urlscan.io logo urlscan.io
SecurityTrails logo

bultourism.com Open in urlscan Pro
69.64.51.116  Public Scan

Go To Rescan Add Verdict Report
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/%D0%...
Submission: On December 08 via manual from BG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 12 domains to perform 65 HTTP transactions. The main IP is 69.64.51.116, located in St Louis, United States and belongs to AS-30083-GO-DADDY-COM-LLC, US. The main domain is bultourism.com.
This is the only time bultourism.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

12    69.64.51.116 (St Louis, United States)

ASN30083 (AS-30083-GO-DADDY-COM-LLC, US)
PTR: vilya.kafence.com
bultourism.com
6    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    70.59.126.236 (Fargo, United States)

ASN209 (CENTURYLINK-US-LEGACY-QWEST, US)
counter.search.bg
11    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
14    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Domain Requested by
14 tpc.googlesyndication.com bultourism.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
12 bultourism.com bultourism.com
11 googleads.g.doubleclick.net pagead2.googlesyndication.com
bultourism.com
googleads.g.doubleclick.net
6 pagead2.googlesyndication.com bultourism.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
3 fonts.gstatic.com fonts.googleapis.com
2 www.google.com 2 redirects
2 www.googletagservices.com googleads.g.doubleclick.net
2 www.google-analytics.com 1 redirects bultourism.com
1 fonts.googleapis.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 stats.g.doubleclick.net bultourism.com
1 counter.search.bg bultourism.com
1 ajax.googleapis.com bultourism.com
0 b.static.ak.fbcdn.net Failed bultourism.com
0 img.us2.bultourism.com Failed bultourism.com
65 17

This site contains links to these domains. Also see Links.

Domain
rilamonastery.pmg-blg.com
img.us2.bultourism.com
www.facebook.com
bgcounter.com
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
bultourism.com
R3		 2021-10-25 -
2022-01-23		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh

This page contains 11 frames:

Primary Page: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/%D0%9C%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-%D0%A0%D0%B8%D0%BB%D1%81%D0%BA%D0%B8-%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-0-7474.html
Frame ID: 738E8461C7EC7E8F687F6DB290C0B866
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211206/r20190131/zrt_lookup.html
Frame ID: F3073BEE36730CB1A882EB53ACBF6D68
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2513374550279225&output=html&adk=1812271804&adf=3025194257&lmt=1638980848&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F%25D0%259C%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-%25D0%25A0%25D0%25B8%25D0%25BB%25D1%2581%25D0%25BA%25D0%25B8-%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-0-7474.html&ea=0&flash=0&pra=5&wgl=1&dt=1638980848727&bpp=3&bdt=450&idt=74&shv=r20211206&mjsv=m202112020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6483167997834&frm=20&pv=2&ga_vid=985298250.1638980849&ga_sid=1638980849&ga_hid=722050549&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31063792%2C31063859%2C31063883&oid=2&pvsid=4024557907581315&pem=581&tmod=1428302558&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=91
Frame ID: 4BFC6DEBA14A117A6107842ACF41F367
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=90&slotname=4782041684&adk=643570460&adf=1638469296&pi=t.ma~as.4782041684&w=923&fwrn=4&fwrnh=100&lmt=1638980848&rafmt=2&psa=0&format=923x90&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F%25D0%259C%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-%25D0%25A0%25D0%25B8%25D0%25BB%25D1%2581%25D0%25BA%25D0%25B8-%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-0-7474.html&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1638980848730&bpp=2&bdt=453&idt=97&shv=r20211206&mjsv=m202112020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6483167997834&frm=20&pv=2&ga_vid=985298250.1638980849&ga_sid=1638980849&ga_hid=722050549&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=141&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31063792%2C31063859%2C31063883&oid=2&pvsid=4024557907581315&pem=581&tmod=1428302558&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cnp&abl=XS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=tURIXd5iG9&p=http%3A//bultourism.com&dtd=102
Frame ID: 196CCDF2A3DDB1457A4131BCBB09E9C7
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=15&slotname=2072505252&adk=1399546693&adf=316507209&pi=t.ma~as.2072505252&w=468&lmt=1638980848&psa=0&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F%25D0%259C%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-%25D0%25A0%25D0%25B8%25D0%25BB%25D1%2581%25D0%25BA%25D0%25B8-%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-0-7474.html&flash=0&wgl=1&dt=1638980848732&bpp=1&bdt=455&idt=107&shv=r20211206&mjsv=m202112020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C923x90&nras=1&correlator=6483167997834&frm=20&pv=1&ga_vid=985298250.1638980849&ga_sid=1638980849&ga_hid=722050549&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=408&ady=669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31063792%2C31063859%2C31063883&oid=2&pvsid=4024557907581315&pem=581&tmod=1428302558&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=308Ni0zlHJ&p=http%3A//bultourism.com&dtd=110
Frame ID: 1A2A4AED58A9B2294845837FEF4D4AAB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=280&slotname=9910245285&adk=2401919896&adf=2602987202&pi=t.ma~as.9910245285&w=740&fwrn=4&fwrnh=100&lmt=1638980848&rafmt=1&psa=0&format=740x280&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F%25D0%259C%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-%25D0%25A0%25D0%25B8%25D0%25BB%25D1%2581%25D0%25BA%25D0%25B8-%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-0-7474.html&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1638980848733&bpp=1&bdt=455&idt=111&shv=r20211206&mjsv=m202112020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C923x90&prev_slotnames=2072505252&nras=1&correlator=6483167997834&frm=20&pv=1&ga_vid=985298250.1638980849&ga_sid=1638980849&ga_hid=722050549&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=557&ady=2040&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31063792%2C31063859%2C31063883&oid=2&pvsid=4024557907581315&pem=581&tmod=1428302558&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEebr%7Cn&abl=XS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=FOqbaPziop&p=http%3A//bultourism.com&dtd=113
Frame ID: 7508263864DCE205C1BFB4D1DD3361BD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13560043564958553324/index.html
Frame ID: 734B219F9736FAEECECB2E6EE27867B3
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C6WmR8NywYfyhOdSitOUPw-aBsAq388fdZeffkIjWDr_Kor3AARABILmz-g1gleKQgqAHoAG1vNLaA8gBCakC1CMMXPLqsj6oAwHIA0iqBMkDT9DLizMp2Cu1VsMwNvIbn1f2dFhbr7HOQNIcrLkWUpp9jzlJyZXkOfJbQ0NNCelbS6UXmRmmnCtFuOMv3YyZ9DkFRG9XrWkZ_1Q5uiANackDPVMmBYNq5ZWC9OnouzDcXk2dOulv9mVvls-r0BbtHhf5y9sQNhVzdaD7sdqDxOSFRdMDLg24AKETx4StowYofGcagRP9sdVESx_5IELoOYclYblHugIOf0XFOCH-wt7I9cHi8N1KZ1kog6bd9vRyK4btzIwoNei0n7gA8htl1zoRKlcpEOBCRhA0hKlqwWrxQ4HLMoVwgJ3R8uH-1RqJ1LEopZ_FYb4h7AKT_HdAi8Pn_erVI5MXqFWE0r9Bnl4pgk5cmSEplKBT1DyWZojMf243Pb89bUG0hvypAkABQhZIsxTCzyM1oX577Zh2dqanQs70FqTcChx9kFNdkdrjztnpGMg5rbdbKfRDSeaMWfVDWpCXKP-eVTUSky6GyjyHetYaB0mvklYEczTEM1h9q7awn78O9LkT48dl45EfwYnPxzobakWNZ3T4EN4aY7cLxRG1NB6ojIPCZuiV1X1YRkxHs3tdek2iGP8uHcPgHaW6aJCcGDidoMAEypbK_egDkgUECAQYAZIFBAgFGASgBi6AB7PDrSWoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCnwQXSCAkIgOGAcBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItMTM2Njg3NTkxODY0NDEyOBgA&sigh=xOtIZhF9AAs&uach_m=[UACH]&template_id=419
Frame ID: 8186B89CF2FC276F3E7DD1CBA45CB9E1
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F29C013F92FBAE73020B93EAF4319E0D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8054AA4F45405EF2B924EA8B8FE68273
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js
Frame ID: 33B6C8B84CFDCCAAD5F9A52CD1B5F4A2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Манастир Рилски манастир в Пастра

