urlscan.io logo urlscan.io
SecurityTrails logo

payment.meshotet.co.il Open in urlscan Pro
212.150.101.186  Public Scan

Go To Rescan Add Verdict Report
URL: https://payment.meshotet.co.il/
Submission Tags: falconsandbox
Submission: On October 06 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 64 HTTP transactions. The main IP is 212.150.101.186, located in Daliyya, Israel and belongs to NV-ASN CELLCOM ltd., IL. The main domain is payment.meshotet.co.il.
TLS certificate: Issued by R3 on August 26th 2021. Valid for: 3 months.
This is the only time payment.meshotet.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 212.150.101.186 1680 (NV-ASN CE...)
11 142.250.185.162 15169 (GOOGLE)
1 2 207.241.237.3 7941 (INTERNET-...)
1 31.13.92.36 32934 (FACEBOOK)
13 142.250.185.194 15169 (GOOGLE)
1 142.250.181.226 15169 (GOOGLE)
2 172.217.18.106 15169 (GOOGLE)
18 172.217.18.97 15169 (GOOGLE)
3 142.250.184.226 15169 (GOOGLE)
1 142.250.181.227 15169 (GOOGLE)
3 3 142.250.185.100 15169 (GOOGLE)
4 142.250.185.227 15169 (GOOGLE)
64 12
9    212.150.101.186 (Daliyya, Israel)

ASN1680 (NV-ASN CELLCOM ltd., IL)
PTR: vyot.raid.co.il
payment.meshotet.co.il
11    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
pagead2.googlesyndication.com
adservice.google.com
2    207.241.237.3 (San Francisco, United States)

ASN7941 (INTERNET-ARCHIVE, US)
web.archive.org
1    31.13.92.36 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frt3.facebook.com
www.facebook.com
13    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
partner.googleadservices.com
2    172.217.18.106 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f106.1e100.net
fonts.googleapis.com
18    172.217.18.97 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f97.1e100.net
tpc.googlesyndication.com
3    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
www.googletagservices.com
1    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
www.gstatic.com
3    142.250.185.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net
www.google.com
4    142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net
fonts.gstatic.com
Domain Requested by
18 tpc.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
13 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
10 pagead2.googlesyndication.com payment.meshotet.co.il
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
web.archive.org
9 payment.meshotet.co.il payment.meshotet.co.il
4 fonts.gstatic.com fonts.googleapis.com
3 www.google.com 3 redirects
3 www.googletagservices.com googleads.g.doubleclick.net
2 fonts.googleapis.com googleads.g.doubleclick.net
tpc.googlesyndication.com
2 web.archive.org 1 redirects payment.meshotet.co.il
1 www.gstatic.com googleads.g.doubleclick.net
1 adservice.google.com pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.facebook.com payment.meshotet.co.il
64 13

This site contains no links.

Subject Issuer Validity Valid
payment.meshotet.co.il
R3		 2021-08-26 -
2021-11-24		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.archive.org
Go Daddy Secure Certificate Authority - G2		 2019-12-23 -
2022-02-21		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-09 -
2021-12-08		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 13 frames:

Primary Page: https://payment.meshotet.co.il/
Frame ID: 0FD0F3D7FD49FB642A384FF1D343EDD1
Requests: 15 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fpayment.meshotet.co.il%2F&width=200&layout=button&action=like&show_faces=true&share=true&height=80&appId=405620709480777
Frame ID: 60702F580D0A08B7BE4D24FD352C5454
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211004/r20190131/zrt_lookup.html
Frame ID: 690627F60E7CB610B64557F98C264229
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=9307384039&adk=3654359874&adf=4054489202&pi=t.ma~as.9307384039&w=728&lmt=1633499727&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727185&bpp=39&bdt=225&idt=98&shv=r20211004&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&correlator=7229440136545&frm=20&pv=2&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=552&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HTMChKOAHs&p=https%3A//payment.meshotet.co.il&dtd=112
Frame ID: 15AC38E9961B59FB1F84220EE91272D1
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=280&slotname=6057269641&adk=2369290022&adf=2714337636&pi=t.ma~as.6057269641&w=700&fwrn=4&fwrnh=100&lmt=1633499727&rafmt=1&psa=0&format=700x280&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727243&bpp=3&bdt=284&idt=70&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_slotnames=9307384039&correlator=7229440136545&frm=20&pv=1&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=570&ady=727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VQMip9lAB2&p=https%3A//payment.meshotet.co.il&dtd=75
Frame ID: 925A49D1D3F9520A96722D128FC47D3A
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=600&slotname=5779015096&adk=2105329952&adf=2664654941&pi=t.ma~as.5779015096&w=160&lmt=1633499727&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727256&bpp=3&bdt=297&idt=66&shv=r20211004&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&prev_fmts=700x280&prev_slotnames=9307384039&correlator=7229440136545&frm=20&pv=1&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=kkSVMDZNez&p=https%3A//payment.meshotet.co.il&dtd=68
Frame ID: 3829207A3C3F05F71945FAC49BDBCD2E
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 3DFA9DBC65BFC7D66288A03C8965534C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8852617467843577452/index.html
Frame ID: 9021D4C193B76646AC9A097AACC3EA82
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 125F0330F5E6E4070E227010BB345ADF
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: E12C7BEACC628D0C167E76BB830FCAD3
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/LftQ-87gh8ukbv8P1dh67h7Vjfro8G7aRn_R6x3uKA4.js
Frame ID: 0BB770D1ACEBCAD20B88793E72B12308
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/LftQ-87gh8ukbv8P1dh67h7Vjfro8G7aRn_R6x3uKA4.js
Frame ID: 22EF429694A8CD804F5A5C3F74B16ACF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20160816/r20160727/show_ads_impl.js
Frame ID: 4406636A97F257F1C874FE963C1092D3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

64
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

13
Subdomains

12
IPs

3
Countries

998 kB
Transfer

2190 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://web.archive.org/web/20160820144930js_/http://pagead2.googlesyndication.com/pagead/show_ads.js HTTP 302
  • https://web.archive.org/web/20160820145002js_/http://pagead2.googlesyndication.com/pagead/show_ads.js
Request Chain 28
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 56
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 57
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

64 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
payment.meshotet.co.il/ 		11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://payment.meshotet.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.150.101.186 Daliyya, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
vyot.raid.co.il
Software
Apache/6.6.6 /
Resource Hash
48a7084de552d0e9b77697068f169fc1839592230c0070af99a3a0320e37a26f

Request headers

Host
payment.meshotet.co.il
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Wed, 06 Oct 2021 05:55:26 GMT
Server
Apache/6.6.6
Set-Cookie
PHPSESSID=d6f548a78b08c80eeede01f651d76130; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
Pragma
no-cache
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Content-Length
2826
Keep-Alive
timeout=2, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
site.php
payment.meshotet.co.il/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.meshotet.co.il/css/site.php
Requested by
Host: payment.meshotet.co.il
URL: https://payment.meshotet.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.150.101.186 Daliyya, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
vyot.raid.co.il
Software
Apache/6.6.6 /
Resource Hash
55d8fc52238a44b40deef0d9b1db3e4c0fecd8d69bc1eea1852af7fb9e432f0a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
payment.meshotet.co.il
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://payment.meshotet.co.il/
Cookie
PHPSESSID=d6f548a78b08c80eeede01f651d76130
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 06 Oct 2021 05:55:26 GMT
Content-Encoding
gzip
Server
Apache/6.6.6
Vary
Accept-Encoding,User-Agent
Content-Type
text/css;charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
Connection
Keep-Alive
Keep-Alive
timeout=2, max=99
Content-Length
1266
Expires
Thu, 19 Nov 1981 08:52:00 GMT
slider.css
payment.meshotet.co.il/css/ 		0
355 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.meshotet.co.il/css/slider.css
Requested by
Host: payment.meshotet.co.il
URL: https://payment.meshotet.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.150.101.186 Daliyya, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
vyot.raid.co.il
Software
Apache/6.6.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
payment.meshotet.co.il
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://payment.meshotet.co.il/
Cookie
PHPSESSID=d6f548a78b08c80eeede01f651d76130
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 06 Oct 2021 05:55:26 GMT
Server
Apache/6.6.6
Vary
User-Agent
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
Connection
Keep-Alive
Keep-Alive
timeout=2, max=98
Content-Length
0
Expires
Thu, 19 Nov 1981 08:52:00 GMT
logo.png
payment.meshotet.co.il/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.meshotet.co.il/images/logo.png
Requested by
Host: payment.meshotet.co.il
URL: https://payment.meshotet.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.150.101.186 Daliyya, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
vyot.raid.co.il
Software
Apache/6.6.6 /
Resource Hash
40c361328f9928215ac5a6e82d40380caa33766097e5fa778735b3dde6de844d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
payment.meshotet.co.il
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://payment.meshotet.co.il/
Cookie
PHPSESSID=d6f548a78b08c80eeede01f651d76130
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 06 Oct 2021 05:55:26 GMT
Last-Modified
Thu, 25 Oct 2012 12:40:20 GMT
Server
Apache/6.6.6
ETag
"d92-4cce1818c3500"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=100
Content-Length
3474
Expires
Fri, 05 Nov 2021 05:55:26 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ 		114 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: payment.meshotet.co.il
URL: https://payment.meshotet.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
42786899b0dd400593d1cf18c1224c24ac27189fb949528ce2445a0c6718c654
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 05:55:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40816
x-xss-protection
0
server
cafe
etag
7284370997315485486
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 06 Oct 2021 05:55:27 GMT
payment_website_ext.png
payment.meshotet.co.il/images/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.meshotet.co.il/images/payment_website_ext.png
Requested by
Host: payment.meshotet.co.il
URL: https://payment.meshotet.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.150.101.186 Daliyya, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
vyot.raid.co.il
Software
Apache/6.6.6 /
Resource Hash
33953d06239abdbd561a85c109e97629b1b01bbcfc01b910b0fc423c76f27f25

