGdAe8qqJZGnq0ahA&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NzFnamRMeVkxUjlSbFU1&google_gid=CAESEGWeKVhGdAe8qqJZGnq0ahA&google_cver=1&google_push=AXcoOmR_PAUL8sFfSRPdtDM9NU5oaFkDL8K7VLVbSZPJVzQ...

170 B
188 B

31ms
31ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NzFnamRMeVkxUjlSbFU1&google_gid=CAESEGWeKVhGdAe8qqJZGnq0ahA&google_cver=1&google_push=AXcoOmR_PAUL8sFfSRPdtDM9NU5oaFkDL8K7VLVbSZPJVzQ8QSp0TY4Sm0FN1DU3BXbLJ3Kx1A_gn1vifYSThI9lss2cuRauqmvu-Q

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 03 Dec 2023 18:38:01 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0f7f5cc7c951f6e61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NzFnamRMeVkxUjlSbFU1&google_gid=CAESEGWeKVhGdAe8qqJZGnq0ahA&google_cver=1&google_push=AXcoOmR_PAUL8sFfSRPdtDM9NU5oaFkDL8K7VLVbSZPJVzQ8QSp0TY4Sm0FN1DU3BXbLJ3Kx1A_gn1vifYSThI9lss2cuRauqmvu-Q
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 6C62
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEB_uTgH0jCE-oKa4dz0eu5E&google_cver=1&google_push=AXcoOmSRcWVijAjOky6Ciffj6BSLdnWgb85MEYdqACNtsZybrqFMyebgcQXOCJKF8Bu4Dapa6mriemNuVMNtCd4VtCofgcPtY3Tr&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB_uTgH0jCE-oKa4dz0eu5E&google_cver=1&google_push=AXcoOmSRcWVijAjOky6Ciffj6BSLdnWgb85MEYdqACNtsZybrqFMyebgcQXOCJKF8Bu4Dapa6mriemNuVMNtCd4VtCofgcPtY3T...

43 B
463 B

195ms
194ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB_uTgH0jCE-oKa4dz0eu5E&google_cver=1&google_push=AXcoOmSRcWVijAjOky6Ciffj6BSLdnWgb85MEYdqACNtsZybrqFMyebgcQXOCJKF8Bu4Dapa6mriemNuVMNtCd4VtCofgcPtY3Tr&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSRcWVijAjOky6Ciffj6BSLdnWgb85MEYdqACNtsZybrqFMyebgcQXOCJKF8Bu4Dapa6mriemNuVMNtCd4VtCofgcPtY3Tr%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:03 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82fdeca4c9e3365b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:02 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 695
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB_uTgH0jCE-oKa4dz0eu5E&google_cver=1&google_push=AXcoOmSRcWVijAjOky6Ciffj6BSLdnWgb85MEYdqACNtsZybrqFMyebgcQXOCJKF8Bu4Dapa6mriemNuVMNtCd4VtCofgcPtY3Tr&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSRcWVijAjOky6Ciffj6BSLdnWgb85MEYdqACNtsZybrqFMyebgcQXOCJKF8Bu4Dapa6mriemNuVMNtCd4VtCofgcPtY3Tr%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82fdeca25e8c365b-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 6C62 70 B
149 B 147ms
47ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEO5Wv4P5b95thhQdcVOF4E4&google_cver=1&google_push=AXcoOmRUY2by1Auj7iagJgUTc5ULK9UEp3LKFcCfXGe7a9R80Ye_r_MoSzFTROWmFNJvAQ6nG0DdMrzVfu_998ppTwu2nQl4RSTroA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=371214980&pi=t.aa~a.542385254~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628681813&bpp=1&bdt=1465&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280&nras=2&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=776&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:02 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6C62
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOZWxC-BmkSg-_kDOorz2es&google_cver=1&google_push=AXcoOmTYvt8b1EwzgjZzhAS97xeDq9QuumRwCpm0I4GiAh9Q3UgualxUsb76rC7hdiYKa6HuaM4qa0IOx-A8RkWwX5LmrX8...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTYvt8b1EwzgjZzhAS97xeDq9QuumRwCpm0I4GiAh9Q3UgualxUsb76rC7hdiYKa6HuaM4qa0IOx-A8RkWwX5LmrX8Hx97png&google_hm=eS0wdEoxNTBaRTJwRnQ0...

170 B
188 B

31ms
31ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTYvt8b1EwzgjZzhAS97xeDq9QuumRwCpm0I4GiAh9Q3UgualxUsb76rC7hdiYKa6HuaM4qa0IOx-A8RkWwX5LmrX8Hx97png&google_hm=eS0wdEoxNTBaRTJwRnQ0ZlZJNEROMWFNOXhwd1FKWXZRQX5B

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 03 Dec 2023 18:38:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTYvt8b1EwzgjZzhAS97xeDq9QuumRwCpm0I4GiAh9Q3UgualxUsb76rC7hdiYKa6HuaM4qa0IOx-A8RkWwX5LmrX8Hx97png&google_hm=eS0wdEoxNTBaRTJwRnQ0ZlZJNEROMWFNOXhwd1FKWXZRQX5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 6C62 43 B
363 B 107ms
28ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSGL-AaUKraAXEhIMqYPAFtzW6-GYlzkOYcFmmZ1w8Obi5sv5Z94CZWpKOm07yAYOuMdFM9S3hp1iCMradfBQNL4HMHeYQX1Q&google_gid=CAESEHnNPvu64BIldHDzlFedHFw&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:01 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 286707
expires: Sun, 03 Dec 2023 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6C62 0
12 B 29ms
28ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LvKGiPXVyc7Kv1oHpoCdNgIls8I_R9TqOu5WmbuJZ9l1LlvIC0Morx4fEcQV1WYpnZ82_o

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:02 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 rectangle.js Show response
cdn.revjet.com/~cdn/JS/03/3.5.2/modules/ Frame 3A6E 20 KB
7 KB 121ms
23ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/3.5.2/modules/rectangle.js
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6711) /
Resource Hash: dce3111ede9ead68dbb0c6343255a1cc111060d98da86a7e96e0fa8510bb1a02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:02 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 15:25:31 GMT
server: ECS (frb/6711)
age: 409
etag: "64e381eb-4ee4+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 7263
expires: Sun, 03 Dec 2023 18:48:02 GMT

GET
H2 200 sync.html Show response
cdn.revjet.com/~cdn/JS/03/ Frame 9EC0 2 KB
1 KB 117ms
22ms Document
text/html 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2Fgoogleads.g.doubleclick.net
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668D) /
Resource Hash: 71afeaa2f8371d9b3f97e6a91b94b72b2eec42d37886a88207943877051187b7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 560
cache-control: max-age=600
content-encoding: gzip
content-length: 942
content-type: text/html
date: Sun, 03 Dec 2023 18:38:02 GMT
etag: "64e38310-744+gzip"
expires: Sun, 03 Dec 2023 18:48:02 GMT
last-modified: Mon, 21 Aug 2023 15:30:24 GMT
server: ECS (frb/668D)
vary: Accept-Encoding
x-cache: HIT

GET
H2 200 dc_pre=CMT6m-n084IDFToQogMduF8CQw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2620912926399.7856
adservice.google.com/ddm/fls/z/ Frame 7285 42 B
107 B 68ms
68ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMT6m-n084IDFToQogMduF8CQw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2620912926399.7856

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CMT6m-n084IDFToQogMduF8CQw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2620912926399.7856?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 4AF4 38 KB
13 KB 20ms
20ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 52199
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 04:08:03 GMT
expires: Mon, 02 Dec 2024 04:08:03 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 898C 39 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:58:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Dec 2024 12:58:53 GMT

GET
DATA 200
OK truncated
/ Frame 22EE 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb75f16d658f330094ea1fec0b38b503b90a90f1011db476c347d1ac93909c57

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET

partner
sync.search.spotxchange.com/ Frame 812A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEPiLFGnrl_Ck6xeaPv1Xi0U&google_cver=1

0
0

GET partner
sync.search.spotxchange.com/ Frame 812A 0
0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58269/ Frame 812A 0
125 B 121ms
24ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYl4fo4gEwAQ&v=APEucNUoBwRi9RQ73QHzU2WHPNndQUBUMAgcK8FiFpaXqYQE_lhdp0pwFICqSInu3vYIEMfHX_85esK3LtL3leVeGdk6SrFz8M3_IEsxlW1NiuPZKDmGvKVJaisMdawuEbR4lmOCRXKtd0Vfa4pGLmgZVJVSymDbu43x3ZWkxmD1W9ykxOdQhdQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:02 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame CF9C 5 KB
5 KB 23ms
23ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3361161782
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:02 GMT
last-modified: Wed, 05 Apr 2023 20:14:46 GMT
server: Apache
etag: "1416-5f89c717cdc2f"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5142

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 4AF4 39 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:58:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Dec 2024 12:58:53 GMT

GET
H3 200 8821506193659395398
tpc.googlesyndication.com/daca_images/simgad/ Frame 264E 72 KB
72 KB 25ms
25ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/8821506193659395398