Page Statistics

65
Requests

65 %
HTTPS

80 %
IPv6

12
Domains

17
Subdomains

15
IPs

3
Countries

782 kB
Transfer

1990 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 22
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1437624038&utmhn=bultourism.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9C%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%20%D0%A0%D0%B8%D0%BB%D1%81%D0%BA%D0%B8%20%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%20%D0%B2%20%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0&utmhid=722050549&utmr=-&utmp=%2F%2525D0%2525BC%2525D0%2525B0%2525D0%2525BD%2525D0%2525B0%2525D1%252581%2525D1%252582%2525D0%2525B8%2525D1%252580%2525D0%2525B8%2F%2525D0%25259F%2525D0%2525B0%2525D1%252581%2525D1%252582%2525D1%252580%2525D0%2525B0%2F%2525D0%25259C%2525D0%2525B0%2525D0%2525BD%2525D0%2525B0%2525D1%252581%2525D1%252582%2525D0%2525B8%2525D1%252580-%2525D0%2525A0%2525D0%2525B8%2525D0%2525BB%2525D1%252581%2525D0%2525BA%2525D0%2525B8-%2525D0%2525BC%2525D0%2525B0%2525D0%2525BD%2525D0%2525B0%2525D1%252581%2525D1%252582%2525D0%2525B8%2525D1%252580-0-7474.html&utmht=1638980848768&utmac=UA-749284-4&utmcc=__utma%3D164549804.985298250.1638980849.1638980849.1638980849.1%3B%2B__utmz%3D164549804.1638980849.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=227951908&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1437624038&utmhn=bultourism.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9C%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%20%D0%A0%D0%B8%D0%BB%D1%81%D0%BA%D0%B8%20%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%20%D0%B2%20%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0&utmhid=722050549&utmr=-&utmp=%2F%2525D0%2525BC%2525D0%2525B0%2525D0%2525BD%2525D0%2525B0%2525D1%252581%2525D1%252582%2525D0%2525B8%2525D1%252580%2525D0%2525B8%2F%2525D0%25259F%2525D0%2525B0%2525D1%252581%2525D1%252582%2525D1%252580%2525D0%2525B0%2F%2525D0%25259C%2525D0%2525B0%2525D0%2525BD%2525D0%2525B0%2525D1%252581%2525D1%252582%2525D0%2525B8%2525D1%252580-%2525D0%2525A0%2525D0%2525B8%2525D0%2525BB%2525D1%252581%2525D0%2525BA%2525D0%2525B8-%2525D0%2525BC%2525D0%2525B0%2525D0%2525BD%2525D0%2525B0%2525D1%252581%2525D1%252582%2525D0%2525B8%2525D1%252580-0-7474.html&utmht=1638980848768&utmac=UA-749284-4&utmcc=__utma%3D164549804.985298250.1638980849.1638980849.1638980849.1%3B%2B__utmz%3D164549804.1638980849.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=227951908&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-749284-4&cid=985298250.1638980849&jid=227951908&_v=5.7.2&z=1437624038
Request Chain 54
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 55
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

65 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request %D0%9C%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-%D0%A0%D0%B8%D0%BB%D1%81%D0%BA%D0%B8-%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-0-7474.html
bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/ 		41 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/%D0%9C%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-%D0%A0%D0%B8%D0%BB%D1%81%D0%BA%D0%B8-%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-0-7474.html
Protocol
HTTP/1.1
Server
69.64.51.116 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
vilya.kafence.com
Software
Apache/2 /
Resource Hash
f96d951ff703660f8c5bd174dfe31cf18167a9aa97ff586d49bfea42f2172a8b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Wed, 08 Dec 2021 16:27:30 GMT
Server
Apache/2
Vary
User-Agent,Accept-Encoding
Content-Encoding
gzip
Content-Length
10239
Keep-Alive
timeout=60, max=80
Connection
Keep-Alive
Content-Type
text/html; Content-Language: bg; charset=utf-8
bootstrap.css
bultourism.com/ 		139 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://bultourism.com/bootstrap.css
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/%D0%9C%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-%D0%A0%D0%B8%D0%BB%D1%81%D0%BA%D0%B8-%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-0-7474.html
Protocol
HTTP/1.1
Server
69.64.51.116 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
vilya.kafence.com
Software
Apache/2 /
Resource Hash
98a1a73b3955af8bca553440fd751c80f6007bed3294803d935bd6c4597c50e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/%D0%9C%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-%D0%A0%D0%B8%D0%BB%D1%81%D0%BA%D0%B8-%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-0-7474.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 16:27:30 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Apr 2016 23:25:39 GMT
Server
Apache/2
ETag
"f5aefa-22abe-52f9cee1f35e1"
Vary
User-Agent,Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=80
Content-Length
20972
Expires
Wed, 15 Dec 2021 16:27:30 GMT
bultourism.css
bultourism.com/ 		36 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://bultourism.com/bultourism.css
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/%D0%9C%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-%D0%A0%D0%B8%D0%BB%D1%81%D0%BA%D0%B8-%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-0-7474.html
Protocol
HTTP/1.1
Server
69.64.51.116 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
vilya.kafence.com
Software
Apache/2 /
Resource Hash
a3dd8543865b42e183cbb20fcb9a4606868a3a9cc805ae4b6bd67884e9465986

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/%D0%9C%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-%D0%A0%D0%B8%D0%BB%D1%81%D0%BA%D0%B8-%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-0-7474.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 16:27:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 26 May 2020 10:11:00 GMT
Server
Apache/2
ETag
"a62c66-8f36-5a68a4fef73ab"
Vary
User-Agent,Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=80
Content-Length
5408
Expires
Wed, 15 Dec 2021 16:27:30 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/%D0%9C%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-%D0%A0%D0%B8%D0%BB%D1%81%D0%BA%D0%B8-%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-0-7474.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46926e21c234591b911d7e3aa1f66a714d9aeb0afcf0da94c19e5fc6b69ee970
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Wed, 08 Dec 2021 16:27:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
2441119131520130490
Vary
Accept-Encoding, Origin
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
51950
X-XSS-Protection
0
Expires
Wed, 08 Dec 2021 16:27:28 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/%D0%9C%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-%D0%A0%D0%B8%D0%BB%D1%81%D0%BA%D0%B8-%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-0-7474.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf47eea8a29b000e54ccdbc8921bed13e0cea0d23e16514563d677d363a355b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 16:27:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51946
x-xss-protection
0
server
cafe
etag
11987676050121028270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 08 Dec 2021 16:27:28 GMT
logo2.png
bultourism.com/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bultourism.com/logo2.png
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/%D0%9C%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-%D0%A0%D0%B8%D0%BB%D1%81%D0%BA%D0%B8-%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-0-7474.html
Protocol
HTTP/1.1
Server
69.64.51.116 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
vilya.kafence.com
Software
Apache/2 /
Resource Hash
500ee9963630dac458fbf05c87bb3ec924e25481a4974163ab22c208899b01e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/%D0%9C%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-%D0%A0%D0%B8%D0%BB%D1%81%D0%BA%D0%B8-%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-0-7474.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 16:27:31 GMT
Last-Modified
Wed, 06 Mar 2013 15:43:25 GMT
Server
Apache/2
ETag
"a62c02-2b78-4d743735b8140"
Vary
User-Agent
Content-Type
image/png
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=78
Content-Length
11128
Expires
Wed, 15 Dec 2021 16:27:31 GMT
magnifier_small.gif
bultourism.com/img/ 		1023 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bultourism.com/img/magnifier_small.gif
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/%D0%9C%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-%D0%A0%D0%B8%D0%BB%D1%81%D0%BA%D0%B8-%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-0-7474.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.64.51.116 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
vilya.kafence.com
Software
Apache/2 /
Resource Hash
9f8d9c9035014e10335fc19170efa4e3cffa9967e83ae3eef6389e75b2a2ea0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 16:27:31 GMT
Last-Modified
Fri, 09 Nov 2007 09:26:07 GMT
Server
Apache/2
ETag
"1c3c001-3ff-43e7b928609c0"
Vary
User-Agent
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=80
Content-Length
1023
7474_main.jpg
img.us2.bultourism.com/pictures/7474/ 		0
0
de.gif
bultourism.com/flags2/ 		1003 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bultourism.com/flags2/de.gif
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/%D0%9C%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-%D0%A0%D0%B8%D0%BB%D1%81%D0%BA%D0%B8-%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-0-7474.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.64.51.116 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
vilya.kafence.com
Software
Apache/2 /
Resource Hash
66671616f880ade1bee6a9afbced9011f1fe1b179ff9860766f700825e8bc9ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 16:27:31 GMT
Last-Modified
Sat, 21 Jan 2006 10:54:18 GMT
Server
Apache/2
ETag
"1c36035-3eb-40adc3826ea80"
Vary
User-Agent
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=80
Content-Length
1003
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/%D0%9C%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-%D0%A0%D0%B8%D0%BB%D1%81%D0%BA%D0%B8-%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-0-7474.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 01:53:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52438
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33018
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Dec 2022 01:53:30 GMT
bootstrap.min.js
bultourism.com/demo/components/bootstrap/dist/js/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bultourism.com/demo/components/bootstrap/dist/js/bootstrap.min.js
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/%D0%9C%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-%D0%A0%D0%B8%D0%BB%D1%81%D0%BA%D0%B8-%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-0-7474.html
Protocol
HTTP/1.1
Server
69.64.51.116 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
vilya.kafence.com
Software
Apache/2 /
Resource Hash
29faaa7d39edcba28dd6253f6dbe2637931e6a758bc59601747718ab4990a465

