afteradobe.dor-19.com Open in urlscan Pro
34.255.74.215  Public Scan

11 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response afteradobe.dor-19.com/	171 KB 19 KB	676ms 69ms	Document text/html	34.255.74.215 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://afteradobe.dor-19.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.255.74.215 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-255-74-215.eu-west-1.compute.amazonaws.com Software Apache/2.4.41 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1f / Resource Hash 489627cfef76e34800dbd871ea31b98babf9950b226fc4e3c03799b1fa7eb144 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Cache-Control max-age=0, must-revalidate, public Connection close Content-Encoding gzip Content-Length 18636 Content-Type text/html; charset=UTF-8 Date Sun, 21 Jul 2024 08:11:38 GMT ETag lcts=1720695908&__rxc__=1705555702&md5=b5fe6b9ad983c7bf886daaf95ac6aeeb&force_timestamp=1705555702&id=5652007&variables_md5=efd8739f29d06861063feb4cc6d3392b_acebc7dd003792405b47a589167e6955 Last-Modified Thu, 11 Jul 2024 11:05:08 GMT Server Apache/2.4.41 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1f Vary Accept-Encoding
GET H2	200	2sDcZGJYnIjSi6H75xkzamW5O7w.woff2 fonts.gstatic.com/s/assistant/v7/	6 KB 7 KB	74ms 22ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/assistant/v7/2sDcZGJYnIjSi6H75xkzamW5O7w.woff2?rxc=1532355884 Requested by Host: afteradobe.dor-19.com URL: https://afteradobe.dor-19.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e6344050ca9849251029119b209231915e7038b8d715b2f3d39ed05e0981133e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://afteradobe.dor-19.com/ Origin https://afteradobe.dor-19.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 16 Jul 2024 12:25:27 GMT x-content-type-options nosniff age 416771 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6576 x-xss-protection 0 last-modified Thu, 28 Jan 2021 22:56:11 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 16 Jul 2025 12:25:27 GMT
GET H2	200	2sDcZGJYnIjSi6H75xkzZmW5O7w.woff2 fonts.gstatic.com/s/assistant/v7/	8 KB 8 KB	96ms 44ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/assistant/v7/2sDcZGJYnIjSi6H75xkzZmW5O7w.woff2?rxc=1532355884 Requested by Host: afteradobe.dor-19.com URL: https://afteradobe.dor-19.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 776835106c631437fae4b1360a1115f9d329988020e1b62f040f589f446317ac Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://afteradobe.dor-19.com/ Origin https://afteradobe.dor-19.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 16 Jul 2024 12:25:27 GMT x-content-type-options nosniff age 416771 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8452 x-xss-protection 0 last-modified Thu, 28 Jan 2021 22:22:19 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 16 Jul 2025 12:25:27 GMT
GET H2	200	2sDcZGJYnIjSi6H75xkzaGW5.woff2 fonts.gstatic.com/s/assistant/v7/	20 KB 20 KB	77ms 25ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/assistant/v7/2sDcZGJYnIjSi6H75xkzaGW5.woff2?rxc=1532355884 Requested by Host: afteradobe.dor-19.com URL: https://afteradobe.dor-19.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9fdce601969d5ddcaf6a997e6843d92e5096e83b165ece04d907655b74945b21 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://afteradobe.dor-19.com/ Origin https://afteradobe.dor-19.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 16 Jul 2024 12:25:27 GMT x-content-type-options nosniff age 416771 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20620 x-xss-protection 0 last-modified Thu, 28 Jan 2021 22:56:13 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 16 Jul 2025 12:25:27 GMT
GET H3	200	connector_js__output__cd6e8896c965d11b9ed08d7689f26bba_8e90d74a8f03b6d1220fa09a8ba0906b_1674640571.js Show response js.ravpages.co.il/xsite_resources/js/static/cached/xsites_versions/connector_js/output/012023/	234 KB 66 KB	108ms 59ms	Script application/javascript	2606:4700:20::ac43:442e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.ravpages.co.il/xsite_resources/js/static/cached/xsites_versions/connector_js/output/012023/connector_js__output__cd6e8896c965d11b9ed08d7689f26bba_8e90d74a8f03b6d1220fa09a8ba0906b_1674640571.js?rxc=1705555702 Requested by Host: afteradobe.dor-19.com URL: https://afteradobe.dor-19.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:442e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 88b3195f2f5cb213c84a2871237b7cb7fbfd37b47925e9712084973ca7447fc0 Request headers Referer https://afteradobe.dor-19.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 21 Jul 2024 08:11:38 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=240296 x-cache MISS from 18.195.128.217 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Sun, 18 Feb 2024 13:23:13 GMT server cloudflare vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, DELETE, PUT content-type application/javascript access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FhZqN8jbpXgzMc8qb6CDmovmIbcpDIiExEoBnSt4lAXswFYhkwn6Vxu7uRzhYRU23OgRW65HD7IzDDkBRLXwaSA08K5TqwP2e4WToN9t2dV9KreduLDCwNhgBf9r0D80%2Fng141m1YPoiQ6srfIgM"}],"group":"cf-nel","max_age":604800} cache-control max-age=604800 access-control-allow-credentials true cf-ray 8a69b8ae8bdc362c-FRA access-control-allow-headers * expires Sat, 27 Jul 2024 18:58:45 GMT