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628681813&bpp=1&bdt=1465&idt=0&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afd1ef9d3e6973831f163767450e26d551df780cd59ec80438a8023de6dd6a8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 04:32:30 GMT
x-content-type-options: nosniff
age: 137132
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73830
x-xss-protection: 0
last-modified: Sat, 18 Nov 2023 00:58:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 01 Dec 2024 04:32:30 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 264E 24 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628681813&bpp=1&bdt=1465&idt=0&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81352
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 264E 3 KB
1 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628681813&bpp=1&bdt=1465&idt=0&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20351
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 12:58:51 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 264E 20 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628681813&bpp=1&bdt=1465&idt=0&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81352
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 264E 0
0 29ms
29ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ7Vc3Ka6khrE8u5N4hEwB24ys-4kxuf_f3xh2Awa7lwEajjVCln4dD2zsKSI1N_JirKprU-GWpSe59TRL8KdAB14a72Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628681813&bpp=1&bdt=1465&idt=0&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 264E 202 KB
64 KB 157ms
156ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628681813&bpp=1&bdt=1465&idt=0&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 18:38:02 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 264E 36 KB
14 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628681813&bpp=1&bdt=1465&idt=0&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14781
x-xss-protection: 0
server: cafe
etag: 13719831398043079576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 11:56:04 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E3B6 143 B
166 B 22ms
21ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628681813&bpp=1&bdt=1465&idt=0&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628681813&bpp=1&bdt=1465&idt=0&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 387
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 18:31:35 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A12D 1 KB
643 B 23ms
22ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628681813&bpp=1&bdt=1465&idt=0&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 27952
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 10:52:10 GMT
etag: 48472445140208031
expires: Mon, 04 Dec 2023 10:52:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12943809228921786815/ Frame C056 1 KB
767 B 163ms
115ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=UDrzxuizy5&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68b34a28617137221b76b93546359bf577aea1d6b3aadbd65b40e8bbdae7dd0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 739
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 18:38:02 GMT
expires: Mon, 02 Dec 2024 18:38:02 GMT
last-modified: Thu, 27 Apr 2023 13:46:02 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 22EE 0
0 69ms
67ms Fetch
image/gif 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsu0JHATsrIfBcX9GOTH_x8rY397umhC4Nicxx5kfMOBrKaOY69z0SU8aCPgAgy2s6yBqEcj4PNZoZUvyP3HLlw6lqLMSJA67pJT4nVEJu8m0vE845KQ2m-vWJCoBS7GQETVnGGlA2EXU_xbTuFuxEEwvFQ801DqgJgp08UAjteevyj0OyP6zwLKVB460bQH6vb1coH3y-uvuiqEzNAgj1StXG2iYX3msPcwmwusLuYhmwEP2TQGkfRfyAyltR_QTYfH66hssa0cwJqCjSvI8G3M0NHMc48i8MFhxLVMbkLEN6jY21eDnoBeGwpvFc3h4qZuGi63Oyukqn9g4Vhe83651TOZjA-0iEq5JRqGJLSrqvpDsfK6KatmKrboIONQpJgL8mnxyUicOB5PRwcD0lvbYioFHUjRfTw9_Qv1_RhDl_auorLrUaUewrJ4HxDA7dHziLS6j-KN6J9jx1p_bpBBWw43vL9k1HoFM-OIFa6k-EqFC3OODPQJNCIBKvoL0TR9NdzjyCgHQ32Zlh8VO254ucK988VrUdO-DCjLE1Mwt_zJyP1ijMbvOLawz_Myhv3itDSQir3b_ykFo8nVafOz2gzcSljD6YtqZ_x4DYJp-iG2GSN0-8GUQJIcKxHTKT6Fyu6zRFxMsuR9i8H6g0djbYLLN53mo_LaqhC8dESec2iyEY-Am_t3bKenvY6EN3qMf1L2TznsZLFESusJWfyeerKjufhveU8LrXfWJ0FRcWIMzyrnHjQrEooDhZ487MI9DtX7qHx7CeA3LxdaxoEL0lST23wIZOCP72t57Zt1WK-s9bHh_WGKtqNjy8mAA5Br6LyusuD8i1t7GUCdvQHouDdXBlnIJ272UGOfRRZTqDU9Fxpx_vV8LA0ITp_UIbI77Rt_EOXug38RlMnFh1h3mWYeeAnxZ2LX7MD1dp3PGNrC77H_btiiXJp0T_voh3efmc3KyZlXjPPwaC-KxjjC762dzIeDNy0slCXJWvhpZ_ZIW6hjnSJF_UyurgsFMiWs89KNu4Mam74PevSp4Wt96DiLLWTdUOEBqVa79YIUfvrJf1WfxzuQTa972FFuwKZE3TTcslIRnGGOalJ7YL0BOocNrYYDn9MHGNrvhShDQufqWmopvPglPm9U7fYSHAaNkkuXkjSiwmewZnZP9ucQVlbVcJ6F7lBwkEe3fT_AmF2RNnhWXJVWKi6N2XIvVmrjCOvxRQa2O3gTULNsWAdTfzBG3WoV98bTQCNkKCt5qfZE5UkLDCvbC6R_RxrbXnqCqTRkzwZFuhD4myCulSYxEB8Y6Bi4FDzDvLUqbAIrGib8qXx66dvvFsWvmQ0-9vXMTwdG0I_jty4Ccb8jOrGLn9TyVg&sai=AMfl-YSST1vg3Xqtkisx-ByXsLdZGo3jWsyeU5DYx37L0TBd5A__YkNeMnOuOuNBK28Rha2SzRD1gq5csHDf8L0RzzBlaEycekh7Xroz5-lHdHKiTleT9SRKFy0rzDJ1bD5J1zwlGglFMEMMXO8VywZOSHmwJeu8zdt4vzNzz3WndEhLAb47dg552YRXgpZD7dLT_sJjirh9bigX3NpRvHmygsu1y4tJPlwcK6etYXo9dO3htbgoJJg99NC_1jWJMVvaVEYLJJ2Ap_huSRg-GWcTQUaqUsIv09UMWufNJk8tOxxWOTXYCciIHlVyEB2OdT-NYCb_jDUCEYfoPoAVoBigLGzC5_zKiAN5NiSVqSV-AYXWpOM3ydR4epYWQDgMDdi7RBfMSbONmTO36VnJeGgTj8i_VR955qB3wLRWeLRC&sig=Cg0ArKJSzG3lIVrQ6dQjEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sdWZ0aGFuc2EuY29tLGh0dHBzOi8vZXhhY3RhZy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=145&cbvp=1&cstd=138&cisv=r20231129.93584&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: geocult.ru
URL: https://geocult.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 03 Dec 2023 18:38:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 22EE 60 B
60 B 153ms
30ms Image
image/gif 85.14.248.91
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26915561&extCr=180662177&extPm=361577805&gdpr_consent=&gdpr=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.91 Neukirchen-Vluyn, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 18:38:02 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: So, 03 Dez 2023 06:38:02 GMT
X-ET-Code: 0
Content-Type: image/gif
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp: 1119
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 264E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a0ccc9dae59ada651eb12e1480d7ddb1ab5870903c59b1fa4b709a26b6b605

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame A12D
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEB_uTgH0jCE-oKa4dz0eu5E&google_cver=1&google_push=AXcoOmSu63VuH8CFcJ5VwT_is8QPilvTSYpKqgzhHOcgXvIMG_jJrfFmzVo3i8mCxxXt0QqRkfTMmDuViRcUXo2Nv4-gji5YlFGes...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB_uTgH0jCE-oKa4dz0eu5E&google_cver=1&google_push=AXcoOmSu63VuH8CFcJ5VwT_is8QPilvTSYpKqgzhHOcgXvIMG_jJrfFmzVo3i8mCxxXt0QqRkfTMmDuViRcUXo2Nv4-gji5YlFG...

43 B
401 B

232ms
213ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB_uTgH0jCE-oKa4dz0eu5E&google_cver=1&google_push=AXcoOmSu63VuH8CFcJ5VwT_is8QPilvTSYpKqgzhHOcgXvIMG_jJrfFmzVo3i8mCxxXt0QqRkfTMmDuViRcUXo2Nv4-gji5YlFGesJY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSu63VuH8CFcJ5VwT_is8QPilvTSYpKqgzhHOcgXvIMG_jJrfFmzVo3i8mCxxXt0QqRkfTMmDuViRcUXo2Nv4-gji5YlFGesJY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:03 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82fdeca4b9d6365b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:02 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 453
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB_uTgH0jCE-oKa4dz0eu5E&google_cver=1&google_push=AXcoOmSu63VuH8CFcJ5VwT_is8QPilvTSYpKqgzhHOcgXvIMG_jJrfFmzVo3i8mCxxXt0QqRkfTMmDuViRcUXo2Nv4-gji5YlFGesJY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSu63VuH8CFcJ5VwT_is8QPilvTSYpKqgzhHOcgXvIMG_jJrfFmzVo3i8mCxxXt0QqRkfTMmDuViRcUXo2Nv4-gji5YlFGesJY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82fdeca37832365b-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A12D
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEM_XupZtoAVUnIcsJK4Mofw&google_cver=1&google_push=AXcoOmT47FeauhnBvVqegB3XPuYGsMN_lVd-KLXDAU-2p72b6kQzMNneX8mtAuJE_ZshHBYrJbWpgvm33P6OY2ijQM0vvhHth7h2MNs
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=434D74CCF3A847F8B76C104000EE2E37&google_push=AXcoOmT47FeauhnBvVqegB3XPuYGsMN_lVd-KLXDAU-2p72b6kQzMNneX8mtAuJE_ZshHBYrJbWpgvm33P6OY2i...

170 B
188 B

32ms
32ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=434D74CCF3A847F8B76C104000EE2E37&google_push=AXcoOmT47FeauhnBvVqegB3XPuYGsMN_lVd-KLXDAU-2p72b6kQzMNneX8mtAuJE_ZshHBYrJbWpgvm33P6OY2ijQM0vvhHth7h2MNs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628681813&bpp=1&bdt=1465&idt=0&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 03 Dec 2023 18:38:02 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=434D74CCF3A847F8B76C104000EE2E37&google_push=AXcoOmT47FeauhnBvVqegB3XPuYGsMN_lVd-KLXDAU-2p72b6kQzMNneX8mtAuJE_ZshHBYrJbWpgvm33P6OY2ijQM0vvhHth7h2MNs
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 02 Dec 2023 18:38:02 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A12D
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBi3JC7gc5nHWoIdsnEZisA&google_cver=1&google_push=AXcoOmRMgP20ys6NRtKOhW710B3j0kLbItB56uX_s4xsldMCpMLGUugcmUsVwdkH43fEWDyKwbEaq-q0zwh1Du...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwODQzOTUzOTE1MTU5OTc2NQ%3D%3D&google_push=AXcoOmRMgP20ys6NRtKOhW710B3j0kLbItB56uX_s4xsldMCpMLGUugcmUsVwdkH43fEWDyKwbEaq-q0zwh1DuMnBq...