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/%D0%9C%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-%D0%A0%D0%B8%D0%BB%D1%81%D0%BA%D0%B8-%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-0-7474.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 16:27:31 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Mar 2016 05:24:50 GMT
Server
Apache/2
ETag
"fd4830-11ed-52dfb7fef8c80"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=79
Content-Length
4589
jquery.autocomplete.min.js
bultourism.com/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bultourism.com/js/jquery.autocomplete.min.js
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/%D0%9C%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-%D0%A0%D0%B8%D0%BB%D1%81%D0%BA%D0%B8-%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-0-7474.html
Protocol
HTTP/1.1
Server
69.64.51.116 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
vilya.kafence.com
Software
Apache/2 /
Resource Hash
d302fe121caf68995981332fa772943329f87c0d6077d86d4ca5d317e3df830d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/%D0%9C%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-%D0%A0%D0%B8%D0%BB%D1%81%D0%BA%D0%B8-%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-0-7474.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 16:27:31 GMT
Content-Encoding
gzip
Last-Modified
Mon, 01 Jun 2015 20:59:22 GMT
Server
Apache/2
ETag
"1c3e070-10e7-5177b19a1be80"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=79
Content-Length
4327
jquery.textfill.js
bultourism.com/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bultourism.com/js/jquery.textfill.js
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/%D0%9C%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-%D0%A0%D0%B8%D0%BB%D1%81%D0%BA%D0%B8-%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-0-7474.html
Protocol
HTTP/1.1
Server
69.64.51.116 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
vilya.kafence.com
Software
Apache/2 /
Resource Hash
e96bf90e8eb906c08e51be90e00226f66881a6da5afb330fd39b995a7f4abdf2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/%D0%9C%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-%D0%A0%D0%B8%D0%BB%D1%81%D0%BA%D0%B8-%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-0-7474.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 16:27:31 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Mar 2018 11:46:26 GMT
Server
Apache/2
ETag
"1c3e085-2641-566e539c95fe8"
Vary
User-Agent,Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=79
Content-Length
3068
Expires
Wed, 15 Dec 2021 16:27:31 GMT
cookieconsent.latest.min.js
bultourism.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bultourism.com/cookieconsent.latest.min.js
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/%D0%9C%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-%D0%A0%D0%B8%D0%BB%D1%81%D0%BA%D0%B8-%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-0-7474.html
Protocol
HTTP/1.1
Server
69.64.51.116 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
vilya.kafence.com
Software
Apache/2 /
Resource Hash
6b0bca91c1ac0c2a574d02424bab957d02bd19890474d30acf7a17a85b17566d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/%D0%9C%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-%D0%A0%D0%B8%D0%BB%D1%81%D0%BA%D0%B8-%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-0-7474.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 16:27:31 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Mar 2016 05:11:08 GMT
Server
Apache/2
ETag
"f5afa1-774-52dfb4ef0d300"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=80
Content-Length
1908
jquery.unveil.js
bultourism.com/ 		1 KB
935 B 		Script
General
Check archive.org
Download Go to
Full URL
http://bultourism.com/jquery.unveil.js
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/%D0%9C%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-%D0%A0%D0%B8%D0%BB%D1%81%D0%BA%D0%B8-%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-0-7474.html
Protocol
HTTP/1.1
Server
69.64.51.116 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
vilya.kafence.com
Software
Apache/2 /
Resource Hash
89a13956be67527dd669a271539cd5a0aaf6ebe90e81dc25156fe002f18cd0f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/%D0%9C%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-%D0%A0%D0%B8%D0%BB%D1%81%D0%BA%D0%B8-%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-0-7474.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 16:27:31 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Mar 2016 05:07:28 GMT
Server
Apache/2
ETag
"f5afab-273-52dfb41d3e400"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=80
Content-Length
627
lightbox.css
img.us2.bultourism.com/css/ 		0
0
lightbox.min.js
bultourism.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bultourism.com/js/lightbox.min.js
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/%D0%9C%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-%D0%A0%D0%B8%D0%BB%D1%81%D0%BA%D0%B8-%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-0-7474.html
Protocol
HTTP/1.1
Server
69.64.51.116 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
vilya.kafence.com
Software
Apache/2 /
Resource Hash
6c8abd074d9c4f8b738945503c713ca0f39eefd42421b7902cc3b6ac83d954c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/%D0%9C%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-%D0%A0%D0%B8%D0%BB%D1%81%D0%BA%D0%B8-%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-0-7474.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 16:27:31 GMT
Content-Encoding
gzip
Last-Modified
Sun, 30 Mar 2014 16:45:09 GMT
Server
Apache/2
ETag
"1c3e072-93a-4f5d5a866ef40"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=80
Content-Length
2362
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/%D0%9C%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-%D0%A0%D0%B8%D0%BB%D1%81%D0%BA%D0%B8-%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-0-7474.html
Protocol
H2
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1568
date
Wed, 08 Dec 2021 16:01:20 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Wed, 08 Dec 2021 18:01:20 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
truncated
/ 		26 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
c
counter.search.bg/cgi-bin/ 		194 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://counter.search.bg/cgi-bin/c?_id=btrsm&_z=2&_r=1600&_c=24&_j=N&_t=0&_k=Y&_l=
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/%D0%9C%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-%D0%A0%D0%B8%D0%BB%D1%81%D0%BA%D0%B8-%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-0-7474.html
Protocol
HTTP/1.0
Server
70.59.126.236 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software
Apache /
Resource Hash
53231e1637873ed889b18ff1e4ae5cc1a11824a625182bd3e55c52dea1ecf78c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 08 Dec 2021 16:27:28 GMT
Last-Modified
Monday, 31 Dec 2020 05:00:00 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
no-cache, must-revalidate
Connection
close
Content-Length
194
Expires
Mon, 26 Jul 1997 05:00:00 GMT
facebook_share_icon.gif
b.static.ak.fbcdn.net/images/share/ 		0
0
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112020101/ 		274 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2513374550279225&plah=bultourism.com&bust=31063883
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c993dc3b752d7bbd208d4aca6d2a69ea39eb54899282936f566f1f7c1f63a4a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 16:27:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101172
x-xss-protection
0
server
cafe
etag
13341191202219432985
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 08 Dec 2021 16:27:28 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211206/r20190131/ Frame F307 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211206/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 07 Dec 2021 19:03:43 GMT
expires
Tue, 21 Dec 2021 19:03:43 GMT
content-type
text/html; charset=UTF-8
etag
17731914101004188133
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4884
x-xss-protection
0
age
77025
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1437624038&utmhn=bultourism.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9C...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1437624038&utmhn=bultourism.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-749284-4&cid=985298250.1638980849&jid=227951908&_v=5.7.2&z=1437624038
35 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-749284-4&cid=985298250.1638980849&jid=227951908&_v=5.7.2&z=1437624038
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/%D0%9C%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-%D0%A0%D0%B8%D0%BB%D1%81%D0%BA%D0%B8-%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-0-7474.html
Protocol
H2
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 08 Dec 2021 16:27:28 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Dec 2021 16:27:28 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-749284-4&cid=985298250.1638980849&jid=227951908&_v=5.7.2&z=1437624038
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
367
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		218 B
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=bultourism.com&callback=_gfp_s_&client=ca-pub-2513374550279225
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2513374550279225&plah=bultourism.com&bust=31063883
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
980077ca213b7b07261b7582604b7075dd8b4c6be11082d35d697713af802b2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 16:27:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
203
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=bultourism.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2513374550279225&plah=bultourism.com&bust=31063883
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 08 Dec 2021 16:27:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=bultourism.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2513374550279225&plah=bultourism.com&bust=31063883
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 08 Dec 2021 16:27:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4BFC 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2513374550279225&output=html&adk=1812271804&adf=3025194257&lmt=1638980848&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F%25D0%259C%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-%25D0%25A0%25D0%25B8%25D0%25BB%25D1%2581%25D0%25BA%25D0%25B8-%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-0-7474.html&ea=0&flash=0&pra=5&wgl=1&dt=1638980848727&bpp=3&bdt=450&idt=74&shv=r20211206&mjsv=m202112020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6483167997834&frm=20&pv=2&ga_vid=985298250.1638980849&ga_sid=1638980849&ga_hid=722050549&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31063792%2C31063859%2C31063883&oid=2&pvsid=4024557907581315&pem=581&tmod=1428302558&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=91
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2513374550279225&plah=bultourism.com&bust=31063883
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 08 Dec 2021 16:27:28 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
googleads.g.doubleclick.net/pagead/ Frame 196C 		75 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=90&slotname=4782041684&adk=643570460&adf=1638469296&pi=t.ma~as.4782041684&w=923&fwrn=4&fwrnh=100&lmt=1638980848&rafmt=2&psa=0&format=923x90&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F%25D0%259C%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-%25D0%25A0%25D0%25B8%25D0%25BB%25D1%2581%25D0%25BA%25D0%25B8-%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-0-7474.html&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1638980848730&bpp=2&bdt=453&idt=97&shv=r20211206&mjsv=m202112020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6483167997834&frm=20&pv=2&ga_vid=985298250.1638980849&ga_sid=1638980849&ga_hid=722050549&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=141&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31063792%2C31063859%2C31063883&oid=2&pvsid=4024557907581315&pem=581&tmod=1428302558&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cnp&abl=XS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=tURIXd5iG9&p=http%3A//bultourism.com&dtd=102
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2513374550279225&plah=bultourism.com&bust=31063883
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5560499943ee3525110903ffe3bc3ab466e2315c0264b802b437cc6cf6ff1ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 08 Dec 2021 16:27:29 GMT
server
cafe
content-length
28724
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 08 Dec 2021 16:27:29 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 1A2A 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=15&slotname=2072505252&adk=1399546693&adf=316507209&pi=t.ma~as.2072505252&w=468&lmt=1638980848&psa=0&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F%25D0%259C%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-%25D0%25A0%25D0%25B8%25D0%25BB%25D1%2581%25D0%25BA%25D0%25B8-%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-0-7474.html&flash=0&wgl=1&dt=1638980848732&bpp=1&bdt=455&idt=107&shv=r20211206&mjsv=m202112020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C923x90&nras=1&correlator=6483167997834&frm=20&pv=1&ga_vid=985298250.1638980849&ga_sid=1638980849&ga_hid=722050549&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=408&ady=669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31063792%2C31063859%2C31063883&oid=2&pvsid=4024557907581315&pem=581&tmod=1428302558&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=308Ni0zlHJ&p=http%3A//bultourism.com&dtd=110