GET H3	200	connector_js__output__666f8854c0b29ca6b2a59729fc6ae695_91ade745946a4d35fc906e7d156275f4_1674640571.css css.ravpages.co.il/xsite_resources/js/static/cached/xsites_versions/connector_js/output/012023/	155 KB 15 KB	854ms 805ms	Stylesheet text/css	2606:4700:20::681a:515 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://css.ravpages.co.il/xsite_resources/js/static/cached/xsites_versions/connector_js/output/012023/connector_js__output__666f8854c0b29ca6b2a59729fc6ae695_91ade745946a4d35fc906e7d156275f4_1674640571.css?cc=8&webp&modern&cleanEditor&rxc=1705555702 Requested by Host: afteradobe.dor-19.com URL: https://afteradobe.dor-19.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:515 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8fd72769e338fc056cccccdb9616c0cb0bf4c6d21a1bca447dae05b5087b924c Request headers Referer https://afteradobe.dor-19.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 21 Jul 2024 08:11:39 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-cache MISS from 18.195.128.217 alt-svc h3=":443"; ma=86400 last-modified Sun, 18 Feb 2024 13:23:13 GMT server cloudflare vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, DELETE, PUT content-type text/css;charset=UTF-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oGZ1wDp7D3bV6QyEnx%2B7IZF2kVUMqOTQjS%2B8lPijJMD6rzWKhOcV%2F4blfljFo5BnvpXq9qqHQ2vgpiRExU7cJaHjomHjjLzz%2B5IfkshKgCf0jVp77t9m71vv3yrztFr7GiP1Y7LURIGZzmY3T0ykIQ%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=604800 access-control-allow-credentials true cf-ray 8a69b8ae8f9c2c4b-FRA access-control-allow-headers * expires Sun, 28 Jul 2024 08:11:39 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	76ms 24ms	Script text/javascript	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: afteradobe.dor-19.com URL: https://afteradobe.dor-19.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://afteradobe.dor-19.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sun, 21 Jul 2024 07:41:01 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 1837 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Sun, 21 Jul 2024 09:41:01 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	224 KB 60 KB	67ms 22ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: afteradobe.dor-19.com URL: https://afteradobe.dor-19.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://afteradobe.dor-19.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 21 Jul 2024 08:11:38 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 58677 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=19, rtx=0, c=12, mss=1328, tbw=2769, tp=-1, tpl=-1, uplat=1, ullat=-1 pragma public x-fb-debug l3K9yphwHXYg99iF1r4/Ws6RqAaz7uiRnlMwXJEPwMbRHJAku9YWrljym3spvYGLjKKWM6o+jBXghsT+J15ljA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	15 B 225 B	29ms 28ms	XHR text/plain	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=121154621&t=pageview&_s=1&dl=https%3A%2F%2Fafteradobe.dor-19.com%2F&ul=de-de&de=UTF-8&dt=%D7%99%D7%A7%D7%A8%20%D7%9C%D7%9B%D7%9D%20%D7%9C%D7%A9%D7%9C%D7%9D%20%D7%9C%D7%90%D7%93%D7%95%D7%91%D7%99%20%3F%203%20%D7%AA%D7%97%D7%9C%D7%99%D7%A4%D7%99%D7%9D%20%D7%9C%D7%A4%D7%A8%D7%99%D7%9E%D7%99%D7%99%D7%A8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=944397300&gjid=102260595&cid=1352884568.1721549499&tid=UA-196753188-1&_gid=1225088224.1721549499&_r=1&_slc=1&z=1497220889 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 9cc76590fe2015592cd19189d9a223c7b1220eae306be94e36e8aaa5d75c96de Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://afteradobe.dor-19.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 21 Jul 2024 08:11:38 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://afteradobe.dor-19.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	3191395427773549 Show response connect.facebook.net/signals/config/	60 KB 12 KB	92ms 92ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/3191395427773549?v=2.9.162&r=stable&domain=afteradobe.dor-19.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 585f300f3b49957fe129c90cd012def4510f3f21fee90941148bcb3ad072d3e4 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://afteradobe.dor-19.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 21 Jul 2024 08:11:38 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=27, rtx=0, c=59, mss=1328, tbw=64202, tp=-1, tpl=-1, uplat=65, ullat=1 pragma public x-fb-debug F7mLdETk4UagWP5ZChc/PQAHs47w0bc/GXladPDlsVGFblYBl7HcWVTRDr1FIB2frfkfZcC8t2fD/xx9yEvVGg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	259 KB 92 KB	104ms 48ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-Q50MWKRLNW&cx=c&_slc=1 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 9bf21d6b779bbf11652c2762e00714f11cff8938e2b8f4d5ed64a3125f1bf4b0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://afteradobe.dor-19.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 21 Jul 2024 08:11:38 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 93567 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 21 Jul 2024 08:11:38 GMT
GET H2	200	/ www.facebook.com/tr/	0 274 B	172ms 26ms	Image text/plain	2a03:2880:f176:84:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=3191395427773549&ev=PageView&dl=https%3A%2F%2Fafteradobe.dor-19.com%2F&rl=&if=false&ts=1721549498872&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1721549498871.633382275961131878&ler=empty&cdl=API_unavailable&it=1721549498744&coo=false&rqm=GET Requested by Host: afteradobe.dor-19.com URL: https://afteradobe.dor-19.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://afteradobe.dor-19.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=25, rtx=0, c=10, mss=1328, tbw=2775, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Sun, 21 Jul 2024 08:11:39 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 3 KB	247ms 101ms	Image image/png	2a03:2880:f176:84:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=3191395427773549&ev=PageView&dl=https%3A%2F%2Fafteradobe.dor-19.com%2F&rl=&if=false&ts=1721549498872&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1721549498871.633382275961131878&ler=empty&cdl=API_unavailable&it=1721549498744&coo=false&rqm=FGET Requested by Host: afteradobe.dor-19.com URL: https://afteradobe.dor-19.