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
payment.meshotet.co.il
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://payment.meshotet.co.il/
Cookie
PHPSESSID=d6f548a78b08c80eeede01f651d76130
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 06 Oct 2021 05:55:26 GMT
Last-Modified
Sun, 28 Oct 2012 17:26:42 GMT
Server
Apache/6.6.6
ETag
"5c05-4cd21db32d880"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=97
Content-Length
23557
Expires
Fri, 05 Nov 2021 05:55:26 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: payment.meshotet.co.il
URL: https://payment.meshotet.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
90a20c990650f153ba973657cd72f78a3007ba15b2dad81f0a6d0ce34aee9690
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 05:55:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51205
x-xss-protection
0
server
cafe
etag
8834776213696498615
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 06 Oct 2021 05:55:27 GMT
show_ads.js
web.archive.org/web/20160820145002js_/http://pagead2.googlesyndication.com/pagead/
Redirect Chain
  • https://web.archive.org/web/20160820144930js_/http://pagead2.googlesyndication.com/pagead/show_ads.js
  • https://web.archive.org/web/20160820145002js_/http://pagead2.googlesyndication.com/pagead/show_ads.js
27 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web.archive.org/web/20160820145002js_/http://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: payment.meshotet.co.il
URL: https://payment.meshotet.co.il/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.241.237.3 San Francisco, United States, ASN7941 (INTERNET-ARCHIVE, US),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
adf7c96f3f8e822567308e5e2385a0b6a75d283a372ca8f9e857574c0aedca9c
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: archive.org web.archive.org analytics.archive.org pragma.archivelab.org

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: archive.org web.archive.org analytics.archive.org pragma.archivelab.org
x-rl
0
x-cache-key
httpsweb.archive.orgde-DE,de;q=0.9/web/20160820145002js_/http://pagead2.googlesyndication.com/pagead/show_ads.jsUS
x-archive-orig-vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
server-timing
exclusion.robots;dur=1.003264, exclusion.robots.policy;dur=0.945766, RedisCDXSource;dur=61.289074, esindex;dur=0.047760, LoadShardBlock;dur=1142.755184, PetaboxLoader3.datanode;dur=552.151797, CDXLines.iter;dur=387.152661, load_resource;dur=57.135632, PetaboxLoader3.resolve;dur=34.865756
x-page-cache
MISS
x-archive-orig-transfer-encoding
chunked
referrer-policy
no-referrer-when-downgrade
x-archive-orig-accept-ranges
none
x-archive-orig-x-content-type-options
nosniff
x-archive-orig-cache-control
public, max-age=3600
content-type
text/javascript; charset=UTF-8
memento-datetime
Sat, 20 Aug 2016 14:50:02 GMT
x-archive-orig-p3p
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
link
<http://pagead2.googlesyndication.com/pagead/show_ads.js>; rel="original", <https://web.archive.org/web/timemap/link/http://pagead2.googlesyndication.com/pagead/show_ads.js>; rel="timemap"; type="application/link-format", <https://web.archive.org/web/http://pagead2.googlesyndication.com/pagead/show_ads.js>; rel="timegate", <https://web.archive.org/web/20031117205125/http://pagead2.googlesyndication.com:80/pagead/show_ads.js>; rel="first memento"; datetime="Mon, 17 Nov 2003 20:51:25 GMT", <https://web.archive.org/web/20160820144600/http://pagead2.googlesyndication.com/pagead/show_ads.js>; rel="prev memento"; datetime="Sat, 20 Aug 2016 14:46:00 GMT", <https://web.archive.org/web/20160820145002/http://pagead2.googlesyndication.com/pagead/show_ads.js>; rel="memento"; datetime="Sat, 20 Aug 2016 14:50:02 GMT", <https://web.archive.org/web/20160820145116/https://pagead2.googlesyndication.com/pagead/show_ads.js>; rel="next memento"; datetime="Sat, 20 Aug 2016 14:51:16 GMT", <https://web.archive.org/web/20211005231706/http://pagead2.googlesyndication.com/pagead/show_ads.js>; rel="last memento"; datetime="Tue, 05 Oct 2021 23:17:06 GMT"
date
Wed, 06 Oct 2021 05:55:29 GMT
x-app-server
wwwb-app200
x-location
All
x-nid
-
x-archive-orig-age
1186
content-length
27929
x-archive-src
archiveteam_newssites_20160820_0073/news3xrtzuuprmk-2016-08-20-8562fd6b-00000.warc.gz
x-ts
200
x-archive-guessed-content-type
text/javascript
x-archive-orig-server
cafe
server
nginx/1.19.10
x-tr
1750
x-archive-guessed-charset
utf-8
x-na
0
x-archive-orig-x-xss-protection
1; mode=block
permissions-policy
interest-cohort=()
x-archive-orig-date
Sat, 20 Aug 2016 14:30:15 GMT
x-archive-orig-expires
Sat, 20 Aug 2016 15:30:15 GMT

Redirect headers

date
Wed, 06 Oct 2021 05:55:28 GMT
x-rl
0
x-app-server
wwwb-app211
x-cache-key
httpsweb.archive.orgde-DE,de;q=0.9/web/20160820144930js_/http://pagead2.googlesyndication.com/pagead/show_ads.jsUS
x-location
All
x-nid
-
server-timing
exclusion.robots;dur=0.121917, exclusion.robots.policy;dur=0.113258, RedisCDXSource;dur=9.035498, esindex;dur=0.008975, LoadShardBlock;dur=454.524388, PetaboxLoader3.datanode;dur=270.366776, CDXLines.iter;dur=134.358521
content-length
0
x-archive-redirect-reason
found capture at 20160820145002
x-ts
302
referrer-policy
no-referrer-when-downgrade
server
nginx/1.19.10
x-page-cache
MISS
x-tr
632
x-na
0
content-type
text/plain; charset=utf-8
location
https://web.archive.org/web/20160820145002js_/http://pagead2.googlesyndication.com/pagead/show_ads.js
permissions-policy
interest-cohort=()
like.php
www.facebook.com/plugins/ Frame 6070 		0
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fpayment.meshotet.co.il%2F&width=200&layout=button&action=like&show_faces=true&share=true&height=80&appId=405620709480777
Requested by
Host: payment.meshotet.co.il
URL: https://payment.meshotet.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frt3.facebook.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like.php?href=https%3A%2F%2Fpayment.meshotet.co.il%2F&width=200&layout=button&action=like&show_faces=true&share=true&height=80&appId=405620709480777
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://payment.meshotet.co.il/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
V6Iiou9khdOxWNaFfQZqGxEhpX3LvjaKAl7ldsjnESS2vSjilxZB5F4gpm5bS9MvoGHLsMcNR2NLTlD5M8XApA==
content-length
0
date
Wed, 06 Oct 2021 05:55:27 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
browsers.css
payment.meshotet.co.il/css/ 		351 B
644 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.meshotet.co.il/css/browsers.css
Requested by
Host: payment.meshotet.co.il
URL: https://payment.meshotet.co.il/css/site.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.150.101.186 Daliyya, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
vyot.raid.co.il
Software
Apache/6.6.6 /
Resource Hash
cfbb08f37e3ee4b7f0fed7f11bc875f01212f87932f2513ac3f112f20fca44b7