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2513374550279225&plah=bultourism.com&bust=31063883
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 08 Dec 2021 16:27:29 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
googleads.g.doubleclick.net/pagead/ Frame 7508 		139 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=280&slotname=9910245285&adk=2401919896&adf=2602987202&pi=t.ma~as.9910245285&w=740&fwrn=4&fwrnh=100&lmt=1638980848&rafmt=1&psa=0&format=740x280&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F%25D0%259C%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-%25D0%25A0%25D0%25B8%25D0%25BB%25D1%2581%25D0%25BA%25D0%25B8-%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-0-7474.html&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1638980848733&bpp=1&bdt=455&idt=111&shv=r20211206&mjsv=m202112020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C923x90&prev_slotnames=2072505252&nras=1&correlator=6483167997834&frm=20&pv=1&ga_vid=985298250.1638980849&ga_sid=1638980849&ga_hid=722050549&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=557&ady=2040&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31063792%2C31063859%2C31063883&oid=2&pvsid=4024557907581315&pem=581&tmod=1428302558&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEebr%7Cn&abl=XS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=FOqbaPziop&p=http%3A//bultourism.com&dtd=113
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2513374550279225&plah=bultourism.com&bust=31063883
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3cede8270bca473f7bef59b87ed606842cc4795cd143f2d1e38d4b3e64521c24
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13560043564958553324/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13560043564958553324/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPzZrbrP1PQCFVQRrQYdQ3MApg&gqi=8NywYYnRNMHutge5xKXACw&layout=/sadbundle/%24csp%253Der3%24/13560043564958553324/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://bultourism.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13560043564958553324/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13560043564958553324/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPzZrbrP1PQCFVQRrQYdQ3MApg&gqi=8NywYYnRNMHutge5xKXACw&layout=/sadbundle/%24csp%253Der3%24/13560043564958553324/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 08 Dec 2021 16:27:29 GMT
server
cafe
content-length
44699
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 08 Dec 2021 16:27:29 GMT
cache-control
private
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13560043564958553324/ Frame 734B 		136 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13560043564958553324/index.html
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/%D0%9C%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-%D0%A0%D0%B8%D0%BB%D1%81%D0%BA%D0%B8-%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-0-7474.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72ff62fe017174736cd60eb9c10436d90774da0749f07afe39459312cff401c8
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin
*
date
Wed, 08 Dec 2021 11:26:44 GMT
expires
Thu, 08 Dec 2022 11:26:44 GMT
last-modified
Mon, 11 Oct 2021 07:24:53 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
23991
age
18046
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 8186 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C6WmR8NywYfyhOdSitOUPw-aBsAq388fdZeffkIjWDr_Kor3AARABILmz-g1gleKQgqAHoAG1vNLaA8gBCakC1CMMXPLqsj6oAwHIA0iqBMkDT9DLizMp2Cu1VsMwNvIbn1f2dFhbr7HOQNIcrLkWUpp9jzlJyZXkOfJbQ0NNCelbS6UXmRmmnCtFuOMv3YyZ9DkFRG9XrWkZ_1Q5uiANackDPVMmBYNq5ZWC9OnouzDcXk2dOulv9mVvls-r0BbtHhf5y9sQNhVzdaD7sdqDxOSFRdMDLg24AKETx4StowYofGcagRP9sdVESx_5IELoOYclYblHugIOf0XFOCH-wt7I9cHi8N1KZ1kog6bd9vRyK4btzIwoNei0n7gA8htl1zoRKlcpEOBCRhA0hKlqwWrxQ4HLMoVwgJ3R8uH-1RqJ1LEopZ_FYb4h7AKT_HdAi8Pn_erVI5MXqFWE0r9Bnl4pgk5cmSEplKBT1DyWZojMf243Pb89bUG0hvypAkABQhZIsxTCzyM1oX577Zh2dqanQs70FqTcChx9kFNdkdrjztnpGMg5rbdbKfRDSeaMWfVDWpCXKP-eVTUSky6GyjyHetYaB0mvklYEczTEM1h9q7awn78O9LkT48dl45EfwYnPxzobakWNZ3T4EN4aY7cLxRG1NB6ojIPCZuiV1X1YRkxHs3tdek2iGP8uHcPgHaW6aJCcGDidoMAEypbK_egDkgUECAQYAZIFBAgFGASgBi6AB7PDrSWoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCnwQXSCAkIgOGAcBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItMTM2Njg3NTkxODY0NDEyOBgA&sigh=xOtIZhF9AAs&uach_m=[UACH]&template_id=419
Requested by
Host: bultourism.com
URL: http://bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0/%D0%9C%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-%D0%A0%D0%B8%D0%BB%D1%81%D0%BA%D0%B8-%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80-0-7474.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=280&slotname=9910245285&adk=2401919896&adf=2602987202&pi=t.ma~as.9910245285&w=740&fwrn=4&fwrnh=100&lmt=1638980848&rafmt=1&psa=0&format=740x280&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F%25D0%259C%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-%25D0%25A0%25D0%25B8%25D0%25BB%25D1%2581%25D0%25BA%25D0%25B8-%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-0-7474.html&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1638980848733&bpp=1&bdt=455&idt=111&shv=r20211206&mjsv=m202112020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C923x90&prev_slotnames=2072505252&nras=1&correlator=6483167997834&frm=20&pv=1&ga_vid=985298250.1638980849&ga_sid=1638980849&ga_hid=722050549&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=557&ady=2040&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31063792%2C31063859%2C31063883&oid=2&pvsid=4024557907581315&pem=581&tmod=1428302558&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEebr%7Cn&abl=XS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=FOqbaPziop&p=http%3A//bultourism.com&dtd=113
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 08 Dec 2021 16:27:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 08 Dec 2021 16:27:29 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211206/r20110914/ Frame 8186 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211206/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=280&slotname=9910245285&adk=2401919896&adf=2602987202&pi=t.ma~as.9910245285&w=740&fwrn=4&fwrnh=100&lmt=1638980848&rafmt=1&psa=0&format=740x280&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F%25D0%259C%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-%25D0%25A0%25D0%25B8%25D0%25BB%25D1%2581%25D0%25BA%25D0%25B8-%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-0-7474.html&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1638980848733&bpp=1&bdt=455&idt=111&shv=r20211206&mjsv=m202112020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C923x90&prev_slotnames=2072505252&nras=1&correlator=6483167997834&frm=20&pv=1&ga_vid=985298250.1638980849&ga_sid=1638980849&ga_hid=722050549&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=557&ady=2040&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31063792%2C31063859%2C31063883&oid=2&pvsid=4024557907581315&pem=581&tmod=1428302558&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEebr%7Cn&abl=XS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=FOqbaPziop&p=http%3A//bultourism.com&dtd=113
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cd429ca4b699add93c19c2731a22a489a5a5d6d1d01445d337f8c89c8ca6eb2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 16:23:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
211
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7866
x-xss-protection
0
server
cafe
etag
5920091025124701355
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Dec 2021 16:23:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/ Frame 8186 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=280&slotname=9910245285&adk=2401919896&adf=2602987202&pi=t.ma~as.9910245285&w=740&fwrn=4&fwrnh=100&lmt=1638980848&rafmt=1&psa=0&format=740x280&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F%25D0%259C%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-%25D0%25A0%25D0%25B8%25D0%25BB%25D1%2581%25D0%25BA%25D0%25B8-%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-0-7474.html&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1638980848733&bpp=1&bdt=455&idt=111&shv=r20211206&mjsv=m202112020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C923x90&prev_slotnames=2072505252&nras=1&correlator=6483167997834&frm=20&pv=1&ga_vid=985298250.1638980849&ga_sid=1638980849&ga_hid=722050549&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=557&ady=2040&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31063792%2C31063859%2C31063883&oid=2&pvsid=4024557907581315&pem=581&tmod=1428302558&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEebr%7Cn&abl=XS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=FOqbaPziop&p=http%3A//bultourism.com&dtd=113
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 16:27:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Dec 2021 16:27:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8186 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=280&slotname=9910245285&adk=2401919896&adf=2602987202&pi=t.ma~as.9910245285&w=740&fwrn=4&fwrnh=100&lmt=1638980848&rafmt=1&psa=0&format=740x280&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F%25D0%259C%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-%25D0%25A0%25D0%25B8%25D0%25BB%25D1%2581%25D0%25BA%25D0%25B8-%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-0-7474.html&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1638980848733&bpp=1&bdt=455&idt=111&shv=r20211206&mjsv=m202112020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C923x90&prev_slotnames=2072505252&nras=1&correlator=6483167997834&frm=20&pv=1&ga_vid=985298250.1638980849&ga_sid=1638980849&ga_hid=722050549&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=557&ady=2040&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31063792%2C31063859%2C31063883&oid=2&pvsid=4024557907581315&pem=581&tmod=1428302558&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEebr%7Cn&abl=XS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=FOqbaPziop&p=http%3A//bultourism.com&dtd=113
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 16:27:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Dec 2021 16:27:30 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/ Frame 8186 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=280&slotname=9910245285&adk=2401919896&adf=2602987202&pi=t.ma~as.9910245285&w=740&fwrn=4&fwrnh=100&lmt=1638980848&rafmt=1&psa=0&format=740x280&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F%25D0%259C%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-%25D0%25A0%25D0%25B8%25D0%25BB%25D1%2581%25D0%25BA%25D0%25B8-%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-0-7474.html&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1638980848733&bpp=1&bdt=455&idt=111&shv=r20211206&mjsv=m202112020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C923x90&prev_slotnames=2072505252&nras=1&correlator=6483167997834&frm=20&pv=1&ga_vid=985298250.1638980849&ga_sid=1638980849&ga_hid=722050549&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=557&ady=2040&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31063792%2C31063859%2C31063883&oid=2&pvsid=4024557907581315&pem=581&tmod=1428302558&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEebr%7Cn&abl=XS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=FOqbaPziop&p=http%3A//bultourism.com&dtd=113
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28277814cf8060f9fe40684129799beca6dc209f3b04c72ccde70b93c6c5c15b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 16:25:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6455
x-xss-protection
0
server
cafe
etag
3508882476506594800
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Dec 2021 16:25:57 GMT
12487860044607388180
tpc.googlesyndication.com/simgad/ Frame 196C 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12487860044607388180
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=90&slotname=4782041684&adk=643570460&adf=1638469296&pi=t.ma~as.4782041684&w=923&fwrn=4&fwrnh=100&lmt=1638980848&rafmt=2&psa=0&format=923x90&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F%25D0%259C%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-%25D0%25A0%25D0%25B8%25D0%25BB%25D1%2581%25D0%25BA%25D0%25B8-%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-0-7474.html&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1638980848730&bpp=2&bdt=453&idt=97&shv=r20211206&mjsv=m202112020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6483167997834&frm=20&pv=2&ga_vid=985298250.1638980849&ga_sid=1638980849&ga_hid=722050549&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=141&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31063792%2C31063859%2C31063883&oid=2&pvsid=4024557907581315&pem=581&tmod=1428302558&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cnp&abl=XS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=tURIXd5iG9&p=http%3A//bultourism.com&dtd=102