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://afteradobe.dor-19.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding zstd x-content-type-options nosniff strict-transport-security max-age=15552000; preload nel {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01} date Sun, 21 Jul 2024 08:11:39 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7393998796667910820", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=23, rtx=0, c=10, mss=1328, tbw=3093, tp=-1, tpl=-1, uplat=74, ullat=0 pragma no-cache x-fb-debug sQb+KKbxeRel+Vbit01DHEYqTDVkrrj2A1sNK6vAnpH9+edGEyNXn30dt9hzP0PBWu89a0fhIceDKWXfjuUsew== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7393998796667910820"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7393998796667910820"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 0	111ms 34ms	Fetch text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-Q50MWKRLNW&gtm=45je47h0v9134112516za200&_p=1721549498807&gcd=13l3l3l2l2&npa=0&dma_cps=syphamo&dma=1&tag_exp=0&ul=de-de&sr=1600x1200&cid=1352884568.1721549499&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fafteradobe.dor-19.com%2F&dt=%D7%99%D7%A7%D7%A8%20%D7%9C%D7%9B%D7%9D%20%D7%9C%D7%A9%D7%9C%D7%9D%20%D7%9C%D7%90%D7%93%D7%95%D7%91%D7%99%20%3F%203%20%D7%AA%D7%97%D7%9C%D7%99%D7%A4%D7%99%D7%9D%20%D7%9C%D7%A4%D7%A8%D7%99%D7%9E%D7%99%D7%99%D7%A8&sid=1721549498&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1116&_z=fetch Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-Q50MWKRLNW&cx=c&_slc=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers Referer https://afteradobe.dor-19.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Sun, 21 Jul 2024 08:11:39 GMT server Golfe2 content-type text/plain access-control-allow-origin https://afteradobe.dor-19.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	postAnalytics europe-west1-starry-arbor-189107.cloudfunctions.net/	42 B 254 B	360ms 40ms	Ping text/html	2001:4860:4802:36::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://europe-west1-starry-arbor-189107.cloudfunctions.net/postAnalytics?pageId=6d9ac7ab6f292aeea1e233f9ae9f7ebe63D0F6E6&analyticsId=acebc7dd003792405b47a589167e6955_1867259_449654359_1721549498.5384&ravxxc=6d9ac7ab6f292aeea1e233f9ae9f7ebe63D0F6E6&ref=&utmCampaign=&utmMedium=&utmSource=&secret=e5835c222cdb36914a063ba73326c856&sessionId=1721549498605&analyticsPayloads= Requested by Host: afteradobe.dor-19.com URL: https://afteradobe.dor-19.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash dc0bd4144cd7e2e27146ed86c219e1c629709d4a73bcc1088f9734d66d4f8b12 Request headers Referer https://afteradobe.dor-19.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain Response headers date Sun, 21 Jul 2024 08:11:39 GMT server Google Frontend access-control-allow-methods GET, POST content-type text/html; charset=utf-8 access-control-allow-origin * x-cloud-trace-context 48603210b5600a1ac4fdbf9be9beeb47 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42
GET H3	200	564fe4027421515f62dc087e46248c62.jpg images.ravpages.co.il/xsite_resources/user_content/cp_new_production/97/9e/de/af/979edeaf6b1b878d6934449574de7125/images/	24 KB 25 KB	372ms 350ms	Image image/webp	2606:4700:20::681a:515 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://images.ravpages.co.il/xsite_resources/user_content/cp_new_production/97/9e/de/af/979edeaf6b1b878d6934449574de7125/images/564fe4027421515f62dc087e46248c62.jpg?cc=8&convert=webp&maxWidth=1600&rxc=1705555702 Requested by Host: afteradobe.dor-19.com URL: https://afteradobe.dor-19.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:515 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9f54e69f227b034c9c901e06672f0931ed253624306a720bcf15e541e25d101c Request headers Referer https://afteradobe.dor-19.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 21 Jul 2024 08:11:39 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-cache MISS from 18.195.128.217 alt-svc h3=":443"; ma=86400 last-modified Sun, 18 Feb 2024 13:23:13 GMT server cloudflare vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, DELETE, PUT content-type image/webp access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KlkVAg1FNP75F%2B8RNjz6thEuT4mCSFRjwLAIuPH2YxcptAogQiLuNl%2BvhrDnhiuPWP6BZkifC25r9BS8PatYv8tgMzBsRfkJEpDvANlIRegAZ8bZfUhskRwXXvMsCPaxwh%2BtbFrhgKUrdRcIVUYjflqlYQ%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=604800 access-control-allow-credentials true cf-ray 8a69b8b40d4a2c4b-FRA access-control-allow-headers * expires Sun, 28 Jul 2024 08:11:39 GMT
GET H2	200	2sDcZGJYnIjSi6H75xkzamW5O7w.woff2 fonts.gstatic.com/s/assistant/v7/	6 KB 7 KB	50ms 31ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/assistant/v7/2sDcZGJYnIjSi6H75xkzamW5O7w.woff2?rxc=1705555702 Requested by Host: afteradobe.dor-19.com URL: https://afteradobe.dor-19.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e6344050ca9849251029119b209231915e7038b8d715b2f3d39ed05e0981133e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://afteradobe.dor-19.com/ Origin https://afteradobe.dor-19.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 15 Jul 2024 16:00:27 GMT x-content-type-options nosniff age 490272 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6576 x-xss-protection 0 last-modified Thu, 28 Jan 2021 22:56:11 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 15 Jul 2025 16:00:27 GMT
