urlscan.io logo urlscan.io
SecurityTrails logo

bultourism.com Open in urlscan Pro
69.64.51.116  Public Scan

Go To Rescan Add Verdict Report
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/
Submission Tags: falconsandbox
Submission: On December 08 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 63 HTTP transactions. The main IP is 69.64.51.116, located in St Louis, United States and belongs to AS-30083-GO-DADDY-COM-LLC, US. The main domain is bultourism.com.
This is the only time bultourism.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

20    69.64.51.116 (St Louis, United States)

ASN30083 (AS-30083-GO-DADDY-COM-LLC, US)
PTR: vilya.kafence.com
bultourism.com
img.us2.bultourism.net
11    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    70.59.126.236 (Fargo, United States)

ASN209 (CENTURYLINK-US-LEGACY-QWEST, US)
counter.search.bg
1    2a00:1450:400c:c0d::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
11    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.com
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
partner.googleadservices.com
12    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Domain Requested by
13 bultourism.com bultourism.com
12 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
11 pagead2.googlesyndication.com bultourism.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
10 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
7 img.us2.bultourism.net bultourism.com
3 www.google.com 2 redirects tpc.googlesyndication.com
2 www.googletagservices.com googleads.g.doubleclick.net
2 www.google-analytics.com 1 redirects bultourism.com
1 adservice.google.com pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 stats.g.doubleclick.net bultourism.com
1 counter.search.bg bultourism.com
1 ajax.googleapis.com bultourism.com
0 img.us2.bultourism.com Failed bultourism.com
63 14

This site contains links to these domains. Also see Links.

Domain
www.google.com
silktide.com
img.us2.bultourism.net
bgcounter.com
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
bultourism.com
R3		 2021-10-25 -
2022-01-23		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh

This page contains 11 frames:

Primary Page: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/
Frame ID: 071B6E38D8903E40465D8C348E1F5BF2
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211206/r20190131/zrt_lookup.html
Frame ID: 0FA041BD3633027C3C0288C92175B239
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2513374550279225&output=html&adk=1812271804&adf=3025194257&lmt=1638978142&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F&ea=0&flash=0&pra=5&wgl=1&dt=1638978142050&bpp=4&bdt=707&idt=87&shv=r20211206&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4241456144107&frm=20&pv=2&ga_vid=1193798314.1638978142&ga_sid=1638978142&ga_hid=1712572640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753742%2C31060048&oid=2&pvsid=4103808416161178&pem=689&tmod=1132815735&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=104
Frame ID: C7674792759AADD3D0E68DDFBB84D6B8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=90&slotname=4782041684&adk=643570460&adf=1638469296&pi=t.ma~as.4782041684&w=923&fwrn=4&fwrnh=100&lmt=1638978142&rafmt=2&psa=0&format=923x90&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1638978142054&bpp=3&bdt=712&idt=110&shv=r20211206&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4241456144107&frm=20&pv=2&ga_vid=1193798314.1638978142&ga_sid=1638978142&ga_hid=1712572640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=141&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753742%2C31060048&oid=2&pvsid=4103808416161178&pem=689&tmod=1132815735&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cnp&abl=XS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NstpkNpjlq&p=http%3A//bultourism.com&dtd=123
Frame ID: 4F239FBC7FE5322D276CCC24012ECBF2
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=280&slotname=9910245285&adk=1178431370&adf=2256226511&pi=t.ma~as.9910245285&w=740&fwrn=4&fwrnh=100&lmt=1638978142&rafmt=1&psa=0&format=740x280&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1638978142057&bpp=1&bdt=715&idt=128&shv=r20211206&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C923x90&nras=1&correlator=4241456144107&frm=20&pv=1&ga_vid=1193798314.1638978142&ga_sid=1638978142&ga_hid=1712572640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=557&ady=559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753742%2C31060048&oid=2&pvsid=4103808416161178&pem=689&tmod=1132815735&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cn&abl=XS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=oPC4Roebh5&p=http%3A//bultourism.com&dtd=134
Frame ID: BA5B30A6E3739CF0F4710CE74BA0C73B
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 403236A2C2F30EFB534B767EF12985F0
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zjgS4KQeXGvHwDILG6lQlkBvwEKRV94c-L5plcF-OHg.js
Frame ID: CE8BF58D0844C47FC93A12227EB4429D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8A53D7B01BFD01E14E56C0608FEBEA7B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zjgS4KQeXGvHwDILG6lQlkBvwEKRV94c-L5plcF-OHg.js
Frame ID: 0333EB971AD6EAB67D8CE9CFCA0829C0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 07E3BFB67DD8603ADED5B1AC0473ACBB
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 826D99F9CE96E65FC971A7DE32614E0C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ОФЕРТИ ЗА ХОТЕЛИ В ПАСТРА, КВАРТИРИ В ПАСТРА, НАСТАНЯВАНЕ В ПАСТРА

Page Statistics

63
Requests

63 %
HTTPS

73 %
IPv6

10
Domains

14
Subdomains

12
IPs

3
Countries

645 kB
Transfer

1721 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 24
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1211899739&utmhn=bultourism.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9E%D0%A4%D0%95%D0%A0%D0%A2%D0%98%20%D0%97%D0%90%20%D0%A5%D0%9E%D0%A2%D0%95%D0%9B%D0%98%20%D0%92%20%D0%9F%D0%90%D0%A1%D0%A2%D0%A0%D0%90%2C%20%D0%9A%D0%92%D0%90%D0%A0%D0%A2%D0%98%D0%A0%D0%98%20%D0%92%20%D0%9F%D0%90%D0%A1%D0%A2%D0%A0%D0%90%2C%20%D0%9D%D0%90%D0%A1%D0%A2%D0%90%D0%9D%D0%AF%D0%92%D0%90%D0%9D%D0%95%20%D0%92%20%D0%9F%D0%90%D0%A1%D0%A2%D0%A0%D0%90&utmhid=1712572640&utmr=-&utmp=%2F%2525D0%2525BC%2525D0%2525B0%2525D0%2525BD%2525D0%2525B0%2525D1%252581%2525D1%252582%2525D0%2525B8%2525D1%252580%2525D0%2525B8%2F%2525D0%25259F%2525D0%2525B0%2525D1%252581%2525D1%252582%2525D1%252580%2525D0%2525B0%2F&utmht=1638978142032&utmac=UA-749284-4&utmcc=__utma%3D164549804.1193798314.1638978142.1638978142.1638978142.1%3B%2B__utmz%3D164549804.1638978142.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=66307929&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1211899739&utmhn=bultourism.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9E%D0%A4%D0%95%D0%A0%D0%A2%D0%98%20%D0%97%D0%90%20%D0%A5%D0%9E%D0%A2%D0%95%D0%9B%D0%98%20%D0%92%20%D0%9F%D0%90%D0%A1%D0%A2%D0%A0%D0%90%2C%20%D0%9A%D0%92%D0%90%D0%A0%D0%A2%D0%98%D0%A0%D0%98%20%D0%92%20%D0%9F%D0%90%D0%A1%D0%A2%D0%A0%D0%90%2C%20%D0%9D%D0%90%D0%A1%D0%A2%D0%90%D0%9D%D0%AF%D0%92%D0%90%D0%9D%D0%95%20%D0%92%20%D0%9F%D0%90%D0%A1%D0%A2%D0%A0%D0%90&utmhid=1712572640&utmr=-&utmp=%2F%2525D0%2525BC%2525D0%2525B0%2525D0%2525BD%2525D0%2525B0%2525D1%252581%2525D1%252582%2525D0%2525B8%2525D1%252580%2525D0%2525B8%2F%2525D0%25259F%2525D0%2525B0%2525D1%252581%2525D1%252582%2525D1%252580%2525D0%2525B0%2F&utmht=1638978142032&utmac=UA-749284-4&utmcc=__utma%3D164549804.1193798314.1638978142.1638978142.1638978142.1%3B%2B__utmz%3D164549804.1638978142.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=66307929&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-749284-4&cid=1193798314.1638978142&jid=66307929&_v=5.7.2&z=1211899739
Request Chain 40
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 52
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