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
payment.meshotet.co.il
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://payment.meshotet.co.il/css/site.php
Cookie
PHPSESSID=d6f548a78b08c80eeede01f651d76130
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/css/site.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 06 Oct 2021 05:55:26 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Nov 2011 13:44:18 GMT
Server
Apache/6.6.6
ETag
"15f-4b1c62f0f1080-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=100
Content-Length
226
Expires
Thu, 06 Oct 2022 05:55:26 GMT
menu.php
payment.meshotet.co.il/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.meshotet.co.il/css/menu.php
Requested by
Host: payment.meshotet.co.il
URL: https://payment.meshotet.co.il/css/site.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.150.101.186 Daliyya, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
vyot.raid.co.il
Software
Apache/6.6.6 /
Resource Hash
5fa4c8526fbcf45dbe2cf7f27d6bda6c3bf9d0bafbf29d356f2d7d126e91754f

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
payment.meshotet.co.il
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://payment.meshotet.co.il/css/site.php
Cookie
PHPSESSID=d6f548a78b08c80eeede01f651d76130
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/css/site.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 06 Oct 2021 05:55:26 GMT
Content-Encoding
gzip
Server
Apache/6.6.6
Vary
Accept-Encoding,User-Agent
Content-Type
text/css;charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
724
Expires
Thu, 19 Nov 1981 08:52:00 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/ 		257 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
f28eef56b80f199deadd51753addbbfe6ab731312d0daa09573de6c749960d74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 05:55:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97173
x-xss-protection
0
server
cafe
etag
2721350736796222760
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 06 Oct 2021 05:55:27 GMT
headerBG.png
payment.meshotet.co.il/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.meshotet.co.il/images/headerBG.png
Requested by
Host: payment.meshotet.co.il
URL: https://payment.meshotet.co.il/css/site.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.150.101.186 Daliyya, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
vyot.raid.co.il
Software
Apache/6.6.6 /
Resource Hash
bed15b50fbf91f9873f5ede25e400ea120be329eb3252ced96aa0e9357b5f413

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
payment.meshotet.co.il
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://payment.meshotet.co.il/css/site.php
Cookie
PHPSESSID=d6f548a78b08c80eeede01f651d76130
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/css/site.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 06 Oct 2021 05:55:26 GMT
Last-Modified
Thu, 25 Oct 2012 12:42:22 GMT
Server
Apache/6.6.6
ETag
"b29-4cce188d1c780"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=99
Content-Length
2857
Expires
Fri, 05 Nov 2021 05:55:26 GMT
searchSubmit.png
payment.meshotet.co.il/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.meshotet.co.il/images/searchSubmit.png
Requested by
Host: payment.meshotet.co.il
URL: https://payment.meshotet.co.il/css/site.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.150.101.186 Daliyya, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
vyot.raid.co.il
Software
Apache/6.6.6 /
Resource Hash
f5f0c42fa13f46ee21f52fe2d05a7fa05ba53c1e0149129d168444e801523c80