170 B
188 B

33ms
32ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwODQzOTUzOTE1MTU5OTc2NQ%3D%3D&google_push=AXcoOmRMgP20ys6NRtKOhW710B3j0kLbItB56uX_s4xsldMCpMLGUugcmUsVwdkH43fEWDyKwbEaq-q0zwh1DuMnBqHhKjht1akPiCc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628681813&bpp=1&bdt=1465&idt=0&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwODQzOTUzOTE1MTU5OTc2NQ%3D%3D&google_push=AXcoOmRMgP20ys6NRtKOhW710B3j0kLbItB56uX_s4xsldMCpMLGUugcmUsVwdkH43fEWDyKwbEaq-q0zwh1DuMnBqHhKjht1akPiCc
Date: Sun, 03 Dec 2023 18:38:02 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A12D
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEBp0St9gCNL1u9-jtxqiAmA&google_cver=1&google_push=AXcoOmTf2e8fY3DJuDd6MxkyfbKfDDWB9F5tMQDt2ZpyLsHkKxJ_SwPHHrftVEdzaA2NtmP0tcTnM35V7Y8-kuB1...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=IseM2QloRxUoJQiKcOqpng&google_push=AXcoOmTf2e8fY3DJuDd6MxkyfbKfDDWB9F5tMQDt2ZpyLsHkKxJ_SwPHHrftVEdzaA2NtmP0tcTnM35V7Y8-kuB1IkkLJmCMhAnr2Qw

170 B
188 B

33ms
33ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=IseM2QloRxUoJQiKcOqpng&google_push=AXcoOmTf2e8fY3DJuDd6MxkyfbKfDDWB9F5tMQDt2ZpyLsHkKxJ_SwPHHrftVEdzaA2NtmP0tcTnM35V7Y8-kuB1IkkLJmCMhAnr2Qw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628681813&bpp=1&bdt=1465&idt=0&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 03 Dec 2023 18:38:02 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=IseM2QloRxUoJQiKcOqpng&google_push=AXcoOmTf2e8fY3DJuDd6MxkyfbKfDDWB9F5tMQDt2ZpyLsHkKxJ_SwPHHrftVEdzaA2NtmP0tcTnM35V7Y8-kuB1IkkLJmCMhAnr2Qw
x-host: tde-deliveryengine-production-6987bbc57b-b4p7g
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A12D
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOZWxC-BmkSg-_kDOorz2es&google_cver=1&google_push=AXcoOmSx5VKxLAMRlyPPnHl8jH89MEQZSwBv0x8LwoYIFPM9LhozKlPY2va53OLSX0_YTYpIyZ3kEOHMMXiArsGUlI3JnLf...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSx5VKxLAMRlyPPnHl8jH89MEQZSwBv0x8LwoYIFPM9LhozKlPY2va53OLSX0_YTYpIyZ3kEOHMMXiArsGUlI3JnLfBoi5PjNg&google_hm=eS1IMjRSd1V0RTJwSG5...

170 B
188 B

32ms
32ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSx5VKxLAMRlyPPnHl8jH89MEQZSwBv0x8LwoYIFPM9LhozKlPY2va53OLSX0_YTYpIyZ3kEOHMMXiArsGUlI3JnLfBoi5PjNg&google_hm=eS1IMjRSd1V0RTJwSG5XbmkzTlNHQVdtTGl3aXNEenZaUX5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628681813&bpp=1&bdt=1465&idt=0&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 03 Dec 2023 18:38:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSx5VKxLAMRlyPPnHl8jH89MEQZSwBv0x8LwoYIFPM9LhozKlPY2va53OLSX0_YTYpIyZ3kEOHMMXiArsGUlI3JnLfBoi5PjNg&google_hm=eS1IMjRSd1V0RTJwSG5XbmkzTlNHQVdtTGl3aXNEenZaUX5B
content-length: 0

GET
H2 200 trk
ag.innovid.com/ Frame A12D 43 B
297 B 407ms
34ms Image
image/gif 2a05:d01c:1d8:8100:9449:420b:1a77:b906
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEOvMIb0EYEzgxGeg79LxiE0&google_cver=1&google_push=AXcoOmTvFbGuWIhe5yO4gIzPMroaQfIs85zQzK32_A4FLHwHfjAppBf3wfaLJzW5oMtyLWcs5d6KsdaKNE6dbKDNBHjzRhw0ke6O6v0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628681813&bpp=1&bdt=1465&idt=0&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:9449:420b:1a77:b906 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 03 Dec 2023 18:38:03 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A12D
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGT6bTXrGhgfu0P4z2J_FNE&google_cver=1&google_push=AXcoOmRYsbkuiJ73VWscyxGLhO9TdI7xz2fMVclZJydC8OVApJSMQY3B4Xl5UfKqa3sO88rCzpawvLE5sAa6...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRYsbkuiJ73VWscyxGLhO9TdI7xz2fMVclZJydC8OVApJSMQY3B4Xl5UfKqa3sO88rCzpawvLE5sAa6BghUAENSXy5BgB34CDA

170 B
188 B

32ms
32ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRYsbkuiJ73VWscyxGLhO9TdI7xz2fMVclZJydC8OVApJSMQY3B4Xl5UfKqa3sO88rCzpawvLE5sAa6BghUAENSXy5BgB34CDA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628681813&bpp=1&bdt=1465&idt=0&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRYsbkuiJ73VWscyxGLhO9TdI7xz2fMVclZJydC8OVApJSMQY3B4Xl5UfKqa3sO88rCzpawvLE5sAa6BghUAENSXy5BgB34CDA
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A12D 0
12 B 29ms
29ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JlN9VsiE8l3x-tYFNrr6OHDT7d0EqStxKxtt0xslEiNY8tyo8HgL6XQa99TYE8jMK_GSpy

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628681813&bpp=1&bdt=1465&idt=0&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:02 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 tag236618 Show response
ads.revjet.com/ Frame 3A6E 245 KB
40 KB 48ms
48ms Script
text/javascript 5.9.137.78
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/tag236618?_plc_id=111756827&_key=5e0&ct_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwtTVCMtsZbaGO76evcAP8suhiA2n3YC9dOesgYfHEejQ74CZAhABINTHmpcBYJWCgIC4B6ABuayQiynIAQmpAocWcjmKQrI-qAMByAObBKoE4AFP0MaP8GfZCSP9hRD8N6eRTsbmSTlktq_6dSLmD8cdv6bxDHI8fYFQzkbFGktAAnetMQ8h8S-uqkfsePQ1OjdIvkKV-EtuhbaHrfBr41AXhbLlZS-HqhgKbev6ImHN3-4miaXBzpZ-6XM2TijLZpmgbyHEAN28cWZU6gxlXrO9wL70c3297FZrstgBmU5R0a2T-RtEtLzFfYR5J5Mz0rAZ9MwBUx3kvdoZhU8V8CvknD-XQyqwzdTyP91Z1jKw_70cGmJGsjUOfkfhjHjTU9o1tQzxa_-Cgv0ac3Z3SgZKu8AErtfYuawE4AQDiAWDqofWS5AGAaAGTYAHueTg6gOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljVhr7o9POCA4AKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQKsurECu7uxAqoNAkRFsBO0w9QV2BMNiBQF2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNhP534Q83BqzHnsGlFxf2z0X_-LIlPbr-k8f_B6-ZfMEPgo94QZBmLlDgoe7J1hGYB4sxx-fLrnaoI4Gg00yVYLkyeeKNM_DTBUAYAQ%26sig%3DAOD64_3APh6aywiRX0TjiWcZw1-1z7BB9Q%26client%3Dca-pub-2920555573584698%26dbm_c%3DAKAmf-A6NyPD_2jzHMd6tDZvRgfHaZ0GpftP-XO3tj3ZBluIQ_DwzdoolIxMSZa2aCkx6dRZpGdUq6MbaNekd1T3f_bEkYU_9raS4aBt5PYnXPVjr5Vw9FW85iqPYQ4QK93GCtmrtoWpP5I7DksSSe5NReq6TX8blQwf7FhIWJ6loDt958-B_dQ%26cry%3D1%26dbm_d%3DAKAmf-AfOACO8wxWuxp_FjOI8-b_zbMnLYXE1NmrGjIafe4L70VmOmnPDww9xRD4GVZhZgEXTbOUDwgx--Q7chru32hAmpTJfI5AKWvYvLDTJSZWSyrtHPAPo2CrJOjMNNpBq_NvMyq_m5CeE9rouesxR6_gY43ZyYLemTjLBvEY2O_OiE8nxW8H2BUE4F7mefyFFu9M51SmyCM55nyEWquv0_iUwgGoxZ_XPHi7gsXEVqSknU4MgIC9t1q_V8wY9-1JRR7F015ZnS1Uzg4SpH0HTVWEZeKZ5hbK1QKj1Tg7MoVuNB7VPjgnjnxIzYN5JaM7wXDV5ADuXa4Y_e5Hu3cAfo3aixYiw-VQY8aaQ8rj10EsOh2m7GgmG86adLXtthqkwTofRotQk4h436RCLbUS2QxhSm66Zr7FCWe2VaOl3UanMILIe_HFq2951CJmxTnWxzs8vZMuTStEy4MWLbbfXJkgIwt-ncghbmRZ5VIl2MVnLH7H9WXsV4ElUr62NIKqY_k0l31Y8mxDduecldtXaHvCa5qLkRrLmwA-y6YSyC3WNxEBEfs%26adurl%3D&dv360_cmp_id=20313134339&dv360_li_id=1013234045&dv360_crv_id=467101067&jsonp=REVJET_TagObj_1.onLoad&_js_site_page=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231129%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-0-%26adk%3D1812271801%26client%3Dca-pub-2920555573584698%26fa%3D1%26ifi%3D9%26uci%3Da!9%26btvi%3D5&_js_site_ref=https%3A%2F%2Fgeocult.ru%2F&_js_device_w=1600&_js_device_h=1200&_js_gtx_id=766d4d21cb078ab7855_1701628682700&_js_tag_freq=1&_js_vis_type=8&_js_measurable=1&_js_imp_banner_number=1&_js_imp_offsetx=0&_js_imp_offsety=0&_js_imp_vis=1&_js_sf=0&_js_fif=0&_js_imp_banner_topframe=1&_js_embd_tag_id=revjet-tag-0&_js_ao=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fgeocult.ru&_js_imp_banner_creative_attr=banner&_js_imp_tsver=3.5.2&_js_tstamp=1701628682707
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.9.137.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.78.137.9.5.clients.your-server.de
Software: nginx /
Resource Hash: a1baa67795417feeb2ea6c9b9492e29e8ee73598b68f8a15dafee2f173e7ec62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:02 GMT
content-encoding: gzip
server: nginx
p3p: CP="CAO PSA OUR"
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform
x-server: ip52725
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E3B6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