GET H2	200	2sDcZGJYnIjSi6H75xkzaGW5.woff2 fonts.gstatic.com/s/assistant/v7/	20 KB 20 KB	41ms 23ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/assistant/v7/2sDcZGJYnIjSi6H75xkzaGW5.woff2?rxc=1705555702 Requested by Host: afteradobe.dor-19.com URL: https://afteradobe.dor-19.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9fdce601969d5ddcaf6a997e6843d92e5096e83b165ece04d907655b74945b21 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://afteradobe.dor-19.com/ Origin https://afteradobe.dor-19.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 16 Jul 2024 10:02:58 GMT x-content-type-options nosniff age 425321 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20620 x-xss-protection 0 last-modified Thu, 28 Jan 2021 22:56:13 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 16 Jul 2025 10:02:58 GMT
GET H3	200	fontawesome-webfont.woff2 simages.ravpages.co.il/xsite_resources/fonts/font-awesome-4.6.3/fonts/	70 KB 71 KB	379ms 177ms	Font application/octet-stream	2606:4700:20::ac43:442e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://simages.ravpages.co.il/xsite_resources/fonts/font-awesome-4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3&rxc=1705555702 Requested by Host: afteradobe.dor-19.com URL: https://afteradobe.dor-19.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:442e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73 Request headers Referer https://afteradobe.dor-19.com/ Origin https://afteradobe.dor-19.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 21 Jul 2024 08:11:39 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-cache MISS from 18.195.128.217 alt-svc h3=":443"; ma=86400 last-modified Sun, 18 Feb 2024 13:23:13 GMT server cloudflare vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, DELETE, PUT content-type application/octet-stream; charset=binary access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nBr9%2F56yXNEYzbkLkUJUanYxqF%2BK2TnBB05kyZrhLChFgrVLJ1gI4lhOZLeYM4dToPqSLbcV6Gl7nIlkrninqbPQJMga8sdePaghnltOlYqTk%2FxIt9MNwh0b0s8EbL4DQq%2BpKCmXctRqzO78Zyf2Qa84KTU%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=604800 access-control-allow-credentials true cf-ray 8a69b8b5afd22bfc-FRA access-control-allow-headers * expires Sun, 28 Jul 2024 08:11:39 GMT
GET H3	200	diaspora.svg Show response images.ravpages.co.il/xsite_resources/fonts/fontawesome-free-5.15.3-web/svgs/brands/	666 B 995 B	420ms 175ms	XHR image/svg+xml	2606:4700:20::681a:515 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://images.ravpages.co.il/xsite_resources/fonts/fontawesome-free-5.15.3-web/svgs/brands/diaspora.svg?rxc=1705555702 Requested by Host: js.ravpages.co.il URL: https://js.ravpages.co.il/xsite_resources/js/static/cached/xsites_versions/connector_js/output/012023/connector_js__output__cd6e8896c965d11b9ed08d7689f26bba_8e90d74a8f03b6d1220fa09a8ba0906b_1674640571.js?rxc=1705555702 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:515 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1848dde25df786ad6988233cda65260fb207fa2bb4bd88b824168e8dbe020a14 Request headers Accept */* Referer https://afteradobe.dor-19.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 21 Jul 2024 08:11:39 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-cache HIT from 18.195.128.217 alt-svc h3=":443"; ma=86400 last-modified Sun, 18 Feb 2024 13:23:13 GMT server cloudflare vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, DELETE, PUT content-type image/svg+xml access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2igGR%2BKU4x0u56AM1gBJxJVQp9rhMgPfeAGJMmTxFhQo5feOrMkSGrM7fa0aBTRYUVw%2BszwEOuYlUGyNYBCdsiNpT6Uqg5c4nHOSwV%2FYCXyMaY5o4xlbkcHaZs1rDAPJ%2B7uCNtnfUARvW%2FBx35kulfMGuA%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=604800 access-control-allow-credentials true cf-ray 8a69b8b57e229249-FRA access-control-allow-headers * expires Sat, 20 Jul 2024 05:57:36 GMT
GET H3	200	graduation-cap.svg Show response images.ravpages.co.il/xsite_resources/fonts/fontawesome-free-5.15.3-web/svgs/solid/	874 B 1 KB	527ms 283ms	XHR image/svg+xml	2606:4700:20::681a:515 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://images.ravpages.co.il/xsite_resources/fonts/fontawesome-free-5.15.3-web/svgs/solid/graduation-cap.svg?rxc=1705555702 Requested by Host: js.ravpages.co.il URL: https://js.ravpages.co.il/xsite_resources/js/static/cached/xsites_versions/connector_js/output/012023/connector_js__output__cd6e8896c965d11b9ed08d7689f26bba_8e90d74a8f03b6d1220fa09a8ba0906b_1674640571.js?rxc=1705555702 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:515 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ea11b188de4fc6695d14d2a46e1f570ce54accedbe03efcddc3ffe7aba5208e8 Request headers Accept */* Referer https://afteradobe.dor-19.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 21 Jul 2024 08:11:39 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-cache HIT from 18.195.128.217 alt-svc h3=":443"; ma=86400 last-modified Sun, 18 Feb 2024 13:23:13 GMT server cloudflare vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, DELETE, PUT content-type image/svg+xml access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tmb%2FmTZDggyTS9%2BiFW%2FRcGjcZmsCYCYgs6hlewJ2AamWpZAJN49dgLZ3hb4SfhpDM0SeyW6avtX%2BO9c26%2B5KiELXANwxDsVRxiN83SsVk%2FO9T8aDqTpLiXAg1AzkeeO3OhjjW1wAcrNYc8PDgWuSTtcQKA%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=604800 access-control-allow-credentials true cf-ray 8a69b8b57e269249-FRA access-control-allow-headers * expires Mon, 03 Jun 2024 11:12:19 GMT