63 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/ 		38 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/
Protocol
HTTP/1.1
Server
69.64.51.116 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
vilya.kafence.com
Software
Apache/2 /
Resource Hash
13e15790cb6ed5d9f488ce7a87ed26fd6c01367beb959c3e4c237d5e8dddd337

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Wed, 08 Dec 2021 15:42:23 GMT
Server
Apache/2
Vary
User-Agent,Accept-Encoding
Content-Encoding
gzip
Content-Length
8724
Keep-Alive
timeout=60, max=80
Connection
Keep-Alive
Content-Type
text/html; Content-Language: bg; charset=utf-8
bootstrap.css
bultourism.com/ 		139 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://bultourism.com/bootstrap.css
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/
Protocol
HTTP/1.1
Server
69.64.51.116 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
vilya.kafence.com
Software
Apache/2 /
Resource Hash
98a1a73b3955af8bca553440fd751c80f6007bed3294803d935bd6c4597c50e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 15:42:23 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Apr 2016 23:25:39 GMT
Server
Apache/2
ETag
"f5aefa-22abe-52f9cee1f35e1"
Vary
User-Agent,Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=80
Content-Length
20972
Expires
Wed, 15 Dec 2021 15:42:23 GMT
bultourism.css
bultourism.com/ 		36 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://bultourism.com/bultourism.css
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/
Protocol
HTTP/1.1
Server
69.64.51.116 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
vilya.kafence.com
Software
Apache/2 /
Resource Hash
a3dd8543865b42e183cbb20fcb9a4606868a3a9cc805ae4b6bd67884e9465986

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 15:42:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 26 May 2020 10:11:00 GMT
Server
Apache/2
ETag
"a62c66-8f36-5a68a4fef73ab"
Vary
User-Agent,Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=80
Content-Length
5408
Expires
Wed, 15 Dec 2021 15:42:23 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/
Protocol
HTTP/1.1
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53e045c2252b8a9bebbb1ff8239a21ae203ef58fc61a4edb4d66a640c5f44f1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Wed, 08 Dec 2021 15:42:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
14530509843286661807
Vary
Accept-Encoding, Origin
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
51935
X-XSS-Protection
0
Expires
Wed, 08 Dec 2021 15:42:21 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
81c02a1206eff8759424fd5f773a0a9b932662f9ce0536dff76006e4afda7f0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 15:42:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51938
x-xss-protection
0
server
cafe
etag
4105295595694553100
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 08 Dec 2021 15:42:21 GMT
logo2.png
bultourism.com/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bultourism.com/logo2.png
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/
Protocol
HTTP/1.1
Server
69.64.51.116 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
vilya.kafence.com
Software
Apache/2 /
Resource Hash
500ee9963630dac458fbf05c87bb3ec924e25481a4974163ab22c208899b01e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 15:42:24 GMT
Last-Modified
Wed, 06 Mar 2013 15:43:25 GMT
Server
Apache/2
ETag
"a62c02-2b78-4d743735b8140"
Vary
User-Agent
Content-Type
image/png
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=80
Content-Length
11128
Expires
Wed, 15 Dec 2021 15:42:24 GMT
magnifier_small.gif
bultourism.com/img/ 		1023 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bultourism.com/img/magnifier_small.gif
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.64.51.116 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
vilya.kafence.com
Software
Apache/2 /
Resource Hash
9f8d9c9035014e10335fc19170efa4e3cffa9967e83ae3eef6389e75b2a2ea0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 15:42:24 GMT
Last-Modified
Fri, 09 Nov 2007 09:26:07 GMT
Server
Apache/2
ETag
"1c3c001-3ff-43e7b928609c0"
Vary
User-Agent
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=80
Content-Length
1023
7474_main.jpg
img.us2.bultourism.net/pictures/7474/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.us2.bultourism.net/pictures/7474/7474_main.jpg
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/
Protocol
HTTP/1.1
Server
69.64.51.116 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
vilya.kafence.com
Software
Apache/2 /
Resource Hash
270084c82956b39fab007384ec7e5fccd65f2c3e65233d2f6a7599193f41f8fe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 15:42:24 GMT
Last-Modified
Fri, 14 Oct 2011 15:01:50 GMT
Server
Apache/2
ETag
"25aa014-e4b-4af43896af380"
Vary
Host
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=80
Content-Length
3659
Expires
Wed, 15 Dec 2021 15:42:24 GMT
1_small.jpg
img.us2.bultourism.net/pictures/7474/pix/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.us2.bultourism.net/pictures/7474/pix/1_small.jpg
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/
Protocol
HTTP/1.1
Server
69.64.51.116 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
vilya.kafence.com
Software
Apache/2 /
Resource Hash
b7f5ea86ec51c81ff0ee14eb972476d9eb9d1ca3e3400acffe741ae93a6681f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 15:42:24 GMT
Last-Modified
Fri, 14 Oct 2011 15:02:13 GMT
Server
Apache/2
ETag
"cc63c7-d46-4af438ac9e740"
Vary
Host
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=80
Content-Length
3398
Expires
Wed, 15 Dec 2021 15:42:24 GMT
2_small.jpg
img.us2.bultourism.net/pictures/7474/pix/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.us2.bultourism.net/pictures/7474/pix/2_small.jpg
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/
Protocol
HTTP/1.1
Server
69.64.51.116 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
vilya.kafence.com
Software
Apache/2 /
Resource Hash
b8cc6f947f129c4ce4b146e5b005b27e237d3223b27829dee696df7d00a594d5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 15:42:24 GMT
Last-Modified
Fri, 14 Oct 2011 15:02:23 GMT
Server
Apache/2
ETag
"cc63ca-dbe-4af438b627dc0"
Vary
Host
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=80
Content-Length
3518
Expires
Wed, 15 Dec 2021 15:42:24 GMT
3_small.jpg
img.us2.bultourism.net/pictures/7474/pix/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.us2.bultourism.net/pictures/7474/pix/3_small.jpg
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/
Protocol
HTTP/1.1
Server
69.64.51.116 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
vilya.kafence.com
Software
Apache/2 /
Resource Hash
03cf48ebb70ae6c3e824937344342ebb05e03323e864074cb38fc3f3f891de39

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 15:42:24 GMT
Last-Modified
Fri, 14 Oct 2011 15:02:33 GMT
Server
Apache/2
ETag
"cc63cd-ef4-4af438bfb1440"
Vary
Host
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=80
Content-Length
3828
Expires
Wed, 15 Dec 2021 15:42:24 GMT
4_small.jpg
img.us2.bultourism.net/pictures/7474/pix/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.us2.bultourism.net/pictures/7474/pix/4_small.jpg
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/
Protocol
HTTP/1.1
Server
69.64.51.116 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
vilya.kafence.com
Software
Apache/2 /
Resource Hash
5c5418bfc4f257ec0877ad256d48ce3cea58c95d5cacd5719f594a982e60723c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 15:42:24 GMT
Last-Modified
Fri, 14 Oct 2011 15:02:50 GMT
Server
Apache/2
ETag
"cc63d0-e08-4af438cfe7a80"
Vary
Host
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=79
Content-Length
3592
Expires
Wed, 15 Dec 2021 15:42:24 GMT
5_small.jpg
img.us2.bultourism.net/pictures/7474/pix/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.us2.bultourism.net/pictures/7474/pix/5_small.jpg
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/
Protocol
HTTP/1.1
Server
69.64.51.116 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
vilya.kafence.com
Software
Apache/2 /
Resource Hash
596327c929a679eb174f0a6358bffa17a96d7e16aee23cf4bd459df95327202f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 15:42:24 GMT
Last-Modified
Fri, 14 Oct 2011 15:03:03 GMT
Server
Apache/2
ETag
"cc63d3-8f7-4af438dc4d7c0"
Vary
Host
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=80
Content-Length
2295
Expires
Wed, 15 Dec 2021 15:42:24 GMT
6_small.jpg
img.us2.bultourism.net/pictures/7474/pix/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.us2.bultourism.net/pictures/7474/pix/6_small.jpg
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/
Protocol
HTTP/1.1
Server
69.64.51.116 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
vilya.kafence.com
Software
Apache/2 /
Resource Hash
956c5343c133eb491a5192f7236ed66549174ff673428bd8763ff86a944d4977