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
76d07f676faf53b7e5548529eb4ab0e36cedfa324d58d7b7804c6f69a02ab1b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 08:38:15 GMT
x-content-type-options
nosniff
age
114555
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27626
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 16:33:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 07 Dec 2022 08:38:15 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211206/r20110914/ Frame 196C 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211206/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=90&slotname=4782041684&adk=643570460&adf=1638469296&pi=t.ma~as.4782041684&w=923&fwrn=4&fwrnh=100&lmt=1638980848&rafmt=2&psa=0&format=923x90&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F%25D0%259C%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-%25D0%25A0%25D0%25B8%25D0%25BB%25D1%2581%25D0%25BA%25D0%25B8-%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-0-7474.html&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1638980848730&bpp=2&bdt=453&idt=97&shv=r20211206&mjsv=m202112020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6483167997834&frm=20&pv=2&ga_vid=985298250.1638980849&ga_sid=1638980849&ga_hid=722050549&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=141&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31063792%2C31063859%2C31063883&oid=2&pvsid=4024557907581315&pem=581&tmod=1428302558&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cnp&abl=XS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=tURIXd5iG9&p=http%3A//bultourism.com&dtd=102
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cd429ca4b699add93c19c2731a22a489a5a5d6d1d01445d337f8c89c8ca6eb2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 16:23:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
211
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7866
x-xss-protection
0
server
cafe
etag
5920091025124701355
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Dec 2021 16:23:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/ Frame 196C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=90&slotname=4782041684&adk=643570460&adf=1638469296&pi=t.ma~as.4782041684&w=923&fwrn=4&fwrnh=100&lmt=1638980848&rafmt=2&psa=0&format=923x90&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F%25D0%259C%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-%25D0%25A0%25D0%25B8%25D0%25BB%25D1%2581%25D0%25BA%25D0%25B8-%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-0-7474.html&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1638980848730&bpp=2&bdt=453&idt=97&shv=r20211206&mjsv=m202112020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6483167997834&frm=20&pv=2&ga_vid=985298250.1638980849&ga_sid=1638980849&ga_hid=722050549&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=141&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31063792%2C31063859%2C31063883&oid=2&pvsid=4024557907581315&pem=581&tmod=1428302558&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cnp&abl=XS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=tURIXd5iG9&p=http%3A//bultourism.com&dtd=102
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 16:27:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Dec 2021 16:27:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 196C 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=90&slotname=4782041684&adk=643570460&adf=1638469296&pi=t.ma~as.4782041684&w=923&fwrn=4&fwrnh=100&lmt=1638980848&rafmt=2&psa=0&format=923x90&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F%25D0%259C%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-%25D0%25A0%25D0%25B8%25D0%25BB%25D1%2581%25D0%25BA%25D0%25B8-%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-0-7474.html&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1638980848730&bpp=2&bdt=453&idt=97&shv=r20211206&mjsv=m202112020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6483167997834&frm=20&pv=2&ga_vid=985298250.1638980849&ga_sid=1638980849&ga_hid=722050549&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=141&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31063792%2C31063859%2C31063883&oid=2&pvsid=4024557907581315&pem=581&tmod=1428302558&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cnp&abl=XS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=tURIXd5iG9&p=http%3A//bultourism.com&dtd=102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 16:27:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Dec 2021 16:27:30 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/ Frame 196C 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=90&slotname=4782041684&adk=643570460&adf=1638469296&pi=t.ma~as.4782041684&w=923&fwrn=4&fwrnh=100&lmt=1638980848&rafmt=2&psa=0&format=923x90&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F%25D0%259C%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-%25D0%25A0%25D0%25B8%25D0%25BB%25D1%2581%25D0%25BA%25D0%25B8-%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-0-7474.html&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1638980848730&bpp=2&bdt=453&idt=97&shv=r20211206&mjsv=m202112020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6483167997834&frm=20&pv=2&ga_vid=985298250.1638980849&ga_sid=1638980849&ga_hid=722050549&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=141&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31063792%2C31063859%2C31063883&oid=2&pvsid=4024557907581315&pem=581&tmod=1428302558&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cnp&abl=XS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=tURIXd5iG9&p=http%3A//bultourism.com&dtd=102
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28277814cf8060f9fe40684129799beca6dc209f3b04c72ccde70b93c6c5c15b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 16:25:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6455
x-xss-protection
0
server
cafe
etag
3508882476506594800
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Dec 2021 16:25:57 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/ Frame 196C 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211206/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=90&slotname=4782041684&adk=643570460&adf=1638469296&pi=t.ma~as.4782041684&w=923&fwrn=4&fwrnh=100&lmt=1638980848&rafmt=2&psa=0&format=923x90&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F%25D0%259C%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-%25D0%25A0%25D0%25B8%25D0%25BB%25D1%2581%25D0%25BA%25D0%25B8-%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-0-7474.html&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1638980848730&bpp=2&bdt=453&idt=97&shv=r20211206&mjsv=m202112020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6483167997834&frm=20&pv=2&ga_vid=985298250.1638980849&ga_sid=1638980849&ga_hid=722050549&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=141&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31063792%2C31063859%2C31063883&oid=2&pvsid=4024557907581315&pem=581&tmod=1428302558&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cnp&abl=XS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=tURIXd5iG9&p=http%3A//bultourism.com&dtd=102
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
963c8078bf539ed77cedb3069b1c40cabd089543c09b429b7007fc06cbeac978
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 18:44:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78167
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11408
x-xss-protection
0
server
cafe
etag
810747636693205972
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Dec 2021 18:44:43 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 196C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CF25R8NywYbXUONSptOUPrv6goA6b4Nb_Zq7OgMj2Ds6Snr9EEAEgubP6DWCV4pCCoAegAfDRhewDyAEDqQLUIwxc8uqyPqgDAcgDyQSqBLIDT9DzLPfOnWgmlXhBRuGODN-47-PSFl7-piJcFo_TjMu_wIoihnf9r5NxXe3PyrfNKYu5AUOlGJszvvnljy1G7U_eqVgeAARy0tpeXDdWOF3nlW0lqFRtfjSxZjy1r3NMWUqNiynKUGle6a1BF3dG9omUVxX58ykkOEdgIIfcDLxPutddX6Wxzpn8KWeBLfUSCCgmsGEFIIw1d1lCSZyGqWuMLjepO3cEr9G2e5oJ7wKHQJfs0KcH8ZTMDsoF3n6UbW6CH9sc_RcJSQtUIK5XFPXlqYHJ2fwHu9ZIENd0SEdUfU8ml5uisZqOI976nVQ69JcsnUMi_N9qTuTD9U-4mj8V-DD39_joZFY4wixKDKj6j2rC4yu49iDN1AVGxmhSfICOYd6gPSB0TbLpkPoPG5DJVvhkmE5NBBrnYOzCeOgP8FEFPidOfeXZF9I0_DvfJmVBF-qytbqaKKr7bO11ne5IOR1oVvE4p9NGbN7Kpqbb2LaS6qae-N9TtYo_OXJ_gbxo386Gn7XYk5nsKdAqrQZlUMANdK0xKh6Betg4p_gGO5dPGfA7ypR6Bsp37vlD8WPABL2-h4jbA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYDgAf4rfoTqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQp-IC0ggJCIDhgHAQARgfgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTEzNjY4NzU5MTg2NDQxMjgYAA&sigh=UD_AkoM5aNM&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=90&slotname=4782041684&adk=643570460&adf=1638469296&pi=t.ma~as.4782041684&w=923&fwrn=4&fwrnh=100&lmt=1638980848&rafmt=2&psa=0&format=923x90&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F%25D0%259C%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-%25D0%25A0%25D0%25B8%25D0%25BB%25D1%2581%25D0%25BA%25D0%25B8-%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-0-7474.html&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1638980848730&bpp=2&bdt=453&idt=97&shv=r20211206&mjsv=m202112020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6483167997834&frm=20&pv=2&ga_vid=985298250.1638980849&ga_sid=1638980849&ga_hid=722050549&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=141&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31063792%2C31063859%2C31063883&oid=2&pvsid=4024557907581315&pem=581&tmod=1428302558&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cnp&abl=XS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=tURIXd5iG9&p=http%3A//bultourism.com&dtd=102
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=90&slotname=4782041684&adk=643570460&adf=1638469296&pi=t.ma~as.4782041684&w=923&fwrn=4&fwrnh=100&lmt=1638980848&rafmt=2&psa=0&format=923x90&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F%25D0%259C%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-%25D0%25A0%25D0%25B8%25D0%25BB%25D1%2581%25D0%25BA%25D0%25B8-%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-0-7474.html&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1638980848730&bpp=2&bdt=453&idt=97&shv=r20211206&mjsv=m202112020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6483167997834&frm=20&pv=2&ga_vid=985298250.1638980849&ga_sid=1638980849&ga_hid=722050549&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=141&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31063792%2C31063859%2C31063883&oid=2&pvsid=4024557907581315&pem=581&tmod=1428302558&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cnp&abl=XS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=tURIXd5iG9&p=http%3A//bultourism.com&dtd=102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 08 Dec 2021 16:27:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame F29C 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=280&slotname=9910245285&adk=2401919896&adf=2602987202&pi=t.ma~as.9910245285&w=740&fwrn=4&fwrnh=100&lmt=1638980848&rafmt=1&psa=0&format=740x280&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F%25D0%259C%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-%25D0%25A0%25D0%25B8%25D0%25BB%25D1%2581%25D0%25BA%25D0%25B8-%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-0-7474.html&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1638980848733&bpp=1&bdt=455&idt=111&shv=r20211206&mjsv=m202112020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C923x90&prev_slotnames=2072505252&nras=1&correlator=6483167997834&frm=20&pv=1&ga_vid=985298250.1638980849&ga_sid=1638980849&ga_hid=722050549&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=557&ady=2040&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31063792%2C31063859%2C31063883&oid=2&pvsid=4024557907581315&pem=581&tmod=1428302558&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEebr%7Cn&abl=XS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=FOqbaPziop&p=http%3A//bultourism.com&dtd=113
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=280&slotname=9910245285&adk=2401919896&adf=2602987202&pi=t.ma~as.9910245285&w=740&fwrn=4&fwrnh=100&lmt=1638980848&rafmt=1&psa=0&format=740x280&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F%25D0%259C%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-%25D0%25A0%25D0%25B8%25D0%25BB%25D1%2581%25D0%25BA%25D0%25B8-%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-0-7474.html&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1638980848733&bpp=1&bdt=455&idt=111&shv=r20211206&mjsv=m202112020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C923x90&prev_slotnames=2072505252&nras=1&correlator=6483167997834&frm=20&pv=1&ga_vid=985298250.1638980849&ga_sid=1638980849&ga_hid=722050549&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=557&ady=2040&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31063792%2C31063859%2C31063883&oid=2&pvsid=4024557907581315&pem=581&tmod=1428302558&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEebr%7Cn&abl=XS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=FOqbaPziop&p=http%3A//bultourism.com&dtd=113