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
payment.meshotet.co.il
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://payment.meshotet.co.il/css/site.php
Cookie
PHPSESSID=d6f548a78b08c80eeede01f651d76130
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/css/site.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 06 Oct 2021 05:55:26 GMT
Last-Modified
Thu, 25 Oct 2012 12:51:30 GMT
Server
Apache/6.6.6
ETag
"dba-4cce1a97b9880"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=99
Content-Length
3514
Expires
Fri, 05 Nov 2021 05:55:26 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211004/r20190131/ Frame 6906 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211004/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e59f39fd9be6b3737942676248d273b23f94ab60f7b7e608230d6a107dccb7ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20211004/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://payment.meshotet.co.il/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 05 Oct 2021 15:14:38 GMT
expires
Tue, 19 Oct 2021 15:14:38 GMT
content-type
text/html; charset=UTF-8
etag
10398570473303663775
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4601
x-xss-protection
0
age
52849
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		204 B
660 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=payment.meshotet.co.il&callback=_gfp_s_&client=ca-pub-8330060489921088
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
c09e1757ebb0002bc2769204b81e9777002b4713512e8e72ca197dab77252536
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 05:55:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
194
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=payment.meshotet.co.il
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 06 Oct 2021 05:55:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 15AC 		81 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=9307384039&adk=3654359874&adf=4054489202&pi=t.ma~as.9307384039&w=728&lmt=1633499727&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727185&bpp=39&bdt=225&idt=98&shv=r20211004&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&correlator=7229440136545&frm=20&pv=2&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=552&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HTMChKOAHs&p=https%3A//payment.meshotet.co.il&dtd=112
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
45af388cbe0e34267b72a29430b0a70b69b8932aad8ec4616451e0ab71c6a218
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=9307384039&adk=3654359874&adf=4054489202&pi=t.ma~as.9307384039&w=728&lmt=1633499727&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727185&bpp=39&bdt=225&idt=98&shv=r20211004&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&correlator=7229440136545&frm=20&pv=2&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=552&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HTMChKOAHs&p=https%3A//payment.meshotet.co.il&dtd=112
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://payment.meshotet.co.il/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 06 Oct 2021 05:55:27 GMT
server
cafe
content-length
27568
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 06-Oct-2021 06:10:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 06 Oct 2021 05:55:27 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 925A 		68 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=280&slotname=6057269641&adk=2369290022&adf=2714337636&pi=t.ma~as.6057269641&w=700&fwrn=4&fwrnh=100&lmt=1633499727&rafmt=1&psa=0&format=700x280&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727243&bpp=3&bdt=284&idt=70&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_slotnames=9307384039&correlator=7229440136545&frm=20&pv=1&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=570&ady=727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VQMip9lAB2&p=https%3A//payment.meshotet.co.il&dtd=75
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
59fd9c6e0d1129c148683a3ab6d48b963da55fb88ee07beea3ca76b537c18d54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8330060489921088&output=html&h=280&slotname=6057269641&adk=2369290022&adf=2714337636&pi=t.ma~as.6057269641&w=700&fwrn=4&fwrnh=100&lmt=1633499727&rafmt=1&psa=0&format=700x280&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727243&bpp=3&bdt=284&idt=70&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_slotnames=9307384039&correlator=7229440136545&frm=20&pv=1&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=570&ady=727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VQMip9lAB2&p=https%3A//payment.meshotet.co.il&dtd=75
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://payment.meshotet.co.il/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 06 Oct 2021 05:55:27 GMT
server
cafe
content-length
25659
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 06-Oct-2021 06:10:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 06 Oct 2021 05:55:27 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 3829 		102 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=600&slotname=5779015096&adk=2105329952&adf=2664654941&pi=t.ma~as.5779015096&w=160&lmt=1633499727&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727256&bpp=3&bdt=297&idt=66&shv=r20211004&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&prev_fmts=700x280&prev_slotnames=9307384039&correlator=7229440136545&frm=20&pv=1&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=kkSVMDZNez&p=https%3A//payment.meshotet.co.il&dtd=68
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
c77a350705b49d2535e0a17129d7f9177fb431ef7dbc5d8eed594f477866e42b
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8852617467843577452/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8852617467843577452/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPrm9NeMtfMCFU9F4AodCisCuw&gqi=TzpdYfW4FM2RrASgiqjwAw&layout=/sadbundle/%24csp%253Der3%24/8852617467843577452/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8330060489921088&output=html&h=600&slotname=5779015096&adk=2105329952&adf=2664654941&pi=t.ma~as.5779015096&w=160&lmt=1633499727&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727256&bpp=3&bdt=297&idt=66&shv=r20211004&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&prev_fmts=700x280&prev_slotnames=9307384039&correlator=7229440136545&frm=20&pv=1&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=kkSVMDZNez&p=https%3A//payment.meshotet.co.il&dtd=68
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://payment.meshotet.co.il/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8852617467843577452/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8852617467843577452/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPrm9NeMtfMCFU9F4AodCisCuw&gqi=TzpdYfW4FM2RrASgiqjwAw&layout=/sadbundle/%24csp%253Der3%24/8852617467843577452/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 06 Oct 2021 05:55:27 GMT
server
cafe
content-length
36313
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 06-Oct-2021 06:10:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 06 Oct 2021 05:55:27 GMT
cache-control
private
css
fonts.googleapis.com/ Frame 15AC 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=9307384039&adk=3654359874&adf=4054489202&pi=t.ma~as.9307384039&w=728&lmt=1633499727&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727185&bpp=39&bdt=225&idt=98&shv=r20211004&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&correlator=7229440136545&frm=20&pv=2&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=552&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HTMChKOAHs&p=https%3A//payment.meshotet.co.il&dtd=112
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f106.1e100.net
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 06 Oct 2021 04:38:27 GMT
server
ESF
date
Wed, 06 Oct 2021 05:55:27 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Wed, 06 Oct 2021 05:55:27 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame 15AC 		1 KB
944 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=9307384039&adk=3654359874&adf=4054489202&pi=t.ma~as.9307384039&w=728&lmt=1633499727&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727185&bpp=39&bdt=225&idt=98&shv=r20211004&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&correlator=7229440136545&frm=20&pv=2&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=552&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HTMChKOAHs&p=https%3A//payment.meshotet.co.il&dtd=112
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
cafe /
Resource Hash
6500bd4cd278cdd0e00b473891ec40860e4dde8e5a7f02ab1d2ad6e30dfb0ce4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 05:52:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
195
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
837
x-xss-protection
0
server
cafe
etag
7640065535275194769
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Oct 2021 05:52:12 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/ Frame 15AC 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=9307384039&adk=3654359874&adf=4054489202&pi=t.ma~as.9307384039&w=728&lmt=1633499727&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727185&bpp=39&bdt=225&idt=98&shv=r20211004&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&correlator=7229440136545&frm=20&pv=2&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=552&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HTMChKOAHs&p=https%3A//payment.meshotet.co.il&dtd=112
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
cafe /
Resource Hash
2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 05:44:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
675
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7605
x-xss-protection
0
server
cafe
etag
4152153861754824712
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Oct 2021 05:44:12 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame 15AC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=9307384039&adk=3654359874&adf=4054489202&pi=t.ma~as.9307384039&w=728&lmt=1633499727&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727185&bpp=39&bdt=225&idt=98&shv=r20211004&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&correlator=7229440136545&frm=20&pv=2&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=552&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HTMChKOAHs&p=https%3A//payment.meshotet.co.il&dtd=112
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
cafe /
Resource Hash
5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 05:44:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
640
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1344
x-xss-protection
0
server
cafe
etag
10107448882299530629
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Oct 2021 05:44:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 15AC 		122 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=9307384039&adk=3654359874&adf=4054489202&pi=t.ma~as.9307384039&w=728&lmt=1633499727&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727185&bpp=39&bdt=225&idt=98&shv=r20211004&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&correlator=7229440136545&frm=20&pv=2&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=552&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HTMChKOAHs&p=https%3A//payment.meshotet.co.il&dtd=112
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 05:55:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37846
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1632957210746890"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 06 Oct 2021 05:55:27 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame 15AC 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=9307384039&adk=3654359874&adf=4054489202&pi=t.ma~as.9307384039&w=728&lmt=1633499727&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727185&bpp=39&bdt=225&idt=98&shv=r20211004&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&correlator=7229440136545&frm=20&pv=2&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=552&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HTMChKOAHs&p=https%3A//payment.meshotet.co.il&dtd=112
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
cafe /
Resource Hash
85d8dd4789aef864dde1bea614b5ceec78e9d19c30cc2a14b4a358fa63df8ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 05:44:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
687
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6206
x-xss-protection
0
server
cafe
etag
15755272758842173338
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Oct 2021 05:44:00 GMT
8400539943eb1c96fa551c508d61e34e.js
www.gstatic.com/mysidia/ Frame 15AC 		26 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8400539943eb1c96fa551c508d61e34e.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=9307384039&adk=3654359874&adf=4054489202&pi=t.ma~as.9307384039&w=728&lmt=1633499727&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727185&bpp=39&bdt=225&idt=98&shv=r20211004&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&correlator=7229440136545&frm=20&pv=2&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=552&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HTMChKOAHs&p=https%3A//payment.meshotet.co.il&dtd=112
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
cd1aa1b17ad107887c38eedf2e24ab209a184dfd3abdae3484d36e10d74cbbb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 08:07:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78486
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11136
x-xss-protection
0
last-modified
Wed, 29 Sep 2021 18:59:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Mon, 03 Jan 2022 08:07:21 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 15AC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CLo0lTzpdYZ6hFIeWgAffkbaIAtKgn_JkorOUvswLloLNhYgWEAEgkcXmCWDJBqAB_9uKyAPIAQGoAwHIA8sEqgTvAU_QKIPs-hbryOLcc8alODpetvxAnY4q5qV_cWrQfUQwW76C_sVcb5TJeP2mc8p7QQdSFcz2tm-kwXz-0bghnKCoSADsq5BgJVa4TCi2mejMnU6l6ogvRMkxnlWod_mbX7MgFLbCG-HqgQdoBO0INtRVtlAfuAwgQut3ZKf2E9KfevFZmhb-b3J9T6cWGuXauO8WL_oHRNqeSkMhoygAEwRszU9j2wGQZNqe0FI8nLUJomIQAPMzDUEdZQB3tAchfHmJ2dA64wBI1Brd4gXQhyJ77n7tyqo6YNZxyNh4eY9XsopYOeKEtd3gF8BAXd7rwAT3iqzkkAOSBQQIBBgBkgUECAUYBIAH3tKAQagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHyBwQQ_tUO0ggHCIBhEAEYX4AKAcgLAdgTDYgUAdAVAYAXAbIXHAoaCAASFHB1Yi04MzMwMDYwNDg5OTIxMDg4GAA&sigh=SGHwTF-s7fw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=9307384039&adk=3654359874&adf=4054489202&pi=t.ma~as.9307384039&w=728&lmt=1633499727&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727185&bpp=39&bdt=225&idt=98&shv=r20211004&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&correlator=7229440136545&frm=20&pv=2&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=552&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HTMChKOAHs&p=https%3A//payment.meshotet.co.il&dtd=112
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=9307384039&adk=3654359874&adf=4054489202&pi=t.ma~as.9307384039&w=728&lmt=1633499727&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727185&bpp=39&bdt=225&idt=98&shv=r20211004&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&correlator=7229440136545&frm=20&pv=2&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=552&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HTMChKOAHs&p=https%3A//payment.meshotet.co.il&dtd=112
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 06 Oct 2021 05:55:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 06 Oct 2021 05:55:27 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 3DFA 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=9307384039&adk=3654359874&adf=4054489202&pi=t.ma~as.9307384039&w=728&lmt=1633499727&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727185&bpp=39&bdt=225&idt=98&shv=r20211004&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&correlator=7229440136545&frm=20&pv=2&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=552&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HTMChKOAHs&p=https%3A//payment.meshotet.co.il&dtd=112
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=9307384039&adk=3654359874&adf=4054489202&pi=t.ma~as.9307384039&w=728&lmt=1633499727&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727185&bpp=39&bdt=225&idt=98&shv=r20211004&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&correlator=7229440136545&frm=20&pv=2&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=552&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HTMChKOAHs&p=https%3A//payment.meshotet.co.il&dtd=112
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUkjz16aIHiONhd_69uzB6u2Csyz98fEhLfOA_1JEptPBuPCVHESdm54IZOrD6E
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=9307384039&adk=3654359874&adf=4054489202&pi=t.ma~as.9307384039&w=728&lmt=1633499727&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727185&bpp=39&bdt=225&idt=98&shv=r20211004&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&correlator=7229440136545&frm=20&pv=2&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=552&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HTMChKOAHs&p=https%3A//payment.meshotet.co.il&dtd=112