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 15:42:24 GMT
Last-Modified
Fri, 14 Oct 2011 15:03:16 GMT
Server
Apache/2
ETag
"cc63d6-808-4af438e8b3500"
Vary
Host
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=80
Content-Length
2056
Expires
Wed, 15 Dec 2021 15:42:24 GMT
de.gif
bultourism.com/flags2/ 		1003 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bultourism.com/flags2/de.gif
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.64.51.116 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
vilya.kafence.com
Software
Apache/2 /
Resource Hash
66671616f880ade1bee6a9afbced9011f1fe1b179ff9860766f700825e8bc9ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 15:42:24 GMT
Last-Modified
Sat, 21 Jan 2006 10:54:18 GMT
Server
Apache/2
ETag
"1c36035-3eb-40adc3826ea80"
Vary
User-Agent
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=80
Content-Length
1003
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 01:53:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49731
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33018
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Dec 2022 01:53:30 GMT
bootstrap.min.js
bultourism.com/demo/components/bootstrap/dist/js/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bultourism.com/demo/components/bootstrap/dist/js/bootstrap.min.js
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/
Protocol
HTTP/1.1
Server
69.64.51.116 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
vilya.kafence.com
Software
Apache/2 /
Resource Hash
29faaa7d39edcba28dd6253f6dbe2637931e6a758bc59601747718ab4990a465