37ms
37ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628681813&bpp=1&bdt=1465&idt=0&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 18:38:02 GMT
expires: Sun, 03 Dec 2023 18:38:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 18:38:02 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 898C 0
20 B 183ms
183ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BsIrzCstsZZKoB-7F7_UP1-yBOAAAAAA4AeAEAg&bg=!cHOlczzNAAY3kmNgF5I7ADQBe5WfOGme0iat3y1fw5Vsbd8z_h7c5KgLg_A8hYPIV0xvIVsHYym-kQYPOLAEz9cvYIv4AgAAAH5SAAAAAmgBBwoAZd9bu9BWcGADPqN0xqLZ7n0rabDkhr076TqyV0u2bRmN9-Jiec8GJUKA3Lg4B2OSn3fgOGO9ilprWM-eXGnRxXzk4vyrAeoqIo4z9kbaaY0vfSisnyG8R4NpUp4APTXLDZvTYa1emQLzEm-_WIdVoOOuvb_b7at4Ked-CO1RJB68OcrFhieoIHl00r5qGWGRLcU6Q1Yu84tLPhyTmX4s3X0FNBd_QlW3GGALyc3aL6PEgCGWi_98BNYrsZG06yDk8sQtPTQV6186ve_raYl6vjuX5F0UsOQdnZx4JoxFEM0vIfze-s4ESsXwsyHoYwqchEO_uyAw-FoYc1_SLD-v6y4ONIIaRALK90Qtwqvckqmz_4TyE6X3cuh11CEsr05inn-k1F4tOBTjL-nQskKWfMBkyxWiZm8isMiH7zgIxYwMCLusqfYMUuHGUlDVEDow2tRJ5JbLxvA7mn1H_xCLAcdrSMLpHfaO8MuKosXCEnqqeyOcz-t5mFrGSg5Q5hsPE6qaKlUlKc4I5PYkBtLBVI69cYLajSPJJ2Y8c14BIexCCG_ixrTHf3zka_lFA7klwXxbtbHlZl3LdYo18kFb1ChKFHcEP0fgkUpegySof7XDOzrS1622RIBpNmNfRF6YExHCksmzq7m_HHDxbxUL1PJ6XFFQnjLNqFz15pGEnyY6V71Ym0Rkxz5VrEYRfxzh5q2_pvopx8tEbl8GEeR_Bedl7-FaBPpXiaZ-t5h2nsLdKI5WXNogNciyyGparRHfZlHqMfRdWhlOizeYRMx_JO-7z7EbsAfHoFuQg1WqS3I-8ez9TFbu5D-4kxznzMFoVgiS8FRMTleAFmT-Eehq44ASzPuIHU3fu6IjmS8CDNpfUg-shwSPWXbm3nvKjVSYcE-9BdFOxwrDj133NbPP_zH8AXMeBB8ETiQFpYBBFfFrIrmAFLpn3cXysv3Ilk9woipy6s2cLdKBFHBEwUrd_1dukX8euJ-qK1gz519zZbMjUKUHDXcXF22qv2TwPCzTfYNy1j6bvRJSo-qhjd34mxJ1MJBmoOcScR9uvfm9aNGTnabpPgHytbIKWeEfA7z8ooHKt9YFkTmTs6wfbM-a0DV2taGbxQBD8s37BE8pSXbvkJQ1Muk4X6iG3RA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4AF4 0
20 B 164ms
164ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BnfGHCctsZYrIONjptOUPnNmZqAoAAAAAOAHgBAI&bg=!pKelp-jNAAY3kmNgF5I7ADQBe5WfOPRSbG-Zi76XNU-Q5YOu2gJzQPoYU-NyAcDJSGyOf-wwxKKymXV2ve42c6CK7py2AgAAAFRSAAAAAWgBB5kC_p-5m_LUe1Ax3xdQJU6Urbl1bzwvqyFqFGcjIiwzKL6q-WU333lv0Qxm5o_Pal5yFkZsyhA1SziFC2YbvaEMxF0qerO3f1BSHbxSuH8SEbvL1gsmEEphlmAM9OU_7YAy9lz6cWjCk51e3Ii8_KTLZuoMnwgjWc5J28rG56qwhRmooqLACzwLz2APus0tgWKmPJPZ604iv8PJPixCHUkmK5jFgQYfru5b0nw5AM-xY6NuYZWB2Eovl58bkFBylRfpqvnDDOayh2SnakmztseLn-tXCrEoyFkjHxFw1Rer8v_-Dv8-c4wmgbCD4uleBzYYmjBbXWsuq5zC-nJexgnmK_6uDBeeiAc5MuJ6xWGu_rfd4qYWZBf-Xk0MXk8xpLnWolAVOWtEJkClyRG14X0oXCZu0LeJt8M85nMnNwnBeBfN2YvFLRy21bRXSSmWIaX3YFUb8sc-cn2MRQRGTsss_Nkw3Ok7mCNmDg3e07vvb-JAQj52BjX5Luk6UWodkdhmYCWV7cihmT1GM43IPsC6NmH7cwNL6n9uC4etFqYSabZutSUuTzEBvO2byhbLw_z1EuB-Ej-xUvqDqABmlUuINr6TKPV1WTCyj3ne7uLP-JARhgQJYyMQ4XvXGSEsMAjA_0twVQlnbUvfRqPIMuY345NRJY-HdOf1ViF0WjgdBm78n5LcKXeRoq4NZl377gtUFG_PYhzkgLXWrUHM8XaQqQEbt7D6EfGZRk26jt1cFX9HHfbWMFrNSJMNb0r-X1-uk-xhl2uMONeEJfhFs3tSjHB4kyDXQoG5s0pAmQ2l6-cwl1qb5qYC-PwN7t95rAo4TVgIp1I5YKO0Ehv1kewcm39oXM34X--SgPyahomy9MrLBDwt47ejQiZFPCspjjQ4AZSjmaT0g8x495Jt2jJK4oUEWysf2EolUWOa_74E4f_5Gg08nAVBzNVTwVRuMyTHbvZeAdyYNXsMSrN9YvKNleytK0K0mZyPOsHZKgirwpmKNSgQeotjmtjRJy4s3QY

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 elements-2.10.0.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame CBAD 167 KB
49 KB 134ms
66ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.10.0.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67DF) /
Resource Hash: c3958950542c3d4350757a80f8b16785b6b72aafcccaa6deca82bb70b8be692e

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:02 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 14:15:13 GMT
server: ECS (frb/67DF)
age: 123
etag: "64ecabf1-29d9b+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 50474
expires: Sun, 03 Dec 2023 18:48:02 GMT

GET
H2 200 999
pix.revjet.com/interaction/ Frame CBAD 43 B
170 B 106ms
27ms Image
image/gif 46.4.76.120
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/999?__ads=8a6a2c33f0b5d586b6aa93448ca2450e&__adt=8240602211872583131&__ade=1&vid=5075460041024807392
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.76.120 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.120.76.4.46.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 03 Dec 2023 18:38:02 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 lifestyle_optimized.jpg
cdn.revjet.com/s3/csp/1671558630301/ Frame CBAD 33 KB
33 KB 24ms
23ms Image
image/jpeg 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1671558630301/lifestyle_optimized.jpg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6712) /
Resource Hash: 3e1406c94587637a7460b7a2089dc1db426ce759c728f4a5479215e1f9360a8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:02 GMT
x-amz-version-id: GWmWzsiL4gZfS8p3bOBsR38yaINgc04d
age: 75954
x-amz-request-id: 76K1RDZQ4DS0XSH1
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 33574
x-amz-id-2: Eez2U/JKikBGxsGR+HAy6ESshmaAJNMpObbpVst5vWSyfFRN50MyKU53XakOEWeV91KaVqm23Fo=
last-modified: Tue, 20 Dec 2022 17:50:32 GMT
server: ECS (frb/6712)
etag: "432e30fdf56b7e1babca672b7e5398e9"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Mon, 04 Dec 2023 18:38:02 GMT

GET
H2 200 gallery-2.1.9.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame CBAD 56 KB
15 KB 25ms
24ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/gallery-2.1.9.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F2) /
Resource Hash: 4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:02 GMT
content-encoding: gzip
last-modified: Tue, 17 May 2022 16:32:04 GMT
server: ECS (frb/67F2)
age: 139
etag: "6283ce04-df39+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 15443
expires: Sun, 03 Dec 2023 18:48:02 GMT

GET
H2 200 logo_word_black.svg
cdn.revjet.com/s3/csp/1662732637080/ Frame CBAD 3 KB
2 KB 42ms
41ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637080/logo_word_black.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:02 GMT
content-encoding: gzip
x-amz-version-id: 6dP9WoKtkjdaRlsO3V7DUipbqdCKLzpR
age: 70982
x-amz-request-id: X7PE7RVBM2DMMJ9W
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1556
x-amz-id-2: pAQ0YOMquYPJcRT96W1nfpJJrEFfcWFQ/3ta9fVxn6fYHpWxk//+/m2pR0WUSdZq4hvg/qZfjfo=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (frb/673A)
etag: "4e3f110ca066e6b8dc4a9827ae6e6f50+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Mon, 04 Dec 2023 18:38:02 GMT

GET
H2 200 logo_mark.svg
cdn.revjet.com/s3/csp/1662732637087/ Frame CBAD 632 B
627 B 42ms
41ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637087/logo_mark.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674B) /
Resource Hash: b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:02 GMT
content-encoding: gzip
x-amz-version-id: zSXLBJjIwslgGmxmaRmaJDS_oPpkgt8F
age: 75958
x-amz-request-id: D1HQFMHVCZECRYT7
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 427
x-amz-id-2: Q8F3s6vLjBFRUIXs8/bY51VREbfWejAKh7NKvs6w7/elqgMOawzT7sHztNGTkQM1YMSuFa64DXU=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (frb/674B)
etag: "e55996d0b9b8b1e1bba2e8168cf0d3a1+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Mon, 04 Dec 2023 18:38:02 GMT

GET
H2 200 Logo-Wordmark-White.svg
cdn.revjet.com/s3/csp/1680256735421/ Frame CBAD 7 KB
4 KB 43ms
42ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1680256735421/Logo-Wordmark-White.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A8) /
Resource Hash: 63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:02 GMT
content-encoding: gzip
x-amz-version-id: AwNg3pZ_b3UTO1Gv2fLqLaH_CNFtNLJM
age: 73623
x-amz-request-id: FXC9YKDXSZ0GRBM9
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3628
x-amz-id-2: KrT8L87yZgDZGG4oTDbn7mjSeXvUiR1WkN5V8Tiat+ewMCUEfhkKitZDf3qMW0kNsKhtZpav6ok=
last-modified: Fri, 31 Mar 2023 09:58:57 GMT
server: ECS (frb/67A8)
etag: "6802dc95d8e5a742e4e3e3e09650a7c7+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Mon, 04 Dec 2023 18:38:02 GMT

GET
H3

200

B29257362.357498769;dc_pre=CNLrtun084IDFVkx4AodCPMGhg;dc_trk_aid=548521423;dc_trk_cid=185777388;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1701628682740
ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/ Frame CBAD
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29257362.357498769;dc_trk_aid=548521423;dc_trk_cid=185777388;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17016286...
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29257362.357498769;dc_pre=CNLrtun084IDFVkx4AodCPMGhg;dc_trk_aid=548521423;dc_trk_cid=185777388;dc_lat=;dc_rdid=;tag_for_chil...