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 06 Oct 2021 05:35:58 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1169
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3DFA
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=9307384039&adk=3654359874&adf=4054489202&pi=t.ma~as.9307384039&w=728&lmt=1633499727&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727185&bpp=39&bdt=225&idt=98&shv=r20211004&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&correlator=7229440136545&frm=20&pv=2&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=552&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HTMChKOAHs&p=https%3A//payment.meshotet.co.il&dtd=112
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUkjz16aIHiONhd_69uzB6u2Csyz98fEhLfOA_1JEptPBuPCVHESdm54IZOrD6E; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 06 Oct 2021 05:55:27 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Wed, 06-Oct-2021 06:55:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 06 Oct 2021 05:55:27 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 06 Oct 2021 05:55:27 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/ Frame 3829 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=600&slotname=5779015096&adk=2105329952&adf=2664654941&pi=t.ma~as.5779015096&w=160&lmt=1633499727&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727256&bpp=3&bdt=297&idt=66&shv=r20211004&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&prev_fmts=700x280&prev_slotnames=9307384039&correlator=7229440136545&frm=20&pv=1&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=kkSVMDZNez&p=https%3A//payment.meshotet.co.il&dtd=68
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
cafe /
Resource Hash
2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 05:50:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
327
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7605
x-xss-protection
0
server
cafe
etag
4152153861754824712
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Oct 2021 05:50:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame 3829 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=600&slotname=5779015096&adk=2105329952&adf=2664654941&pi=t.ma~as.5779015096&w=160&lmt=1633499727&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727256&bpp=3&bdt=297&idt=66&shv=r20211004&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&prev_fmts=700x280&prev_slotnames=9307384039&correlator=7229440136545&frm=20&pv=1&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=kkSVMDZNez&p=https%3A//payment.meshotet.co.il&dtd=68
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
cafe /
Resource Hash
5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 05:50:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
318
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1344
x-xss-protection
0
server
cafe
etag
10107448882299530629
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Oct 2021 05:50:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3829 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=600&slotname=5779015096&adk=2105329952&adf=2664654941&pi=t.ma~as.5779015096&w=160&lmt=1633499727&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727256&bpp=3&bdt=297&idt=66&shv=r20211004&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&prev_fmts=700x280&prev_slotnames=9307384039&correlator=7229440136545&frm=20&pv=1&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=kkSVMDZNez&p=https%3A//payment.meshotet.co.il&dtd=68
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 05:55:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37846
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1632957210746890"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 06 Oct 2021 05:55:27 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame 3829 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=600&slotname=5779015096&adk=2105329952&adf=2664654941&pi=t.ma~as.5779015096&w=160&lmt=1633499727&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727256&bpp=3&bdt=297&idt=66&shv=r20211004&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&prev_fmts=700x280&prev_slotnames=9307384039&correlator=7229440136545&frm=20&pv=1&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=kkSVMDZNez&p=https%3A//payment.meshotet.co.il&dtd=68
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
cafe /
Resource Hash
85d8dd4789aef864dde1bea614b5ceec78e9d19c30cc2a14b4a358fa63df8ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 05:49:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
378
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6206
x-xss-protection
0
server
cafe
etag
15755272758842173338
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Oct 2021 05:49:09 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8852617467843577452/ Frame 9021 		12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8852617467843577452/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=600&slotname=5779015096&adk=2105329952&adf=2664654941&pi=t.ma~as.5779015096&w=160&lmt=1633499727&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727256&bpp=3&bdt=297&idt=66&shv=r20211004&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&prev_fmts=700x280&prev_slotnames=9307384039&correlator=7229440136545&frm=20&pv=1&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=kkSVMDZNez&p=https%3A//payment.meshotet.co.il&dtd=68
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
6e035c10ba569de2650ef885e8389f0eb790a9738bc8a28bf931349a830b82cc
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/8852617467843577452/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin
*
content-length
3354
date
Tue, 05 Oct 2021 06:34:26 GMT
expires
Wed, 05 Oct 2022 06:34:26 GMT
last-modified
Tue, 28 Sep 2021 13:45:18 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
84061
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 3829 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CHGXiTzpdYbqDFc-KgQeK1ojYC5yI2btl8vTjndQOv8qivcABEAEgkcXmCWDJBqABmZbsgwLIAQmoAwHIA0iqBPYBT9ArAEK8OKvgWXR1W0V6F3iwrwJjFdDNr0d3Mz2NWt6OnEubdJF9Qpihtw9qNShadFFtJfrSrrfuf-VFm-oJRf6-BzSpt8ljxk0AyFetndOXwxdqc_KsAeXKBlQTHYPfO9xRdC9IRc7__6wCWBOveDMqDgZDczxoaINUq9NwLhUnSqr95wExGMuo7hwqODxhEI7DRTD11o-ZORVG5CjUj1KTx0SVem5A16GF-jMUcYPYb02UrV7ewYz33nPYF1DctJc7vr8RC8ReCnBudGLZ9lNgTemnbjidIJVDheS9hu1FyFbTwh20N-Uo3AOp2u8qTlT5OqO5wASb0Ou85wOSBQQIBBgBkgUECAUYBKAGLoAHz-mT_AGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcA8gcEEJDtDdIIBwiAYRABGF-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItODMzMDA2MDQ4OTkyMTA4OBgA&sigh=i7gEkbR-dCM&template_id=419
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=600&slotname=5779015096&adk=2105329952&adf=2664654941&pi=t.ma~as.5779015096&w=160&lmt=1633499727&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727256&bpp=3&bdt=297&idt=66&shv=r20211004&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&prev_fmts=700x280&prev_slotnames=9307384039&correlator=7229440136545&frm=20&pv=1&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=kkSVMDZNez&p=https%3A//payment.meshotet.co.il&dtd=68
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=600&slotname=5779015096&adk=2105329952&adf=2664654941&pi=t.ma~as.5779015096&w=160&lmt=1633499727&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727256&bpp=3&bdt=297&idt=66&shv=r20211004&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&prev_fmts=700x280&prev_slotnames=9307384039&correlator=7229440136545&frm=20&pv=1&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=kkSVMDZNez&p=https%3A//payment.meshotet.co.il&dtd=68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 06 Oct 2021 05:55:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
4816634303341789479
tpc.googlesyndication.com/daca_images/simgad/ Frame 925A 		190 KB
190 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/4816634303341789479
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=280&slotname=6057269641&adk=2369290022&adf=2714337636&pi=t.ma~as.6057269641&w=700&fwrn=4&fwrnh=100&lmt=1633499727&rafmt=1&psa=0&format=700x280&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727243&bpp=3&bdt=284&idt=70&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_slotnames=9307384039&correlator=7229440136545&frm=20&pv=1&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=570&ady=727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VQMip9lAB2&p=https%3A//payment.meshotet.co.il&dtd=75
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
96692fdebfe321cf455ca670a146e3de6948779bd1ed9ea0aa401f4c0a68260f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 10:30:02 GMT
x-content-type-options
nosniff
age
69925
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
194584
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 23:39:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 05 Oct 2022 10:30:02 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/ Frame 925A 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=280&slotname=6057269641&adk=2369290022&adf=2714337636&pi=t.ma~as.6057269641&w=700&fwrn=4&fwrnh=100&lmt=1633499727&rafmt=1&psa=0&format=700x280&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727243&bpp=3&bdt=284&idt=70&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_slotnames=9307384039&correlator=7229440136545&frm=20&pv=1&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=570&ady=727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VQMip9lAB2&p=https%3A//payment.meshotet.co.il&dtd=75
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
cafe /
Resource Hash
2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 05:50:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
327
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7605
x-xss-protection
0
server
cafe
etag
4152153861754824712
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Oct 2021 05:50:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame 925A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=280&slotname=6057269641&adk=2369290022&adf=2714337636&pi=t.ma~as.6057269641&w=700&fwrn=4&fwrnh=100&lmt=1633499727&rafmt=1&psa=0&format=700x280&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727243&bpp=3&bdt=284&idt=70&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_slotnames=9307384039&correlator=7229440136545&frm=20&pv=1&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=570&ady=727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VQMip9lAB2&p=https%3A//payment.meshotet.co.il&dtd=75
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
cafe /
Resource Hash
5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 05:50:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
318
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1344
x-xss-protection
0
server
cafe
etag
10107448882299530629
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Oct 2021 05:50:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 925A 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=280&slotname=6057269641&adk=2369290022&adf=2714337636&pi=t.ma~as.6057269641&w=700&fwrn=4&fwrnh=100&lmt=1633499727&rafmt=1&psa=0&format=700x280&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727243&bpp=3&bdt=284&idt=70&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_slotnames=9307384039&correlator=7229440136545&frm=20&pv=1&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=570&ady=727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VQMip9lAB2&p=https%3A//payment.meshotet.co.il&dtd=75
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 05:55:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37846
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1632957210746890"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 06 Oct 2021 05:55:27 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame 925A 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=280&slotname=6057269641&adk=2369290022&adf=2714337636&pi=t.ma~as.6057269641&w=700&fwrn=4&fwrnh=100&lmt=1633499727&rafmt=1&psa=0&format=700x280&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727243&bpp=3&bdt=284&idt=70&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_slotnames=9307384039&correlator=7229440136545&frm=20&pv=1&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=570&ady=727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VQMip9lAB2&p=https%3A//payment.meshotet.co.il&dtd=75
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
cafe /
Resource Hash
85d8dd4789aef864dde1bea614b5ceec78e9d19c30cc2a14b4a358fa63df8ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 05:49:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
378
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6206
x-xss-protection
0
server
cafe
etag
15755272758842173338
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Oct 2021 05:49:09 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame 925A 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=280&slotname=6057269641&adk=2369290022&adf=2714337636&pi=t.ma~as.6057269641&w=700&fwrn=4&fwrnh=100&lmt=1633499727&rafmt=1&psa=0&format=700x280&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727243&bpp=3&bdt=284&idt=70&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_slotnames=9307384039&correlator=7229440136545&frm=20&pv=1&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=570&ady=727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VQMip9lAB2&p=https%3A//payment.meshotet.co.il&dtd=75
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
cafe /
Resource Hash
c64142df3928b731aa5af334d6e576444774b97d6cbc0c08f4732dc30f211bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 14:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56239
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11124
x-xss-protection
0
server
cafe
etag
12881321802504011032
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 14:18:08 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 925A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CViAlTzpdYZvLFNDngAfjs6SACpen851hiqyiyrAN__WQ49cCEAEgkcXmCWDJBqABtMXGwgLIAQKoAwHIA8kEqgSJAk_QhE2pGyYoDrSv4EeHXy4bvx5jX4D-sA5kLsdKPm4mQeALU6dkAElxXtdmrTkoyXarZAOiKUG0R8TNufQAOp8orMPM0Q-ko1ca6fgF6d9YmDGvEI3rgTtudbBfqNlj6d5oaW0njci1BJt7SWwvP1OCzUBZMZAGJXBW0a0d-vNovHm-_cq3fEF5-DBD49Ew-ZMdnI52z3deuZHGlvKQG1ucVaTAx7CZa1Smsx5n4QfFJCNpoE7VpaGaP52v9eM5clPv6d7k1sIi_Wv-xpMV0cbewDVCaHwlzprarGmNHqPXznDnxcqPsCbEghpVrFQ_KhZe8rMqvTMsef0bG251FTjTh-eyhKO3zMHABNSRxfvHA5IFBAgEGAGSBQQIBRgEoAYCgAe0urm9AagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHyBwQQpeEN0ggHCIBhEAEYX4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi04MzMwMDYwNDg5OTIxMDg4GAA&sigh=bF0xAvVBvhI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=280&slotname=6057269641&adk=2369290022&adf=2714337636&pi=t.ma~as.6057269641&w=700&fwrn=4&fwrnh=100&lmt=1633499727&rafmt=1&psa=0&format=700x280&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727243&bpp=3&bdt=284&idt=70&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_slotnames=9307384039&correlator=7229440136545&frm=20&pv=1&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=570&ady=727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VQMip9lAB2&p=https%3A//payment.meshotet.co.il&dtd=75
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=280&slotname=6057269641&adk=2369290022&adf=2714337636&pi=t.ma~as.6057269641&w=700&fwrn=4&fwrnh=100&lmt=1633499727&rafmt=1&psa=0&format=700x280&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727243&bpp=3&bdt=284&idt=70&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_slotnames=9307384039&correlator=7229440136545&frm=20&pv=1&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=570&ady=727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VQMip9lAB2&p=https%3A//payment.meshotet.co.il&dtd=75
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 06 Oct 2021 05:55:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 15AC 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0eb0d5acc279cf6851b1f61d2d20364d690822cabd86959f448ffca76b61706f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 15AC 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 04:08:17 GMT
x-content-type-options
nosniff
age
92830
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Oct 2022 04:08:17 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 15AC 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 08:44:05 GMT
x-content-type-options
nosniff
age
76282
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Oct 2022 08:44:05 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 125F 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=600&slotname=5779015096&adk=2105329952&adf=2664654941&pi=t.ma~as.5779015096&w=160&lmt=1633499727&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727256&bpp=3&bdt=297&idt=66&shv=r20211004&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&prev_fmts=700x280&prev_slotnames=9307384039&correlator=7229440136545&frm=20&pv=1&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=kkSVMDZNez&p=https%3A//payment.meshotet.co.il&dtd=68
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=600&slotname=5779015096&adk=2105329952&adf=2664654941&pi=t.ma~as.5779015096&w=160&lmt=1633499727&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727256&bpp=3&bdt=297&idt=66&shv=r20211004&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&prev_fmts=700x280&prev_slotnames=9307384039&correlator=7229440136545&frm=20&pv=1&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=kkSVMDZNez&p=https%3A//payment.meshotet.co.il&dtd=68
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUkjz16aIHiONhd_69uzB6u2Csyz98fEhLfOA_1JEptPBuPCVHESdm54IZOrD6E; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=600&slotname=5779015096&adk=2105329952&adf=2664654941&pi=t.ma~as.5779015096&w=160&lmt=1633499727&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727256&bpp=3&bdt=297&idt=66&shv=r20211004&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&prev_fmts=700x280&prev_slotnames=9307384039&correlator=7229440136545&frm=20&pv=1&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=kkSVMDZNez&p=https%3A//payment.meshotet.co.il&dtd=68