GET H2	200	nEanAS225fA www.youtube.com/embed/ Frame C254	0 0	256ms 121ms	Document text/html	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/nEanAS225fA?&enablejsapi=1&origin=https://afteradobe.dor-19.com Requested by Host: afteradobe.dor-19.com URL: https://afteradobe.dor-19.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://afteradobe.dor-19.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding br content-type text/html; charset=utf-8 cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" cross-origin-resource-policy cross-origin date Sun, 21 Jul 2024 08:11:39 GMT expires Mon, 01 Jan 1990 00:00:00 GMT origin-trial AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info." permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* pragma no-cache report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} server ESF strict-transport-security max-age=31536000 vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-content-type-options nosniff x-xss-protection 0
GET H3	200	8407b48319b76766987d20d2a490b4f4.png images.ravpages.co.il/xsite_resources/user_content/cp_new_production/97/9e/de/af/979edeaf6b1b878d6934449574de7125/images/	33 KB 34 KB	763ms 755ms	Image image/webp	2606:4700:20::681a:515 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://images.ravpages.co.il/xsite_resources/user_content/cp_new_production/97/9e/de/af/979edeaf6b1b878d6934449574de7125/images/8407b48319b76766987d20d2a490b4f4.png?cc=8&convert=webp&maxWidth=400 Requested by Host: afteradobe.dor-19.com URL: https://afteradobe.dor-19.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:515 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4489bc7e6cfa8b3debb2bf0d84c0e86f98341c598ca37adfbd3935297ce77258 Request headers Referer https://afteradobe.dor-19.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 21 Jul 2024 08:11:40 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-cache MISS from 18.195.128.217 alt-svc h3=":443"; ma=86400 last-modified Sun, 18 Feb 2024 13:23:13 GMT server cloudflare vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, DELETE, PUT content-type image/webp access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QM6eSdUogpLcSwrh54ybqRoFMA%2FmggK308HEljVP8CxsglM%2FzQCg1xkVxVCUYuMzIk2p%2FVoVqIrfTe9GEhU6jQYAKsCjSXwRa0kAR1pmrd%2F9bx8YAyM0oaZE2nwwjI8IMoq%2F1XsCk6wpgu03F%2B9jOafiaw%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=604800 access-control-allow-credentials true cf-ray 8a69b8b47dbb2c4b-FRA access-control-allow-headers * expires Sun, 28 Jul 2024 08:11:39 GMT
GET H3	200	dcff3a19b41c9ca7f70e07b46882c749.png images.ravpages.co.il/xsite_resources/user_content/cp_new_production/97/9e/de/af/979edeaf6b1b878d6934449574de7125/images/	23 KB 24 KB	805ms 797ms	Image image/webp	2606:4700:20::681a:515 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://images.ravpages.co.il/xsite_resources/user_content/cp_new_production/97/9e/de/af/979edeaf6b1b878d6934449574de7125/images/dcff3a19b41c9ca7f70e07b46882c749.png?cc=8&convert=webp&maxWidth=300&rxc=1705555702 Requested by Host: afteradobe.dor-19.com URL: https://afteradobe.dor-19.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:515 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9ebfd2d1f432769fadc320d2846e1d17337e19d57a0fc0f1ac2f668eacafe304 Request headers Referer https://afteradobe.dor-19.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 21 Jul 2024 08:11:40 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-cache MISS from 18.195.128.217 alt-svc h3=":443"; ma=86400 last-modified Sun, 18 Feb 2024 13:23:13 GMT server cloudflare vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, DELETE, PUT content-type image/webp access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZgWj1qWWL%2FLFPQaWhfOENO5kTTZwY%2BEA21%2F%2Bx5sISM45vOwjsqx25x%2BywvpsRuEwmR6fKK1hhQnD20uNTmliLUUsXj5dffXfDzlAW8X%2FS9hTBNqYhFzebwxULNwDuR4tOaPw0E7V6x6%2FQ9qJtzXlsDkrTg%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=604800 access-control-allow-credentials true cf-ray 8a69b8b47dbd2c4b-FRA access-control-allow-headers * expires Sun, 28 Jul 2024 08:11:39 GMT
GET H3	200	diaspora.svg images.ravpages.co.il/xsite_resources/fonts/fontawesome-free-5.15.3-web/svgs/brands/	666 B 0	359ms 359ms	Image image/svg+xml	2606:4700:20::681a:515 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://images.ravpages.co.il/xsite_resources/fonts/fontawesome-free-5.15.3-web/svgs/brands/diaspora.svg?rxc=1705555702 Requested by Host: afteradobe.dor-19.com URL: https://afteradobe.dor-19.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:515 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1848dde25df786ad6988233cda65260fb207fa2bb4bd88b824168e8dbe020a14 Request headers Referer https://afteradobe.dor-19.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 21 Jul 2024 08:11:39 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-cache HIT from 18.195.128.217 alt-svc h3=":443"; ma=86400 last-modified Sun, 18 Feb 2024 13:23:13 GMT server cloudflare vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, DELETE, PUT content-type image/svg+xml access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2igGR%2BKU4x0u56AM1gBJxJVQp9rhMgPfeAGJMmTxFhQo5feOrMkSGrM7fa0aBTRYUVw%2BszwEOuYlUGyNYBCdsiNpT6Uqg5c4nHOSwV%2FYCXyMaY5o4xlbkcHaZs1rDAPJ%2B7uCNtnfUARvW%2FBx35kulfMGuA%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=604800 access-control-allow-credentials true cf-ray 8a69b8b57e229249-FRA access-control-allow-headers * expires Sat, 20 Jul 2024 05:57:36 GMT