42 B
63 B

41ms
41ms

Image
image/gif

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29257362.357498769;dc_pre=CNLrtun084IDFVkx4AodCPMGhg;dc_trk_aid=548521423;dc_trk_cid=185777388;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1701628682740

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:02 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29257362.357498769;dc_pre=CNLrtun084IDFVkx4AodCPMGhg;dc_trk_aid=548521423;dc_trk_cid=185777388;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1701628682740
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 162455845.woff
cdn.revjet.com/s3/fonts/162455845/ Frame CBAD 470 KB
470 KB 80ms
23ms Font
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/fonts/162455845/162455845.woff
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6727) /
Resource Hash: 6d7416c9352e4b00c83f1dcf6964c89586d517e10fe4806a9da14abd0af76f35

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:02 GMT
x-amz-version-id: kVq59ccinPiVDgarv_TkFQgofQrkf2s4
age: 73623
x-amz-request-id: FXC6JK0KPZTPJ48C
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 480984
x-amz-id-2: WK5jEdrXeSJmJWY+CVswD4lBM0CgaWDWK8fJuJF18ww+n932pEjeNSzRz4+ZMkeVk98a9YbLzR4=
last-modified: Thu, 16 Nov 2023 19:47:31 GMT
server: ECS (frb/6727)
etag: "a7d9ee6baf67661e8e26d1e5c04f7fd5"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Mon, 04 Dec 2023 18:38:02 GMT

GET
H3 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame C056 113 KB
38 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=UDrzxuizy5&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=UDrzxuizy5&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 03 Dec 2023 18:38:02 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame C056 118 KB
40 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=UDrzxuizy5&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=UDrzxuizy5&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:12:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51929
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Dec 2023 04:12:33 GMT

GET
H2 200 GeorgiaW01Regular.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/Georgia/GeorgiaW01Regular/ Frame CBAD 33 KB
33 KB 77ms
67ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/Georgia/GeorgiaW01Regular/GeorgiaW01Regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6772) /
Resource Hash: ec0252ba8694b474f3b887ffe91c07341280451a177944d79ff2a94d877a07d5

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:02 GMT
last-modified: Fri, 04 Mar 2022 15:24:09 GMT
server: ECS (frb/6772)
age: 113
etag: "62222f19-842c"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 33836
expires: Sun, 03 Dec 2023 18:48:02 GMT

GET
H2 200 162453298.woff
cdn.revjet.com/s3/fonts/162453298/ Frame CBAD 13 KB
13 KB 76ms
67ms Font
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/fonts/162453298/162453298.woff
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6795) /
Resource Hash: 489c8bd821038a9ce8f643de824f6a507c68e3a4e024fb56209d7b9464134036

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:02 GMT
x-amz-version-id: .Is8JR1jYDeMhMM7ZjPhsnsyUTdaBiJa
age: 2787
x-amz-request-id: VK76XSH9NR0NT8FV
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 12940
x-amz-id-2: Pw1rLnytn6WgBqOgzXfQNstFtq7HsxZ2oUV/QdIyTSMIT9UO3tey7c6dVUpnnyhcS7o1GNz5R1A=
last-modified: Thu, 16 Nov 2023 19:31:22 GMT
server: ECS (frb/6795)
etag: "31b663ffd91c821398bdd07236df4b22"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Mon, 04 Dec 2023 18:38:02 GMT

GET
H2 200 arrow_grey.svg
cdn.revjet.com/s3/csp/1662732236308/ Frame CBAD 286 B
457 B 23ms
22ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732236308/arrow_grey.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674C) /
Resource Hash: d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:02 GMT
content-encoding: gzip
x-amz-version-id: xvWQ2m3sdbfn_7tiBj4ob78SzYdaK8j7
age: 75957
x-amz-request-id: T00JMZX85MF1ERCS
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 237
x-amz-id-2: 4Qhum1rRSTiaIoIhvp5EJdzc8/vNgKOzauEeTkV2Uvd7pXfbFVdgSV/t7KLNMuspYgcqN1Gfp/E=
last-modified: Fri, 09 Sep 2022 14:03:58 GMT
server: ECS (frb/674C)
etag: "7744a5e73070172a2534ddcbd966d020+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Mon, 04 Dec 2023 18:38:02 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 264E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CoiCyCctsZYLGNaKKwuIPnIGdGNDJhMd03r32x4YSwLCA7JACEAEg1MealwFglYKAgLgHoAHPr4zMKMgBAqgDAcgDyQSqBLcBT9A8Lmc6ZWaHoAK_l2sWKKHN2vx0xmjJBchup85PKimTnZu...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225629869434650138123%22,%22debug_reporting%22:true,%22destination%22:%22https://silksilky.com%22,%22event_report_window%22:...

0
0

100ms
56ms

Fetch
text/css

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225629869434650138123%22,%22debug_reporting%22:true,%22destination%22:%22https://silksilky.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210897004495%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227226873452633400657%22}&andc=true

Requested by

Host: geocult.ru
URL: https://geocult.ru/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:03 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"5629869434650138123","debug_reporting":true,"destination":"https://silksilky.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10897004495"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"7226873452633400657"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 03 Dec 2023 18:38:03 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 03 Dec 2023 18:38:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5629869434650138123","debug_reporting":true,"destination":"https://silksilky.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10897004495"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"7226873452633400657"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame D97B 50 KB
19 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2920555573584698&output=html&h=600&adk=1636830882&adf=2917673112&pi=t.aa~a.1663485022~i.5~rp.4&w=266&fwrn=4&fwrnh=100&lmt=1693404896&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4703721224&ad_type=text_image&format=266x600&url=https%3A%2F%2Fgeocult.ru%2F&ea=0&fwr=0&pra=3&rh=222&rw=266&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701628681813&bpp=1&bdt=1465&idt=0&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600%2C336x280%2C336x280%2C266x600&nras=3&correlator=5479008603756&frm=20&pv=1&ga_vid=34548475.1701628681&ga_sid=1701628681&ga_hid=22708617&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3771207407807004&tmod=2105626493&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:49:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 337697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 20:49:45 GMT

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 22EE 0
0 60ms
60ms Fetch
image/gif 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsu0JHATsrIfBcX9GOTH_x8rY397umhC4Nicxx5kfMOBrKaOY69z0SU8aCPgAgy2s6yBqEcj4PNZoZUvyP3HLlw6lqLMSJA67pJT4nVEJu8m0vE845KQ2m-vWJCoBS7GQETVnGGlA2EXU_xbTuFuxEEwvFQ801DqgJgp08UAjteevyj0OyP6zwLKVB460bQH6vb1coH3y-uvuiqEzNAgj1StXG2iYX3msPcwmwusLuYhmwEP2TQGkfRfyAyltR_QTYfH66hssa0cwJqCjSvI8G3M0NHMc48i8MFhxLVMbkLEN6jY21eDnoBeGwpvFc3h4qZuGi63Oyukqn9g4Vhe83651TOZjA-0iEq5JRqGJLSrqvpDsfK6KatmKrboIONQpJgL8mnxyUicOB5PRwcD0lvbYioFHUjRfTw9_Qv1_RhDl_auorLrUaUewrJ4HxDA7dHziLS6j-KN6J9jx1p_bpBBWw43vL9k1HoFM-OIFa6k-EqFC3OODPQJNCIBKvoL0TR9NdzjyCgHQ32Zlh8VO254ucK988VrUdO-DCjLE1Mwt_zJyP1ijMbvOLawz_Myhv3itDSQir3b_ykFo8nVafOz2gzcSljD6YtqZ_x4DYJp-iG2GSN0-8GUQJIcKxHTKT6Fyu6zRFxMsuR9i8H6g0djbYLLN53mo_LaqhC8dESec2iyEY-Am_t3bKenvY6EN3qMf1L2TznsZLFESusJWfyeerKjufhveU8LrXfWJ0FRcWIMzyrnHjQrEooDhZ487MI9DtX7qHx7CeA3LxdaxoEL0lST23wIZOCP72t57Zt1WK-s9bHh_WGKtqNjy8mAA5Br6LyusuD8i1t7GUCdvQHouDdXBlnIJ272UGOfRRZTqDU9Fxpx_vV8LA0ITp_UIbI77Rt_EOXug38RlMnFh1h3mWYeeAnxZ2LX7MD1dp3PGNrC77H_btiiXJp0T_voh3efmc3KyZlXjPPwaC-KxjjC762dzIeDNy0slCXJWvhpZ_ZIW6hjnSJF_UyurgsFMiWs89KNu4Mam74PevSp4Wt96DiLLWTdUOEBqVa79YIUfvrJf1WfxzuQTa972FFuwKZE3TTcslIRnGGOalJ7YL0BOocNrYYDn9MHGNrvhShDQufqWmopvPglPm9U7fYSHAaNkkuXkjSiwmewZnZP9ucQVlbVcJ6F7lBwkEe3fT_AmF2RNnhWXJVWKi6N2XIvVmrjCOvxRQa2O3gTULNsWAdTfzBG3WoV98bTQCNkKCt5qfZE5UkLDCvbC6R_RxrbXnqCqTRkzwZFuhD4myCulSYxEB8Y6Bi4FDzDvLUqbAIrGib8qXx66dvvFsWvmQ0-9vXMTwdG0I_jty4Ccb8jOrGLn9TyVg&sai=AMfl-YSST1vg3Xqtkisx-ByXsLdZGo3jWsyeU5DYx37L0TBd5A__YkNeMnOuOuNBK28Rha2SzRD1gq5csHDf8L0RzzBlaEycekh7Xroz5-lHdHKiTleT9SRKFy0rzDJ1bD5J1zwlGglFMEMMXO8VywZOSHmwJeu8zdt4vzNzz3WndEhLAb47dg552YRXgpZD7dLT_sJjirh9bigX3NpRvHmygsu1y4tJPlwcK6etYXo9dO3htbgoJJg99NC_1jWJMVvaVEYLJJ2Ap_huSRg-GWcTQUaqUsIv09UMWufNJk8tOxxWOTXYCciIHlVyEB2OdT-NYCb_jDUCEYfoPoAVoBigLGzC5_zKiAN5NiSVqSV-AYXWpOM3ydR4epYWQDgMDdi7RBfMSbONmTO36VnJeGgTj8i_VR955qB3wLRWeLRC&sig=Cg0ArKJSzG3lIVrQ6dQjEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sdWZ0aGFuc2EuY29tLGh0dHBzOi8vZXhhY3RhZy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=392&vt=11&dtpt=247&dett=3&cstd=138&cisv=r20231129.93584&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: geocult.ru
URL: https://geocult.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 125ms
59ms Preflight
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 03 Dec 2023 18:38:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 main.js Show response
s0.2mdn.net/creatives/assets/4703545/ Frame C056 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4703545/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=UDrzxuizy5&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=UDrzxuizy5&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1100
x-xss-protection: 0
last-modified: Fri, 05 May 2023 10:07:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 03 Dec 2023 18:50:49 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C056 7 KB
6 KB 66ms
65ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5b515ac2ced9174a3403f8b66c0c594ec6531331a41d698ecdff40cbcf2f899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5791
x-xss-protection: 0