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 15:42:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Mar 2016 05:24:50 GMT
Server
Apache/2
ETag
"fd4830-11ed-52dfb7fef8c80"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=79
Content-Length
4589
jquery.autocomplete.min.js
bultourism.com/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bultourism.com/js/jquery.autocomplete.min.js
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/
Protocol
HTTP/1.1
Server
69.64.51.116 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
vilya.kafence.com
Software
Apache/2 /
Resource Hash
d302fe121caf68995981332fa772943329f87c0d6077d86d4ca5d317e3df830d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 15:42:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 01 Jun 2015 20:59:22 GMT
Server
Apache/2
ETag
"1c3e070-10e7-5177b19a1be80"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=79
Content-Length
4327
jquery.textfill.js
bultourism.com/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bultourism.com/js/jquery.textfill.js
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/
Protocol
HTTP/1.1
Server
69.64.51.116 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
vilya.kafence.com
Software
Apache/2 /
Resource Hash
e96bf90e8eb906c08e51be90e00226f66881a6da5afb330fd39b995a7f4abdf2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 15:42:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Mar 2018 11:46:26 GMT
Server
Apache/2
ETag
"1c3e085-2641-566e539c95fe8"
Vary
User-Agent,Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=79
Content-Length
3068
Expires
Wed, 15 Dec 2021 15:42:24 GMT
cookieconsent.latest.min.js
bultourism.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bultourism.com/cookieconsent.latest.min.js
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/
Protocol
HTTP/1.1
Server
69.64.51.116 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
vilya.kafence.com
Software
Apache/2 /
Resource Hash
6b0bca91c1ac0c2a574d02424bab957d02bd19890474d30acf7a17a85b17566d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 15:42:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Mar 2016 05:11:08 GMT
Server
Apache/2
ETag
"f5afa1-774-52dfb4ef0d300"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=80
Content-Length
1908
jquery.unveil.js
bultourism.com/ 		1 KB
935 B 		Script
General
Check archive.org
Download Go to
Full URL
http://bultourism.com/jquery.unveil.js
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/
Protocol
HTTP/1.1
Server
69.64.51.116 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
vilya.kafence.com
Software
Apache/2 /
Resource Hash
89a13956be67527dd669a271539cd5a0aaf6ebe90e81dc25156fe002f18cd0f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 15:42:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Mar 2016 05:07:28 GMT
Server
Apache/2
ETag
"f5afab-273-52dfb41d3e400"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=80
Content-Length
627
lightbox.css
img.us2.bultourism.com/css/ 		0
0
lightbox.min.js
bultourism.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bultourism.com/js/lightbox.min.js
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/
Protocol
HTTP/1.1
Server
69.64.51.116 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
vilya.kafence.com
Software
Apache/2 /
Resource Hash
6c8abd074d9c4f8b738945503c713ca0f39eefd42421b7902cc3b6ac83d954c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 15:42:24 GMT
Content-Encoding
gzip
Last-Modified
Sun, 30 Mar 2014 16:45:09 GMT
Server
Apache/2
ETag
"1c3e072-93a-4f5d5a866ef40"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=78
Content-Length
2362
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/
Protocol
H2
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6062
date
Wed, 08 Dec 2021 14:01:20 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Wed, 08 Dec 2021 16:01:20 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
c
counter.search.bg/cgi-bin/ 		194 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://counter.search.bg/cgi-bin/c?_id=btrsm&_z=2&_r=1600&_c=24&_j=N&_t=0&_k=Y&_l=
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/
Protocol
HTTP/1.0
Server
70.59.126.236 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software
Apache /
Resource Hash
53231e1637873ed889b18ff1e4ae5cc1a11824a625182bd3e55c52dea1ecf78c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 08 Dec 2021 15:42:22 GMT
Last-Modified
Monday, 31 Dec 2020 05:00:00 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
no-cache, must-revalidate
Connection
close
Content-Length
194
Expires
Mon, 26 Jul 1997 05:00:00 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1211899739&utmhn=bultourism.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9E...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1211899739&utmhn=bultourism.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-749284-4&cid=1193798314.1638978142&jid=66307929&_v=5.7.2&z=1211899739
35 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-749284-4&cid=1193798314.1638978142&jid=66307929&_v=5.7.2&z=1211899739
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/
Protocol
H2
Server
2a00:1450:400c:c0d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 08 Dec 2021 15:42:22 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Dec 2021 15:42:22 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-749284-4&cid=1193798314.1638978142&jid=66307929&_v=5.7.2&z=1211899739
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
367
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/ 		273 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e57bf715737599c006c95dd81eb7215bab6882a7720fb5118d24caa3fbace272
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 15:42:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100872
x-xss-protection
0
server
cafe
etag
8634572138303306076
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Dec 2021 15:42:22 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211206/r20190131/ Frame 0FA0 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211206/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 07 Dec 2021 19:03:43 GMT
expires
Tue, 21 Dec 2021 19:03:43 GMT
content-type
text/html; charset=UTF-8
etag
17731914101004188133
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4884
x-xss-protection
0
age
74319
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		218 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=bultourism.com&callback=_gfp_s_&client=ca-pub-2513374550279225
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
37a03bfecd70c60225d0ed74a7f9bb3b8f2fd43f565f7e9d314f29e211fb6d39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 15:42:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
201
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=bultourism.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 08 Dec 2021 15:42:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C767 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2513374550279225&output=html&adk=1812271804&adf=3025194257&lmt=1638978142&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F&ea=0&flash=0&pra=5&wgl=1&dt=1638978142050&bpp=4&bdt=707&idt=87&shv=r20211206&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4241456144107&frm=20&pv=2&ga_vid=1193798314.1638978142&ga_sid=1638978142&ga_hid=1712572640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753742%2C31060048&oid=2&pvsid=4103808416161178&pem=689&tmod=1132815735&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=104
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 08 Dec 2021 15:42:22 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
googleads.g.doubleclick.net/pagead/ Frame 4F23 		74 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=90&slotname=4782041684&adk=643570460&adf=1638469296&pi=t.ma~as.4782041684&w=923&fwrn=4&fwrnh=100&lmt=1638978142&rafmt=2&psa=0&format=923x90&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1638978142054&bpp=3&bdt=712&idt=110&shv=r20211206&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4241456144107&frm=20&pv=2&ga_vid=1193798314.1638978142&ga_sid=1638978142&ga_hid=1712572640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=141&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753742%2C31060048&oid=2&pvsid=4103808416161178&pem=689&tmod=1132815735&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cnp&abl=XS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NstpkNpjlq&p=http%3A//bultourism.com&dtd=123
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd36bc8a6fb1d5fb87f80934dae46bee9faed730340f4a76031d6b30aeec70f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 08 Dec 2021 15:42:22 GMT
server
cafe
content-length
28626
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 08 Dec 2021 15:42:22 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame BA5B 		75 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=280&slotname=9910245285&adk=1178431370&adf=2256226511&pi=t.ma~as.9910245285&w=740&fwrn=4&fwrnh=100&lmt=1638978142&rafmt=1&psa=0&format=740x280&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1638978142057&bpp=1&bdt=715&idt=128&shv=r20211206&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C923x90&nras=1&correlator=4241456144107&frm=20&pv=1&ga_vid=1193798314.1638978142&ga_sid=1638978142&ga_hid=1712572640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=557&ady=559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753742%2C31060048&oid=2&pvsid=4103808416161178&pem=689&tmod=1132815735&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cn&abl=XS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=oPC4Roebh5&p=http%3A//bultourism.com&dtd=134
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
56a612f5c91252dcfecb1dc69a607f57cac1c793bc6d75a61e0a803cdcb09afe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 08 Dec 2021 15:42:23 GMT
server
cafe
content-length
28772
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 08 Dec 2021 15:42:23 GMT
cache-control
private
9890627480308403774
tpc.googlesyndication.com/simgad/ Frame 4F23 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9890627480308403774?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qloCcxCwjovHccFNKVGUktRYW2A8A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=90&slotname=4782041684&adk=643570460&adf=1638469296&pi=t.ma~as.4782041684&w=923&fwrn=4&fwrnh=100&lmt=1638978142&rafmt=2&psa=0&format=923x90&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1638978142054&bpp=3&bdt=712&idt=110&shv=r20211206&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4241456144107&frm=20&pv=2&ga_vid=1193798314.1638978142&ga_sid=1638978142&ga_hid=1712572640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=141&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753742%2C31060048&oid=2&pvsid=4103808416161178&pem=689&tmod=1132815735&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cnp&abl=XS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NstpkNpjlq&p=http%3A//bultourism.com&dtd=123