GET H3	200	graduation-cap.svg images.ravpages.co.il/xsite_resources/fonts/fontawesome-free-5.15.3-web/svgs/solid/	874 B 0	162ms 162ms	Image image/svg+xml	2606:4700:20::681a:515 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://images.ravpages.co.il/xsite_resources/fonts/fontawesome-free-5.15.3-web/svgs/solid/graduation-cap.svg?rxc=1705555702 Requested by Host: afteradobe.dor-19.com URL: https://afteradobe.dor-19.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:515 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ea11b188de4fc6695d14d2a46e1f570ce54accedbe03efcddc3ffe7aba5208e8 Request headers Referer https://afteradobe.dor-19.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 21 Jul 2024 08:11:39 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-cache HIT from 18.195.128.217 alt-svc h3=":443"; ma=86400 last-modified Sun, 18 Feb 2024 13:23:13 GMT server cloudflare vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, DELETE, PUT content-type image/svg+xml access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tmb%2FmTZDggyTS9%2BiFW%2FRcGjcZmsCYCYgs6hlewJ2AamWpZAJN49dgLZ3hb4SfhpDM0SeyW6avtX%2BO9c26%2B5KiELXANwxDsVRxiN83SsVk%2FO9T8aDqTpLiXAg1AzkeeO3OhjjW1wAcrNYc8PDgWuSTtcQKA%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=604800 access-control-allow-credentials true cf-ray 8a69b8b57e269249-FRA access-control-allow-headers * expires Mon, 03 Jun 2024 11:12:19 GMT
GET H3	200	786cdcd374ac806a0a8dce097eed350c.png images.ravpages.co.il/xsite_resources/user_content/cp_new_production/97/9e/de/af/979edeaf6b1b878d6934449574de7125/images/	26 KB 27 KB	1595ms 1588ms	Image image/webp	2606:4700:20::681a:515 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://images.ravpages.co.il/xsite_resources/user_content/cp_new_production/97/9e/de/af/979edeaf6b1b878d6934449574de7125/images/786cdcd374ac806a0a8dce097eed350c.png?cc=8&convert=webp&maxWidth=400 Requested by Host: afteradobe.dor-19.com URL: https://afteradobe.dor-19.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:515 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ea42cc15fda3a6d3fc05f56eb431105328dd5d2588605648c51d8b100c21d95b Request headers Referer https://afteradobe.dor-19.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 21 Jul 2024 08:11:41 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-cache HIT from 18.195.128.217 alt-svc h3=":443"; ma=86400 content-length 26882 last-modified Sun, 18 Feb 2024 13:23:13 GMT server cloudflare vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, DELETE, PUT content-type image/webp access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C5lwSPFu8iGLvQwjdAX%2B0GgoG%2B2W%2B92Gs%2BFSWGtPZj6biIZFnofy1Bagyg2Z%2FQz0H0BmRIo55lDyLlGc%2B3C5DDK8i4LJ5N%2FNULTZgdCZd6MxvcsJ9Xb5S1%2FjeigBMOxuxwfyz412mRAQ9BGc5JfT%2FtWD%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=604800 access-control-allow-credentials true accept-ranges bytes cf-ray 8a69b8b668252c4b-FRA access-control-allow-headers * expires Tue, 09 Jul 2024 22:42:55 GMT
GET H3	200	b853edc822cecc94862ed0a243ea4efa.png images.ravpages.co.il/xsite_resources/user_content/cp_new_production/97/9e/de/af/979edeaf6b1b878d6934449574de7125/images/	914 B 1 KB	187ms 180ms	Image image/webp	2606:4700:20::681a:515 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://images.ravpages.co.il/xsite_resources/user_content/cp_new_production/97/9e/de/af/979edeaf6b1b878d6934449574de7125/images/b853edc822cecc94862ed0a243ea4efa.png?cc=8&convert=webp&rxc=1705555702 Requested by Host: afteradobe.dor-19.com URL: https://afteradobe.dor-19.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:515 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1ca91bfd3ca1a3167c21d63bad36af2738450d1db1cf62090be2b3d56d41ac7e Request headers Referer https://afteradobe.dor-19.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 21 Jul 2024 08:11:40 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-cache MISS from 18.195.128.217 alt-svc h3=":443"; ma=86400 last-modified Sun, 18 Feb 2024 13:23:13 GMT server cloudflare vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, DELETE, PUT content-type image/webp access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BiP0JVZ%2FSItRraVwTXVLcnOtd3CMQgaXOfxBI9kfjr5XhGID1BFALBHtPlYoeJfgpanQ%2FCZgZ5ICMYtDabpKzXNJnHCK0A%2BDfea4SyeLN8yj9Ty%2BxHqbSJqbozbDIQj6VSwAyhvLvndkmEkZBHKZ5LKXNw%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=604800 access-control-allow-credentials true cf-ray 8a69b8b668292c4b-FRA access-control-allow-headers * expires Sun, 28 Jul 2024 08:11:39 GMT
GET H3	200	dcff3a19b41c9ca7f70e07b46882c749.png images.ravpages.co.il/xsite_resources/user_content/cp_new_production/97/9e/de/af/979edeaf6b1b878d6934449574de7125/images/	207 KB 207 KB	244ms 236ms	Image image/png	2606:4700:20::681a:515 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://images.ravpages.co.il/xsite_resources/user_content/cp_new_production/97/9e/de/af/979edeaf6b1b878d6934449574de7125/images/dcff3a19b41c9ca7f70e07b46882c749.png Requested by Host: afteradobe.dor-19.com URL: https://afteradobe.dor-19.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:515 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8f75efce13a35fc0471e89ad6ff015affbe4eb3f9c4380bc07026c3e56849a6b Request headers Referer https://afteradobe.dor-19.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 21 Jul 2024 08:11:40 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-cache HIT from 18.195.128.217 alt-svc h3=":443"; ma=86400 content-length 211733 last-modified Sun, 18 Feb 2024 13:23:13 GMT server cloudflare vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, DELETE, PUT content-type image/png access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5rqiuzkRLIg%2BAxivf8oxeMMo9piVJZJ%2B69k1H7%2BjMLD%2FxcSyg9cNWYOdXq0LPgFcth3wG0d7amG33oX0VRMyIfbS5QgH2Emv7I8fa6U%2F7iez%2FLHiPt5MSCUhRRaPPSFvu8Y9WThXFIRZW3kBADirzc1o%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=604800 access-control-allow-credentials true accept-ranges bytes cf-ray 8a69b8b6682c2c4b-FRA access-control-allow-headers * expires Sun, 23 Jun 2024 13:17:44 GMT