GET
H2 200 1000
pix.revjet.com/interaction/ Frame CBAD 43 B
169 B 28ms
28ms Image
image/gif 46.4.76.120
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/1000?__ads=8a6a2c33f0b5d586b6aa93448ca2450e&__adt=8240602211872583131&__ade=1&vid=5075460041024807392&__clstampdif=214&__stamp=1701628683000
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.76.120 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.120.76.4.46.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 03 Dec 2023 18:38:03 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 1922112233_uc
cdn.revjet.com/s3/csp/1700555557651/ Frame CBAD 402 KB
403 KB 23ms
23ms Image
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1700555557651/1922112233_uc
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6725) /
Resource Hash: 9bcdacd51d877340ac793482e3d9e646e0b986cdb8b5b8e07f7e695ff5309609

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:03 GMT
x-amz-version-id: NhMoGiQqJHZYupFAaOGwE1QjOjXvHvfo
age: 70495
x-amz-request-id: AWWPAGE5AE1VX5Q3
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 412084
x-amz-id-2: vi3nrmdmm6VzTPYyWKObiyoKaNklcQ1kzxxDOhLzocqmDqGI6QZCMmQe7M8apQnljxDcqoGqBII=
last-modified: Tue, 21 Nov 2023 08:32:38 GMT
server: ECS (frb/6725)
etag: "2135a9750bec921af89c6ad917ae9193"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Mon, 04 Dec 2023 18:38:03 GMT

GET
H3 200 160x600_de-de_performance.js Show response
s0.2mdn.net/creatives/assets/4703545/ Frame C056 79 KB
19 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc938f914a45d9704b821d83ed0ac1360240d3ac62d7c60878288c3c67279bc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=UDrzxuizy5&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19231
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 12:31:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 03 Dec 2023 18:45:18 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C056 17 KB
6 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 03 Dec 2023 18:38:03 GMT

GET
H3 200 star_alliance.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame C056 6 KB
2 KB 24ms
24ms Fetch
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=UDrzxuizy5&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2334
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 11:06:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 03 Dec 2023 18:52:09 GMT

GET
H3 200 lh_logotype_single.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame C056 5 KB
2 KB 27ms
27ms Fetch
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=UDrzxuizy5&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:37:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2151
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:41:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 03 Dec 2023 18:52:45 GMT

GET
H3 200 lh_crane.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame C056 2 KB
1 KB 26ms
26ms Fetch
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=UDrzxuizy5&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:26:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 696
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:41:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 03 Dec 2023 18:41:27 GMT

GET
H3 200 NH_D_AP_Pavilion_160x600.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame C056 87 KB
87 KB 27ms
27ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4703548/NH_D_AP_Pavilion_160x600.jpg

Requested by

Host: geocult.ru
URL: https://geocult.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf808e2a55ef3a7ce795e28193bdb130b441b2859bd3eab5120daed9d931e21c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=UDrzxuizy5&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:31:39 GMT
x-content-type-options: nosniff
age: 384
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89340
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 17:00:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 03 Dec 2023 18:46:39 GMT

GET
H3 200 LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame C056 50 KB
50 KB 22ms
22ms Font
font/woff2 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2

Requested by

Host: geocult.ru
URL: https://geocult.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=UDrzxuizy5&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:28:27 GMT
x-content-type-options: nosniff
age: 576
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51548
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 11:46:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 03 Dec 2023 18:43:27 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame BDE4 39 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:58:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Dec 2024 12:58:53 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame B81F 16 B
209 B 79ms
79ms Fetch
application/json 35.177.10.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.177.10.97 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-177-10-97.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 03 Dec 2023 18:38:03 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 172ms
34ms Preflight 35.177.10.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.177.10.97 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-177-10-97.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sun, 03 Dec 2023 18:38:03 GMT
server: nginx

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3A6E 42 B
64 B 137ms
137ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsthEVwOGXsqG25RU5qFfoQrCFaSmd75JGLmtKHJDtvc8fpxsbNZm6D2GVrDXK14LMPL-qlCwBaHY5DlhDcLl87N3lxVcaH0rowHoFG_GhW-dC6PFsPakfurmQgvIul9aqS7iNUxS-uU7FNr&sai=AMfl-YSIbIobd60Th9cSKzRZ3cxGlERahg9ZsSIaqwYcz0RkJoIYg7FvjgRek3RhqcLHpt13YL1nIZjwK_faCTCbWb6hyNXPRhbqmFHVzcRqR_dNKA_hghg-ZgOoqWAsaaMK2dSm85iebO2A3Sl88WGUn0_aNdlKd3hKMW55&sig=Cg0ArKJSzCV4Xh-L1PhuEAE&cid=CAQSTwDICaaNhP534Q83BqzHnsGlFxf2z0X_-LIlPbr-k8f_B6-ZfMEPgo94QZBmLlDgoe7J1hGYB4sxx-fLrnaoI4Gg00yVYLkyeeKNM_DTBUAYAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=508,1000,1000,1000,1000&tos=508,492,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701628681932&rpt=491&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9321 0
22 B 133ms
133ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7534212993708&version=m202309260101&ct=77&x=1&cor=10592661570289953000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A6E 0
22 B 135ms
134ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1922135872645&version=m202309260101&ct=77&x=1&cor=17544258778451517000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 900
pix.revjet.com/interaction/ Frame CBAD 43 B
169 B 27ms
27ms Image
image/gif 46.4.76.120
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/900?__ads=8a6a2c33f0b5d586b6aa93448ca2450e&vid=5075460041024807392&__adt=8240602211872583131&__ade=1&latent=0&vis_type=8&__stamp=1701628684017
Requested by: Host: geocult.ru
URL: https://geocult.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.76.120 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.120.76.4.46.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 03 Dec 2023 18:38:04 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 71ms
71ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

601ef095f13c0778a1c915ab3505cfe2002880068242285bd78f32a8fca54ee8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12203
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 108ms
108ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 03 Dec 2023 18:38:04 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FB8D 13 KB
5 KB 21ms
21ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geocult.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 20352
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 12:58:52 GMT
expires: Mon, 02 Dec 2024 12:58:52 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5C80 829 B
560 B 31ms
30ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a704f0f0fa9a0ffce479a33321bd9896549e23131a804a020a7ecf0b627d1791

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Xyh_jePCOIpPRCRuSRfV2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://geocult.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Xyh_jePCOIpPRCRuSRfV2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 18:38:04 GMT
expires: Sun, 03 Dec 2023 18:38:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame FB8D 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:58:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Dec 2024 12:58:53 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5C80 0
0 134ms
134ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=3771207407807004&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FB8D 0
10 B 20ms
19ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Oj3amQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 18:38:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B81F 0
22 B 132ms
132ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=707200981112&version=m202311060101&ct=77&x=1&cor=2345204573260420600

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 18:38:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 138ms
138ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=3771207407807004&bg=!f3ylfDPNAAY3kmNgF5I7ADQBe5WfOGr5uYwG8p6W0JN_7DtSU1lpFwGjWW2cn3EFOBhIXTPHsOgrtTYQ21DtSVFf8IoaAgAAAEZSAAAAA2gBBwoAIhEyY_fSK71Y_EatL6lffaQSZUJQ7PGkN11ixMQ88eVPmAGZAsXbtZcbf31lxOVuYAmZmLhYb7hyz-p6SKhvNeI_jhHNprO0GDxtcAPNqCIYMYUQQEt2gwoN_7oNdU34XFe_CEvoHnU2tCvN3Ov7Fpa6OJ6e2JYXNf3cH0ZoFV0GJoyNz7jnx8C-VZwj5dR5Mhc_3pM1r2AAO-ArZ0lm3NKpS2dEw3ieKxc8oZ4x-QHvszglviZBHiV9zqzY0iTCCwceF-5kygnhrdLFkCYgOvArJ-D9oiYXZXwIx45pfKi40U0ooOsEs77R9VrNGOgkO3mZHLEbQB0cS07ReDl_xh8HYMvT3PVcUYC8mSMw8TbLiMulwbij6KZqcq7xHBOtkB9bEWVnNWx_6OF0LQPeoHScUSCRBsLHWTVe2VA3DwlREIkvtbRJ_CD-SlysosFB0nroAutcrG7nNW2TcCpZZc2W2nw_ezbivWWGIp230bdZw9h_GnGM5HKZZPsnEWVeq4Ou1Ze2lgdVoLzQ3xqLbuKgf0sVd4RoxCxS6BaD9mTYtPZULCBDpItAGMR_bCRxiVcHyA3IovCuOMZkxzDKL_2M4nshSFN9y6c2qF-QJK8xsqk9qNpbvoEqQ260Y3J68IlXuBfB7DboFFMm_jyf3Voa3VJrsXyswdfwHqBhWAQPzx17WW8ZG5bpCeuiR1e2SbXBfH2uJLcId7rcud9js6x2oC_rFgvclrTJNnpJ7n3bwKaUpYw_76J_lVY54zP2zZ39DhiudLgi0zTNK5wmadC7mPMr3wiisan25R4w1CmDqBONe7JH1d-RhhfrSzP3Nh6pIP9fGUAe-VXkspmStngaCNG6s3MaRuW193kElHbzVAHQZTR7xVUzdmc_nAs7LEur8viyVANU0UeXFNwW3S-kvaMMcDC0dPxFpkzFIwA53e0Ji2H3ArEe6MVAnEOsg8KDCdkud017hqrHlilx5lVpuCY9PXGD-IH9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geocult.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEPiLFGnrl_Ck6xeaPv1Xi0U&google_cver=1