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4f47469f8c76e725ada47e06a8132e866ac7c763265f0b2234ce5983f118db6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 13:28:47 GMT
x-content-type-options
nosniff
age
526415
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28031
x-xss-protection
0
last-modified
Tue, 10 Nov 2020 14:02:05 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 02 Dec 2022 13:28:47 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211206/r20110914/ Frame 4F23 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211206/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=90&slotname=4782041684&adk=643570460&adf=1638469296&pi=t.ma~as.4782041684&w=923&fwrn=4&fwrnh=100&lmt=1638978142&rafmt=2&psa=0&format=923x90&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1638978142054&bpp=3&bdt=712&idt=110&shv=r20211206&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4241456144107&frm=20&pv=2&ga_vid=1193798314.1638978142&ga_sid=1638978142&ga_hid=1712572640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=141&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753742%2C31060048&oid=2&pvsid=4103808416161178&pem=689&tmod=1132815735&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cnp&abl=XS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NstpkNpjlq&p=http%3A//bultourism.com&dtd=123
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cd429ca4b699add93c19c2731a22a489a5a5d6d1d01445d337f8c89c8ca6eb2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 15:38:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
255
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7866
x-xss-protection
0
server
cafe
etag
5920091025124701355
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Dec 2021 15:38:07 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/ Frame 4F23 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=90&slotname=4782041684&adk=643570460&adf=1638469296&pi=t.ma~as.4782041684&w=923&fwrn=4&fwrnh=100&lmt=1638978142&rafmt=2&psa=0&format=923x90&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1638978142054&bpp=3&bdt=712&idt=110&shv=r20211206&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4241456144107&frm=20&pv=2&ga_vid=1193798314.1638978142&ga_sid=1638978142&ga_hid=1712572640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=141&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753742%2C31060048&oid=2&pvsid=4103808416161178&pem=689&tmod=1132815735&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cnp&abl=XS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NstpkNpjlq&p=http%3A//bultourism.com&dtd=123
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 14:43:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3516
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Dec 2021 14:43:46 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4F23 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=90&slotname=4782041684&adk=643570460&adf=1638469296&pi=t.ma~as.4782041684&w=923&fwrn=4&fwrnh=100&lmt=1638978142&rafmt=2&psa=0&format=923x90&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1638978142054&bpp=3&bdt=712&idt=110&shv=r20211206&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4241456144107&frm=20&pv=2&ga_vid=1193798314.1638978142&ga_sid=1638978142&ga_hid=1712572640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=141&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753742%2C31060048&oid=2&pvsid=4103808416161178&pem=689&tmod=1132815735&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cnp&abl=XS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NstpkNpjlq&p=http%3A//bultourism.com&dtd=123
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 15:42:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Dec 2021 15:42:22 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/ Frame 4F23 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=90&slotname=4782041684&adk=643570460&adf=1638469296&pi=t.ma~as.4782041684&w=923&fwrn=4&fwrnh=100&lmt=1638978142&rafmt=2&psa=0&format=923x90&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1638978142054&bpp=3&bdt=712&idt=110&shv=r20211206&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4241456144107&frm=20&pv=2&ga_vid=1193798314.1638978142&ga_sid=1638978142&ga_hid=1712572640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=141&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753742%2C31060048&oid=2&pvsid=4103808416161178&pem=689&tmod=1132815735&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cnp&abl=XS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NstpkNpjlq&p=http%3A//bultourism.com&dtd=123
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28277814cf8060f9fe40684129799beca6dc209f3b04c72ccde70b93c6c5c15b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 14:55:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2799
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6455
x-xss-protection
0
server
cafe
etag
3508882476506594800
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Dec 2021 14:55:43 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/ Frame 4F23 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=90&slotname=4782041684&adk=643570460&adf=1638469296&pi=t.ma~as.4782041684&w=923&fwrn=4&fwrnh=100&lmt=1638978142&rafmt=2&psa=0&format=923x90&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1638978142054&bpp=3&bdt=712&idt=110&shv=r20211206&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4241456144107&frm=20&pv=2&ga_vid=1193798314.1638978142&ga_sid=1638978142&ga_hid=1712572640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=141&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753742%2C31060048&oid=2&pvsid=4103808416161178&pem=689&tmod=1132815735&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cnp&abl=XS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NstpkNpjlq&p=http%3A//bultourism.com&dtd=123
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
963c8078bf539ed77cedb3069b1c40cabd089543c09b429b7007fc06cbeac978
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 18:44:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75459
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11408
x-xss-protection
0
server
cafe
etag
810747636693205972
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Dec 2021 18:44:43 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 4F23 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CH4qNXtKwYaPfEL_xtOUP58GD4Aj_uKyPYN-pmrbZDAoQASC5s_oNYDWgAcv68sEDyAECqAMByAPJBKoEuwJP0JoMh0PAlNl6gCIaPwp6Jc9Ij95r_UqMUcwYcEOQtAYLWFUFTm9zZ8umqcTHD_k79R1q4oifCy1SD6p8wTUPO1OI2RQVjju2UtMNxOhGPjm32kItADz-niPwEfVKx5sGcrQ5jwCVJsUYUrhYKnpGQFnGamfAbSMd11XNGdy_AXOc8MsdY8KbMq09SxHsZ9Uo4HlAmcbyDDlHUpTYiv6VdaVfnwBqe7zCrkvHZuK9iP9ruiY4yO9Uks3RJpU9o_RrWZZg_6tjjuVDozJy6sKVfT2ZYotcUFqLi9G5vnaUI8f3b54M2wlilogI_zQlF6m1QH-fj3dw-dHzjoANL3u6tetYITxAm9oooL7Ik5-Oh8YXZep1D69NfN7ivrkYF1ROuyAtCBP5tRE19DwPmE8dAmf79NtlEVa-qK7ABP6_m9CgA5IFBAgEGAGSBQQIBRgEoAYCgAedhY0-qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQq5AF0ggHCIBhEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xMzY2ODc1OTE4NjQ0MTI4GAA&sigh=SFl_ROEU1yA&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=90&slotname=4782041684&adk=643570460&adf=1638469296&pi=t.ma~as.4782041684&w=923&fwrn=4&fwrnh=100&lmt=1638978142&rafmt=2&psa=0&format=923x90&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1638978142054&bpp=3&bdt=712&idt=110&shv=r20211206&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4241456144107&frm=20&pv=2&ga_vid=1193798314.1638978142&ga_sid=1638978142&ga_hid=1712572640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=141&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753742%2C31060048&oid=2&pvsid=4103808416161178&pem=689&tmod=1132815735&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cnp&abl=XS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NstpkNpjlq&p=http%3A//bultourism.com&dtd=123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=90&slotname=4782041684&adk=643570460&adf=1638469296&pi=t.ma~as.4782041684&w=923&fwrn=4&fwrnh=100&lmt=1638978142&rafmt=2&psa=0&format=923x90&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1638978142054&bpp=3&bdt=712&idt=110&shv=r20211206&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4241456144107&frm=20&pv=2&ga_vid=1193798314.1638978142&ga_sid=1638978142&ga_hid=1712572640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=141&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753742%2C31060048&oid=2&pvsid=4103808416161178&pem=689&tmod=1132815735&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cnp&abl=XS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NstpkNpjlq&p=http%3A//bultourism.com&dtd=123
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 08 Dec 2021 15:42:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 08 Dec 2021 15:42:22 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 4032 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=90&slotname=4782041684&adk=643570460&adf=1638469296&pi=t.ma~as.4782041684&w=923&fwrn=4&fwrnh=100&lmt=1638978142&rafmt=2&psa=0&format=923x90&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1638978142054&bpp=3&bdt=712&idt=110&shv=r20211206&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4241456144107&frm=20&pv=2&ga_vid=1193798314.1638978142&ga_sid=1638978142&ga_hid=1712572640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=141&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753742%2C31060048&oid=2&pvsid=4103808416161178&pem=689&tmod=1132815735&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cnp&abl=XS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NstpkNpjlq&p=http%3A//bultourism.com&dtd=123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=90&slotname=4782041684&adk=643570460&adf=1638469296&pi=t.ma~as.4782041684&w=923&fwrn=4&fwrnh=100&lmt=1638978142&rafmt=2&psa=0&format=923x90&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1638978142054&bpp=3&bdt=712&idt=110&shv=r20211206&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4241456144107&frm=20&pv=2&ga_vid=1193798314.1638978142&ga_sid=1638978142&ga_hid=1712572640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=141&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753742%2C31060048&oid=2&pvsid=4103808416161178&pem=689&tmod=1132815735&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cnp&abl=XS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NstpkNpjlq&p=http%3A//bultourism.com&dtd=123