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 08 Dec 2021 15:58:32 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1738
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame 734B 		3 KB
991 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Hind:regular,700,500
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13560043564958553324/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cc4838f335f890600d1bfc18a6e3fa8a7a5a1db894afc1b94e54de4c7de91867
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 08 Dec 2021 16:17:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 08 Dec 2021 16:27:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Dec 2021 16:27:30 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 734B 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13560043564958553324/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 23:28:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61143
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 08 Dec 2021 23:28:27 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 734B 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13560043564958553324/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 16:13:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
831
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 09 Dec 2021 16:13:39 GMT
truncated
/ Frame 8186 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5db31c10daf533f9ea1bebd057158868b9c5e3b7c8cde6238b5ff2d5f2b32096

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame 8054 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=90&slotname=4782041684&adk=643570460&adf=1638469296&pi=t.ma~as.4782041684&w=923&fwrn=4&fwrnh=100&lmt=1638980848&rafmt=2&psa=0&format=923x90&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F%25D0%259C%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-%25D0%25A0%25D0%25B8%25D0%25BB%25D1%2581%25D0%25BA%25D0%25B8-%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-0-7474.html&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1638980848730&bpp=2&bdt=453&idt=97&shv=r20211206&mjsv=m202112020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6483167997834&frm=20&pv=2&ga_vid=985298250.1638980849&ga_sid=1638980849&ga_hid=722050549&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=141&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31063792%2C31063859%2C31063883&oid=2&pvsid=4024557907581315&pem=581&tmod=1428302558&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cnp&abl=XS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=tURIXd5iG9&p=http%3A//bultourism.com&dtd=102
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=90&slotname=4782041684&adk=643570460&adf=1638469296&pi=t.ma~as.4782041684&w=923&fwrn=4&fwrnh=100&lmt=1638980848&rafmt=2&psa=0&format=923x90&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F%25D0%259C%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-%25D0%25A0%25D0%25B8%25D0%25BB%25D1%2581%25D0%25BA%25D0%25B8-%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-0-7474.html&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1638980848730&bpp=2&bdt=453&idt=97&shv=r20211206&mjsv=m202112020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6483167997834&frm=20&pv=2&ga_vid=985298250.1638980849&ga_sid=1638980849&ga_hid=722050549&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=141&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31063792%2C31063859%2C31063883&oid=2&pvsid=4024557907581315&pem=581&tmod=1428302558&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cnp&abl=XS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=tURIXd5iG9&p=http%3A//bultourism.com&dtd=102