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.geocult.ru/	1970-01-21 02:16:28	Name: _ga Value: GA1.2.34548475.1701628681
.geocult.ru/	1970-01-20 16:41:55	Name: _gid Value: GA1.2.1192455180.1701628681
.geocult.ru/	1970-01-20 16:40:28	Name: _gat Value: 1
.yadro.ru/	1970-01-21 01:24:46	Name: FTID Value: 1bRCi805J38h1bRCi80025mi
.geocult.ru/	1970-01-21 02:16:28	Name: _ga_DHBZR6TRD0 Value: GS1.2.1701628680.1.0.1701628680.60.0.0
.yadro.ru/	1970-01-21 01:24:46	Name: VID Value: 0NA9-Z1NVfeh1bRCi8002Nhw
.doubleclick.net/	1970-01-21 02:02:04	Name: IDE Value: AHWqTUkZjoZbw8Y7vUaRoEHyWVRSabTUrLB8m1XTJ2n2-b9RCfGOJmvA0X3K7xIk
.casalemedia.com/	1970-01-20 18:50:04	Name: CMPS Value: 3188
.adnxs.com/	1970-01-20 18:50:04	Name: uuid2 Value: 1558721484797129177
.casalemedia.com/	1970-01-21 01:26:04	Name: CMID Value: ZWzLCWsfZtUmsOwhCOgB4wAA
.casalemedia.com/	1970-01-20 18:50:04	Name: CMPRO Value: 3188
.adnxs.com/	1970-01-20 18:50:04	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$Oh-Q4N!]tbPl1M>e)ZlrFUfJ+tGXxo]FwJsGBC27PEv[x^=9/UyL(EJc0Pplh+bQGbpRzqF1`b_s=*+i2U
.doubleclick.net/	1970-01-20 20:59:40	Name: APC Value: AfxxVi4kUniqvNmIbOg_0CFxVvEAoaQmNipJZgHZKNHHXW1R02hQqw
.doubleclick.net/	1970-01-20 17:23:40	Name: ar_debug Value: 1
.redintelligence.net/	1970-01-20 18:50:04	Name: 8lcfmzhxc8d6_uid Value: dc9283f1ba7a79ce
.geocult.ru/	1970-01-21 02:02:04	Name: __gads Value: ID=a85390e25698d2bf:T=1701628680:RT=1701628680:S=ALNI_MbpG1ywDLBP7k_8qci2CzSUMoNHKA
.geocult.ru/	1970-01-21 02:02:04	Name: __gpi Value: UID=00000ce29f860eea:T=1701628680:RT=1701628680:S=ALNI_MakYjqPuqoJ4lK7Ns6TqJfWljMNtA
.office-partner.de/	1970-01-21 02:16:28	Name: source Value: {"webgains_webgains":{"timestamp":1701628682250,"clickCookie":false}}
.awin1.com/	1970-01-20 16:50:33	Name: awpv11601 Value: 113440\|1701628682\|16f2cad0-920b-11ee-85f5-22347f548c7f
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: yei31lzm50t4p4r0njho3ske
pb.media01.eu/	1970-01-21 02:16:28	Name: DTU Value: 59D4309A43C39295CB408B9598DBABA5
.retailads.net/	1970-01-20 17:23:40	Name: ppb2172 Value: 3361161782
.awin1.com/	1970-01-20 16:43:21	Name: awpv11830 Value: 296283\|1701628682\|171965a0-920b-11ee-825d-22629e669530
.futalis.de/	1970-01-20 18:06:52	Name: raSIDb Value: 3361161782
.quantserve.com/	1970-01-20 18:50:04	Name: d Value: EHsBCQHJKoEA
.quantserve.com/	1970-01-21 02:10:43	Name: mc Value: 656ccb0a-94123-732c2-2fcc0
.awin1.com/	1970-01-20 16:43:21	Name: awpv11671 Value: 296283\|1701628682\|171c72e0-920b-11ee-a3ae-223050cf75aa
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 344795:2229232
.w55c.net/	1970-01-21 02:12:09	Name: wfivefivec Value: 71gjdLyY1R9RlU5
.w55c.net/	1970-01-20 17:23:40	Name: matchgoogle Value: 5
.revjet.com/	1970-01-21 02:16:28	Name: trx Value: 5075460041024807392
.revjet.com/	1970-01-20 16:41:55	Name: ads Value: 8a6a2c33f0b5d586b6aa93448ca2450e
.travelaudience.com/	1970-01-21 02:12:09	Name: _tracker Value: %7B%22UUID%22%3A%2222C78CD9-0968-4715-2825-088A70EAA99E%22%7D
.adfarm1.adition.com/	1970-01-20 18:50:04	Name: UserID1 Value: 7308439539151599765
m.exactag.com/	1970-01-20 18:50:04	Name: exactag_new_gk Value: c28d3902a3134063937720b7581ccbe4%7C01.02.2024%2018%3A38%3A02
m.exactag.com/	1970-01-20 20:59:40	Name: exactag_new_uk Value: 05dc5a3aec2a42c0b23262dec66b33ea%7C
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 9afc67588fcc48daa84e9404
.simpli.fi/	1970-01-21 01:27:31	Name: suid Value: 434D74CCF3A847F8B76C104000EE2E37
.yahoo.com/	1970-01-21 01:26:26	Name: A3 Value: d=AQABBArLbGUCEPhNp39y6KL99bTaaxz6HW4FEgEBAQEcbmV2ZQAAAAAA_eMAAA&S=AQAAAhF6JBv7wKUyWwGAqc1QYDk
.doubleclick.net/	1970-01-20 16:40:32	Name: DSID Value: NO_DATA
.innovid.com/	1970-01-20 18:50:04	Name: uuid Value: 144dc73d-46c7-4117-b4a8-a5a0acb463c7-20231203 13:38:03
.googleadservices.com/	1970-01-20 18:50:04	Name: ar_debug Value: 1
.tribalfusion.com/	1970-01-20 18:50:04	Name: ANON_ID Value: aent6Zau4YUdmqcn62woCVyo5x9kNfBeqAIk2fZcP9MeqWjmbtqlXaFDO5Mgv724m94L6aTBigZaY0qBjMGwaZaUlUR0dnJ0
.doubleclick.net/	1970-01-20 16:40:29	Name: test_cookie Value: CheckForPermission