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 06 Oct 2021 05:35:58 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1169
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
s
googleads.g.doubleclick.net/pagead/drt/ Frame E12C 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=280&slotname=6057269641&adk=2369290022&adf=2714337636&pi=t.ma~as.6057269641&w=700&fwrn=4&fwrnh=100&lmt=1633499727&rafmt=1&psa=0&format=700x280&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727243&bpp=3&bdt=284&idt=70&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_slotnames=9307384039&correlator=7229440136545&frm=20&pv=1&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=570&ady=727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VQMip9lAB2&p=https%3A//payment.meshotet.co.il&dtd=75
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=280&slotname=6057269641&adk=2369290022&adf=2714337636&pi=t.ma~as.6057269641&w=700&fwrn=4&fwrnh=100&lmt=1633499727&rafmt=1&psa=0&format=700x280&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727243&bpp=3&bdt=284&idt=70&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_slotnames=9307384039&correlator=7229440136545&frm=20&pv=1&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=570&ady=727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VQMip9lAB2&p=https%3A//payment.meshotet.co.il&dtd=75
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUkjz16aIHiONhd_69uzB6u2Csyz98fEhLfOA_1JEptPBuPCVHESdm54IZOrD6E; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=280&slotname=6057269641&adk=2369290022&adf=2714337636&pi=t.ma~as.6057269641&w=700&fwrn=4&fwrnh=100&lmt=1633499727&rafmt=1&psa=0&format=700x280&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727243&bpp=3&bdt=284&idt=70&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_slotnames=9307384039&correlator=7229440136545&frm=20&pv=1&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=570&ady=727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VQMip9lAB2&p=https%3A//payment.meshotet.co.il&dtd=75

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 06 Oct 2021 05:35:58 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1169
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 9021 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8852617467843577452/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 13:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58124
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 06 Oct 2021 13:46:43 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9021 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8852617467843577452/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 13:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58118
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 06 Oct 2021 13:46:49 GMT
b6b76a0ced672218ddbcf7b8b9afe599.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8852617467843577452/ Frame 9021 		77 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8852617467843577452/b6b76a0ced672218ddbcf7b8b9afe599.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8852617467843577452/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
5ec09391d4ded91157627f97b718b564efd2739d826dc7f8df34e77be95b5be1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
84061
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19773
x-xss-protection
0
last-modified
Tue, 28 Sep 2021 13:45:18 GMT
server
sffe
date
Tue, 05 Oct 2021 06:34:26 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 05 Oct 2022 06:34:26 GMT
truncated
/ Frame 3829 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
58bd62c02680a9d27929c751f2a155a1e1283a5473af8b2d5ee49dc667be0751