GET H2	200	iframe_api Show response www.youtube.com/	993 B 2 KB	130ms 56ms	Script text/javascript	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/iframe_api Requested by Host: js.ravpages.co.il URL: https://js.ravpages.co.il/xsite_resources/js/static/cached/xsites_versions/connector_js/output/012023/connector_js__output__cd6e8896c965d11b9ed08d7689f26bba_8e90d74a8f03b6d1220fa09a8ba0906b_1674640571.js?rxc=1705555702 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash cc4e1a7cbe6a0b228fd96704c330dd85d8e7a93a882b3309295e2a7a16aeaf92 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://afteradobe.dor-19.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 21 Jul 2024 08:11:39 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff content-encoding br p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version server ESF x-frame-options SAMEORIGIN report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} content-type text/javascript; charset=utf-8 vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cache-control private, max-age=0 origin-trial AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" expires Sun, 21 Jul 2024 08:11:39 GMT
GET H2	200	www-widgetapi.js Show response www.youtube.com/s/player/d60b0ef9/www-widgetapi.vflset/	31 KB 11 KB	48ms 45ms	Script text/javascript	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/d60b0ef9/www-widgetapi.vflset/www-widgetapi.js Requested by Host: www.youtube.com URL: https://www.youtube.com/iframe_api Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6fb2f34ecc07db02bbd7bdbd0cf773500ec41c2a20d00cea2c84d5fea2f52e97 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://afteradobe.dor-19.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 23:20:06 GMT content-encoding br x-content-type-options nosniff age 31893 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10559 x-xss-protection 0 last-modified Wed, 17 Jul 2024 04:17:05 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sun, 20 Jul 2025 23:20:06 GMT
GET H3	200	8407b48319b76766987d20d2a490b4f4.png images.ravpages.co.il/xsite_resources/user_content/cp_new_production/97/9e/de/af/979edeaf6b1b878d6934449574de7125/images/	14 KB 15 KB	220ms 220ms	Other image/webp	2606:4700:20::681a:515 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://images.ravpages.co.il/xsite_resources/user_content/cp_new_production/97/9e/de/af/979edeaf6b1b878d6934449574de7125/images/8407b48319b76766987d20d2a490b4f4.png?cc=8&convert=webp&maxWidth=192&maxHeight=192&rxc=1705555702 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:515 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0dd2079436c9a3782b533a404a5c029445adc15152fb3d1780ac67b40fee6002 Request headers Referer https://afteradobe.dor-19.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 21 Jul 2024 08:11:41 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-cache HIT from 18.195.128.217 alt-svc h3=":443"; ma=86400 content-length 14364 last-modified Sun, 18 Feb 2024 13:23:13 GMT server cloudflare vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, DELETE, PUT content-type image/webp access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cszFzH8%2FcE%2B%2FBkpm4Ayk0ZWOK7Rko%2Flb9m4LERHv78EtgIVZ2oIdFuM%2FwxXwOiBMSZGtz2UdO8JMSKcrgGMW9R9Ps%2BLSIGDmfzpn0u8jPcL9NXcBB51uvHCrXX5gT4lJvGk3qTcUbr36DsZHoV3x%2FT3n4Q%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=604800 access-control-allow-credentials true accept-ranges bytes cf-ray 8a69b8bf39472c4b-FRA access-control-allow-headers * expires Mon, 27 May 2024 00:55:53 GMT

146 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 number| ravxxPostAnalyticsSessionID number| ravxxPostAnalyticsSesssionIndex object| ravxx_analyticsPayLoads function| __ravxxPostAnalytics function| ravxxPostAnalytics number| ravxxStartTime number| ravxxLastDiff function| getRavxxTimeDiff function| __getRavxxTimeDiff function| ravxx_do_time_active function| ravxx_throttleUserInteraction object| realbeginning object| __ravpageContext string| cookiesStr string| publicID string| tabtype string| pageURL string| uniqueID string| displayMode string| ravxxLogId string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| begin_wrapper_1 object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| begin_1 object| __globalConsoleDebugEntries function| g function| doRavxxAnalyticsEvent object| __ravxxCurrentRoot object| __getRavxxCurrentRoot__callbacks function| getRavxxCurrentRoot function| doPerformanceCheck function| isQuotaExceeded function| markedOperation function| quoteattr function| uncomment function| comment function| isNumber function| getDeepProperty function| rgbToHex function| hexToRgb function| rgbstrToRgb function| getRgbColor function| calculateURLParams function| calculateContainedDocumentURLParams object| urlParams function| getUrlParams function| getURL function| toStringOrEmptyString object| profilerPaths function| getProfiler function| concatHashToString function| replaceElem function| getColorBrightness2 function| isDarkColor function| ravxxClickOnElementAnalytics function| setRavxxHandler function| activateSlowButton function| runSassActions function| global_initAdjustMaskSVGPathMulty function| initAdjustMaskSVGPathMulty function| __initAdjustMaskSVGPathMulty object| __multyEffectsMouseUpHandlers boolean| __multyEffectsFirstShownFlag object| __multyEffectsFirstShownWaiting function| multyEffectsViewportVisible function| multyHasEffect function| setMultyEffectsFirstShown function| forceMultyEffect function| clearForcedMultyEffect function| __setMultyEffectsFirstShown function| getMobileOS object| __ravxxTouchEvents function| mouseEnterLeave function| ravxx_remove_speed_class function| getMultyDirectChildren function| ravxx_enter_effect function| ravxx_exit_effect function| setMultyEffects