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEPiLFGnrl_Ck6xeaPv1Xi0U&google_cver=1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
8019191.fls.doubleclick.net
a.tribalfusion.com
ad.doubleclick.net
ads.revjet.com
ads.travelaudience.com
adservice.google.com
adv.office-partner.de
ag.innovid.com
analytics.webgains.io
api.webgains.io
cdn.retailads.net
cdn.revjet.com
cdn.track.production.webgains.team
cm.g.doubleclick.net
cms.quantserve.com
counter.yadro.ru
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
geocult.ru
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900020.redintelligence.net
hal900027.redintelligence.net
ib.adnxs.com
m.exactag.com
match.adsrvr.org
medialead.de
onetag-sys.com
pagead2.googlesyndication.com
pb.media01.eu
pix.revjet.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pv.medialead.de
region1.analytics.google.com
s.tribalfusion.com
s0.2mdn.net
stats.g.doubleclick.net
sync.search.spotxchange.com
sync.teads.tv
tpc.googlesyndication.com
track.webgains.com
translate.google.com
translate.googleapis.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.awin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
sync.search.spotxchange.com
108.157.4.75
142.250.185.134
142.250.186.70
144.76.104.53
145.239.193.130
15.197.193.217
167.233.14.134
172.217.16.194
172.64.151.101
178.250.1.9
178.63.52.121
18.154.63.57
185.182.111.117
185.89.210.244
192.229.233.6
2001:4860:4802:34::36
216.58.206.34
23.212.218.19
23.43.61.33
2606:4700::6812:19ad
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:802::2004
2a00:1450:4001:802::2008
2a00:1450:4001:803::2003
2a00:1450:4001:808::2006
2a00:1450:4001:808::200e
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c06::9a
2a01:4f8:d0a:2321::2
2a02:fa8:8806:21::1690
2a05:d018:d29:3601:11b1:8ae0:b180:1e1
2a05:d01c:1d8:8100:9449:420b:1a77:b906
2a0b:4d07:102::1
3.11.198.160
3.71.149.231
34.98.64.218
35.177.10.97
35.190.0.66
35.204.158.49
46.4.76.120
5.9.137.78
51.89.9.252
52.29.230.13
78.46.111.106
85.114.159.93
85.14.248.91
88.198.250.30
88.212.201.204
94.23.99.218
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01bd238ad9742675260d4d3a5fef5b988ff74439b26a18aa0f98a48a694b07ed
02c0b0cefbe5e2a0a5ef8703cefa1025b9c805016b3da4ed094d153c546b5210
04dff075b0c9befeaec0105bc4f7e21a284f402f0f3425896f90963c888d7f1d
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d43d9f15c54f63334de8305be7fabb614396c5e190a0756a417483ba9c61631
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1162f2ec71eb82147a7e6a6f558b88982bb78ad2fa812c1c52020f5b7bd1bd85
1479783c7b49a2bbde9ea12d6b9abb4d552311fad5ea3d1194a866c82ddf7d54
1537d4a7693f4840ad5484b03df34b08d0ed049696dd470ef07b55e1668d90a5
17389d2b816cd42930191c00df09c08669c18038ce38085452fc224228bfd2ab
178d21ba92f7134c1b38490946eadd0bddbf07248aa9e132d1ff30ddf735a62a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a4b71acc013b49315ff300c03f7163618bb6f1cc0408d710e11f97b255f9255
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1b16a5af84666feb9f8f195d3a8b74042f80439ca327b61f1c598f58072911ea
1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30
1d68fd9a6d78578c2d8d59b811eb6ef010b0b075da0808c04a67a08125d609b9
1f40994eab15b92af5183f9acf338e0354771054c65024e0aa679b6506f9eb87
21f14e408c57d0c0c9a833c314df5ff7f7695f054253d9eb2ce123ba0f2ac049
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
24d3f7c545ffb8d31d407b24b2c130774fae929ec9a92d6fe92f42608c858372
281bdb69ef6f2abc92abda9b18117ebbf50e9add63b183b2d9bc3fe3afbb3011
2baa2ebe463ced52f500118a25caa59f75536f3a49a36ae911ff5c37e1265669
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
36c7b56d7df17e27614b04230c5fc1793653b20a1fd66fb9311f5df573c0f617
36d2919a38bb9906f76ed8a7e30a0696bcf4e18b4c0da38a4660437a5e7ea49d
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3b3c66d6f6711dcb00f5ca69f10cc2e996c38c6c90facc8da13bbc88827433ca
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
3e1406c94587637a7460b7a2089dc1db426ce759c728f4a5479215e1f9360a8b
41e8f29b28c908a3e09da0cdfc54be6adeef57c3ac6dbf393416e84e4d2c420b
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
436d9fdefdf3800e7aa8d543d79138dafd6a5fa95340a6d9df9515a99d6a243f
43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c
462c848b90fb9d8f3599f4654813e4382222a6fd506a48158a01bc2eab95b357
489c8bd821038a9ce8f643de824f6a507c68e3a4e024fb56209d7b9464134036
4a1334943e3478fc431ad0aa3dd70b2d2fb3d5cd35582094ab6305282672829b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5070152299c3d5a3ed255352b18e10649460f1e436363d4394e0f7d0acdb48de
50b78ad8578885f34aa7fa589dcd10075c466504e11467dd8a3ceed303ef4cb8
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
528b3762e36893c9075ebbb38655afaa02aecbd106aefc59881bd879ffeba9c8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1
56a657afa978033de9998ab2d7ef9b0fd1307d9197d6991f7ad60da67c3ecd37
57fa232a003b023f9ee9ab9ca6f9d33569fc7cca884bf9b1ba464cc42df6ed79
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
58875ca0e2b4a16f6bef08405a014c18133d0b65419cb5191f5d08ac2eb9791d
5942cf3294f46a9640870809b055e78887d7b48cc1e31a153d9c3b5dd7ef674b
5b137d3129b4891e8888c2fd67e1cbf91416c19d3e028470b0be882aff4526c1
5bec70f0e0657163557891dc55bb27d7ea530b208603e17f3f06ded37e31fa38
5cf33023b269c203afae38ff350b47a642fd2d8436709c4e658f2437dbd82bb1
5e7ef5ef8582671b083278bf8f81e640b0f839f3ed0c336c4a96eb7e8b6c4aca
601ef095f13c0778a1c915ab3505cfe2002880068242285bd78f32a8fca54ee8
608c7e96914ee8dea1cc0bbd2eee01f5f6d0b03521cebbc6116a7ba5940043cb
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c
651a6d9487526a326703528b63445bc657443628ea7a8fa63d08504ff1a68fbe
668252abb09b70642638a85544b62098dad1e03b79f534ee177e6d1ebb08c295
68b34a28617137221b76b93546359bf577aea1d6b3aadbd65b40e8bbdae7dd0f
6d7416c9352e4b00c83f1dcf6964c89586d517e10fe4806a9da14abd0af76f35
71afeaa2f8371d9b3f97e6a91b94b72b2eec42d37886a88207943877051187b7
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
72c786a14cc7a7c3831a33e49e63e54beddc81f6c50cc00149b29e0844aec2af
7556dc64e40765343d4e092cc65064c95e21721c94387b287f99c64c2fd782ac
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
815c4d0cf5937e27877ee3d17fb373dabb5b4cfa45a87636ad24f71bf59345db
8252b9124ebcee90d13b419b027fc2ea8103698a438715fe4a33546f1b144ffc
8333148d2208e6e672e22d928e408eea1e2568339917e9ed18e5d6d9cb964fdc
83fef62511d4754a257551bd24d92efdeeb31c2886d07de22e9e947942233f6f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8b05625742e37f242707bde42df16ce7b828cc94f93238332f02624415d6c01f
8d674b28f8c316180a29763d4d735629198158a03a780fb691025830bae98b30
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e483f5b5ac1b2ef3a28ccc7f8f7ab82cd8a56cb1e9c06294bf90b3020ccfe47
8f449aded8f88c8b9e2c73ea930facc156452d56245347f273464bfc81ef3c47
8f805bf68e4e340486dc66c588877c60541762f728e859bc9759229ce6d9dbd1
914dcb400670688bb8de60c955cce8afce0838c2fa2ad297b4bd4b34ec908ed0
94c64deba3ab0daa0d273ffb353d783334474f7359497ad2f3095a164a2d8492
968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd
98f6e8c47cc9172e4c8c74ec2a4b4a8df8988dd3b77803cd88bc435c42db2936
992f94f905118b8960ff39ecea7dcec52afbb5b2a484b14cd817844ba03d7eab
99aa931d77212e8ed5fa3bdcbcb5c4f3354d8cf7134982d0af6b9032ff13c3fd
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bcdacd51d877340ac793482e3d9e646e0b986cdb8b5b8e07f7e695ff5309609
9da58863c2d4a7e1f3c71a9a498588e7b74c3bf65fb97ddd126f1564fa7f9f02
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1baa67795417feeb2ea6c9b9492e29e8ee73598b68f8a15dafee2f173e7ec62
a51e8c550456383636cf20e50afe7d978ac72fd6088527d06c9a05f1a32cfdd2
a59faa617f75b8bfc732f07abe63b4b6e8dd79ec6e8a0969732b0ff07cbe8d1f
a5b515ac2ced9174a3403f8b66c0c594ec6531331a41d698ecdff40cbcf2f899
a602a1b8f590d0521b3aae7690f7528645f92bb4052a025dd9fa8b4a1210ff3c
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a704f0f0fa9a0ffce479a33321bd9896549e23131a804a020a7ecf0b627d1791
a84f5718bcfaa18fbf0bc06b2fb8989141e7ef299b1a4793bd1082b48ce74cc2
aad35991a036d79245d4bc83da400f26f31622c18a654fe692fc00128d12b6b8
aad870057003cbb9958374f555a06fb47dab183a03018ac1d1e88bffd1ded096
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
ad9428af606aceefa4695c18a8904ddb275a328dd01735ec5c62cc70e760d0cd
afd1ef9d3e6973831f163767450e26d551df780cd59ec80438a8023de6dd6a8e
b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23a5abdd7f5dd9f3415fe94dad8475c6001d80044f24c32a55f4fd0ab88ab4c
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
b87216debe85ffb5d5f3f938c1c2cfed568d6736fd9bd06d64d85711ea5c8802
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
be91c72c97adfae4e70b223c2f23ffd07eaf26d315a53bb66134b11dc40bb661
bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059
bf808e2a55ef3a7ce795e28193bdb130b441b2859bd3eab5120daed9d931e21c
c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588
c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966
c3958950542c3d4350757a80f8b16785b6b72aafcccaa6deca82bb70b8be692e
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c4f459274e378b71dae7cd9514f4c3020545081e0de18560311a5aabf98f85b9
c76762b6b5695ab0c2c3688f5f0b4932911daa89e9a905ad866e853dd00020ae
c9092cfaa24952291b22481bfa4e399483260fc6fb162a6b942fed3ff42d76f0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cb75f16d658f330094ea1fec0b38b503b90a90f1011db476c347d1ac93909c57
cc6b249df9a309343ff4c4fb97dbf8e9f1e6d542bc4d7c3fd5a8afb7fc435e85
ceae381ecbf5ea0d6e5f6977b195b7eae7d9167dd575f1983b07829838e20632
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d04da184f20eec8ec53c73f71b04f6eb462b391c982ca722500bb5abfb31cd20
d0a7940c5739597d973e2bb019d3e3cc8b5e8747e607982ebdbd4890f4288f3c
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532
d1feb54f2339859c3595bd26343b468bad05a7a11c0a5a9d86084c56e3a885ed
d371219cab55549df0dc40dfb5a92d8d4be8b8ed24ab44d4c003fdb8b580cd56
d3983efaab76ab87fb3051ba4146d467940514972bc87439b5be3651766c0722
d3d89aa5cc7dbbdea39f3111b7460d064d7663ea92b04e79df0b39ef2e63b196
d4a0ccc9dae59ada651eb12e1480d7ddb1ab5870903c59b1fa4b709a26b6b605
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
d752f92d971a6a3afd2a903855c7726ba385cf2ec11757e1fd694dbd661c45ef
d9b90d582c960458aef7a61a894bffb8c326910023e6be747b954cc8737986ff
daf927d970143656739c9b917412ba171dae6e997b8dfe53263effae772d1b69
dc39baae76f9b3580bca8529e9f7827105cd0e6c85c718e9662bc35e6c3e6f42
dc938f914a45d9704b821d83ed0ac1360240d3ac62d7c60878288c3c67279bc3
dce3111ede9ead68dbb0c6343255a1cc111060d98da86a7e96e0fa8510bb1a02
dcf83b1450b6423e29f47632dc89505e6524991602b0f44a73669e4af687174b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df5f8f98ec7bd0263bb4dabff07ecf507a535c2c39a5e391e03e7ea124baa321
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3df018cd61d671d60bd4a1cae119f8fcf1e58e47a62a4ae80c6b8100d868dbc
e42336e2f9e87802467acfb8c57db732724d37804d43afa5373f6b0e6be19687
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6e4ae30d0e1fe5bfda2cdf9a430e4d2da17e5706b0011bf909b312814bcbd1e
e74a84c9d52e2ef23512423d7e15031fc8644b0b800b89e82ad9abe3ad8b8912
e86c41aba2a70f6e263fbe0c13257e5b4d36b0ba6ae34d86098013f7087441ba
eafb3e8e7ff731d4419a9683e280433e06a513e872f309333c0909890156bcdf
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec0252ba8694b474f3b887ffe91c07341280451a177944d79ff2a94d877a07d5
ec29871f7a6e470e699f7eb7a722c49ceffe8ebb682308c7279053da037d71d5
ec4840b5e373feeae1a57fd926d937285246bd4437db4b08e0b99ccf611f1775
ed39095ea8d3302a3a8975e7237aa7aa0d5eb757a156b706a104e196c4e356eb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2d27ec07598049af75b5252143a57fd29957203c5293b6f2321ac38efb629c5
f475c66d75ca7e05c2495939220483443ad32a1fc6e9a8e247ac9a482b537844
f69f24da425eac9ecd7ba5e9a956ee643849921ec5672a9a961e309c60a1feda
f97ff7af18b6fca33d99a223aaddee96afb3ddd73c2368a39acc15ff53b91c2b
f9b2b62632d02dd438da5c717fcedbe7babf3420940398db1778d5b19d342f5b
fa523f248a332cb89ae3ad8cf51d840153e0f96bcc2a4c8db736e02a340dab48
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
fd2b431f12a703cc81d342eef4e2765952fc7ae20604395161641e8b6d975970
fd35c1a7b38fb6686d589fc6c41678bae811f8fb40112972940722f55d35d15a
ffab88a662b439a53767d029843f1cee63997ad2e321ed7838d626199372699d

geocult.ru Open in urlscan Pro 185.182.111.117 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

283 Requests

91 %HTTPS

40 %IPv6

42 Domains

61 Subdomains

52 IPs

10 Countries

3529 kBTransfer

7380 kBSize

44 Cookies

1 Outgoing links

Page URL History

Redirected requests

283 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

geocult.ru Open in urlscan Pro
185.182.111.117 Public Scan

Screenshot
Live screenshot

Full Image

283
Requests

91 %
HTTPS

40 %
IPv6

42
Domains

61
Subdomains

52
IPs

10
Countries

3529 kB
Transfer

7380 kB
Size

44
Cookies

283 HTTP transactions
6 data transactions