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 08 Dec 2021 14:58:32 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2630
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4032
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=90&slotname=4782041684&adk=643570460&adf=1638469296&pi=t.ma~as.4782041684&w=923&fwrn=4&fwrnh=100&lmt=1638978142&rafmt=2&psa=0&format=923x90&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1638978142054&bpp=3&bdt=712&idt=110&shv=r20211206&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4241456144107&frm=20&pv=2&ga_vid=1193798314.1638978142&ga_sid=1638978142&ga_hid=1712572640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=141&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753742%2C31060048&oid=2&pvsid=4103808416161178&pem=689&tmod=1132815735&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cnp&abl=XS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NstpkNpjlq&p=http%3A//bultourism.com&dtd=123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 08 Dec 2021 15:42:22 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 08 Dec 2021 15:42:22 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 08 Dec 2021 15:42:22 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 4F23 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f05d003b24b504033556a20e1e7876ffa1ad93f35f5a890d84cc975875239e29

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
zjgS4KQeXGvHwDILG6lQlkBvwEKRV94c-L5plcF-OHg.js
pagead2.googlesyndication.com/bg/ Frame CE8B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zjgS4KQeXGvHwDILG6lQlkBvwEKRV94c-L5plcF-OHg.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=90&slotname=4782041684&adk=643570460&adf=1638469296&pi=t.ma~as.4782041684&w=923&fwrn=4&fwrnh=100&lmt=1638978142&rafmt=2&psa=0&format=923x90&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1638978142054&bpp=3&bdt=712&idt=110&shv=r20211206&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4241456144107&frm=20&pv=2&ga_vid=1193798314.1638978142&ga_sid=1638978142&ga_hid=1712572640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=141&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753742%2C31060048&oid=2&pvsid=4103808416161178&pem=689&tmod=1132815735&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cnp&abl=XS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NstpkNpjlq&p=http%3A//bultourism.com&dtd=123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce3812e0a41e5c6bc7c0320b1ba95096406fc0429157de1cf8be6995c17e3878
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 14:03:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
5950
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13361
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Dec 2022 14:03:13 GMT
5450820405485717253
tpc.googlesyndication.com/simgad/ Frame BA5B 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5450820405485717253?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnllBKcG83SEZDtwQu3-TaucWwCzw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=280&slotname=9910245285&adk=1178431370&adf=2256226511&pi=t.ma~as.9910245285&w=740&fwrn=4&fwrnh=100&lmt=1638978142&rafmt=1&psa=0&format=740x280&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1638978142057&bpp=1&bdt=715&idt=128&shv=r20211206&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C923x90&nras=1&correlator=4241456144107&frm=20&pv=1&ga_vid=1193798314.1638978142&ga_sid=1638978142&ga_hid=1712572640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=557&ady=559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753742%2C31060048&oid=2&pvsid=4103808416161178&pem=689&tmod=1132815735&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cn&abl=XS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=oPC4Roebh5&p=http%3A//bultourism.com&dtd=134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dcd22f6163ebeae41c7a953cdccca697fa7a8a51b7806749a0cd56f2cf5904d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 14:17:56 GMT
x-content-type-options
nosniff
age
5067
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22664
x-xss-protection
0
last-modified
Thu, 18 Nov 2021 12:15:28 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 08 Dec 2022 14:17:56 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211206/r20110914/ Frame BA5B 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211206/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=280&slotname=9910245285&adk=1178431370&adf=2256226511&pi=t.ma~as.9910245285&w=740&fwrn=4&fwrnh=100&lmt=1638978142&rafmt=1&psa=0&format=740x280&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1638978142057&bpp=1&bdt=715&idt=128&shv=r20211206&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C923x90&nras=1&correlator=4241456144107&frm=20&pv=1&ga_vid=1193798314.1638978142&ga_sid=1638978142&ga_hid=1712572640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=557&ady=559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753742%2C31060048&oid=2&pvsid=4103808416161178&pem=689&tmod=1132815735&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cn&abl=XS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=oPC4Roebh5&p=http%3A//bultourism.com&dtd=134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cd429ca4b699add93c19c2731a22a489a5a5d6d1d01445d337f8c89c8ca6eb2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 15:38:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
256
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7866
x-xss-protection
0
server
cafe
etag
5920091025124701355
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Dec 2021 15:38:07 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/ Frame BA5B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=280&slotname=9910245285&adk=1178431370&adf=2256226511&pi=t.ma~as.9910245285&w=740&fwrn=4&fwrnh=100&lmt=1638978142&rafmt=1&psa=0&format=740x280&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1638978142057&bpp=1&bdt=715&idt=128&shv=r20211206&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C923x90&nras=1&correlator=4241456144107&frm=20&pv=1&ga_vid=1193798314.1638978142&ga_sid=1638978142&ga_hid=1712572640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=557&ady=559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753742%2C31060048&oid=2&pvsid=4103808416161178&pem=689&tmod=1132815735&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cn&abl=XS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=oPC4Roebh5&p=http%3A//bultourism.com&dtd=134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 15:24:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1071
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Dec 2021 15:24:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BA5B 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=280&slotname=9910245285&adk=1178431370&adf=2256226511&pi=t.ma~as.9910245285&w=740&fwrn=4&fwrnh=100&lmt=1638978142&rafmt=1&psa=0&format=740x280&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1638978142057&bpp=1&bdt=715&idt=128&shv=r20211206&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C923x90&nras=1&correlator=4241456144107&frm=20&pv=1&ga_vid=1193798314.1638978142&ga_sid=1638978142&ga_hid=1712572640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=557&ady=559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753742%2C31060048&oid=2&pvsid=4103808416161178&pem=689&tmod=1132815735&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cn&abl=XS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=oPC4Roebh5&p=http%3A//bultourism.com&dtd=134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 15:42:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Dec 2021 15:42:23 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/ Frame BA5B 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=280&slotname=9910245285&adk=1178431370&adf=2256226511&pi=t.ma~as.9910245285&w=740&fwrn=4&fwrnh=100&lmt=1638978142&rafmt=1&psa=0&format=740x280&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1638978142057&bpp=1&bdt=715&idt=128&shv=r20211206&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C923x90&nras=1&correlator=4241456144107&frm=20&pv=1&ga_vid=1193798314.1638978142&ga_sid=1638978142&ga_hid=1712572640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=557&ady=559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753742%2C31060048&oid=2&pvsid=4103808416161178&pem=689&tmod=1132815735&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cn&abl=XS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=oPC4Roebh5&p=http%3A//bultourism.com&dtd=134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28277814cf8060f9fe40684129799beca6dc209f3b04c72ccde70b93c6c5c15b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 15:32:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6455
x-xss-protection
0
server
cafe
etag
3508882476506594800
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Dec 2021 15:32:04 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/ Frame BA5B 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=280&slotname=9910245285&adk=1178431370&adf=2256226511&pi=t.ma~as.9910245285&w=740&fwrn=4&fwrnh=100&lmt=1638978142&rafmt=1&psa=0&format=740x280&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1638978142057&bpp=1&bdt=715&idt=128&shv=r20211206&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C923x90&nras=1&correlator=4241456144107&frm=20&pv=1&ga_vid=1193798314.1638978142&ga_sid=1638978142&ga_hid=1712572640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=557&ady=559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753742%2C31060048&oid=2&pvsid=4103808416161178&pem=689&tmod=1132815735&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cn&abl=XS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=oPC4Roebh5&p=http%3A//bultourism.com&dtd=134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
963c8078bf539ed77cedb3069b1c40cabd089543c09b429b7007fc06cbeac978
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 18:44:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75460
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11408
x-xss-protection
0
server
cafe
etag
810747636693205972
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Dec 2021 18:44:43 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame BA5B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C5UpOXtKwYbXsEaWKtOUP2a-T4Ajo5YiEZ97Qsv3gDtrZHhABILmz-g1gNaAB5f-LigPIAQKoAwHIA8kEqgSuAk_Q9BCRqI4K3GRJ6LG4TyQDwh-XKhaTd14f8uIzQHKjQeAVoZFd0sgJkZc_9-Ys_e59eHL0yaZ70A0MTsA33wM187d_bgpLTDZxKacxMSE3Vfo3By5rZ79svUi2ocP1DqKfgx8nNzTvpyQjy8ESC4ekcO4k8BdgB1QDjehzqrMNa_3V8ce_WcT2V4DgI0AMu_0OXayw6S9JuziB7j2v1wa8ZpafifH6PvIz10paMvY0cary0Ose24m8Cvwl3Hdf_mbWWRnLZp1Xhc-adS7ASVTHTkR1_k7DT8JB9Zj_FJaM7ZSUFJ64mO0CKd23snK7SNMh2CVgbRXrWVvxRcb6LgRxdmaw5ODu6UoBmLOrWTUeYTtxawoCLn045VFGHLZi8PLQNFeXGqwLHdPhzr40wAS89sO35AOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHg4D0dagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEENXaC9IIBwiAYRABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItMTM2Njg3NTkxODY0NDEyOBgA&sigh=5-dqH_lx960&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=280&slotname=9910245285&adk=1178431370&adf=2256226511&pi=t.ma~as.9910245285&w=740&fwrn=4&fwrnh=100&lmt=1638978142&rafmt=1&psa=0&format=740x280&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1638978142057&bpp=1&bdt=715&idt=128&shv=r20211206&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C923x90&nras=1&correlator=4241456144107&frm=20&pv=1&ga_vid=1193798314.1638978142&ga_sid=1638978142&ga_hid=1712572640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=557&ady=559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753742%2C31060048&oid=2&pvsid=4103808416161178&pem=689&tmod=1132815735&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cn&abl=XS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=oPC4Roebh5&p=http%3A//bultourism.com&dtd=134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=280&slotname=9910245285&adk=1178431370&adf=2256226511&pi=t.ma~as.9910245285&w=740&fwrn=4&fwrnh=100&lmt=1638978142&rafmt=1&psa=0&format=740x280&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1638978142057&bpp=1&bdt=715&idt=128&shv=r20211206&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C923x90&nras=1&correlator=4241456144107&frm=20&pv=1&ga_vid=1193798314.1638978142&ga_sid=1638978142&ga_hid=1712572640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=557&ady=559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753742%2C31060048&oid=2&pvsid=4103808416161178&pem=689&tmod=1132815735&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cn&abl=XS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=oPC4Roebh5&p=http%3A//bultourism.com&dtd=134
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 08 Dec 2021 15:42:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 8A53 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=280&slotname=9910245285&adk=1178431370&adf=2256226511&pi=t.ma~as.9910245285&w=740&fwrn=4&fwrnh=100&lmt=1638978142&rafmt=1&psa=0&format=740x280&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1638978142057&bpp=1&bdt=715&idt=128&shv=r20211206&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C923x90&nras=1&correlator=4241456144107&frm=20&pv=1&ga_vid=1193798314.1638978142&ga_sid=1638978142&ga_hid=1712572640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=557&ady=559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753742%2C31060048&oid=2&pvsid=4103808416161178&pem=689&tmod=1132815735&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cn&abl=XS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=oPC4Roebh5&p=http%3A//bultourism.com&dtd=134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=280&slotname=9910245285&adk=1178431370&adf=2256226511&pi=t.ma~as.9910245285&w=740&fwrn=4&fwrnh=100&lmt=1638978142&rafmt=1&psa=0&format=740x280&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1638978142057&bpp=1&bdt=715&idt=128&shv=r20211206&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C923x90&nras=1&correlator=4241456144107&frm=20&pv=1&ga_vid=1193798314.1638978142&ga_sid=1638978142&ga_hid=1712572640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=557&ady=559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753742%2C31060048&oid=2&pvsid=4103808416161178&pem=689&tmod=1132815735&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cn&abl=XS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=oPC4Roebh5&p=http%3A//bultourism.com&dtd=134