function| ravxx_isInPreview function| activateMultyBecomesHeaderEffect function| activateBeforeMultyShownEffect object| __multyResponsiveSettings__resizeObserver function| addResizeObserver function| pad function| playCountdown function| adjustedBoundingRect function| rulesForCssText object| animationObjectsGlobal function| createMultyTimelineAnimation object| __active__timeline__animations function| __doAnimation function| setMultyTimelineAnimationState function| setMultyTimelineAnimationProgress object| __animations__mouse_based function| setMultyMouseAnimationProgress function| activateMultyMouseAnimationProgress function| disableMultyMouseAnimationProgress function| animationCachedRect function| calculateScroll boolean| __calculateScroll__registered object| scrollAnimationsRoots function| activateAllScrollAnimations function| activateChangingBackground function| activateMultyChangingBackground function| activateMultyImageChanging function| ravxx_getMultyId function| ravxx_js_require function| __calculateURLParams object| parts function| safeSetCSSVariable function| setAreaHeight function| setAreaHeights function| setTextareaCounter function| ravxx_youtube_require function| $ function| jQuery function| ____handleOperationalModeChange function| runActionOnMulty object| dataLayer object| google_tag_manager object| ravxxGAEvents function| ravxxGAEvent function| ravxxGAEventPublic function| ravxx$ function| ravxxAnalyticsOutboundURL function| ravxx_ignoreIntersectionWithGrace object| ravxx_handleIntersection_timeEntries function| ravxx_handleIntersection_doTime object| ravxx_handleIntersection_lastEntries function| ravxx_handleIntersection_doLast object| ravxx_handleIntersection_cache function| ravxx_handleIntersection function| onYouTubeIframeAPIReady object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| ik_player

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			afteradobe.dor-19.com/	1970-01-20 22:12:29	Name: RAVXX_LP_UID Value: acebc7dd003792405b47a589167e6955_1867259_1576879292_1721549498.5374
			afteradobe.dor-19.com/	1970-01-20 22:12:29	Name: RAVXX_LP_SS Value: f150418cfd90b8a4ca8b67ec9be82859
			.afteradobe.dor-19.com/	1970-01-21 07:48:29	Name: _ga Value: GA1.3.1352884568.1721549499
			.afteradobe.dor-19.com/	1970-01-20 22:13:55	Name: _gid Value: GA1.3.1225088224.1721549499
			.afteradobe.dor-19.com/	1970-01-20 22:12:29	Name: _gat Value: 1
			.dor-19.com/	1970-01-21 00:22:05	Name: _fbp Value: fb.1.1721549498871.633382275961131878
			.afteradobe.dor-19.com/	1970-01-21 07:48:29	Name: _ga_Q50MWKRLNW Value: GS1.3.1721549498.1.0.1721549498.0.0.0
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: Zqfeb0mNgts
			.youtube.com/	1970-01-21 02:31:41	Name: VISITOR_INFO1_LIVE Value: aDktoS_c0zc
			.youtube.com/	1970-01-21 02:31:41	Name: VISITOR_PRIVACY_METADATA Value: CgJSTxIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgYA%3D%3D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://afteradobe.dor-19.com/ Message: The resource https://fonts.gstatic.com/s/assistant/v7/2sDcZGJYnIjSi6H75xkzZmW5O7w.woff2?rxc=1532355884 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://afteradobe.dor-19.com/ Message: The resource https://fonts.gstatic.com/s/assistant/v7/2sDcZGJYnIjSi6H75xkzaGW5.woff2?rxc=1532355884 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://afteradobe.dor-19.com/ Message: The resource https://fonts.gstatic.com/s/assistant/v7/2sDcZGJYnIjSi6H75xkzamW5O7w.woff2?rxc=1532355884 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afteradobe.dor-19.com
connect.facebook.net
css.ravpages.co.il
europe-west1-starry-arbor-189107.cloudfunctions.net
fonts.gstatic.com
images.ravpages.co.il
js.ravpages.co.il
region1.google-analytics.com
simages.ravpages.co.il
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.youtube.com
2001:4860:4802:34::36
2001:4860:4802:36::36
2606:4700:20::681a:515
2606:4700:20::ac43:442e
2a00:1450:4001:80e::200e
2a00:1450:4001:812::200e
2a00:1450:4001:827::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2008
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
34.255.74.215
0dd2079436c9a3782b533a404a5c029445adc15152fb3d1780ac67b40fee6002
1848dde25df786ad6988233cda65260fb207fa2bb4bd88b824168e8dbe020a14
1ca91bfd3ca1a3167c21d63bad36af2738450d1db1cf62090be2b3d56d41ac7e
4489bc7e6cfa8b3debb2bf0d84c0e86f98341c598ca37adfbd3935297ce77258
489627cfef76e34800dbd871ea31b98babf9950b226fc4e3c03799b1fa7eb144
585f300f3b49957fe129c90cd012def4510f3f21fee90941148bcb3ad072d3e4
6fb2f34ecc07db02bbd7bdbd0cf773500ec41c2a20d00cea2c84d5fea2f52e97
776835106c631437fae4b1360a1115f9d329988020e1b62f040f589f446317ac
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
88b3195f2f5cb213c84a2871237b7cb7fbfd37b47925e9712084973ca7447fc0
8f75efce13a35fc0471e89ad6ff015affbe4eb3f9c4380bc07026c3e56849a6b
8fd72769e338fc056cccccdb9616c0cb0bf4c6d21a1bca447dae05b5087b924c
9bf21d6b779bbf11652c2762e00714f11cff8938e2b8f4d5ed64a3125f1bf4b0
9cc76590fe2015592cd19189d9a223c7b1220eae306be94e36e8aaa5d75c96de
9ebfd2d1f432769fadc320d2846e1d17337e19d57a0fc0f1ac2f668eacafe304
9f54e69f227b034c9c901e06672f0931ed253624306a720bcf15e541e25d101c
9fdce601969d5ddcaf6a997e6843d92e5096e83b165ece04d907655b74945b21
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
cc4e1a7cbe6a0b228fd96704c330dd85d8e7a93a882b3309295e2a7a16aeaf92
dc0bd4144cd7e2e27146ed86c219e1c629709d4a73bcc1088f9734d66d4f8b12
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6344050ca9849251029119b209231915e7038b8d715b2f3d39ed05e0981133e
ea11b188de4fc6695d14d2a46e1f570ce54accedbe03efcddc3ffe7aba5208e8
ea42cc15fda3a6d3fc05f56eb431105328dd5d2588605648c51d8b100c21d95b
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e