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 08 Dec 2021 15:58:32 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1738
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 196C 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20875c0623f2d38a6e2810b45144774c41049b1b0fa411ea4363eadaad1fc52f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
null
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13560043564958553324/ Frame 734B 		43 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13560043564958553324/null
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13560043564958553324/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 16:27:30 GMT
x-content-type-options
nosniff
server
sffe
x-dns-prefetch-control
off
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Wed, 08 Dec 2021 16:27:30 GMT
5aU69_a8oxmIdGl4BA.woff2
fonts.gstatic.com/s/hind/v11/ Frame 734B 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/hind/v11/5aU69_a8oxmIdGl4BA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Hind:regular,700,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7a3280717b1f82f46bee459863720a03de43b16dc8097ba1b133440e5fe0edc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 05:33:25 GMT
x-content-type-options
nosniff
age
39245
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16264
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:04:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 08 Dec 2022 05:33:25 GMT
5aU19_a8oxmIfNJdERySjQ.woff2
fonts.gstatic.com/s/hind/v11/ Frame 734B 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/hind/v11/5aU19_a8oxmIfNJdERySjQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Hind:regular,700,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2f1a473a1649fe316dbddc5cf8f45c525d62b8373d1be395272864c0cf1e60f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 12:42:21 GMT
x-content-type-options
nosniff
age
359109
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16268
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:04:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 04 Dec 2022 12:42:21 GMT
5aU19_a8oxmIfJpbERySjQ.woff2
fonts.gstatic.com/s/hind/v11/ Frame 734B 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/hind/v11/5aU19_a8oxmIfJpbERySjQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Hind:regular,700,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
806f5b4761fdb196821c0eac48fae6e26559c371226f9d73aba6eaa33aacb577
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 11:04:58 GMT
x-content-type-options
nosniff
age
19352
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16796
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:04:23 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 08 Dec 2022 11:04:58 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame F29C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=280&slotname=9910245285&adk=2401919896&adf=2602987202&pi=t.ma~as.9910245285&w=740&fwrn=4&fwrnh=100&lmt=1638980848&rafmt=1&psa=0&format=740x280&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F%25D0%259C%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-%25D0%25A0%25D0%25B8%25D0%25BB%25D1%2581%25D0%25BA%25D0%25B8-%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-0-7474.html&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1638980848733&bpp=1&bdt=455&idt=111&shv=r20211206&mjsv=m202112020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C923x90&prev_slotnames=2072505252&nras=1&correlator=6483167997834&frm=20&pv=1&ga_vid=985298250.1638980849&ga_sid=1638980849&ga_hid=722050549&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=557&ady=2040&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31063792%2C31063859%2C31063883&oid=2&pvsid=4024557907581315&pem=581&tmod=1428302558&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEebr%7Cn&abl=XS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=FOqbaPziop&p=http%3A//bultourism.com&dtd=113
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 08 Dec 2021 16:27:30 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 08 Dec 2021 16:27:30 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 08 Dec 2021 16:27:30 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8054
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=90&slotname=4782041684&adk=643570460&adf=1638469296&pi=t.ma~as.4782041684&w=923&fwrn=4&fwrnh=100&lmt=1638980848&rafmt=2&psa=0&format=923x90&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F%25D0%259C%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-%25D0%25A0%25D0%25B8%25D0%25BB%25D1%2581%25D0%25BA%25D0%25B8-%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-0-7474.html&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1638980848730&bpp=2&bdt=453&idt=97&shv=r20211206&mjsv=m202112020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6483167997834&frm=20&pv=2&ga_vid=985298250.1638980849&ga_sid=1638980849&ga_hid=722050549&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=141&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31063792%2C31063859%2C31063883&oid=2&pvsid=4024557907581315&pem=581&tmod=1428302558&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cnp&abl=XS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=tURIXd5iG9&p=http%3A//bultourism.com&dtd=102
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 08 Dec 2021 16:27:30 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 08 Dec 2021 16:27:30 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 08 Dec 2021 16:27:30 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js
pagead2.googlesyndication.com/bg/ Frame 33B6 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=90&slotname=4782041684&adk=643570460&adf=1638469296&pi=t.ma~as.4782041684&w=923&fwrn=4&fwrnh=100&lmt=1638980848&rafmt=2&psa=0&format=923x90&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F%25D0%259C%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-%25D0%25A0%25D0%25B8%25D0%25BB%25D1%2581%25D0%25BA%25D0%25B8-%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-0-7474.html&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&dt=1638980848730&bpp=2&bdt=453&idt=97&shv=r20211206&mjsv=m202112020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6483167997834&frm=20&pv=2&ga_vid=985298250.1638980849&ga_sid=1638980849&ga_hid=722050549&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=141&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31063792%2C31063859%2C31063883&oid=2&pvsid=4024557907581315&pem=581&tmod=1428302558&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cnp&abl=XS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=tURIXd5iG9&p=http%3A//bultourism.com&dtd=102
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e127dce391c5b30b9f8027fc7d0097db662ce9c6af8eef63207ffe4a1432b55d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 11:12:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
18878
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13379
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Dec 2022 11:12:52 GMT
4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js
pagead2.googlesyndication.com/bg/ Frame 734B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e127dce391c5b30b9f8027fc7d0097db662ce9c6af8eef63207ffe4a1432b55d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 11:12:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
18878
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13379
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Dec 2022 11:12:52 GMT
10422_001_001_EGT_LOGO_Gro__RGB_LY1_oV_Ohne_Schrift.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13560043564958553324/ Frame 734B 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13560043564958553324/10422_001_001_EGT_LOGO_Gro__RGB_LY1_oV_Ohne_Schrift.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=280&slotname=9910245285&adk=2401919896&adf=2602987202&pi=t.ma~as.9910245285&w=740&fwrn=4&fwrnh=100&lmt=1638980848&rafmt=1&psa=0&format=740x280&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F%25D0%259C%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-%25D0%25A0%25D0%25B8%25D0%25BB%25D1%2581%25D0%25BA%25D0%25B8-%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-0-7474.html&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1638980848733&bpp=1&bdt=455&idt=111&shv=r20211206&mjsv=m202112020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C923x90&prev_slotnames=2072505252&nras=1&correlator=6483167997834&frm=20&pv=1&ga_vid=985298250.1638980849&ga_sid=1638980849&ga_hid=722050549&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=557&ady=2040&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31063792%2C31063859%2C31063883&oid=2&pvsid=4024557907581315&pem=581&tmod=1428302558&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEebr%7Cn&abl=XS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=FOqbaPziop&p=http%3A//bultourism.com&dtd=113
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
177af7ab8f1a2a227e30696f45ea1df96a87f0a0ea72d2985880d8fec4456578
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
580334
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34646
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 07:24:53 GMT
server
sffe
date
Wed, 01 Dec 2021 23:15:16 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 01 Dec 2022 23:15:16 GMT
01.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13560043564958553324/ Frame 734B 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13560043564958553324/01.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=280&slotname=9910245285&adk=2401919896&adf=2602987202&pi=t.ma~as.9910245285&w=740&fwrn=4&fwrnh=100&lmt=1638980848&rafmt=1&psa=0&format=740x280&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F%25D0%259C%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-%25D0%25A0%25D0%25B8%25D0%25BB%25D1%2581%25D0%25BA%25D0%25B8-%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-0-7474.html&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1638980848733&bpp=1&bdt=455&idt=111&shv=r20211206&mjsv=m202112020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C923x90&prev_slotnames=2072505252&nras=1&correlator=6483167997834&frm=20&pv=1&ga_vid=985298250.1638980849&ga_sid=1638980849&ga_hid=722050549&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=557&ady=2040&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31063792%2C31063859%2C31063883&oid=2&pvsid=4024557907581315&pem=581&tmod=1428302558&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEebr%7Cn&abl=XS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=FOqbaPziop&p=http%3A//bultourism.com&dtd=113
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb549c2152e611dd6931422e8fae26416cde5b2195902e565341f8ae92f0ebeb
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
62753
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88245
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 07:24:53 GMT
server
sffe
date
Tue, 07 Dec 2021 23:01:37 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 07 Dec 2022 23:01:37 GMT
truncated
/ Frame 734B 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame 196C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvuayHeQ3HYJX9zyYF8BltEuFb6FteeIguVst5L7uHIPqJLP8iOBeFBbS2CHGCBnLG6z25IWqecLFlCiSdPeKh5kzCyf-6HNU32faZKep7ZCoCeZCFxzg&sai=AMfl-YTEehDO5JOHq-vmA5tsr6c6D90o60hjMg2XRgAD-iIwPVdIwmkmBmeaRv7-CrW_wsi2ZV5aQ51xoXT5&sig=Cg0ArKJSzHSy8qOYCaBaEAE&id=lidar2&mcvt=1000&p=0,98,90,826&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=643570460&rs=2&la=0&cr=0&vs=4&r=v&rst=1638980848833&rpt=1606&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Dec 2021 16:27:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1_small.jpg
img.us2.bultourism.com/pictures/7474/pix/ 		0
0
2_small.jpg
img.us2.bultourism.com/pictures/7474/pix/ 		0
0
3_small.jpg
img.us2.bultourism.com/pictures/7474/pix/ 		0
0
4_small.jpg
img.us2.bultourism.com/pictures/7474/pix/ 		0
0
5_small.jpg
img.us2.bultourism.com/pictures/7474/pix/ 		0
0
6_small.jpg
img.us2.bultourism.com/pictures/7474/pix/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
img.us2.bultourism.com
URL
http://img.us2.bultourism.com/pictures/7474/7474_main.jpg
Domain
img.us2.bultourism.com
URL
http://img.us2.bultourism.com/css/lightbox.css
Domain
b.static.ak.fbcdn.net
URL
https://b.static.ak.fbcdn.net/images/share/facebook_share_icon.gif?8:26981
Domain
img.us2.bultourism.com
URL
http://img.us2.bultourism.com/pictures/7474/pix/1_small.jpg
Domain
img.us2.bultourism.com
URL
http://img.us2.bultourism.com/pictures/7474/pix/2_small.jpg
Domain
img.us2.bultourism.com
URL
http://img.us2.bultourism.com/pictures/7474/pix/3_small.jpg
Domain
img.us2.bultourism.com
URL
http://img.us2.bultourism.com/pictures/7474/pix/4_small.jpg
Domain
img.us2.bultourism.com
URL
http://img.us2.bultourism.com/pictures/7474/pix/5_small.jpg
Domain
img.us2.bultourism.com
URL
http://img.us2.bultourism.com/pictures/7474/pix/6_small.jpg