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 08 Dec 2021 14:58:32 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2631
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame BA5B 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
66ff945197495eda7bf5f6d14fbf758750495c28d693cdab324610700f1e27c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8A53
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=280&slotname=9910245285&adk=1178431370&adf=2256226511&pi=t.ma~as.9910245285&w=740&fwrn=4&fwrnh=100&lmt=1638978142&rafmt=1&psa=0&format=740x280&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1638978142057&bpp=1&bdt=715&idt=128&shv=r20211206&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C923x90&nras=1&correlator=4241456144107&frm=20&pv=1&ga_vid=1193798314.1638978142&ga_sid=1638978142&ga_hid=1712572640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=557&ady=559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753742%2C31060048&oid=2&pvsid=4103808416161178&pem=689&tmod=1132815735&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cn&abl=XS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=oPC4Roebh5&p=http%3A//bultourism.com&dtd=134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 08 Dec 2021 15:42:23 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 08 Dec 2021 15:42:23 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 08 Dec 2021 15:42:23 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
zjgS4KQeXGvHwDILG6lQlkBvwEKRV94c-L5plcF-OHg.js
pagead2.googlesyndication.com/bg/ Frame 0333 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zjgS4KQeXGvHwDILG6lQlkBvwEKRV94c-L5plcF-OHg.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=280&slotname=9910245285&adk=1178431370&adf=2256226511&pi=t.ma~as.9910245285&w=740&fwrn=4&fwrnh=100&lmt=1638978142&rafmt=1&psa=0&format=740x280&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1638978142057&bpp=1&bdt=715&idt=128&shv=r20211206&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C923x90&nras=1&correlator=4241456144107&frm=20&pv=1&ga_vid=1193798314.1638978142&ga_sid=1638978142&ga_hid=1712572640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=557&ady=559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753742%2C31060048&oid=2&pvsid=4103808416161178&pem=689&tmod=1132815735&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cn&abl=XS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=oPC4Roebh5&p=http%3A//bultourism.com&dtd=134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce3812e0a41e5c6bc7c0320b1ba95096406fc0429157de1cf8be6995c17e3878
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 14:03:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
5950
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13361
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Dec 2022 14:03:13 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4F23 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_jh5RTRMeXdGgW7_q6Hx7iJK-2QsC7MHq57lpZCk_nnkqEZbhcMpP2kVG5Z_-dVwDNNOtG589sBIZy-OqPcJUFtLt6ZCSenS0nxGoUK4y0IBrzMk&sai=AMfl-YRoElJ7j38Mfze4Jwy3CBBof2TMQ7WTzu5WlWdF9ucO4haHOOe3YEKanqO8N0_P3YcLiGWMSIG9hX-I&sig=Cg0ArKJSzFOsGIkv8xAGEAE&id=lidar2&mcvt=1000&p=0,98,90,826&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=643570460&rs=2&la=0&cr=0&vs=4&r=v&rst=1638978142179&rpt=709&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Dec 2021 15:42:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BA5B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNQvipjE0EBqvjwBI0WNf9uD4Z1JX2xZMHYgUf3Bp9paT-g5IhANyCPKM4uC9Oddh0KEumuhlytAt0az6RBn0BDaMXflivcTrVHsgN99UVBetDJ1Y&sai=AMfl-YRdwgEk1Zf9I4JTJebjSk6Wu1vuEFSmXPO3NUVuxWWGYJ3mTJTgBj2_RjcC8sW3Ew2z1dYcOSKGL1NE&sig=Cg0ArKJSzDr81ElUO6QQEAE&id=lidar2&mcvt=1001&p=0,0,191,740&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1178431370&rs=2&la=0&cr=0&vs=4&r=v&rst=1638978142195&rpt=1160&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Dec 2021 15:42:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dark-bottom.css
bultourism.com/cc.silktide.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://bultourism.com/cc.silktide.com/dark-bottom.css
Requested by
Host: bultourism.com
URL: http://bultourism.com/cookieconsent.latest.min.js
Protocol
HTTP/1.1
Server
69.64.51.116 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
vilya.kafence.com
Software
Apache/2 /
Resource Hash
2272c552418ab339552f4d6cfc90e550734089482759e93bdf5270151a647bc3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 15:42:39 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Oct 2015 21:29:48 GMT
Server
Apache/2
ETag
"fe0006-bd3-52308a927fc67"
Vary
User-Agent,Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=79
Content-Length
838
Expires
Wed, 15 Dec 2021 15:42:39 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211206&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55c14f41d32226601056d2f622cbb0f01aee499bf2b3745001f5380c1a00e55a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 08 Dec 2021 15:42:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8532
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 15:42:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
expires
Wed, 08 Dec 2021 15:42:37 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 07E3 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Wed, 08 Dec 2021 15:30:31 GMT
expires
Thu, 08 Dec 2022 15:30:31 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
726
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 826D 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c312b2887740e6ab0608d0e55d8462d05be97d802fc32cfc9e38db8aa2d6da63
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PiiA3PnpV1T00rs//HKB5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 08 Dec 2021 15:42:37 GMT
date
Wed, 08 Dec 2021 15:42:37 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-PiiA3PnpV1T00rs//HKB5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
zjgS4KQeXGvHwDILG6lQlkBvwEKRV94c-L5plcF-OHg.js
pagead2.googlesyndication.com/bg/ Frame 07E3 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zjgS4KQeXGvHwDILG6lQlkBvwEKRV94c-L5plcF-OHg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce3812e0a41e5c6bc7c0320b1ba95096406fc0429157de1cf8be6995c17e3878
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 14:03:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
5964
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13361
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Dec 2022 14:03:13 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 826D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211206&jk=4103808416161178&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211206&jk=4103808416161178&bg=!hYalhsLNAAaQHwIOkB87ACkAdvg8WtYvfml0oB7eeI3y1LcYRd5PnysamJlrBoDWJywdhEmr406hXgIAAAB5UgAAAApoAQcKAKfnpKDqZCJnAcpyx1fpgQQJcVt99lcqhtHgkOLDHO9cHO7nP7PIGOwjPn3n0JFoEQLf8d0yqpHYs5hkSPW8XJG-hMhmhcvv0tNyVTzLNfSNPf5ykR07ds_UXt1eAZd9nXjZP8VSRe9g-SZmVfZM76DQlUeOTKd4pL3OO9ZYWAxGch5iA5q8wOIzpHtozRGCVVYNIcZ98k1-6WJiSsDO6P3DVyp5yPkV85kCyJXKZgXqdEjvZXfqphIEta4jOEqBnLT9P-CV9LI0m4xCDiQcC-nd6FWUagzrxS2csoCWIkNc5yHx_FZ5d-6rgSi2MuL_cLKjcM_hMi1DJ8EgAbHZ77BfL1u5Z-25pkypb-veqZ57UF8-2fG5ui3IzCgOhQdhkR2WYAgt2KDqks2L-l3NdNrXfmBvbpo5HbTU1RZhdkL5m6P4VWIUPYxObISaYRAlC50Gw_7q992AMQii_Z-LfnARMXhT-tFiuB-wmyRpRR-6XQq9kBsydP78w0LCuHFT8i9G5PKFiW3_a1bzfqsKIVuq1YWi2RMkqsB-0d1OdPMpLOg4E4gp9ARV3xDwzHwEB-AnRAkpBy6yar6IWMhGq5gGu5I4SfOZ0tjxbfZgw_WnV56FIBaBoYdSnvCoEzSpkfSYHWO7Quutl7D9fIEq73fi7NRwhyO7X8Sn9FY5k0dZ9GVkM6mXbKx6l74baPHZ9RSQxakFt0BJmEC3vNeA6j6UlgoMtdpnt1olNlzciq2zWBpL3C3q1YTpUUriOf8bnM-GHCnjcaau9U2z6GJa4O_oet17KMcuSMtL7DHe4Wuo_scXyIZ-nJP-NqX7n_Wr2Nr4C2BVcJq7nwCXUQ7h4UQE-SHOiDvLOcxfH74N_4aCR-VLMxpKrwBLVVKjImB7s_ZwB-oBabdbL6IOZ1v9db5XpaK0i4QCeeQ7MWhDwtl2aOJ2D7kPzbGbwRnXcMkMpv30HDRW9pMf5IraFr7w6Ee2Z17u78WTQ0nx1xuUKf-iHlHgZhSkdktPIcaJ4EwUuz9mfEnE0TnRa1gtpEjkvySXHaQaY6Xj3nnkgJLsA69HkXsBjANAYaRHOeR3s85p2-0JLSN7EaOapX-5M4pGpjRO51xxIAOZxFKeoEqEAroWCuhgXw7m9ForumA9kwjpU3mC2MGteP5GmHizT8eJW15rtWY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Dec 2021 15:42:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
img.us2.bultourism.com
URL
http://img.us2.bultourism.com/css/lightbox.css