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 925A 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa1bbafcbde4cedb733e9bef0b386f79850bf027b119f610294139ea06d559d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
LftQ-87gh8ukbv8P1dh67h7Vjfro8G7aRn_R6x3uKA4.js
pagead2.googlesyndication.com/bg/ Frame 0BB7 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LftQ-87gh8ukbv8P1dh67h7Vjfro8G7aRn_R6x3uKA4.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=9307384039&adk=3654359874&adf=4054489202&pi=t.ma~as.9307384039&w=728&lmt=1633499727&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727185&bpp=39&bdt=225&idt=98&shv=r20211004&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&correlator=7229440136545&frm=20&pv=2&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=552&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HTMChKOAHs&p=https%3A//payment.meshotet.co.il&dtd=112
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
2dfb50fbcee087cba46eff0fd5d87aee1ed58dfae8f06eda467fd1eb1dee280e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 18:20:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
41696
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13320
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 05 Oct 2022 18:20:32 GMT
css
fonts.googleapis.com/ Frame 9021 		3 KB
577 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:600|Montserrat:400
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8852617467843577452/b6b76a0ced672218ddbcf7b8b9afe599.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f106.1e100.net
Software
ESF /
Resource Hash
dc55d512a7cd9138223edae1d1dd4aa757bbe9f2b6345effab81f5a2900a2f0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 06 Oct 2021 05:55:28 GMT
server
ESF
date
Wed, 06 Oct 2021 05:55:28 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Wed, 06 Oct 2021 05:55:28 GMT
c89ff55f37fef7c9fb336369b8a75dcc.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8852617467843577452/media/ Frame 9021 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8852617467843577452/media/c89ff55f37fef7c9fb336369b8a75dcc.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8852617467843577452/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
9fa1bd0fb4315109f69646671a0a0f028d852036229f6be5e25b4b1f0229773f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
84062
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13439
x-xss-protection
0
last-modified
Tue, 28 Sep 2021 13:45:18 GMT
server
sffe
date
Tue, 05 Oct 2021 06:34:26 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 05 Oct 2022 06:34:26 GMT
43dd8cd0ea701975027deb30d713deb3.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8852617467843577452/media/ Frame 9021 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8852617467843577452/media/43dd8cd0ea701975027deb30d713deb3.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8852617467843577452/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
b4a54c04f6984dd51c7a518df349d2e9f4f8276cb75c8149b52622996fc38791
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
25410
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1395
x-xss-protection
0
last-modified
Tue, 28 Sep 2021 13:45:18 GMT
server
sffe
date
Tue, 05 Oct 2021 22:51:58 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 05 Oct 2022 22:51:58 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 125F
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=600&slotname=5779015096&adk=2105329952&adf=2664654941&pi=t.ma~as.5779015096&w=160&lmt=1633499727&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727256&bpp=3&bdt=297&idt=66&shv=r20211004&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&prev_fmts=700x280&prev_slotnames=9307384039&correlator=7229440136545&frm=20&pv=1&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=320&ady=177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=kkSVMDZNez&p=https%3A//payment.meshotet.co.il&dtd=68
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUkjz16aIHiONhd_69uzB6u2Csyz98fEhLfOA_1JEptPBuPCVHESdm54IZOrD6E; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 06 Oct 2021 05:55:28 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Wed, 06-Oct-2021 06:55:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 06 Oct 2021 05:55:28 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 06 Oct 2021 05:55:28 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame E12C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=280&slotname=6057269641&adk=2369290022&adf=2714337636&pi=t.ma~as.6057269641&w=700&fwrn=4&fwrnh=100&lmt=1633499727&rafmt=1&psa=0&format=700x280&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727243&bpp=3&bdt=284&idt=70&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_slotnames=9307384039&correlator=7229440136545&frm=20&pv=1&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=570&ady=727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VQMip9lAB2&p=https%3A//payment.meshotet.co.il&dtd=75
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUkjz16aIHiONhd_69uzB6u2Csyz98fEhLfOA_1JEptPBuPCVHESdm54IZOrD6E; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 06 Oct 2021 05:55:28 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Wed, 06-Oct-2021 06:55:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 06 Oct 2021 05:55:28 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 06 Oct 2021 05:55:28 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
LftQ-87gh8ukbv8P1dh67h7Vjfro8G7aRn_R6x3uKA4.js
pagead2.googlesyndication.com/bg/ Frame 22EF 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LftQ-87gh8ukbv8P1dh67h7Vjfro8G7aRn_R6x3uKA4.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=280&slotname=6057269641&adk=2369290022&adf=2714337636&pi=t.ma~as.6057269641&w=700&fwrn=4&fwrnh=100&lmt=1633499727&rafmt=1&psa=0&format=700x280&url=https%3A%2F%2Fpayment.meshotet.co.il%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633499727243&bpp=3&bdt=284&idt=70&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_slotnames=9307384039&correlator=7229440136545&frm=20&pv=1&ga_vid=1676449317.1633499727&ga_sid=1633499727&ga_hid=229488408&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=570&ady=727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31062944&oid=2&pvsid=4490911343440247&pem=558&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VQMip9lAB2&p=https%3A//payment.meshotet.co.il&dtd=75
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
2dfb50fbcee087cba46eff0fd5d87aee1ed58dfae8f06eda467fd1eb1dee280e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 18:20:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
41696
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13320
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 05 Oct 2022 18:20:32 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ Frame 9021 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:600|Montserrat:400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 13:18:36 GMT
x-content-type-options
nosniff
age
578212
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19844
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Sep 2022 13:18:36 GMT
JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ Frame 9021 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:600|Montserrat:400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 04:00:09 GMT
x-content-type-options
nosniff
age
93319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19824
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:37 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Oct 2022 04:00:09 GMT
LftQ-87gh8ukbv8P1dh67h7Vjfro8G7aRn_R6x3uKA4.js
pagead2.googlesyndication.com/bg/ Frame 9021 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LftQ-87gh8ukbv8P1dh67h7Vjfro8G7aRn_R6x3uKA4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
2dfb50fbcee087cba46eff0fd5d87aee1ed58dfae8f06eda467fd1eb1dee280e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 18:20:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
41696
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13320
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 05 Oct 2022 18:20:32 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 925A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZb7kczlJfpckCtkO3R0kKgcY6hrHLVSlbzhLFbpXLsXseRCr4734VPhCpERm98f5SOYBS1PkklZQhl1Pi-xAd3yZtsCvG7X9qCtxZmqJV6oavplw&sai=AMfl-YTyU0Vs9KVDhRfh4aW68sL7HCzyhh8fgFvfSlY5DMxZzNFRa-UBPp6NRTB-sstqwrlyJf4M9M3jIP0K&sig=Cg0ArKJSzPDle7vJqlQSEAE&id=lidar2&mcvt=1000&p=0,140,280,560&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210929&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=2369290022&rs=2&met=mue&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633499727319&rpt=679
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Oct 2021 05:55:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3829 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstrFppwJDoW44ZgT_DmCaFG_ukTsR7s4vOe6TceLpqxGLYaGYEPgwR3gLhc5meHpvx2C7p_dWWE21-JZdkhX7_fZhmH45tKFCu1r8o9c9sqA8EzVzE&sai=AMfl-YSscntbgUKy3zpNpwvJp8k-ioIeava_7jU-6PVqz0ykWh20Pl1jJvFpQgoPy-STV-yAC1ZL03elnh7P&sig=Cg0ArKJSzEKgoar6QwwcEAE&id=lidar2&mcvt=1002&p=0,0,600,160&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210929&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=2105329952&rs=2&met=mue&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633499727325&rpt=639
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Oct 2021 05:55:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 15AC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuzO2r-uZ7aUkuERNd37_dscFhppZVDhM4X_740UvMSuQxTvRsf2qCbxYgVaJPCGsSqnONSA8sdc6ri0YqUQxFGMqB0A0si7oF5CoGfHGTVpi3CNoM&sai=AMfl-YSUckAGPDVxRJ9TCr0Ae2Izf2U7wkgieTEA_PpVErSHp-rf1Pn-_hNGtm8TcXISS_Zx32WINEC30RDP&sig=Cg0ArKJSzE3stl4OzDmIEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210929&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3654359874&rs=2&met=mue&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633499727298&rpt=723
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Oct 2021 05:55:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20160816/r20160727/ Frame 4406 		289 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20160816/r20160727/show_ads_impl.js
Requested by
Host: web.archive.org
URL: https://web.archive.org/web/20160820144930js_/http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
a812db287749c1716e8f855774730f236336feb1d91380dab743dc7561594258
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 05:55:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
105334
x-xss-protection
0
server
cafe
etag
3821760542955277962
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 06 Oct 2021 05:55:30 GMT