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| _gaq object| adsbygoogle function| fbs_click function| t object| _d object| _n object| _t number| _c number| _r string| _j string| _k object| _b function| $ function| jQuery object| jQuery191013395348329201395 object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc object| _gat object| gaGlobal object| cookieconsent_options function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages boolean| hasCookieConsent object| googletag

10 Cookies

Domain/Path Name / Value
bultourism.com/%D0%BC%D0%B0%D0%BD%D0%B0%D1%81%D1%82%D0%B8%D1%80%D0%B8/%D0%9F%D0%B0%D1%81%D1%82%D1%80%D0%B0 Name: _c
Value: y
bultourism.com/ Name: keywords
Value:
.bultourism.com/ Name: __utma
Value: 164549804.985298250.1638980849.1638980849.1638980849.1
.bultourism.com/ Name: __utmc
Value: 164549804
.bultourism.com/ Name: __utmz
Value: 164549804.1638980849.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.bultourism.com/ Name: __utmt
Value: 1
.bultourism.com/ Name: __utmb
Value: 164549804.1.10.1638980849
.bultourism.com/ Name: __gads
Value: ID=ddf0d1b41499d6df-22ef26724bcc00da:T=1638980848:RT=1638980848:S=ALNI_MYIXHtnLVRyiW7XdiknAyrDEWTI7A
.doubleclick.net/ Name: IDE
Value: AHWqTUk8b5CjdLreSTbCuqJNXLC-oKGx7mlL2O2KZ5jxuFuYW8pyYw3yuiSOLVhccx4
.doubleclick.net/ Name: DSID
Value: NO_DATA

6 Console Messages

Source Level URL
Text
network error URL: https://b.static.ak.fbcdn.net/images/share/facebook_share_icon.gif?8:26981
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2513374550279225&output=html&adk=1812271804&adf=3025194257&lmt=1638980848&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F%25D0%259C%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-%25D0%25A0%25D0%25B8%25D0%25BB%25D1%2581%25D0%25BA%25D0%25B8-%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-0-7474.html&ea=0&flash=0&pra=5&wgl=1&dt=1638980848727&bpp=3&bdt=450&idt=74&shv=r20211206&mjsv=m202112020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6483167997834&frm=20&pv=2&ga_vid=985298250.1638980849&ga_sid=1638980849&ga_hid=722050549&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31063792%2C31063859%2C31063883&oid=2&pvsid=4024557907581315&pem=581&tmod=1428302558&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=91
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1366875918644128&output=html&h=15&slotname=2072505252&adk=1399546693&adf=316507209&pi=t.ma~as.2072505252&w=468&lmt=1638980848&psa=0&url=http%3A%2F%2Fbultourism.com%2F%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580%25D0%25B8%2F%25D0%259F%25D0%25B0%25D1%2581%25D1%2582%25D1%2580%25D0%25B0%2F%25D0%259C%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-%25D0%25A0%25D0%25B8%25D0%25BB%25D1%2581%25D0%25BA%25D0%25B8-%25D0%25BC%25D0%25B0%25D0%25BD%25D0%25B0%25D1%2581%25D1%2582%25D0%25B8%25D1%2580-0-7474.html&flash=0&wgl=1&dt=1638980848732&bpp=1&bdt=455&idt=107&shv=r20211206&mjsv=m202112020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C923x90&nras=1&correlator=6483167997834&frm=20&pv=1&ga_vid=985298250.1638980849&ga_sid=1638980849&ga_hid=722050549&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=408&ady=669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753738%2C31063792%2C31063859%2C31063883&oid=2&pvsid=4024557907581315&pem=581&tmod=1428302558&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=308Ni0zlHJ&p=http%3A//bultourism.com&dtd=110
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13560043564958553324/null
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: http://img.us2.bultourism.com/css/lightbox.css
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: http://img.us2.bultourism.com/pictures/7474/7474_main.jpg
Message:
Failed to load resource: net::ERR_CONNECTION_RESET

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
b.static.ak.fbcdn.net
bultourism.com
counter.search.bg
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
img.us2.bultourism.com
pagead2.googlesyndication.com
partner.googleadservices.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
b.static.ak.fbcdn.net
img.us2.bultourism.com
142.250.184.226
2a00:1450:4001:801::2001
2a00:1450:4001:801::2002
2a00:1450:4001:808::200a
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9c
69.64.51.116
70.59.126.236
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
177af7ab8f1a2a227e30696f45ea1df96a87f0a0ea72d2985880d8fec4456578
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
20875c0623f2d38a6e2810b45144774c41049b1b0fa411ea4363eadaad1fc52f
28277814cf8060f9fe40684129799beca6dc209f3b04c72ccde70b93c6c5c15b
29faaa7d39edcba28dd6253f6dbe2637931e6a758bc59601747718ab4990a465
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3cede8270bca473f7bef59b87ed606842cc4795cd143f2d1e38d4b3e64521c24
46926e21c234591b911d7e3aa1f66a714d9aeb0afcf0da94c19e5fc6b69ee970
500ee9963630dac458fbf05c87bb3ec924e25481a4974163ab22c208899b01e7
53231e1637873ed889b18ff1e4ae5cc1a11824a625182bd3e55c52dea1ecf78c
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5db31c10daf533f9ea1bebd057158868b9c5e3b7c8cde6238b5ff2d5f2b32096
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
66671616f880ade1bee6a9afbced9011f1fe1b179ff9860766f700825e8bc9ae
6b0bca91c1ac0c2a574d02424bab957d02bd19890474d30acf7a17a85b17566d
6c8abd074d9c4f8b738945503c713ca0f39eefd42421b7902cc3b6ac83d954c2
72ff62fe017174736cd60eb9c10436d90774da0749f07afe39459312cff401c8
76d07f676faf53b7e5548529eb4ab0e36cedfa324d58d7b7804c6f69a02ab1b1
806f5b4761fdb196821c0eac48fae6e26559c371226f9d73aba6eaa33aacb577
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
89a13956be67527dd669a271539cd5a0aaf6ebe90e81dc25156fe002f18cd0f3
963c8078bf539ed77cedb3069b1c40cabd089543c09b429b7007fc06cbeac978
980077ca213b7b07261b7582604b7075dd8b4c6be11082d35d697713af802b2d
98a1a73b3955af8bca553440fd751c80f6007bed3294803d935bd6c4597c50e6
9f8d9c9035014e10335fc19170efa4e3cffa9967e83ae3eef6389e75b2a2ea0d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3dd8543865b42e183cbb20fcb9a4606868a3a9cc805ae4b6bd67884e9465986
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5560499943ee3525110903ffe3bc3ab466e2315c0264b802b437cc6cf6ff1ed
bb549c2152e611dd6931422e8fae26416cde5b2195902e565341f8ae92f0ebeb
bf47eea8a29b000e54ccdbc8921bed13e0cea0d23e16514563d677d363a355b3
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c993dc3b752d7bbd208d4aca6d2a69ea39eb54899282936f566f1f7c1f63a4a7
cc4838f335f890600d1bfc18a6e3fa8a7a5a1db894afc1b94e54de4c7de91867
cd429ca4b699add93c19c2731a22a489a5a5d6d1d01445d337f8c89c8ca6eb2f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d302fe121caf68995981332fa772943329f87c0d6077d86d4ca5d317e3df830d
d7a3280717b1f82f46bee459863720a03de43b16dc8097ba1b133440e5fe0edc
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
e127dce391c5b30b9f8027fc7d0097db662ce9c6af8eef63207ffe4a1432b55d
e2f1a473a1649fe316dbddc5cf8f45c525d62b8373d1be395272864c0cf1e60f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e96bf90e8eb906c08e51be90e00226f66881a6da5afb330fd39b995a7f4abdf2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f96d951ff703660f8c5bd174dfe31cf18167a9aa97ff586d49bfea42f2172a8b