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| _gaq object| adsbygoogle function| t object| _d object| _n object| _t number| _c number| _r string| _j string| _k object| _b function| $ function| jQuery object| jQuery19107325944485732523 object| cookieconsent_options object| _gat object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc function| google_sa_impl object| google_persistent_state_async object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages boolean| hasCookieConsent object| googletag function| update_cookieconsent_options object| GoogleGcLKhOms string| token object| google_image_requests

10 Cookies

Domain/Path Name / Value
bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0 Name: _c
Value: y
bultourism.com/ Name: keywords
Value:
.bultourism.com/ Name: __utma
Value: 164549804.1193798314.1638978142.1638978142.1638978142.1
.bultourism.com/ Name: __utmc
Value: 164549804
.bultourism.com/ Name: __utmz
Value: 164549804.1638978142.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.bultourism.com/ Name: __utmt
Value: 1
.bultourism.com/ Name: __utmb
Value: 164549804.1.10.1638978142
.bultourism.com/ Name: __gads
Value: ID=42eaf9b80c6e4c96-22d9178b4bcc00d2:T=1638978142:RT=1638978142:S=ALNI_Mbw6YhDx_Pq4Vq4LithmQifXVX_ow
.doubleclick.net/ Name: IDE
Value: AHWqTUmcaK2q4Cr99Wfbz2gfVFRu6YSiQDlV5udg9OYb-2xv7tBYpz7xTWEnfEiXlUo
.doubleclick.net/ Name: DSID
Value: NO_DATA

2 Console Messages

Source Level URL
Text
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2513374550279225&output=html&adk=1812271804&adf=3025194257&lmt=1638978142&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F&ea=0&flash=0&pra=5&wgl=1&dt=1638978142050&bpp=4&bdt=707&idt=87&shv=r20211206&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4241456144107&frm=20&pv=2&ga_vid=1193798314.1638978142&ga_sid=1638978142&ga_hid=1712572640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753742%2C31060048&oid=2&pvsid=4103808416161178&pem=689&tmod=1132815735&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=104
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: http://img.us2.bultourism.com/css/lightbox.css
Message:
Failed to load resource: net::ERR_CONNECTION_RESET

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
ajax.googleapis.com
bultourism.com
counter.search.bg
googleads.g.doubleclick.net
img.us2.bultourism.com
img.us2.bultourism.net
pagead2.googlesyndication.com
partner.googleadservices.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
img.us2.bultourism.com
142.250.185.98
2a00:1450:4001:808::200a
2a00:1450:4001:811::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2004
2a00:1450:400c:c0d::9c
69.64.51.116
70.59.126.236
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
03cf48ebb70ae6c3e824937344342ebb05e03323e864074cb38fc3f3f891de39
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13e15790cb6ed5d9f488ce7a87ed26fd6c01367beb959c3e4c237d5e8dddd337
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
2272c552418ab339552f4d6cfc90e550734089482759e93bdf5270151a647bc3
270084c82956b39fab007384ec7e5fccd65f2c3e65233d2f6a7599193f41f8fe
28277814cf8060f9fe40684129799beca6dc209f3b04c72ccde70b93c6c5c15b
29faaa7d39edcba28dd6253f6dbe2637931e6a758bc59601747718ab4990a465
2dcd22f6163ebeae41c7a953cdccca697fa7a8a51b7806749a0cd56f2cf5904d
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
37a03bfecd70c60225d0ed74a7f9bb3b8f2fd43f565f7e9d314f29e211fb6d39
500ee9963630dac458fbf05c87bb3ec924e25481a4974163ab22c208899b01e7
53231e1637873ed889b18ff1e4ae5cc1a11824a625182bd3e55c52dea1ecf78c
53e045c2252b8a9bebbb1ff8239a21ae203ef58fc61a4edb4d66a640c5f44f1f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c14f41d32226601056d2f622cbb0f01aee499bf2b3745001f5380c1a00e55a
56a612f5c91252dcfecb1dc69a607f57cac1c793bc6d75a61e0a803cdcb09afe
596327c929a679eb174f0a6358bffa17a96d7e16aee23cf4bd459df95327202f
5c5418bfc4f257ec0877ad256d48ce3cea58c95d5cacd5719f594a982e60723c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66671616f880ade1bee6a9afbced9011f1fe1b179ff9860766f700825e8bc9ae
66ff945197495eda7bf5f6d14fbf758750495c28d693cdab324610700f1e27c5
6b0bca91c1ac0c2a574d02424bab957d02bd19890474d30acf7a17a85b17566d
6c8abd074d9c4f8b738945503c713ca0f39eefd42421b7902cc3b6ac83d954c2
81c02a1206eff8759424fd5f773a0a9b932662f9ce0536dff76006e4afda7f0f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
89a13956be67527dd669a271539cd5a0aaf6ebe90e81dc25156fe002f18cd0f3
956c5343c133eb491a5192f7236ed66549174ff673428bd8763ff86a944d4977
963c8078bf539ed77cedb3069b1c40cabd089543c09b429b7007fc06cbeac978
98a1a73b3955af8bca553440fd751c80f6007bed3294803d935bd6c4597c50e6
9f8d9c9035014e10335fc19170efa4e3cffa9967e83ae3eef6389e75b2a2ea0d
a3dd8543865b42e183cbb20fcb9a4606868a3a9cc805ae4b6bd67884e9465986
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f47469f8c76e725ada47e06a8132e866ac7c763265f0b2234ce5983f118db6
b7f5ea86ec51c81ff0ee14eb972476d9eb9d1ca3e3400acffe741ae93a6681f4
b8cc6f947f129c4ce4b146e5b005b27e237d3223b27829dee696df7d00a594d5
bd36bc8a6fb1d5fb87f80934dae46bee9faed730340f4a76031d6b30aeec70f0
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c312b2887740e6ab0608d0e55d8462d05be97d802fc32cfc9e38db8aa2d6da63
cd429ca4b699add93c19c2731a22a489a5a5d6d1d01445d337f8c89c8ca6eb2f
ce3812e0a41e5c6bc7c0320b1ba95096406fc0429157de1cf8be6995c17e3878
d302fe121caf68995981332fa772943329f87c0d6077d86d4ca5d317e3df830d
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57bf715737599c006c95dd81eb7215bab6882a7720fb5118d24caa3fbace272
e96bf90e8eb906c08e51be90e00226f66881a6da5afb330fd39b995a7f4abdf2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05d003b24b504033556a20e1e7876ffa1ad93f35f5a890d84cc975875239e29