Verdicts & Comments Add Verdict or Comment

198 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect boolean| originAgentCluster object| google_ad_client object| google_ad_slot object| google_ad_width object| google_ad_height object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| google_onload_fired object| google_sa_queue object| google_sl_win function| google_process_slots number| google_unique_id object| google_ad_block object| google_ad_channel object| google_ad_format object| google_ad_host object| google_ad_host_channel object| google_ad_host_tier_id object| google_ad_layout object| google_ad_layout_key object| google_ad_output object| google_ad_region object| google_ad_section object| google_ad_type object| google_ad_unit_key object| google_ad_dom_fingerprint object| google_ad_semantic_area object| google_placement_id object| google_adtest object| google_allow_expandable_ads object| google_alternate_ad_url object| google_alternate_color object| google_apsail object| google_captcha_token object| google_city object| google_color_bg object| google_color_border object| google_color_line object| google_color_link object| google_color_text object| google_color_url object| google_container_id object| google_content_recommendation_ad_positions object| google_content_recommendation_columns_num object| google_content_recommendation_rows_num object| google_content_recommendation_ui_type object| google_content_recommendation_use_square_imgs object| google_contents object| google_country object| google_cpm object| google_ctr_threshold object| google_cust_age object| google_cust_ch object| google_cust_criteria object| google_cust_gender object| google_cust_id object| google_cust_interests object| google_cust_job object| google_cust_l object| google_cust_lh object| google_cust_u_url object| google_disable_video_autoplay object| google_enable_content_recommendations object| google_enable_ose object| google_encoding object| google_font_face object| google_font_size object| google_frame_id object| google_full_width_responsive_allowed object| efwr object| google_full_width_responsive object| gfwroh object| gfwrow object| gfwroml object| gfwromr object| gfwroz object| gfwrnh object| gfwrnwer object| gfwrnher object| google_gl object| google_hints object| google_image_size object| google_kw object| google_kw_type object| google_language object| google_loeid object| google_max_num_ads object| google_max_radlink_len object| google_max_responsive_height object| google_ml_rank object| google_mtl object| google_native_ad_template object| google_native_settings_key object| google_num_radlinks object| google_num_radlinks_per_unit object| google_override_format object| google_page_url object| google_pgb_reactive object| google_pucrd object| google_referrer_url object| google_region object| google_resizing_allowed object| google_resizing_height object| google_resizing_width object| rpe object| google_responsive_formats object| google_responsive_auto_format object| armr object| google_rl_dest_url object| google_rl_filtering object| google_rl_mode object| google_rt object| google_safe object| google_safe_for_responsive_override object| google_video_play_muted object| google_source_type object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_tag_origin object| google_tag_partner object| google_targeting object| google_tfs object| google_video_doc_id object| google_video_product_type object| google_webgl_support object| google_package object| google_debug_params object| dash object| google_restrict_data_processing boolean| google_apltlad object| google_sv_map string| google_user_agent_client_hint object| adsbygoogle boolean| _gfp_a_ function| google_spfd number| google_lpabyc function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag function| _____WB$wombat$assign$function_____ function| __WB_pmw object| google_ama object| google_analytics_url_parameters object| google_auto_format object| google_available_width object| google_core_dbp object| google_delay_requests_count object| google_delay_requests_delay object| google_ed object| google_eids object| google_floating_ad_position object| google_is_split_slot object| google_lact object| google_nofo object| google_only_ads_with_video object| google_only_pyv_ads object| google_only_userchoice_ads object| google_previous_watch object| google_previous_searches object| google_reuse_colors object| google_scs object| google_sui object| google_skip object| google_tag_info object| google_tdsma object| google_tl object| google_ui_features object| google_video_url_to_fetch object| google_with_pyv_ads object| google_yt_pt object| google_yt_up object| google_iframe_oncopy function| gtag object| dataLayer

5 Cookies

Domain/Path Name / Value
payment.meshotet.co.il/ Name: PHPSESSID
Value: d6f548a78b08c80eeede01f651d76130
.meshotet.co.il/ Name: __gads
Value: ID=88505654d5a36f13-2287dc35e8ca00e9:T=1633499727:RT=1633499727:S=ALNI_MbyWFbggLOi7pcJvyTjmHe2TXtL5Q
.doubleclick.net/ Name: IDE
Value: AHWqTUkjz16aIHiONhd_69uzB6u2Csyz98fEhLfOA_1JEptPBuPCVHESdm54IZOrD6E
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.doubleclick.net/ Name: DSID
Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
payment.meshotet.co.il
tpc.googlesyndication.com
web.archive.org
www.facebook.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.181.226
142.250.181.227
142.250.184.226
142.250.185.100
142.250.185.162
142.250.185.194
142.250.185.227
172.217.18.106
172.217.18.97
207.241.237.3
212.150.101.186
31.13.92.36
0eb0d5acc279cf6851b1f61d2d20364d690822cabd86959f448ffca76b61706f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31
2dfb50fbcee087cba46eff0fd5d87aee1ed58dfae8f06eda467fd1eb1dee280e
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
33953d06239abdbd561a85c109e97629b1b01bbcfc01b910b0fc423c76f27f25
40c361328f9928215ac5a6e82d40380caa33766097e5fa778735b3dde6de844d
42786899b0dd400593d1cf18c1224c24ac27189fb949528ce2445a0c6718c654
45af388cbe0e34267b72a29430b0a70b69b8932aad8ec4616451e0ab71c6a218
48a7084de552d0e9b77697068f169fc1839592230c0070af99a3a0320e37a26f
5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55d8fc52238a44b40deef0d9b1db3e4c0fecd8d69bc1eea1852af7fb9e432f0a
58bd62c02680a9d27929c751f2a155a1e1283a5473af8b2d5ee49dc667be0751
59fd9c6e0d1129c148683a3ab6d48b963da55fb88ee07beea3ca76b537c18d54
5ec09391d4ded91157627f97b718b564efd2739d826dc7f8df34e77be95b5be1
5fa4c8526fbcf45dbe2cf7f27d6bda6c3bf9d0bafbf29d356f2d7d126e91754f
61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3
6500bd4cd278cdd0e00b473891ec40860e4dde8e5a7f02ab1d2ad6e30dfb0ce4
6e035c10ba569de2650ef885e8389f0eb790a9738bc8a28bf931349a830b82cc
85d8dd4789aef864dde1bea614b5ceec78e9d19c30cc2a14b4a358fa63df8ace
90a20c990650f153ba973657cd72f78a3007ba15b2dad81f0a6d0ce34aee9690
96692fdebfe321cf455ca670a146e3de6948779bd1ed9ea0aa401f4c0a68260f
9fa1bd0fb4315109f69646671a0a0f028d852036229f6be5e25b4b1f0229773f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a812db287749c1716e8f855774730f236336feb1d91380dab743dc7561594258
aa1bbafcbde4cedb733e9bef0b386f79850bf027b119f610294139ea06d559d9
adf7c96f3f8e822567308e5e2385a0b6a75d283a372ca8f9e857574c0aedca9c
b4a54c04f6984dd51c7a518df349d2e9f4f8276cb75c8149b52622996fc38791
bed15b50fbf91f9873f5ede25e400ea120be329eb3252ced96aa0e9357b5f413
c09e1757ebb0002bc2769204b81e9777002b4713512e8e72ca197dab77252536
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c64142df3928b731aa5af334d6e576444774b97d6cbc0c08f4732dc30f211bee
c77a350705b49d2535e0a17129d7f9177fb431ef7dbc5d8eed594f477866e42b
cd1aa1b17ad107887c38eedf2e24ab209a184dfd3abdae3484d36e10d74cbbb2
cfbb08f37e3ee4b7f0fed7f11bc875f01212f87932f2513ac3f112f20fca44b7
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
dc55d512a7cd9138223edae1d1dd4aa757bbe9f2b6345effab81f5a2900a2f0b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59f39fd9be6b3737942676248d273b23f94ab60f7b7e608230d6a107dccb7ac
eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f28eef56b80f199deadd51753addbbfe6ab731312d0daa09573de6c749960d74
f5f0c42fa13f46ee21f52fe2d05a7fa05ba53c1e0149129d168444e801523c80